HowTo hack our core security code (C/C++ programming)

Overview of Session

Facilitator: Kai Engert (:kaie)

Are you paid or volunteer staff?: Red Hat employee, my main priority is contributing to Mozilla security.

Area of Contribution: Core Web Security (SSL, NSS), Security UI (padlock, certificate management), E-Mail Encryption (S/MIME)

How are you currently involved with the community?: Fixing bugs since 2001

Location of Work (where do you reside?): Frankfurt, Germany

Workshop Length: 60-90 min

Summary: We need more C programmers interested in enhancing our core security code, in particular related to SSL/TLS. If you want to help, where do you start? ... This isn't a presentation, it's rather a workshop. Let's explore the code, let's look at examples, ask your background questions. You could read my talk from Fosdem 2012 to understand the high level motivation for improving our security code further. If there's interest, we can also go through lists of important bugs that need attention, and find something that you would be interested to fix.

How your session furthers the MozCamp Goals: TBD

Expected Outcome or Deliverable: Find people who are willing to fix bugs and implement enhancements in our security code.

Desired Audience Type or Skill-set: C/C++ programmer, interest in security.

Equipment Needs (Video projector already included): none

Audience

If you would like, submit a Question for the Speaker(s) or indicate what information you hope to gain by attending this talk here:

• <insert question here>

Place your name here if you would like to attend this talk:

• Burak Yiğit Kaya (tentative)
• Mark Capella :capella
• Nils Maier
• Jonathan Protzenko
• Szabolcs Hubai
• Ludovic Hirlimann
• <put your name here>