Gynvael Coldwind


Programmer enthusiast with a passion for computer security and low-level aspects of computer science. Coldwind authored the "Zrozumieć Programowanie" ("To Understand Programming") book, as well as numerous articles, publications, podcasts and lectures devoted to mentioned topics. In 2013, he was awarded a Pwnie Award (together with Mateusz Jurczyk) in the "Most Innovative Research" category in the field of computer security. Coldwind is the co-founder and former captain of the Dragon Sector team - one of the best CTF teams in the world. Since 2010, he lives in Zurich and works for Google as a Senior Software Engineer / Information Security Engineer.



C/C++ vs Security! (2018)

From a security researcher's point of view both C and C++ are wonderful! They are full of pitfalls, traps, quirks and unexpected behaviors. To make things even more interesting, the execution environment assumed by C/C++ does not fully match actual real-world environments. Of course, all of this is easy to get right if you have Ph.D. in C++. Or two.

The talk presents both the classical and the less obvious security bugs, pitfalls, and traps found in C/C++ software.