Security Cryptography Whatever

The feeling's mutual: mTLS with Colm MacCárthaigh

6 snips
Dec 29, 2021
Ask episode
AI Snips
Chapters
Transcript
Episode notes
ADVICE

Program C Defensively With Simple Primitives

  • Structure C code like a restricted, functional dialect to reduce memory-safety mistakes.
  • Use simple buffers and deterministic IO patterns so unusual behavior stands out and is easier to audit.
ANECDOTE

Hot-Patching Customers After Heartbleed

  • After Heartbleed, AWS built a kernel module to hot-patch customers who couldn't update OpenSSL.
  • Colm shared the module was public in his GitHub but hoped nobody still ran it in production.
INSIGHT

Formal Verification Finds Hidden State Flaws

  • Formal methods caught subtle state-machine bugs that testing rarely finds.
  • Verifying compiled machine code and cryptographic algorithms revealed edge-case aborts and invalid transitions.
Get the Snipd Podcast app to discover more snips from this episode
Get the app