We are changing tack to appeal to engineers. Meredith Patterson
just recorded a set of lectures on using Hammer to build langsec-safe
parsers in C. They are now in editing.
We are also pulling together notes on designs for hardware parsing.
The task proved to be harder than we first thought, but I believe
we are arriving at a viable approach here as well.
It would be create to encourage programmer participation. We need ideas
and perhaps a set of challenges?
Thank you,
--Sergey
On Fri, 22 Nov 2013, Sashank Dara wrote:
Also ,am little disheartened to see not much activity happening on langsec
, even after we have break through results .
Regards,
Sashank
http://lnkd.in/88sgfr
On Fri, Nov 22, 2013 at 6:22 PM, Grawrock, David
<[email protected]>wrote:
I'd like to 2nd Sashank's comment. We need to find ways to show HOW you do
things differently. Suppose I've got a HW input buffer and I normally send
in a buffer size with a command as the first byte and that determines what
the rest of the buffer looks like. We know that is not the best, but what
does the better one look like. To have an impact to engineers we really
need to start showing them what better looks like and how it will help them.
David Grawrock
Security Architect
503 264 3642
-----Original Message-----
From: [email protected] [mailto:
[email protected]] On Behalf Of Sergey Bratus
Sent: Friday, November 22, 2013 12:29 AM
To: Sashank Dara
Cc: [email protected]
Subject: Re: [langsec-discuss] LangSec Workshop at IEEE SPW 2014, Sun May
18, 2014
Hi Sashank,
Thank you! We'll look for ways to emphasize the practical case study
part.
Thanks,
--Sergey
On Fri, 22 Nov 2013, Sashank Dara wrote:
just my 2 cents .
Recently i gave a talk on langsec internally for big room of engineers .
frankly teaching science to engineers is difficult . I lost my
audience the moment i showed them chomsky hierarcy and talking stuff
like grammars
and rules . they sounded more theoretical . Usually engineers want to
see
more concrete things , things in action . I did mention libdejector
and Haskell based IP Stack that comes close to langsec . I did mention
that fuzzing based testing is not enough.
So if possible some tools developed based on langsec principles to
hack popular protocols as demos might get more interest .
making them available as open source might further help to people play
around with them .
Regards,
Sashank
http://lnkd.in/88sgfr
On Fri, Nov 22, 2013 at 8:13 AM, Sergey Bratus <[email protected]
wrote:
Hi Will,
We are soliciting papers on research and/or case studies as per
the CFP, will have the Program Committee review them, and have the
accepted papers presented by the authors at the workshop, with
audience participation. We will have an invited keynote or two. We
will also hold a discussion on the directions of the field in some form.
We are very open to suggestions of how to make it interesting to
attend for all researchers, programmers, and hackers interested in the
topic!
Thank you,
--Sergey
On Thu, 21 Nov 2013, Will Sargent wrote:
What happens at the workshop?
Will.
On Wed, Nov 20, 2013 at 8:56 PM, Sergey Bratus
<[email protected]>
wrote:
Dear All,
We will hold a LangSec workshop as a part of the IEEE CS
Security and Privacy Workshops
(http://www.ieee-security.org/TC/SPW2014/index.html),
co-located with the Symposium on Security and Privacy at the
Fairmont San Jose Hotel. Our workshop will be a full-day workshop
on Sunday May 18, 2014.
The CFP and other info is now posted at http://spw14.langsec.org/.
Please feel free to advertise and suggest it to potential sponsors!
We would like to work out a way to waive or reduce the registration
fees for industry programmers, students, hackers and enthusiasts.
Needless to say, please do submit your research or case study
papers!
Thank you very much & hoping to see you at the workshop,
--Sergey
_______________________________________________
langsec-discuss mailing list
[email protected]
https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
_______________________________________________
langsec-discuss mailing list
[email protected]
https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
_______________________________________________
langsec-discuss mailing list
[email protected]
https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
_______________________________________________
langsec-discuss mailing list
[email protected]
https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
