Slow But Steady - Achieving Real Security Within Two Decades

Explore a comprehensive conference talk that delves into achieving real security within two decades through slow but steady progress. Learn about the current state of computer security, where even users who follow best practices remain vulnerable due to flawed software. Discover why the speaker believes enough knowledge now exists to dramatically improve this situation. Examine the necessary techniques and adoption plans for enhancing security infrastructure before potential civilization-threatening issues arise. Gain insights into topics such as public sanitation, mass exploitation, the software crisis, software engineering, LangSEC, formal verification, software firewalls, microkernels, capability-based systems, incremental security, and containment isolation. Understand the engineering process required to create well-engineered infrastructure and explore concepts like remote execution vulnerability and the differences between C and Rust programming languages. Grasp the idea of "ratcheting" in security improvements and its potential impact on long-term cybersecurity efforts.