How risky is the software you use? - Tim Carstens, Parker Thompson

34c3 - Ethics, Society & Politics - 12/27/2017

Software vendors like to claim that their software is secure, but the effort and techniques applied to this end vary significantly across the industry. From an end-user's perspective, how do you identify those vendors who are effective at securing their software? From a vendor's perspective, how do you identify those techniques which are effective at improving security? Presenting joint work with Sarah Zatko, mudge, Patrick Stach, and Parker Thompson.