WebAssembly
Page 4 of 4
-
3 Key Takeaways from Altitude SF | Fastly
Courtney Nash
1.4 billion active monthly users, 10 billion requests per day, and 5.2 TB per second peak traffic — these are some of the staggering numbers we heard about at our 7th Altitude conference where customers, partners, and Fastlyans gathered to share experiences, exchange information and insights, and enjoy some tasty food and valuable networking. Here’s a few themes from the event worth highlighting.
WebAssemblyEvents -
Hijacking the control flow of a WebAssembly program
Jonathan Foote
While WebAssembly has already proven a fertile attack surface for the browser, as more web application code moves to WebAssembly from Javascript there will be a need to research and secure WebAssembly programs themselves. The WebAssembly design obviates common classes of attacks that might be inherited from development languages like C and C++, but there is still some room for exploitation. This tutorial will cover control flow protection guarantees provided by WebAssembly, known weaknesses, and how to use clang control flow integrity (CFI) in WebAssembly programs to mitigate some risks around control flow hijacks.
WebAssembly