Resilience

Taming the Chaos: Can we build systems that actually work?

Possible paths from today's ghastly hackery to what computing should be
Adams
Peter Sewell
We rely on mainstream computer engineering every day, but it's insanely complex, poorly understood, unreliable, and, as CCC reminds us every year, chronically insecure. This talk will explain some ways that we can do better: taming parts of this this chaos with precise understanding - illustrated with disturbing facts and clean models for current architectures and the C language, from the <a href="https://www.cl.cam.ac.uk/~pes20/rems/">REMS</a> project, and principled but pragmatic new alternatives, that build in more hardware and software security protection,as developed in the <a href="https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/">CHERI</a> project.
Computing has been massively successful, and we routinely trust computer systems with our personal, financial, medical, commercial, and governmental information. But at the same time, these systems are pervasively prone to security flaws and subject to malicious attacks. We have to trust them, but they are not *trustworthy*. There are two root causes. First, the pan-industry computing infrastructure, of processors, programming languages, and operating systems, is based on designs from a more forgiving time, with simpler systems and little incentive to design-in strong security protection. Second, the conventional engineering techniques we use (prose specifications, manually written tests, and test-and-debug development) are good enough to make systems work in common cases, but cannot exclude all errors - and a single coding error can lead to a devastating exploit. Are we doomed? Perhaps not. This talk will highlight the sorry state of the art and then draw on cutting-edge research, from the University of Cambridge, SRI International, ARM, and other partners, to show some ways we can do better. First, we'll show how it's become possible to build and use rigorous models for key existing interfaces to improve engineering: for the ARMv8-A and RISC-V architectures, and the C language, in the REMS project. Then we'll describe a principled but pragmatic path to build in more hardware and software security protection to future systems, as developed in the CHERI project. These are joint work by many people over the last 10 years.

Additional information

Type lecture
Language English

More sessions

12/27/18
Resilience
Roya Ensafi
Borg
Six years ago the idea behind CensoredPlanet started, that is now launched at censoredplanet.org. We had a simple (yet essential) guiding principle: measurements that may be politically sensitive should be done without volunteer participation. In this talk, besides a detailed scientific overview of the techniques and the current state of CensoredPlanet, I plan to talk about my experience in developing the project from the ground up. Despite the pervasive nature of Internet censorship and the ...
12/27/18
Resilience
Zenna / zelf
Eliza
In this talk @zelf invites to the world of Scuttlebutt, the decentralized P2P gossiping protocol, and how it can be transformative for society through decentralization of data and enabling local community development.
12/27/18
Resilience
Peter Stuge
Borg
This Foundations talk explains the systems and protocols that make up the Internet, starting from a laptop with a Wi-Fi connection. No particular technical knowledge required.
12/28/18
Resilience
Dijkstra
A major part of software development is maintenance, i.e. tinkering with software that should already be completed but still somehow does not work as it should. Software developed by tinkering is the antithesis to resilient technology, and a growing threat to our profession and our lives. Working on this kind of software crushes the soul. Yet this is exactly how most IoT devices (and computers in general) are programmed these days. We need to replace the dead technology-oriented objects of the ...
12/28/18
Resilience
Sai
Dijkstra
Learn to see the world without your eyes. Wonder what it's like to navigate while blind? Want to learn to use your everyday senses in ways you don't know you don't know? In this talk, I hack <em>you</em> with permanently enhanced sensory perceptions. This is very participatory, not just "sit and listen", and workshops are even more hands-on (blindfolded w/ cane in hand). Workshop & volunteer signup: <a href="https://s.ai/ccc/ws">https://s.ai/ccc/ws</a> Tag plz: #BlindNavigation @saizai #35c3
12/28/18
Resilience
Hans-Christoph Steiner
Eliza
The internet has become essential services, and offline methods of sharing data are rapidly disappearing. Other possible networks are often better suited when connectivity is not available or affordable. Radios, sensors, and computing are available in the cheapest of smartphones and routers. Wind is integrating nearby/offline data exchange with the internet services that we all rely on.
12/28/18
Resilience
Claudio Agosti
Clarke
Facebook monopoly is an issue, but looking for replacements it is not enough. We want to develop critical judgment on algorithms, on why data politics matter and educate, raise awareness for a broad audience. With <a href="https://facebook.tracking.exposed">our tool</a>, we enable an individual to collect evidence and see how Facebook's algorithm truly shares their data. Not data about themselves, but the bias of facebook treats data, re-shares certain content over other content. Collectively we ...