Musing from Decades of Linux Kernel Security Research

JOSHUA J. DRAKE

ABSTRACT

The Linux Kernel underpins billions of modern computers and devices ranging across almost every industry. Arguably, its ubiquity places it firmly into the category of critical infrastructure. But, is it secure? In this presentation, Josh will explore this question in detail. He compares and contrasts the security investments being made within the Linux Kernel developer ecosystem with a typical software development life cycle used in a professional development organization. Additionally, he will share a case study of a public and widely exposed security issue that remains unfixed. Finally, he will make recommendations that can reduce the risk posed by running the Linux Kernel.

Joshua J. Drake

Joshua "jduck" Drake is the Principal Security Researcher at Delphos Labs. He is a software developer, vulnerability researcher, reverse engineer, author, and public speaker with over 15 years of professional experience. He focused a majority of his career in the software space where he discovered, analyzed, and/or developed exploits for hundreds of security problems. jduck spent a decade focused on Android security (2011 to 2021). During that time, he took the lead on authoring the "Android Hacker's Handbook" and bringing the "Stagefright Vulnerabilities" to the public eye. Nowadays, jduck is researching the application of AI to reverse engineering and vulnerability discovery within binaries. When time permits, he likes to participate in Capture the Flag events and spend time with his family and friends.

REGISTER NOW
Great! Next, complete checkout for full access to Ringzer0
Welcome back! You've successfully signed in
You've successfully subscribed to Ringzer0
Success! Your account is fully activated, you now have access to all content
Success! Your billing info has been updated
Your billing was not updated