Risky Business #210 -- Attacking JIT compilers, SSL woes and more

Man, those CAs sure to know how to screw things up, huh?
09 Sep 2011 » Risky Business

On this week's show we take a look at the security of browser JIT engines with two extremely smart guys: Chris Rohlf and Yan Ivnitskiy of Matasano Security.

They presented a paper in Vegas all about attacking clientside JIT compilers. It's good, old-fashioned security research -- the type of research that's increasingly being withheld from the public these days.

What is a JIT compiler? How does it work? Do they present inherent security problems? Tune in to find out!

This week's show is brought to you by Sophos Network Security. In this week's sponsor interview we're joined by that company's product manager Angelo Comazzetto to discuss network visibility and application aware firewalls.

Normally Adam Boileau joins the show to discuss the week's news, but he's off globetrotting for the next few weeks, so instead his buddy Mark "Longpipes" Piper steps into the news slot to fill in. Thanks Mark!