Brussels / 1 & 2 February 2020


The OpenJDK JVM : Securing a moving target or What could possibly go wrong?

The OpenJDK Java Virtual Machine presents some interesting challenges when it comes to guarding against potential vulnerabilities. This talk will explain how dynamic class-loading, JIT compilation, speculative compilation and other aspects of the JVM's operation present a moving attack surface that presents some very different challenges to those found in other programs or runtimes.

This talk won't say anything about specific vulnerabilities but it will identify a few areas of the OpenJDK JVM where some of these unique types of vulnerability have been identified and resolved. It may teach you some things you didn't know about the complexity of the JVM and hopefully reassure you that the OpenJDK devs are very aware of what could possibly go wrong. Whether we have got it all right is left as a follow-up exercise for attendees.


Photo of Andrew Dinn Andrew Dinn