Signed by Sony | TechSNAP 192

Signed by Sony | TechSNAP 192

If we could rebuild the Internet from scratch, what would we change? It’s more than just a thought experiment. We’ll share the details about real world research being done today!

Plus we dig through the Sony hack, answer a ton of great question & a rocking roundup!

Thanks to:




Direct Download:

HD Video | Mobile Video | MP3 Audio | Ogg Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feeds | Torrent Feed

Become a supporter on Patreon:


— Show Notes: —

Reinventing Computers And The Internet From Scratch, For The Sake Of Security

  • DARPA funded research is looking at how we might design the Internet if we had to do it over again
  • Many decisions that were made 30 and 40 years ago when UNIX and TCP/IP were designed, may be done differently today
  • The overall project has a number of sub-projects:
    • CRASH – Clean-Slate Design of Resilient, Adaptive, Secure Hosts
    • MRC – Mission-Oriented Resilient Clouds
    • CTSRD – Clean Slate Trustworthy Secure Research and Development (Custard)
  • BERI: Bluespec Extensible RISC Implementation: a open-source hardware-software research and teaching platform: a 64-bit RISC processor implemented in the high-level Bluespec hardware description language (HDL), along with compiler, operating system, and applications
  • CHERI: capability hardware enhanced RISC instructions: hardware-accelerated in-process memory protection and sandboxing model based on a hybrid capability model
  • TESLA: temporally enforced security logic assertions: compiler-generated runtime instrumentation continuously validating temporal security properties
  • SOAAP: security-oriented analysis of application programs: automated program analysis and transformation techniques to help software authors utilize Capsicum and CHERI features
  • The goal is to design newer secure hosts and networks, without having to maintain backwards compatibility with legacy systems, the biggest problem with changing anything on the Internet
  • This is why there are still things like SSLv3 (instead of just TLS 1.2+), why we have not switched to IPv6, and why spam is still such a large problem
  • I for one would definitely like to replaced SMTP, but no one has yet devised a plan for a system that the world could transition to without breaking legacy email while we wait for the rest of the world to upgrade
  • “Corporations are elevating security experts to senior roles and increasing their budgets. At Facebook, the former mantra “move fast and break things” has been replaced. It is now “move slowly and fix things.””
  • For performance reasons, when hardware and programming languages were designed 30 and 40 years ago, it was decided that security would be left up to the programmer
  • The CHERI project aim to change this, by implementing ‘Capabilities’, a sandboxing and security mechanism into the hardware, allowing the hardware rather than the software to enforce protections, preventing unauthorized access or modification of various regions of memory by malicious or compromised applications.
  • CHERI, and the software side of the project, Capsicum, are based on FreeBSD, but are also being ported to Linux, where Google plans to make extensive use of it in its Chrome and Chromium browsers.
  • Additional Coverage

Sony Internal Network Hacked


Round Up:

Question? Comments? Contact us here!