Sashank, I think elaborating on the concrete examples of weird machines (ala the TC x86 MMU) is a good way to capture an audience of engineers; scare them a bit to keep them from zoning out when it gets a bit more theoretical. I will think of a good code snippet to share that shows the advantages of thinking of input as a language rather than dumb data. I think by starting so abstractly it is not made relevant to them and their day-to-day tasking.
Cheers, Jacob On Fri, Nov 22, 2013 at 9:36 AM, Sashank Dara <[email protected]>wrote: > Also ,am little disheartened to see not much activity happening on langsec > , even after we have break through results . > > Regards, > Sashank > http://lnkd.in/88sgfr > > > On Fri, Nov 22, 2013 at 6:22 PM, Grawrock, David <[email protected] > > wrote: > >> I'd like to 2nd Sashank's comment. We need to find ways to show HOW you >> do things differently. Suppose I've got a HW input buffer and I normally >> send in a buffer size with a command as the first byte and that determines >> what the rest of the buffer looks like. We know that is not the best, but >> what does the better one look like. To have an impact to engineers we >> really need to start showing them what better looks like and how it will >> help them. >> >> David Grawrock >> Security Architect >> 503 264 3642 >> >> -----Original Message----- >> From: [email protected] [mailto: >> [email protected]] On Behalf Of Sergey Bratus >> Sent: Friday, November 22, 2013 12:29 AM >> To: Sashank Dara >> Cc: [email protected] >> Subject: Re: [langsec-discuss] LangSec Workshop at IEEE SPW 2014, Sun May >> 18, 2014 >> >> Hi Sashank, >> >> Thank you! We'll look for ways to emphasize the practical case study >> part. >> >> Thanks, >> >> --Sergey >> >> On Fri, 22 Nov 2013, Sashank Dara wrote: >> >> > just my 2 cents . >> > >> > Recently i gave a talk on langsec internally for big room of engineers . >> > frankly teaching science to engineers is difficult . I lost my >> > audience the moment i showed them chomsky hierarcy and talking stuff >> like grammars >> > and rules . they sounded more theoretical . Usually engineers want to >> see >> > more concrete things , things in action . I did mention libdejector >> > and Haskell based IP Stack that comes close to langsec . I did mention >> > that fuzzing based testing is not enough. >> > >> > So if possible some tools developed based on langsec principles to >> > hack popular protocols as demos might get more interest . >> > making them available as open source might further help to people play >> > around with them . >> > >> > >> > >> > Regards, >> > Sashank >> > http://lnkd.in/88sgfr >> > >> > >> > On Fri, Nov 22, 2013 at 8:13 AM, Sergey Bratus <[email protected] >> >wrote: >> > >> >> Hi Will, >> >> >> >> We are soliciting papers on research and/or case studies as per >> >> the CFP, will have the Program Committee review them, and have the >> >> accepted papers presented by the authors at the workshop, with >> >> audience participation. We will have an invited keynote or two. We >> >> will also hold a discussion on the directions of the field in some >> form. >> >> >> >> We are very open to suggestions of how to make it interesting to >> >> attend for all researchers, programmers, and hackers interested in the >> topic! >> >> >> >> Thank you, >> >> >> >> --Sergey >> >> >> >> >> >> On Thu, 21 Nov 2013, Will Sargent wrote: >> >> >> >> What happens at the workshop? >> >>> >> >>> Will. >> >>> >> >>> >> >>> On Wed, Nov 20, 2013 at 8:56 PM, Sergey Bratus >> >>> <[email protected]> >> >>> wrote: >> >>> >> >>> Dear All, >> >>>> >> >>>> We will hold a LangSec workshop as a part of the IEEE CS >> >>>> Security and Privacy Workshops >> >>>> (http://www.ieee-security.org/TC/SPW2014/index.html), >> >>>> co-located with the Symposium on Security and Privacy at the >> >>>> Fairmont San Jose Hotel. Our workshop will be a full-day workshop >> >>>> on Sunday May 18, 2014. >> >>>> >> >>>> The CFP and other info is now posted at http://spw14.langsec.org/. >> >>>> Please feel free to advertise and suggest it to potential sponsors! >> >>>> We would like to work out a way to waive or reduce the registration >> >>>> fees for industry programmers, students, hackers and enthusiasts. >> >>>> >> >>>> Needless to say, please do submit your research or case study >> papers! >> >>>> >> >>>> Thank you very much & hoping to see you at the workshop, >> >>>> >> >>>> --Sergey >> >>>> _______________________________________________ >> >>>> langsec-discuss mailing list >> >>>> [email protected] >> >>>> https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss >> >>>> >> >>>> >> >>> _______________________________________________ >> >> langsec-discuss mailing list >> >> [email protected] >> >> https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss >> >> >> > >> _______________________________________________ >> langsec-discuss mailing list >> [email protected] >> https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss >> > > > _______________________________________________ > langsec-discuss mailing list > [email protected] > https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss > >
_______________________________________________ langsec-discuss mailing list [email protected] https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
