►
From YouTube: Memory Safety Sig (March 2, 2023)
B
A
C
C
It
is
so
tell
you
what
why
would
I
do
this
I,
don't
know
the
full
story?
Okay,
we
can
fix
it
later,
but
let's
use
that
that
works
for
me
and
I'm
gonna
have
to
share
it.
Let's
see,
okay,
you
know
what,
for
the
moment,
here's
what
I'm
gonna
do
I'm
going
to
share
with
everybody
to
the
link
to
at
least
comment
all
right
and
I'll.
Tell
you
here's
what
we
usually
do.
C
Here
so,
and
usually
at
the
top
there's,
you
know:
memory
memory,
safety,
Sig,
all
right
and
I
will
do
some
formatty
things
later.
There's
usually
we
have
like
the
legal
and
code
of
conduct
stuff
up
here,
so
if
everybody
could
just
kind
of
do
it
do
what
you're
doing,
which
is
slip
in
your
name
and
the
reason
we
we
take
attendance
is
not
because
we're
going
to
take
your
your
birthdays
away,
but
we
want
to
make
sure
over
time
that
we
have
multiple
different
organizations
involved.
C
B
B
C
D
F
My
contract
is
with
sisa
but
I'm
here
with
a
I,
don't
know
individual
hat
on
I
will
say
to
some
extent,
so
I
can't
of
course,
represent
sisa
I
did
spend
20
years
at
the
cert
coordination.
Center
worrying
about
software
security
bugs
and
I.
Just
can't
let
some
of
this
stuff
go.
So
that's
why
I'm
here
thanks.
B
B
A
C
C
C
B
In
fact,
I
was
going
to
mention
real
quickly.
Obviously,
a
lot
of
us
here
have
a
rust
background,
rust
interest,
but
this
is
not
just
a
rust
group.
There's
a
focus
on
memory
safety
in
general,
that
includes
memory
safe
languages,
not
just
rust,
but
others
out
there
as
well,
and
also
something
I've
had
people
from
within
Microsoft
in
other
places.
Express
Express
to
me
is,
you
know,
there's
still
there's
billions
of
lines
of
existing.
B
You
know
C,
C,
plus
plus
code,
it's
not
possible
to
rewrite
every
part
of
it
in
in
a
memory
safe
language.
So
how
do
we
make
it
better
and
how
do
we
Define
what
what
what
areas
are
do
need
to
be
potentially
be
Rewritten
or
be
or
have
different
tools
applied
to
them
so
yeah
memory
safety
is
a
is
a
huge
issue
and
one
that
I
think
needs
to
be
tackled
in
a
variety
of
ways,
all
right.
B
Well,
so
a
little
bit
of
recap,
so
we
are
still
a
very
early
Sig
within
the
open,
ssf
I,
don't
even
know
if
we
can
consider
ourselves
official
yet,
but
how
we
become
official
is
we
find
a
working
group
to
Nest
ourselves
under
and
present
our
goals
to
them
and
if
they
take
us
under
their
wing,
then
we
we
are
a
they
had
to
do
the
wing.
Then
we
are
a
full
sorry.
Then
we
are
a
a
official
Zig.
B
So
one
of
the
things
we
do
need
to
do
before
we
approach
a
oh
hi
avishay.
Before
we
approach
a
working
group,
we've
discussed
the
developers
best
practices
as
possibly
being
a
very,
very
good
fit.
Is
we
need
to
Define
our
goals
as
a
Sig,
and
there
were
two
that
were
proposed
when
the
Sig
was
initially
forming.
B
One
is
updating
the
language
in
the
open
source
security,
mobilization
plan
stream
four
to
reflect
a
broader
context
and
have
more
broad
inputs
in
it,
and
then
the
second
was
to
based
on
that
updated
language,
recommend
a
specific
Project
Specific
initiatives
for
funding
from
the
open,
ssf
or
openssf
members.
Now
my
question
to
the
group
is:
does
that
you
know
still
sound
good,
at
least
as
a
place
to
start
or
are
there
area
or
are
there
other
things
we
should
consider
as
a
Sig
putting
within
our
scope.
