Memory corruption is a difficult problem to solve, but many such as CISA are pushing for moves to memory safe languages. How viable is rewriting compared to mitigating?
\nLinks and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/254.html
\n[00:00:00] Introduction
\n[00:01:12] Clarifying Scope & Short/Long Term
\n[00:04:28] Mitigations
\n[00:15:37] Safe Languages Are Falliable
\n[00:21:20] Weaknesses & Evolution of Mitigations
\n[00:29:19] Rewriting and the Iterative Process
\n[00:34:55] The Rewriting Scalability Argument
\n[00:41:43] System vs App Bugs
\n[00:48:46] Mitigations & Rewriting Are Not Mutually Exclusive
\n[00:50:25] Corporate vs Open Source
\n[00:54:12] Generational Change
\n[00:56:18] Conclusion
\nPodcast episodes are available on the usual podcast platforms:
\n-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
\n-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
\n-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
\n-- Other audio platforms can be found at https://anchor.fm/dayzerosec
\nYou can also join our discord: https://discord.gg/daTxTK9
\n