How Firefox Uses In-process Sandboxing To Protect Itself From Exploitable Libraries | allinfosecnews.com

Nov. 17, 2022, 5:22 p.m. | Black Hat

Black Hat www.youtube.com

Memory safety vulnerabilities in third party C libraries are a major source of zero-day attacks in today's applications. Several years ago, our team began exploring a new approach to mitigating these attacks in Firefox, which relies on third party libraries for everything from media rendering to spell checking.To accomplish this, we began migrating Firefox to an architecture where third party C libraries are run in lightweight in-memory sandboxes (based on WebAssembly). Firefox has been shipping with this new architecture since …

firefox process protect

More from www.youtube.com / Black Hat

Locknote: Conclusions and Key Takeaways from Day 2 2 weeks ago | www.youtube.com

black hat black hat europe board board members +15

Locknote: Conclusions and Key Takeaways from Day 1 2 weeks ago | www.youtube.com

black hat black hat europe board board members +16

Keynote: My Lessons from the Uber Case 2 weeks ago | www.youtube.com

addition best practices case convicted +16

Keynote: Industrialising Cyber Defence in an Asymmetric World 2 weeks ago | www.youtube.com

adversaries challenge cyber cyber defence +10

The Black Hat Europe Network Operations Center (NOC) Report 2 weeks ago | www.youtube.com

back black hat black hat europe center +14

My Invisible Adversary: Burnout 2 weeks, 5 days ago | www.youtube.com

adversary attackers attacks burnout +11

The Magnetic Pull of Mutable Protection: Worked Examples in Cryptographic Agility 2 weeks, 5 days ago | www.youtube.com

analysis ask bad codeql +10

A World-View of IP Spoofing in L4 Volumetric DoS Attacks - and a Call to … 2 weeks, 6 days ago | www.youtube.com

attacks call cloudflare detection +10

Collide+Power: The Evolution of Software-based Power Side-Channels Attacks 2 weeks, 6 days ago | www.youtube.com

addition attacks build collide+power +14

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Senior Security Specialist

@ Lely | Maassluis, Netherlands

View on infosec-jobs.com

IT Security Manager (Corporate Security) (REF822R)

@ Deutsche Telekom IT Solutions | Budapest, Hungary

View on infosec-jobs.com

Senior Security Architect

@ Cassa Centrale Banca - Credito Cooperativo Italiano | Trento, IT, 38122

View on infosec-jobs.com

Senior DevSecOps Engineer

@ Raft | Las Vegas, NV (Remote)

View on infosec-jobs.com

Product Manager - Compliance

@ Arctic Wolf | Remote - Colorado

View on infosec-jobs.com