{"guid":"Zl3dhPdZJyFIkpiNIqHhhQ","title":"Security Retrospective of the last year","subtitle":"Not just Meltdown and Spectre","slug":"1951-security-retrospective-of-the-last-year","link":"https://c3voc.de","description":"Last year was a quite busy year on the security front, various big issues\nhappened, so its good to tell what security has done there and is doing for\nopenSUSE and SUSE in general here.\n\nThe talk will give a brief overview of how the SUSE Security Team works\nand operates. We will look at the reactive work including statistics,\nand also look at proactive secure development lifecycle activities.\n\nI will also highlight some of the big security issues we faced over the\nlast year.\n\n- Stack Clash from mid of 2017.\n\n  Overview of the problem, what we do for mitigations, and our long way\n  for compiler mitigations.\n\n- Meltdown and Spectre\n\n  As we hoped never to have a StackClash like issue again, CPU sidechannel\n  issues surfaced which needed kernel mitigations begin of January.\n\n  I will give an overview over what these issues are, and how\n  we mitigated them or are still mitigating them.\n\nI will also talk about one of my projects done in the last year:\n\n- Full PIE enablement for the distribution and its long road to Factory.\n\n\nLast year was a quite busy year on the security front, various big issues\nhappened, so its good to tell what security has done there and is doing for\nopenSUSE and SUSE in general here.\n\nThe talk will give a brief overview of how the SUSE Security Team works\nand operates. We will look at the reactive work including statistics,\nand also look at proactive secure development lifecycle activities.\n\nI will also highlight some of the big security issues we faced over the\nlast year.\n\n- Stack Clash from mid of 2017.\n\n  Overview of the problem, what we do for mitigations, and our long way\n  for compiler mitigations.\n\n- Meltdown and Spectre\n\n  As we hoped never to have a StackClash like issue again, CPU sidechannel\n  issues surfaced which needed kernel mitigations begin of January.\n\n  I will give an overview over what these issues are, and how\n  we mitigated them or are still mitigating them.\n\nI will also talk about one of my projects done in the last year:\n\n- Full PIE enablement for the distribution and its long road to Factory.\n","original_language":"eng","persons":["Marcus Meissner"],"tags":["osc18","1951","Open Source"],"view_count":50,"promoted":false,"date":"2018-05-26T00:00:00.000+02:00","release_date":"2018-05-26T02:00:00.000+02:00","updated_at":"2026-01-06T10:15:12.335+01:00","length":2687,"duration":2687,"thumb_url":"https://static.media.ccc.de/media/events/osc/2018/1951-hd.jpg","poster_url":"https://static.media.ccc.de/media/events/osc/2018/1951-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/events/osc/2018/Zl3dhPdZJyFIkpiNIqHhhQ-timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/events/osc/2018/Zl3dhPdZJyFIkpiNIqHhhQ-thumbnails.vtt","frontend_link":"https://media.ccc.de/v/1951-security-retrospective-of-the-last-year","url":"https://api.media.ccc.de/public/events/Zl3dhPdZJyFIkpiNIqHhhQ","conference_title":"openSUSE Conference 