Semi-retirement, or, changing my relationship with the BSDs
16 hours ago
- #OpenBSD
- #Academic Collaboration
- #Security Research
- Dr. Brian Robert Callahan reflects on his journey from his first commit to OpenBSD in 2013 to becoming a professor, integrating BSD projects into student research.
- Discusses the transition from technical to personal motivations in BSD development, emphasizing community and personal growth.
- Highlights a 2019 paper by Todd Mortimer on mitigating ROP attacks in OpenBSD, focusing on reducing 'gadgets' to prevent arbitrary code execution.
- Details efforts by grad students to port OpenBSD's ROP mitigations to FreeBSD, testing their efficacy and binary size impact.
- Reveals findings that challenge original claims: mitigations showed modest gadget reduction and notable binary size increases, with some cases of increased gadgets.
- Questions the utility of 'unique gadget reduction' as a security metric, suggesting some gadgets are inherently non-threatening.
- Announces semi-retirement from OpenBSD to avoid conflicts of interest, pivoting towards academic research on BSD security features.
- Proposes establishing a research lab to systematically review BSD security innovations, fostering new developers and collaborative projects.
- Expresses commitment to BSD improvement through academia, aiming to attend more BSD conferences with students.