[Busec] Seminar On practical Security: 7/29 from 12-1pm in PHO 339

Ari Trachtenberg trachten at bu.edu
Thu Jul 28 14:54:59 EDT 2016

Our next seminar will meet this Friday, July 29 from 12-1pm in PHO 339.
We will have two talks, together with a light meal (courtesy of RISCS), as usual:

*  Scott Weiss: Unikernels: Operating Systems as Application Libraries
*  Lake Bu: Stagefright-like Flaw Opens Up iPhones With An Image

The upcoming seminar schedule and complete abstracts are usually available online at https://algorithmics.bu.edu/sos <https://algorithmics.bu.edu/sos> …
but algorithmics is undergoing a badly needed upgrade, so I am appending the descriptions here:

Unikernels: Operating Systems as Application Libraries

Scott Weiss, 28, M.Sc. in Computer Engineering from Boston University. Graduated Spring 2015, and began working at EMC
shortly after in the newly-formed Cloud Management Division, based in Cambridge MA. My work this past year has been foc
used on a variety of cloud technologies, including infrastructure services (AWS, Google Cloud), orchestration platforms
 such as Mesos and Kubernetes, and container runtimes (notably Docker). I also develop games as a hobby in my free time
. My favorite language is Golang, which I use for most of my work.

Unikernels are lightweight machine images constructed from modular OS components selected to run specific applications.
 A unikernel combines a customized operating system stack with an application into a single application binary, which r
uns as a single process, using a single memory address space. This talk will discuss some tradeoffs of running applicat
ions as unikernels as opposed to [Unix/Linux/BSD/Windows/etc.]-executable binaries. The talk will end with a demo of a
project called !UniK, an open-source CLI tool for automating building of unikernels.

Stagefright-like Flaw Opens Up iPhones With An Image

A simple image in .tif or .bmp format sent by iMessage can steal iPhone's information by triggering its image I/O API.
On receiving an image, iMessage will automatically render it without any permission from the user. Thus the malicious c
ode embedded in the image can be executed and cause overflow attack.

Lake Bu is doing research with prof Karpovsky on developing reliability oriented error control codes. Most of his resea
rch is for the hardware security on data level. Recently he also starts to study the security oriented codes and their
Prof. Ari Trachtenberg            ECE, Boston University
trachten at bu.edu                    http://people.bu.edu/trachten

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs-mailman.bu.edu/pipermail/busec/attachments/20160728/c7cc8c36/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://cs-mailman.bu.edu/pipermail/busec/attachments/20160728/c7cc8c36/attachment.sig>

More information about the Busec mailing list