I'd like to 2nd Sashank's comment. We need to find ways to show HOW you do things differently. Suppose I've got a HW input buffer and I normally send in a buffer size with a command as the first byte and that determines what the rest of the buffer looks like. We know that is not the best, but what does the better one look like. To have an impact to engineers we really need to start showing them what better looks like and how it will help them.
David Grawrock Security Architect 503 264 3642 -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Sergey Bratus Sent: Friday, November 22, 2013 12:29 AM To: Sashank Dara Cc: [email protected] Subject: Re: [langsec-discuss] LangSec Workshop at IEEE SPW 2014, Sun May 18, 2014 Hi Sashank, Thank you! We'll look for ways to emphasize the practical case study part. Thanks, --Sergey On Fri, 22 Nov 2013, Sashank Dara wrote: > just my 2 cents . > > Recently i gave a talk on langsec internally for big room of engineers . > frankly teaching science to engineers is difficult . I lost my > audience the moment i showed them chomsky hierarcy and talking stuff like > grammars > and rules . they sounded more theoretical . Usually engineers want to see > more concrete things , things in action . I did mention libdejector > and Haskell based IP Stack that comes close to langsec . I did mention > that fuzzing based testing is not enough. > > So if possible some tools developed based on langsec principles to > hack popular protocols as demos might get more interest . > making them available as open source might further help to people play > around with them . > > > > Regards, > Sashank > http://lnkd.in/88sgfr > > > On Fri, Nov 22, 2013 at 8:13 AM, Sergey Bratus <[email protected]>wrote: > >> Hi Will, >> >> We are soliciting papers on research and/or case studies as per >> the CFP, will have the Program Committee review them, and have the >> accepted papers presented by the authors at the workshop, with >> audience participation. We will have an invited keynote or two. We >> will also hold a discussion on the directions of the field in some form. >> >> We are very open to suggestions of how to make it interesting to >> attend for all researchers, programmers, and hackers interested in the topic! >> >> Thank you, >> >> --Sergey >> >> >> On Thu, 21 Nov 2013, Will Sargent wrote: >> >> What happens at the workshop? >>> >>> Will. >>> >>> >>> On Wed, Nov 20, 2013 at 8:56 PM, Sergey Bratus >>> <[email protected]> >>> wrote: >>> >>> Dear All, >>>> >>>> We will hold a LangSec workshop as a part of the IEEE CS >>>> Security and Privacy Workshops >>>> (http://www.ieee-security.org/TC/SPW2014/index.html), >>>> co-located with the Symposium on Security and Privacy at the >>>> Fairmont San Jose Hotel. Our workshop will be a full-day workshop >>>> on Sunday May 18, 2014. >>>> >>>> The CFP and other info is now posted at http://spw14.langsec.org/ . >>>> Please feel free to advertise and suggest it to potential sponsors! >>>> We would like to work out a way to waive or reduce the registration >>>> fees for industry programmers, students, hackers and enthusiasts. >>>> >>>> Needless to say, please do submit your research or case study papers! >>>> >>>> Thank you very much & hoping to see you at the workshop, >>>> >>>> --Sergey >>>> _______________________________________________ >>>> langsec-discuss mailing list >>>> [email protected] >>>> https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss >>>> >>>> >>> _______________________________________________ >> langsec-discuss mailing list >> [email protected] >> https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss >> > _______________________________________________ langsec-discuss mailing list [email protected] https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss _______________________________________________ langsec-discuss mailing list [email protected] https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