C
C
I
can
try
to
drag
the
text
from
the
mobilization
plan,
although
if
somebody
else
has
that
quickly
at
hand,
please
just
go
but
I
think
step.
One
is
you
know,
making
sure
we
agree
on
what
we're
doing
and
right
in
a
way
that
others
can
clarify
that.
Oh,
oh,
quick,
a
procedural
note!
I
can't
do
it
for
everybody,
but
for
several
of
you,
I've
turned
you
into
editors.
C
A
weird
Quirk
of
Google
docs
is
that
you
have
to
click
on
reload
to
get
your
new
amazing
privileges,
so
my
apologies,
I
haven't
been
able
to
do
it
for
everybody,
but
if
you
could
reload,
you
know
for
at
least
some
of
you.
You
will
get
the
Privileges
that
you
should
have
that
we're
starting
starting
with
the
airplane
in
flight.
B
That
was
put
together
very
very
fast,
with
limited
input
and
I
believe
there's
places
we
can
take
it
number
one
making
it
more
crisp,
crisply
defined
and
also
having
the
broader
input
on
it
and
then
turning
those
into
specific
initiatives
to
fund
so
I
guess
I
I
want
to
propose
the
group.
Does
that
sound
like
a
good
first
goal?
Updating
the
language
within
the
mobilization
plan.
C
I
I
think
it's
a
longer
term
goal.
That's
great
I
I
would
suggest,
though,
that
we
try
briefly
to
see
if
we
can't
come
up
with
a
at
least
a
first
cut
now,
because,
if
you're
going
to
present
to
a
working
group
they're
going
to
want
to
know,
what's
your
goal,
I,
don't
I
think
you
should
be
able
to
make
something,
even
if
it's
drafty
now
and
then
improve
it
later
or
do
you
think
that's
too
drafting.
G
What
David
is
saying
you
know
kind
of
lay
out
what
should
be
going
into
that
read
me
on
the
on
on
the
GitHub
site.
You
can
get
you
get
ahead
of
that,
then
you
know
when
you
become
an
official
Sig.
You
already
have
that
established
so
Charter
and
everything
else
can
be
established
after
that,
but
that,
but
but
purpose
and
and
scope,
and
everything
like
that
is
very
important
to
get
up
to
get
out
in
front
of
in
the
beginning.
Okay,.
B
C
B
C
B
Your
transition
to
memory
say
program
link,
let's
see
here,
I,
don't
think
it's
quite
that
yet
I'm
purpose
of
the
memory
safety,
Sig
I,
don't
know
if
it's
I
think
that's
all
encased
in
there
I'm
trying
to
figure
out
how
to
crisply
define
this,
which
I
believe
is
you
know
to
improve
memory.
Safety
within
open
source
code,
I.
Think
that's
the
big
General
one
art
go
right
ahead.
You
have
your
hand.
Oh
you.
F
There's
a
so
I've
been
I've
been
sort
of
following,
maybe
not
this
exact
thread,
but
the
the
consumer
reports
and
the
post
White
House,
you
know
guidance
a
bit,
there's
an
element
here
and
I,
don't
know
if
it
needs
to
go
in.
You
know
the
single
sentence,
mission
statement,
or
ever
or
or
else
but
I
also
want
to
slow
things
down.
But
I.
You
know
kind
of
reviewing
the
problems.
I
think
is
a
important
step.
F
You
know
the
the
dumb
version
of
this
is
well.
You
know
we're
not
going
to
rewrite
certain
things
right
off
the
bat,
but
you
know
so
something
like
understanding
and
then
proposing
ways
to
improve
memory.
Safety
for
open
source,
I
I
feel
with
some
of
the
current
push.
There's
been
a
bit
of
a
those
who
are
not
well
experienced
and
subtly
well
informed,
are
reading
here.
Jen
easterly
said
this:
I
was
there
in
person
on
Monday.
She
said:
two-thirds
of
software
vulnerabilities
are
caused
by
memory
safety
issues.
