Countering Development Environment Attacks

  • Wednesday, April 22, 2015 | 8:00 AM – 8:50 AM | West | Room: 3004

View all Sessions

Attackers can create vulnerabilities in software before they are even deployed, by attacking their development environments. This talk will discuss some of these attacks, including malicious software developers, subverted supply chains/repositories, and the "trusting trust" attack. We will then discuss approaches for countering attacks, such as deterministic builds and diverse double-compiling.


This document was retrieved from on Sun, 21 Jul 2019 04:45:20 -0400.