, 2008-05-15
In the information-security industry, there are clear and vast gaps in the way academia interacts with professional researchers. While these gaps will be filled in due time, their existence means that security professionals outside the hallowed halls of colleges and universities need to be aware of the differences in how researchers and professionals think.
Expand all |
Post comment
http://media.blackhat.com/bh-usa-06/video/2006_BlackHat_Vega
s-V7-Halvar_Flake-Need_New_Tools.mp4
Starts at minute 27, Challenge #5. Describes generating equation systems from program paths and feeding them to a SAT solver to be solved (which is roughly what APEG does).
This is just a discussion of an idea of course -- no fleshing out, no implementing etc. -- all things Mrs Songs team did, and did well. And we all know that having the abstract idea is the easy part. Also, without the clever preprocessing that STP does before feeding the equations to MiniSAT, all this would be infeasible.
Concerning what you perceive to be advertisement of products during my talks: I might be mistaken on this, but many/most CS papers discuss algorithms and the implementation of these algorithms. The actual source code is rarely distributed (can you download APEG anywhere ? Or Stanford Checker ?)
Are the papers published by Dawson Engler "advertisement" because the implementations of the algorithms end up in Coverity's products ?
Why would the availability of a commercial product implementing an algorithm that is described in a paper devalue the paper ?
Anyhow, this can end up being a rather lengthy discussion :-). I guess to summarize: I am sorry if you have the feeling that my talks make too much use of the tools we have developed in-house here. The tools were built because they were needed for our research, and would not have been built in their current quality if we hadn't been able to hire developers to improve them further.
The unfortunate result is that a lot of the infrastructure we use for our research is infrastructure we have built ourselves - which then looks as if we're just advertising our own products.
Things were easier when everything I did was based on IDA alone - but even back then people said I am just advertising Datarescue's products.
So I guess I don't see a way around using the infrastructure built over the last years during talks. It would be a bit like asking a reverse engineers to not make use of IDA. If you have a good suggestion, I am all ears.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/472/35094#35094