Risky Business #152 -- Playing in the sandbox with Mark Dowd

Mark talks about his work on Google Chrome's sandbox...
28 May 2010 » Risky Business

Our feature guest this week Azimuth Security's Mark Dowd.

Mark is widely regarded as one of the best vulnerability researchers in the industry. He's published remote flaws in software like Sendmail and SSH, he's even created new classes of bugs. Remember that cross platform Flash bug a while ago? That was him, too.

So it's no surprise that when Google wanted someone to look over the security architecture of its Chrome browser, they turned to Mark. He went over Chrome with a fine tooth comb, uncovering some bugs as he went. But as you'll hear, Mark says the basic architecture of Chrome's sandbox is solid.

In this week's sponsor interview with speak with Eugene Kaspersky about the future of security on mobile devices. Kaspersky believes that mobile devices in the future will be much more complicated than they are now, and that will mean the current model of application verification won't last. People will always go to the more open platforms, he says.

Adam Boileau, as always, joins us for a discussion of the week's news headlines.