Spectre: Secrets, Side-Channels, Sandboxes, and Security

by Chandler Carruth

The discovery of speculative execution side-channel attacks (called "Spectre") fundamentally changes the security model of every modern superscalar microprocessor. Extracting secret data (credit cards, cryptographic keys) through side-channels is not new and has challenged the cryptographic community for decades. Despite this, the industry has often been complacent in our response, viewing these attacks as impacting a tiny amount of code and being nearly impossible to weaponize. But speculative execution attack techniques have fundamentally altered the ease and applicability of side-channels, making them a serious threat to computer security. Responding to these issues has impacted CPU design, compiler design, library design, sandbox techniques and even the C++ programming language and standard.

This talk will explain how these kinds of attacks work at a high level and provide a clear set of terminology to describe these classes of vulnerabilities and attacks. It will show how the different variants work at the low level of modern hardware to give a detailed and precise understanding of the mechanics involved on CPUs today.

It will also provide guidance about what makes applications and services vulnerable and how to analyze your software to understand the degree of its exposure. It will include an overview of the numerous different mitigation techniques available, how to deploy them, and what tradeoffs come with them. Some of these mitigations will be covered in detail: how they work at a hardware level, where they don't work, and what attack vectors remain.

Finally, the talk will show how traditional side-channel risks are made substantially easier to exploit due to speculative execution. This will cover how cryptographic and other libraries dealing in high-value secrets need to be adapted to correctly defend against these attacks. Further, it will introduce general problems of sandboxing untrusted code from secret data and the current best techniques in those circumstances.

This talk will be accessible to most C and C++ programmers. No deep background on CPUs, assembly, hardware instructions, Spectre, side-channels, or security is needed.

Presenter Interviews: Klaus Iglberger

by Bob Steagall

In this week’s interview, Kevin chats with Klaus Iglberger about his upcoming class Modern C++ Design Patterns; we also find out more about the Back to Basics track and his talk on Move Semantics.

Applied Best Practices

by Jason Turner

What happens when we start a project from scratch and try to apply all of the best practices? How well do constexpr, noexcept, [[nodiscard]] and other features interact with each other? Is it possible to apply all of the best practices at once, or will they conflict with each other? We will explore current best practices and examine their impact on compile time, runtime and testing. We'll also see some of the unexpected effects that result when best practices are applied to a new project.

Simplicity: Not Just For Beginners

by Kate Gregory

Many people say that simple code is better code, but fewer put it into practice. In this talk I’ll spend a little time on why simpler is better, and why we resist simplicity. Then I’ll provide some specific approaches that are likely to make your code simpler, and discuss what you need to know and do in order to consistently write simpler code and reap the benefits of that simplicity.

The Bits Between the Bits: How We Get to main()

by Matt Godbolt

When you run your C++ code, have you ever considered how the linker, loader, operating system, C and C++ runtime all work so hard to get everything set up for you to start running your code in main()?

In this Linux-focused talk, Matt will talk about how the linker stitches together your code and how that fits in with dynamic linking. He'll touch on debugging issues with the loader, and how ODR violations can manifest themselves. Then he'll take a look at what's going on behind the scenes to get the C runtime up, and then the C++ runtime, along with all the global object constructors - showing more reasons why you shouldn't be using them!

By the end of the talk you should have an understanding of how a bundle of object files are brought together by the linker, along with the relevant runtimes, and then loaded and executed by the operating system.

Presenter Interviews: Emery Berger

by Bob Steagall

In this week’s presenter interview, Kevin talks with Professor Emery Berger about his time working with memory management in C++, what he is looking forward to at this years conference, and his session Mesh: Automatically Compacting Your C++ Application’s Memory.

Call for Open Content Sessions

As we do every year, we offer Open Content session in the early morning, over lunch, and in the evening...

Can I has grammar?

by Timur Doumler

Lightning talk.

105 STL Algorithms in Less Than an Hour

by Jonathan Boccara

We are all aware that we should know the STL algorithms. Including them in our designs allows us to make our code more expressive and more robust. And sometimes, in a spectacular way.

But do you know your STL algorithms?

In this presentation, you’ll see the 105 algorithms that the STL currently has, including those added in C++11 and C++17. But more than just a listing, the point of this presentation is to highlight the different groups of algorithms, the patterns they form in the STL, and how the algorithms relate together. And all this in an entertaining way.

This kind of big picture is the best way I know to actually remember them all, and constitute a toolbox chock-full of ways to make our code more expressive and more robust.

Presenter Interviews: Matthew Butler

by Bob Steagall

In this week’s presenter interview, Kevin chats with Matthew Butler today about his upcoming class at CppCon, Exploiting Modern C++: Building Highly-Dependable Software, his first WG21 meeting in Cologne, and his upcoming CppCon talk If You Can’t Open It, You Don’t Own It.