Dates
Conferences
Tags
Sort by:
Most recent
Conference: Black Hat Asia 2023
Authors: Zong Cao, Zheng Wang, Yeqi Fu, Fangming Gu, Bohan Liu
2023-05-12
WebAssembly (WASM) is a high-performance compiled language for execution in web browsers that interoperates with JavaScript. In general, the wasm compiler in the browser is integrated into the javascript engine, which has proven to be an important attack surface in browsers over the past years. Protecting the security of the WASM compiler is a matter of security for the browser, and thus for the users. We have seen a remote code execution vulnerability in the wasm compiler previously (pwn2own2021), and it seems that no public research has continued to demonstrate vulnerabilities from this attack surface since then. In fact, over the past year, the number of commits of the Webassembly compiler in Webkit has surpassed that of javascript JIT and introduced some new features based on the wasm 2.0 specification such as Exceptions, Tail Call, SIMD, etc. In this case, the security of the wasm compiler should be re-emphasized.In this study, we focus on Webkit vulnerability hunting using fuzz testing. We first investigated some of the existing wasm fuzzer and studied their design patterns, and then we used a clever approach to create an efficient fuzzer for Webkit fuzzing. In addition, we deployed the fuzzer to other architectures because the Codegen part of the WASM compiler is architecture related. So far, we have submitted a total of 13 security-related issues (and the fuzzer is still producing new crashes today), 4 of which have been assigned CVEs and official acknowledgments from Apple, while some are still being investigated. These issues affect LLInt, BBQ, and OMG of the Webassembly compiler, some of which are also architecture related. In this talk, we will explain why we chose Webkit as our primary target and give a detailed introduction to the fuzzer creation process, as well as analyze a few interesting vulnerabilities we found.
Conference: KubeCon + CloudNativeCon Europe 2023
Authors: Max Körbächer
2023-04-19
tldr - powered by Generative AI
The presentation discusses the use of Kubernetes and GitOps in improving the development cycle and security of IoT devices, specifically a robot called Spot.
- Kubernetes and GitOps improve the development cycle and security of IoT devices
- Spot, a robot, is used as an example
- The autonomy of Spot is improved through the use of Kubernetes and GitOps
- The security of IoT devices is a vital point that needs to be addressed
- The use of Kubernetes and GitOps allows for faster delivery of software
Conference: KubeCon + CloudNativeCon North America 2022
Authors: Michael Yuan
2022-10-28
tldr - powered by Generative AI
Web Assembly Runtime is a solution to the pain points of cloud native infrastructure. It is small, fast, scalable, secure, and portable across different platforms and programming languages. It enables new types of application architectures and has near-native runtime performance. It is fully supported by Kubernetes and can run side by side with Linux containers. It also integrates with Dapper, a framework designed to help people design microservices.
- Web Assembly Runtime solves the problems of cloud native infrastructure
- It is small, fast, scalable, secure, and portable
- It enables new types of application architectures and has near-native runtime performance
- It is fully supported by Kubernetes and can run side by side with Linux containers
- It integrates with Dapper, a framework designed to help people design microservices
Conference: KubeCon + CloudNativeCon North America 2022
Authors: Taylor Thomas, Brooks Townsend
2022-10-26
One of the most common refrains we hear when we talk to people about WebAssembly (Wasm) is "well...I've seen tons of examples but it seems like it is just a toy and not ready for production." In this talk, we hope to prove the opposite! We will discuss how Cosmonic built almost its entire platform using Wasm and wasmCloud. To start, we will review what Wasm and wasmCloud are and how they work. Then, using what we built at Cosmonic as context, we will dive into concrete details of real databases, message queues, event sourcing, key-value stores, infrastructure provisioning, tracing, metrics, and security controls – all leveraging Wasm! With that knowledge, we will review the pros and cons of using Wasm, the gaps that need to be filled, the lessons we learned, and how it helped influence the Wasm community.
Conference: ContainerCon 2022
Authors: Max Körbächer
2022-06-24
tldr - powered by Generative AI
WebAssembly and Kubernetes have a lot of potential for use cases beyond the browser, but there are still some limitations and challenges to overcome.
- WebAssembly can run alongside existing technologies and has good adoption possibilities
- It has a small resource footprint and is highly secure, but not all programming languages are supported
- Kubernetes can extend the use of WebAssembly beyond the browser, but there are still some harmonization issues to be resolved
- WebAssembly is not suitable for heavy lifting applications and will not replace containers
- WebAssembly and Kubernetes together have a lot of potential for the future
Conference: CloudOpen 2022
Authors: Colin Murphy
2022-06-22
tldr - powered by Generative AI
The presentation discusses the use of WebAssembly and edge computing for machine learning models to improve user experience and reduce network costs.
- WebAssembly and edge computing can be used to run machine learning models in the browser and reduce network costs
- Edge computing is ideal for running small models that are single-threaded and require low latency
- WebAssembly can improve user experience by reducing load times and allowing for more memory in the browser
- The content authenticity initiative uses machine learning models to fingerprint images
Conference: CloudOpen 2022
Authors: Michael Yuan
2022-06-22
tldr - powered by Generative AI
WebAssembly can be used as a secure container format to run microservices alongside other containers and VMs. The runtime can be made fully OCI-compliant and support JavaScript to make it widely adopted. However, there are challenges in supporting Node.js APIs and a community effort is needed to support JavaScript APIs.
- WebAssembly can be used as a secure container format to run microservices alongside other containers and VMs
- The runtime can be made fully OCI-compliant and support JavaScript to make it widely adopted
- Challenges in supporting Node.js APIs and a community effort is needed to support JavaScript APIs