One week from today, on Monday Nov 19th, Prof. Gang Tan of Boston College (PhD Princeton 2005) will give a talk at noon on how to find security holes in JVMs -- in particular, in the interaction between native (C) methods and Java code -- AND how to prove the absence of holes. Location: Small Auditorium Monday, Nov 19th. Time: 12 noon. LUNCH PROVIDED (for the first 20 people...) Speaker: Gang Tan, Boston College Title: Security Analysis of the Native Code in the JDK Abstract: It is well known that the use of native methods in Java defeats Java's guarantees of safety and security, which is why the default policy of Java applets, for example, cannot load non-local native code. However, there is already a large amount of trusted native C/C++ code that comprises a significant portion of the Java Development Kit (JDK). We have carried out an empirical study on the security of the native code in Sun's JDK 1.6. By applying static analysis tools and manual inspection, we have identified in this security-critical code previously undiscovered vulnerabilities. We propose a taxonomy of vulnerabilities to classify patterns of errors, and discuss new patterns that arise in the interaction between Java and the native code. We also discuss remedies to address the threats posed by the native code. We have implemented a system, SafeJNI, which can guarantee that the failure of the native code does not corrupt the Java state. We have also proposed ILEA, which is a general framework for performing inter-language analysis across Java and C. By partially compiling C code into Java code, ILEA enables existing analyses on Java to also understand the C code.