F
She
left
out
the
words
in
C
and
C,
plus
plus
programs
from
that
from
that
sentence,
and
you
know
message
is
clear,
great
great
speech,
great
message
overall
and
the
consumer
reports.
If
you
read
the
whole
paper
or
the
consumer
reports
papers.
Well,
you
know
it
covers
all
the
angles
very
nicely,
but
like
the
first,
you
know
two
sentences.
Are
this
two-thirds
number
so
I'm
a
little
cautious
of
that
I
don't
want
to
again
don't
want
to
gatekeep.
They
want
to
slow
things
down,
I
think
investigating
memory.
F
Safety
is
open
source
and,
in
fact,
in
all
software
is
an
important
security
thing
to
consider.
But
I
want
to
be
cautious
that
we're
set.
You
know
we
get
to.
We
understand
where
things
currently
are
here
here
and
here
are
places
to
push
on
memory
safety.
These
places
are,
you
know,
maybe
today
not
a
good
place
to
push
there's
something
there
I'd
like
to
try
to
fit
in
understanding
the
problem
space.
Well,
that's
my
high
level
comment
I'm,
not
sure
how
to
put
in
your
words
very
easily.
So
thank
you
all.
B
B
But
so
that
is
where
my
caution
is,
is
I,
don't
think
anyone
who's
credible
is
saying
that
specifically,
but
we
do
need
to
move
toward
more
memory,
safe
languages
and
we
do
need
to
move
toward
more
memory,
safe
programming
practices
and
I
do
think
you're
correct.
In
that
understanding.
The
problem
space
is
key
to
that.
F
B
C
B
C
I
A
C
The
Linux
kernel
Folks
by
the
way
they're
having
to
write
a
lot
of
code
in
order
to
enable
a
transition
just
to
enable
support
memory
of
sorry
device
drivers
in
Linux
and
they're.
Not
they
have
no
intention
of
using
a
memory
safe
language
for
the
core,
for
a
variety
of
forever,
of
understandable
reasons,
and
even
even
that
is
challenging,
but
their
challenges
aren't
standards
and
guidelines.
They're
challenges.
They
need
to
write
additional
code
to
make
it
happen.
Okay.
B
D
E
Point
I,
don't
think
I'm
saying
much.
That's
near
I,
think
I'm,
mostly
echoing
David
and
my
concerned
about
this,
is
that
it's
like
sounds
purely
educational
as
it
is,
and
I'm
curious
about
what
kind
of
scope
there
is
for
a
Sig
to
pursue
actually
writing
tools
or
actually
just
straight
up
fixing
software
I.
Don't
I,
don't
know
what
a
norm
is
for
things
in
general.
E
C
Ahead
and
jump
in
here
yeah
because,
okay,
you
know
it's
a
nomenclature
thing
in
the
open
ssf.
We
we
have
sigs
and
projects
projects
primarily
write
code.
Six
primarily
do
something
other
than
writing
code.
There's
nothing
that
says
that
we
can't
be
a
Sig
and
a
project
or
whatever
you
know,
but
that's
just
the
typical
nomenclature.
But
the
real
point
is:
there
is
no
restriction
in
the
open
ssf
from
writing
code
and
if
code
writing
is
what's
necessary
to
solve
the
problem
by
god.
C
B
C
B
G
A
D
Yeah
I
guess
we
could.
We
could
look
at
it
as
a
like
a
a
road
building
exercise
so
do
what
we
need
to
do
to
to
damage
like
to
actually
connect
that
like
to
solve
that
problem
and
then
a
lot
of
these
other
I
mean
it
is
very
Broad
and
so
I
think.
Then
it
really
forces
us
to
to
go
to
that
next
level
of
of
detail
to
make
sure
that
we
have
the
clearer
goals
and
sort
of
sitting
under
that
right.
F
F
I,
like
the
short
I've,
been
writing
some
things
down
and
I.
Think
someone
else
just
wrote
the
same
thing,
but
academically
I
like
reduce
but
eliminate,
is
much
more
aspirational,
no
problem
there
I
think
high
level.
