Rustacean Station

cargo-auditable with Sergey Davidoff

Nov 11, 2022

01:04:33

Creator website

AI Chapters

Episode notes

Rust Fuzz Traffic - Is There a Memory Safety Issue?

05:01

Corgia Auditable

05:25

Is There a Security Issue in Rust?

02:42

Introduction

5min

Is There a Difference Between Debug and Release?

2min

Is There a Shortcut to Heuristic Detection Based on Panic Messages?

6min

Corgia Auditable

5min

TriVier, TriV, and TriV on Cargo Auditable Page?

2min

What Is the Best Name for Cargo Auditable?

6min

Is There a Heap Buffer Overflow in My Browser?

3min

Is There a Security Issue in Rust?

3min

Rust - A Great Tool for Finding Bugs in Your Code

4min

10.

Rust Fuzz Traffic - Is There a Memory Safety Issue?

5min

11.

How to Resolve a Memory Safety Issue in Rust

1min

12.

Is Every Single Memory Safety Bug as a Security Bug?

2min

13.

C Approach - Memory Safety Issues Are Rare

4min

14.

Android - Security Doesn't Sell?

2min

15.

Do You Have Problems Sleeping?

6min

16.

Is There a Way to Integrate a Security Audit Into a Binary?

2min

17.

How to Secure Your GitHub Projects Before Release

3min

18.

Rust Security - A Great Introduction

2min

19.

Rust Secure Code Working Group - Is There a Call to Action?

3min

Allen Wyma talks with Sergey Davidoff, creator of cargo-auditable, a cargo plugin for auditing your Rust dependencies for security vulnerabilities.

Contributing to Rustacean Station

Rustacean Station is a community project; get in touch with us if you’d like to suggest an idea for an episode or offer your services as a host or audio editor!

Timestamps

[@00:10] - Introduction to cargo-auditable
[@07:51] - Guarantees that cargo-auditable provides
[@17:33] - Trivy and other crates that are in cargo-auditable
[@19:47] - cargo-auditable vs cargo audit
[@21:09] - Sergey’s programming background
[@34:49] - Vulnerabilities Sergey was able to encounter and reported to RustSec
[@39:47] - Feedbacks and reactions from library owners that were found to have issues
[@48:52] - How does Sergey handle problems and issues he encounters?
[@56:48] - Sergey’s tips and advice to those who want to improve security on their projects
[@59:36] - Parting thoughts and shoutouts

Credits

Intro Theme: Aerocity

Audio Editing: Plangora

Hosting Infrastructure: Jon Gjengset

Show Notes: Plangora

Hosts: Allen Wyma

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Rustacean Station

cargo-auditable with Sergey Davidoff

Rust Fuzz Traffic - Is There a Memory Safety Issue?

Corgia Auditable

Is There a Security Issue in Rust?

Contributing to Rustacean Station

Timestamps

Credits

Remember Everything You Learn from Podcasts

Episode highlights

Rust Fuzz Traffic - Is There a Memory Safety Issue?

Corgia Auditable

Is There a Security Issue in Rust?