Suman Jana
Stanford University
Computer Science Department
Computer Science Building, Room 151
Faculty Host: Amir Houmansadr
Computing is undergoing a major shift. Third-party applications hosted in online software markets have become ubiquitous on all kinds of platforms: mobile phones, Web browsers, gaming devices, even household robots. These applications often include yet more third-party code for advertising, analytics, etc. These trends have dramatically increased the amount of bad code throughout the software stack - buggy code, malicious code, code that overcollects private information intentionally or by accident, overprivileged code vulnerable to abuse - as well as the amount of sensitive data processed by bad code.
In this talk, I will demonstrate that existing application platforms are ill-suited to dealing with bad code, thus causing security and privacy problems. I will then show how to isolate bad code without affecting its useful functionality, by redesigning the interfaces across the software stack and controlling the information released to the applications by the platform. I will also show how automated testing can identify bad code and help developers improve their applications.
A reception will be held at 3:40 in the atrium, outside the presentation room.