CWEst for Correctness

[mwotton]

There's a lot of research on how apps get broken into, and the CWE (Common Weakness Enumeration, https://cwe.mitre.org/top25) is a decent summary of them. Obviously given Turing completeness, it's possible to write any app correctly in any language: what we're interested in is ways to make apps correct by construction. In this talk, I'll explore how we can use a type system to make some common attacks impossible.

[filippovitale]

Hi Mark, will this a short or full talk?

[mwotton]

full. would prefer to give the other one first, this one i'll also give at a2y.asm and it'll require more prep.

…

On Tue, Sep 4, 2018 at 5:38 PM Filippo Vitale ***@***.***> wrote: Hi Mark, will this a short or full talk? — You are receiving this because you were assigned. Reply to this email directly, view it on GitHub <#15 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAELgvQSM0ufPirEvmsFxN2ZZvV6YHRcks5uXvLWgaJpZM4Pfzo9> .

-- A UNIX signature isn't a return address, it's the ASCII equivalent of a black velvet clown painting. It's a rectangle of carets surrounding a quote from a literary giant of weeniedom like Heinlein or Dr. Who. -- Chris Maeda