Join hosts Joel Moses, Oscar Spencer, and Matt Yacobucci as they dive deep into the world of formal verification with special guest Chris Fallin. In this episode of WebAssembly Unleashed, the team discusses the importance of formal verification in software development, particularly for WebAssembly. Chris, a co-author of the Cranelift compiler and Mozilla alum, explains the concept of formal verification, its significance, and how it can be applied to ensure software correctness and security. The conversation covers a range of topics including type safety, the use of SMT solvers, the challenges in formally verifying compilers, and the potential role of AI in generating formally verified code. Don't miss this insightful discussion if you're keen to learn about cutting-edge techniques to make software more reliable and secure.
00:00 Welcome to WebAssembly Unleashed
00:57 Community Updates
01:41 Guest Introduction: Chris Fallin
02:18 What is formal verification and why is it important?
03:10 Formal Verification in WebAssembly
06:28 Challenges and Real-World Applications
07:52 Tools and Techniques for Verification
20:22 Future Directions and Broader Implications
28:21 AI and Formal Verification
30:44 Lack of Formal Verification Consequences
Did you miss the WebAssembly Unleashed episode 16 with Bruce Gain? Check it out here: https://youtu.be/Gjd8l1Sz9qY?si=QGixwObXJgvex9DS
For more from F5's Office of the CTO visit the following sites:
Blogs - https://www.f5.com/company/octo
Reports - https://www.f5.com/services/resources/reports
Meet Your Hosts:
Joel Moses | https://www.linkedin.com/in/joelmoses/ | https://community.f5.com/users/joel_moses/398372
Oscar Spencer | https://twitter.com/oscar_spen | https://www.linkedin.com/in/oscarspen/
Matthew Yacobucci | https://www.linkedin.com/in/matthew-yacobucci-323b4b2/
All content for DevCentral is the property of F5 DevCentral Community and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Join hosts Joel Moses, Oscar Spencer, and Matt Yacobucci as they dive deep into the world of formal verification with special guest Chris Fallin. In this episode of WebAssembly Unleashed, the team discusses the importance of formal verification in software development, particularly for WebAssembly. Chris, a co-author of the Cranelift compiler and Mozilla alum, explains the concept of formal verification, its significance, and how it can be applied to ensure software correctness and security. The conversation covers a range of topics including type safety, the use of SMT solvers, the challenges in formally verifying compilers, and the potential role of AI in generating formally verified code. Don't miss this insightful discussion if you're keen to learn about cutting-edge techniques to make software more reliable and secure.
00:00 Welcome to WebAssembly Unleashed
00:57 Community Updates
01:41 Guest Introduction: Chris Fallin
02:18 What is formal verification and why is it important?
03:10 Formal Verification in WebAssembly
06:28 Challenges and Real-World Applications
07:52 Tools and Techniques for Verification
20:22 Future Directions and Broader Implications
28:21 AI and Formal Verification
30:44 Lack of Formal Verification Consequences
Did you miss the WebAssembly Unleashed episode 16 with Bruce Gain? Check it out here: https://youtu.be/Gjd8l1Sz9qY?si=QGixwObXJgvex9DS
For more from F5's Office of the CTO visit the following sites:
Blogs - https://www.f5.com/company/octo
Reports - https://www.f5.com/services/resources/reports
Meet Your Hosts:
Joel Moses | https://www.linkedin.com/in/joelmoses/ | https://community.f5.com/users/joel_moses/398372
Oscar Spencer | https://twitter.com/oscar_spen | https://www.linkedin.com/in/oscarspen/
Matthew Yacobucci | https://www.linkedin.com/in/matthew-yacobucci-323b4b2/
Join our AppSec experts—Merlyn, Malcolm, MegaZone, and host Chase Abbott—as they dig into some of the latest stories shaking up the cybersecurity world. This week's AppSec Now explores an active campaign targeting Amazon EC2 instance metadata via SSRF vulnerabilities, and why that's a wider-reaching problem than you might think. We discuss Oracle's controversial handling of their cloud breach and the impact of trust in the disclosure process.
Also in the mix: malicious NPM packages deployed by North Korean hackers, a sneaky Golang malware employing "click-fix" tactics for crypto theft, and a critical Apache Parquet remote code execution bug rated CVSS 10.0—but how worried should we really be?
🔗 Relevant Links Here:
https://community.f5.com/kb/security-insights/oracle-hack-north-korean-hackers-critical-flaw-in-apache/340708
00:00 Introduction
04:01 F5 Labs: AWS EC2 SSRF
10:44 Oracle Cloud Breach
16:44 Verizon iOS App Exposure
20:23 BeaverTail Malware via NPM
24:43 Golang Ghost Malware
28:34 Apache Parquet RCE - CVSS 10 !!!
34:12 Outro
DevCentral
Join hosts Joel Moses, Oscar Spencer, and Matt Yacobucci as they dive deep into the world of formal verification with special guest Chris Fallin. In this episode of WebAssembly Unleashed, the team discusses the importance of formal verification in software development, particularly for WebAssembly. Chris, a co-author of the Cranelift compiler and Mozilla alum, explains the concept of formal verification, its significance, and how it can be applied to ensure software correctness and security. The conversation covers a range of topics including type safety, the use of SMT solvers, the challenges in formally verifying compilers, and the potential role of AI in generating formally verified code. Don't miss this insightful discussion if you're keen to learn about cutting-edge techniques to make software more reliable and secure.
00:00 Welcome to WebAssembly Unleashed
00:57 Community Updates
01:41 Guest Introduction: Chris Fallin
02:18 What is formal verification and why is it important?
03:10 Formal Verification in WebAssembly
06:28 Challenges and Real-World Applications
07:52 Tools and Techniques for Verification
20:22 Future Directions and Broader Implications
28:21 AI and Formal Verification
30:44 Lack of Formal Verification Consequences
Did you miss the WebAssembly Unleashed episode 16 with Bruce Gain? Check it out here: https://youtu.be/Gjd8l1Sz9qY?si=QGixwObXJgvex9DS
For more from F5's Office of the CTO visit the following sites:
Blogs - https://www.f5.com/company/octo
Reports - https://www.f5.com/services/resources/reports
Meet Your Hosts:
Joel Moses | https://www.linkedin.com/in/joelmoses/ | https://community.f5.com/users/joel_moses/398372
Oscar Spencer | https://twitter.com/oscar_spen | https://www.linkedin.com/in/oscarspen/
Matthew Yacobucci | https://www.linkedin.com/in/matthew-yacobucci-323b4b2/
