Security
Presentations about Security
From Developer to Security: How I Broke into Infosec
Robot Social Engineering: Social Engineering Using Physical Robots
Maintaining the Go Crypto Libraries
Modern WAF Bypass Scripting Techniques for Autonomous Attacks
Privacy Tools and Techniques for Developers
How Much Does It Cost to Attack You?
Security Delusions (Not a Sales Pitch!)
Interviews
Maintaining the Go Crypto Libraries
What is the focus of your work today?
My main focus is ensuring the security of the Go language ecosystem. I am the primary security coordinator for the Go project and I maintain and own all the crypto libraries in the standard library and in the golang.org excrypto repository. Even when developing the crypto libraries the main focus is to keep the ecosystem secure. So the crypto libraries are a means to that end.
What's the motivation for the talk?
The crypto libraries are fairly unique in how they came to be. Most other crypto libraries went for completeness and maybe performance as their main goals. The crypto libraries were made originally by Adam Langley to be a subset of functionality that allows application developers to develop safe applications. That has a number of interesting consequences in terms of how they were developed, in terms of how they're maintained and in terms of how the Go system gets to use them. The talk will focus on that.
See more interviews