Every year, the Enigma conference is enjoyable and interesting. I’m a huge fan of the wide-ranging scope and single-track structure. I hope we all get vaccinated in time to have the conference in person again next year. The conference organizers did a great job making the virtual conference work as well as possible, and the Slack was fun, but you know… nothing beats in-person hooting in the hallway track.
I was super fortunate to have my talk proposal accepted. I spoke about The Limits Of Sandboxing, And Next Steps, which is about my work on the Chrome Platform Security Team the past few years. (If you want to read the slides, the original Google presentation has all the speaker notes and working links to citations. Spoiler Alert: the “next steps” are to adopt memory-safe languages.
Alex Gaynor and I sort of collaborated to make the same point from 2 different perspectives. His presentation, Quantifying Memory Unsafety And Reactions To It, is a great synthesis of empirical data and emotional realness. Likely the biggest difficulty we face in migrating away from memory-unsafe languages is people’s emotional attachments to the status quo. Change is hard.
As always, there were a whole bunch of high-quality talks this year. Some stand-outs (in no particular order):