Software sandboxing or software-based fault isolation (SFI) is a lightweight approach to building secure systems out of untrusted components. The idea of SFI is old. Its use in production, to sandbox third-party libraries in Firefox, is new. We describe the PL techniques—notably static information flow control—that were key to deploying SFI in practice and their use in tackling software security more generally.
Defending cryptographic code from Spectre attacks is difficult. Blade is a fully automatic approach to eliminate speculative leaks provably and efficiently.
People of PL is a series of interviews with PL researchers. In today’s post, John Wickerson chats with Mike Hicks, who is a Professor in the Department of Computer Science at the University of Maryland, and was former Chair of ACM SIGPLAN.
POPL is the premiere conference on the theoretical foundations of programming languages. The PC Chair, General Chair, and Steering Committee Chair of POPL 2020 review this year’s event.