This
is
very
succinct
right:
we're
going
to
reduce
or
eliminate
memory
safety
vulnerabilities.
F
F
B
It
thank
you
and
briefly,
my
and
then
we'll
go
to
Jay.
My
worry
is
that
we'll
come
to
the
developer,
best
practices
working
group
with
this
eliminate
memory,
safety,
vulnerabilities
and
OSS,
and
their
response
will
be.
This
is
way
too
broad
and
we
can
put
specifics
under
it,
but
let's
go
to
Jay
next.
G
Yeah
my
it
might
help
if
we
actually
wrote
the
words
Mission,
Vision
and
purpose
down
and
then
and
then
wrote
these
things
next
to
him,
because
a
lot
of
what
I
hear
is
is
a
combination
of
the
two
one
sounding
like
a
mission
when
it's
really
a
vision,
you
know
being
clear
about.
You
know
what
what
is
the
the?
What
is
the
Crux
of
what
the
the
Sig
is
going
to
do?
What,
based
on
what
the
mission
of
the
Sig
is?
G
What
does
that
Outlook
Vision
look
like
so
what's
the
vision,
what
what
is
what
does
success
mean
right
and
then
and
then
then
you
drill
down
into
purpose
and
all
that
all
that
kind
of
stuff
like
that,
so
I
think
you
know
high
level,
you
know
understand
what
that
mission
is
and
then
what
does
success?
Look
like
against
that
mission.
Okay,.
G
B
G
Oh
and
I
was
going
to
say
Vision
the
great
thing
about
the
vision,
and
this
is
to
what
what
art
said
before
he's
right
to
say
academically,
you
want
to
say,
reduce
right,
I
mean
because
you,
but
but
but
Vision
wise
right.
The
great
thing
about
a
vision
is
you
can
get
aspirational
as
hell
you
can
you
can
get
you
can
get
wild
with
a
vision
right.
The
vision
is
to
eliminate
them
completely
right.
G
That's
that's
the
that's
aspirationally.
What
we
want
to
do
now
that
goes
right
up
into
you
know,
against
the
the
broader
Mission.
The
mission
of
this
put
this
to
do
this,
but
the
vision
out
the
outcome
of
it
is
to
have
this
so
now
that
we
grow
the
vision.
That
mission
should
become
a
a
a
a
little
a
little
clearer
got.
B
B
D
Yeah
I
think
I
think
if
the
if
our
purpose
is
to
kind
of
provide
some
proof
points
and
to
provide
tooling
and
to
provide
guidance
like
I,
don't
know
again
it
kind
of
crosses
in
a
bit
into
goals,
but
I
think
rather
than
the
activities
we
might
do
like
rewriting
software
building
guidance
or
whatever
else.
What
what
our
purpose
is
is
to
basically
take
this
lofty
goal
of
fixed
giant
problem
into
here
is
the
path
that
you
go
down
right
to
meaningfully
improve
this
and
to
build
that
path.
We
need
to
improve
the
tools.
D
D
B
B
B
B
C
C
B
B
G
C
G
The
mission
includes
some
of
the
purpose.
So,
if
you
ask
me
what
the
difference
is
I'm
going
to
say,
I'm
going
to
say
that
there's
very
little
understand
and
reduce
memory
safety,
vulnerabilities
mission
is
understand
and
reduce
many
receptive
vulnerabilities,
the
developing
programmatic
guidance
and
software,
including
tools,
that's
the
that's
the
purpose.
G
B
G
You
can
have
a
one
sentence,
vision
and
a
one
sentence.
Mission.
The
the
mission
is,
this
is
what
we
want
to
do.
The
vision
is
this
is
what
you
want
to
do:
aspirationally
aspirationally.
We
want
to
accomplish
this
based
on
what
we
want
to
do.
So
what
we
want
to
do
is
this.
The
vision
is
what
it
looks
like
once
we
accomplish
what
we
want
to
do.
The
purpose
is
to
develop
these
things,
to
accomplish
the
mission
to
achieve
the
vision.