2018","conference_url":"https://api.media.ccc.de/public/conferences/osc18","related":[{"event_id":2796,"event_guid":"3c066b63-c764-4571-bc3b-eb8dfbb5a6d9","weight":1},{"event_id":2920,"event_guid":"d516ffe3-d32d-4bed-8289-09d245ac2b2f","weight":1},{"event_id":4485,"event_guid":"da208942-2be8-4f14-9466-ba8e7b74fca8","weight":1},{"event_id":5381,"event_guid":"2b148a03-ea3f-5aa8-8a6d-9cb7624f303e","weight":1},{"event_id":5398,"event_guid":"641f2cd4-5a49-5663-8105-0b4e2c13a724","weight":1},{"event_id":5469,"event_guid":"c4f46227-9af7-5180-bba8-1c23e005f12e","weight":1},{"event_id":5499,"event_guid":"z6qh-Z9MFifDpoSQt8NQAg","weight":2},{"event_id":5500,"event_guid":"BYAPpSpdg3PEN4qfQS7BlQ","weight":6},{"event_id":5508,"event_guid":"PSNj5CJgKM1WthKxWpfZ6g","weight":3},{"event_id":5530,"event_guid":"qdF7gg_mucGoRsXsKeWS_A","weight":3},{"event_id":5541,"event_guid":"6S4ivpZLdGJZeHS-EG1JEg","weight":4},{"event_id":5544,"event_guid":"Vhm3GQebxdtzVPq4uFTaPA","weight":4}],"recordings":[{"size":108,"length":2687,"mime_type":"video/mp4","language":"eng","filename":"osc18-1951-eng-Security_Retrospective_of_the_last_year_hd.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-05-26T13:26:46.926+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2018/h264-hd/osc18-1951-eng-Security_Retrospective_of_the_last_year_hd.mp4","url":"https://api.media.ccc.de/public/recordings/25877","event_url":"https://api.media.ccc.de/public/events/Zl3dhPdZJyFIkpiNIqHhhQ","conference_url":"https://api.media.ccc.de/public/conferences/osc18"},{"size":40,"length":2681,"mime_type":"audio/mpeg","language":"eng","filename":"osc18-1951-eng-Security_Retrospective_of_the_last_year_mp3.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2018-05-26T13:30:37.383+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2018/mp3/osc18-1951-eng-Security_Retrospective_of_the_last_year_mp3.mp3","url":"https://api.media.ccc.de/public/recordings/25885","event_url":"https://api.media.ccc.de/public/events/Zl3dhPdZJyFIkpiNIqHhhQ","conference_url":"https://api.media.ccc.de/public/conferences/osc18"},{"size":32,"length":2681,"mime_type":"audio/opus","language":"eng","filename":"osc18-1951-eng-Security_Retrospective_of_the_last_year_opus.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2018-05-26T13:31:06.605+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2018/opus/osc18-1951-eng-Security_Retrospective_of_the_last_year_opus.opus","url":"https://api.media.ccc.de/public/recordings/25886","event_url":"https://api.media.ccc.de/public/events/Zl3dhPdZJyFIkpiNIqHhhQ","conference_url":"https://api.media.ccc.de/public/conferences/osc18"},{"size":58,"length":2687,"mime_type":"video/mp4","language":"eng","filename":"osc18-1951-eng-Security_Retrospective_of_the_last_year_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2018-05-26T13:37:05.836+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2018/h264-sd/osc18-1951-eng-Security_Retrospective_of_the_last_year_sd.mp4","url":"https://api.media.ccc.de/public/recordings/25890","event_url":"https://api.media.ccc.de/public/events/Zl3dhPdZJyFIkpiNIqHhhQ","conference_url":"https://api.media.ccc.de/public/conferences/osc18"},{"size":72,"length":2687,"mime_type":"video/webm","language":"eng","filename":"osc18-1951-eng-Security_Retrospective_of_the_last_year_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2018-05-26T13:44:36.697+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2018/webm-sd/osc18-1951-eng-Security_Retrospective_of_the_last_year_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/25895","event_url":"https://api.media.ccc.de/public/events/Zl3dhPdZJyFIkpiNIqHhhQ","conference_url":"https://api.media.ccc.de/public/conferences/osc18"},{"size":160,"length":2687,"mime_type":"video/webm","language":"eng","filename":"osc18-1951-eng-Security_Retrospective_of_the_last_year_webm-hd.webm","state":"new","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-05-26T14:06:41.257+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2018/webm-hd/osc18-1951-eng-Security_Retrospective_of_the_last_year_webm-hd.webm","url":"https://api.media.ccc.de/public/recordings/25903","event_url":"https://api.media.ccc.de/public/events/Zl3dhPdZJyFIkpiNIqHhhQ","conference_url":"https://api.media.ccc.de/public/conferences/osc18"}]}