If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!
Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.
The end goal of this talk is to show how much more security you can achieve if you don't take an existing architecture and try to sprinkle security over it, but you make architectural decisions with security in mind.
This is rarely done in practice because there is a fundamental disagreement between security and software engineering. Security is about limiting what can be done with the software, while software engineering is about not limiting what can be done with the software.
My goal with this talk is to show what kind of security gains are possible architecturally. You, too, can sleep soundly at night. Even if the software is written in C. Even if you have bad ACLs or a buffer overflow in the software.