D
D
I
D
Want
it
to
include
improving
the
memory
safety
or
having
memory,
safe,
dialects
or
subsets
or
static
analysis
that
proves
memory
safety
in
other
languages,
but
we
want
to
pragmatically
work
out
how
we
can
use
that
technology
and
then
get
you
know.
Meaningful
positive
results
there.
So
I
am
like
right,
so
I
think
I
think
the
pragmatic
side
of
it
and
the
analysis
side
of
it
are
important,
but
I
I
don't
want
it
to
look
like
with
we're.
Oh,
is
it
a
good
idea
to
use
memory
safe
languages
because
I
feel,
like
that's,
been
litigated?
B
D
D
H
A
Yeah
from
my
side,
it's
also
the
same
I
think
a
lot
of
it's
going
to
be
the
visibility
of
like
what
tools
practices
Etc
are
available
for
the
transition
for
memory
safety.
You
know
being
moving
through
like
rust
or
another
language.
That
is
one
of
the,
like
sort
of
you
know
guiding
directions,
they
can
go,
but
that's
just
the
way
everyone
is
kind
of
going
right
now
and
I
want
to
make
sure
that
we
include
like
the
visibility
of
alternatives
to
that.
A
Where
you
know
here
it
is
you
know
if
you
were
interested
in
how
do
you
handle
your
Legacy
Safety
standards?
You
know
that
that
could
still
be
a
cult.
That
kind
of
makes
sense
for
I
want
to
make
sure
we
include
those
other
transitional
factors.
Of
course
you
know
you
could
rewrite
your
code
base
XYZ,
it
doesn't
have
to
be
rust
just
so
we
don't
put
it
all
on
that
and
I
want
to
make
sure
that
we
include
like
all
of
those
transitional
recommendations.
So
it's
you
know
more.
A
H
It
makes
sense
yeah
yeah,
one
thing
I
want
to
add
is
I'm
a
database
consultant,
so
I'm
not
a
developer.
So
like
the
information
here,
is
quite
useful
for
a
lot
of
security
reasons.
So
is
there?
Is
there
anything
that
information
available
with
us
not
only
for
developers
but
also
for
users?
So
you
know,
for
example,
database
consultant
topper.
A
A
side
question
as
well
sorry,
some
of
this
may
also
be
sort
of
the
well
I'm
wondering
for
the
purpose.
You
know
how
much
is
it
because,
like
within
this
group,
we
understand,
like
you,
know
it
kind
of
Harkens
back
to
the
very
beginning
of
this
discussion
where
we
were
talking
about.
You
know.
We
all
know
the
case
of
like
70
of
C
plus
plus
bugs
are
memory
safety
issues,
but
it
should
also
be
you
know.
A
B
I
do
think
there's
a
lot
of
existing
research,
not
just
Consumer
Reports,
but
Microsoft
Google,
others
around.
Why
memory
safety
is
an
issue.
I
mean
that's,
certainly
stuff.
We
could
draw
on
I,
don't
know
if
we
would
necessarily
need
to
produce
something
on
that,
but
I'm
certainly
open
to
feedback
on
that
and.
B
B
C
A
C
C
C
I,
don't
know
that
either.
That's
why
I'm
saying
I
don't
remember,
but
I
I
vaguely
remember.
It
was
across
all
cves
across
all
of
Microsoft
and
I
know
they
developed
more
than
CNC
and
then
coding,
C
and
C
plus
plus
I
mean
c-sharp,
for
example,
and
net
in
general.
So
it
may
we've
been
saying
70,
but
we
might
want
to
go
back
as
part
of
this
informed
by
real
world
data
might
want
to
find
out
more
about
the
actual
numbers
for
for
different
situations.
Go.
F
I've
been
a
little
bit
Perhaps
Perhaps
personal
bias,
cranky
about
that
70
number
ever
since
it
came
out,
I,
don't
argue
with
it,
but
again,
I'm
I'm,
trying
to
very
objectively
look
at
hey
60
70
of
security
bugs
in
memory
unsafe
languages
are
caused
by
no
surprise
right.
