Don't Get Owned by Your Dependencies

Explore a groundbreaking approach to mitigating memory safety vulnerabilities in third-party C libraries, a major source of zero-day attacks in modern applications. Learn about the innovative architecture implemented in Firefox since 2020, which runs these libraries in lightweight in-memory sandboxes based on WebAssembly. Discover the key challenges faced during this migration, including ensuring efficient sandboxing, retrofitting without changing libraries, and modifying applications to be secure against attacks from sandboxed libraries. Gain insights into RLBox, an open-source C++ framework developed to address these challenges, and hear real-world examples of its application in Firefox. Delve into the research of Shravan Narayan, a Ph.D. candidate at UC San Diego, whose work in security and systems has earned multiple awards and is deployed in real systems like the Firefox browser.