Previous draft titles:

1. Is the Linux Kernel Secure Yet?
2. Musings from decades of off-and-on Linux Kernel security research...

The Linux Kernel underpins billions of modern computers and devices ranging across almost every industry. Arguably, its ubiquity places it firmly into the category of critical infrastructure. But, is it secure? In this presentation, Josh will explore this question in detail. He compares and contrasts the security investments being made within the Linux Kernel developer ecosystem with a typical software development life cycle used in a professional development organization. Additionally, he will share a case study of a public and widely exposed security issue that remains unfixed. Finally, he will make recommendations that can reduce the risk posed by running the Linux Kernel.

Joshua "jduck" Drake is the Principal Security Researcher at Delphos Labs. He is a software developer, vulnerability researcher, reverse engineer, author, and public speaker with over 15 years of professional experience. He focused a majority of his career in the software space where he discovered, analyzed, and/or developed exploits for hundreds of security problems. jduck spent a decade focused on Android security (2011 to 2021). During that time, he took the lead on authoring the "Android Hacker's Handbook" and bringing the "Stagefright Vulnerabilities" to the public eye. Nowadays, jduck is researching the application of AI to reverse engineering and vulnerability discovery within binaries. When time permits, he likes to participate in Capture the Flag events and spend time with his family and friends.