Memory.
Memory
on
safety,
I
did
an
analysis
of
the
nvd,
which
is
already
not
great
data.
The
nvd
does
try
since
about
2008
and
I
spoke
to
them.
They
try
pretty
hard
to
use
cwe
as
a
cause
of
the
vulnerability.
F
Cwe
has
issues
so
no
I'm
not
going
to
defend
that.
The
data
is
a
great
great
quality
here.
I
did
a
almost
back
of
the
napkin.
Looked
at
here
are
cwes
that
are
obviously
memory.
Safety
issues,
your
rcwes
that
are
probably
but
not
always,
memory
safety
issues
and
here
are
cwes
that
are
definitely
not,
and
I
came
up
with
about
25
percent
of
the
last
five
years
of
all
things
in
the
nvd.
F
Now
again,
it's
I
want
to
be
very
clear
here.
There
are
a
lot
of
biases
and
issues
with
this
and
you
can't
go
deep
with
that
analysis
because
it's
fraught
with
bias
and
data
problems.
Nonetheless,
if
you
look
at
you
know,
if
you,
if
you
make
a
denominator
bigger,
the
number
goes
down,
is
all
I'm
all
I'm
saying.
C
F
C
Web
server
and
see
you're
not
going
to
be
able
well
putting
this
with
webassemble.
You
could
but
you're
often
not
going
to
write
client-side
code
in
C.
So,
for
example,
the
OAS
top
10
doesn't
list
memory,
safeties
never
happens,
it's
the
top
one.
Last
I
checked
on
the
CV
ve
top
25
again,
which
languages
are
are
in.
You
know,
Microsoft
writes
a
whole
lot
of
CNC
plus
plus
that's.
The
number
goes
up.
B
B
G
B
I
C
B
B
Our
next
meeting-
okay-
well,
we
we
might
cancel
that
then,
and
if,
if
it
sounds
like
that,
that's
a
big
conflict,
we
might
cancel
that
I.
Don't
want
to
try
and
reschedule
the
meeting,
because
it's
been
so
difficult
to
get
this
time
in
general.
But
let's
talk
asynchronously
and
we
can.
We
can
continue
to
to
address
that.
If
we
need
to
cancel,
we
can
continue
to
talk
in
the
slack
Channel
and
in
other
places
as
well.
B
C
I
guess
two
minor
things,
and
these
are
just
more
procedural
things,
but
I
want
to
make
sure
that
things
actually
happen.
So
there's
a
I
quickly
commented
earlier
about.
You
know
the
open
ssf
has
you
know
some
little
terminology.
They
Define
on
their
website
about
Sir,
sigs
and
projects.
Projects
have
code.
Cigs
are
something
other
than
necessarily
code,
but
please
don't
shy
away.
If,
if
you
know
a
Sig,
can
you
know
say
fire
off
a
project?
So
hey
you
know
we
we
look.
We
need
to
do
this.
C
C
Think
a
number
of
you
are
very
familiar
with
the
open,
ssf,
but
I'm,
not
sure
everybody
is
we
always
you
know
a
whole
lot
can
be
done
without
funding
with
people
who
are
ex
who
are
interested
exciting
and
we
don't
want
to
stop
any
of
that.
If
you
need,
if,
if
funding
is
needed,
formally,
the
governing
board
of
the
open
ssf
decides
where
the
it's
funding
gets
spent.
Now,
if
somebody
finds
some
funding
elsewhere,
your
company
is
paying
you
to
do
X,
carry
on
don't
let
us
stop.
C
You
in
the
end
of
the
governing
board,
immediately
looks
over
to
the
tech
for
a
technical
review.
So
in
practice,
what
happens?
Is
you
talk
among
the
working
group?
Does
that
make
sense,
then
it
gets
raised
up
to
the
tech.
Does
that
make
sense?
There
are
a
couple
pockets
for
small
amounts
of
funding,
that's
pre-approved.
Otherwise
it
goes
the
governing
board.
I
can't
guarantee
funding,
but
that's
how
it
works.
Okay,.