Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security Facebook Intel

Facebook Awards $100,000 Prize For New Code Isolation Technique (zdnet.com) 13

ZDNet reports: Facebook has awarded a $100,000 prize to a team of academics from Germany for developing a new code isolation technique that can be used to safeguard sensitive data while it's being processed inside a computer. The award is named the Internet Defense Prize, and is a $100,000 cash reward that Facebook has been giving out yearly since 2014 to the most innovative research presented at USENIX, a leading security conference that takes place every year in mid-August in the US.
An anonymous reader writes: The new technique is called ERIM and leverages Intel's memory protection keys (MPKs) and binary code inspection to achieve both hardware and software-based in-process data isolation. The novelty of ERIM is that it has an near-zero performance overhead (compared to other techniques that induce a big performance dip), can be applied with little effort to new and existing applications, doesn't require compiler changes, and can run on a stock Linux kernel.
This discussion has been archived. No new comments can be posted.

Facebook Awards $100,000 Prize For New Code Isolation Technique

Comments Filter:
  • The new technique is called ERIM and leverages Intel's memory protection keys (MPKs) and binary code inspection to achieve both hardware and software-based in-process data isolation.

    Long as the basic hardware mechanism works. e.g. Spectre.

  • by darkain ( 749283 ) on Saturday August 24, 2019 @01:23PM (#59121090) Homepage

    Now, let's put this cash value in perspective. A new engineer hired onto Facebook would actually make MORE than that in a single year's salary. SO, if this is an award handed out to an ENTIRE TEAM and only ONCE A YEAR, that means all of this work is being done for relative chump change to FB. Just another way to exploit people!

    • by Anonymous Coward
      and Zuck earns that much taking a piss. More perspective.
    • by rgomezc ( 992326 )
      I seriously doubt this team is working *for* this kind of prices. The team is, per the summary, a group of academics that most likely are being paid in their universities or institutions to do research. So this money is actually extra money for them. That FB could pay 10+ times this without even noticing it? Yes, totally agree.
    • by deKernel ( 65640 )

      What a whiny-ass complaint. You do realize that those "exploited" academics were already getting paid right? Did Facebook somehow enslave them and force them to do the research? I bet you are the same guy who while standing in the lunchroom continuously complain about just how under-appreciated (ie. not paid enough) you are when in fact, you are just that moron sitting in the corner cubicle using up all the staples.

    • Sounds like a total ERIMJOB

    • Now, let's put this cash value in perspective.

      Yeah, it's better than fuck all, which is what they would have gotten from FB otherwise since this technique will be quickly rolled out and used by anyone with security in mind. This is just FB acknowledging their accomplishment and giving them a reward. It's not like they worked for FB in the first place. Next are you going to say the Nobel prize cash value should be put in perspective as well? Or are you just whining about FB?

  • by ebcdic ( 39948 ) on Saturday August 24, 2019 @02:10PM (#59121194)
    USENIX is not "a leading security conference". It's the organization that used to be called the Unix Users Group. The conference is the USENIX Security Symposium.
  • Sounds a bit similar to the concept of protection rings
  • So someone is $100,000 richer, and the process they've created will be found to be vulnerable to a SPECTRE attack within a week.
  • Hey, guys, do you know that many companies, especially Facebook use data mining? I haven't known it until I read an article on https://light-it.net/blog/reas... [light-it.net]. I don't really understand the things like this one, but the text is easy to read, I liked it.

C makes it easy for you to shoot yourself in the foot. C++ makes that harder, but when you do, it blows away your whole leg. -- Bjarne Stroustrup

Working...