Presented by

  • bunnie


    bunnie is best known for his work hacking the Microsoft Xbox, as well as for his efforts in designing and manufacturing open source hardware, including the chumby (app-playing alarm clock), chibitronics (peel-and-stick electronics for craft), and Novena (DIY laptop). He received his PhD in EE from MIT in 2002. He currently lives in Singapore where he runs a private product design studio, Kosagi, and he actively mentors several startups and students of the MIT Media Lab.

  • Sean "xobs" Cross

    Sean "xobs" Cross

  • Tom Marble

    Tom Marble

    Tom Marble is best known for being the first "OpenJDK Ambassador" on the Sun Microsystems core team that open sourced the Java programming language. Tom is the founder of Informatique, Inc., a consultancy which leverages his hardware, software and intellectual property background for client projects as diverse as telematics for electric vehicles, probabilistic modeling, temporal planning visualization, autonomous cyber defense, and multiplayer online gaming. Mr. Marble is committed to increasing diversity in technology by organizing ClojureBridge, a weekend workshop for women to learn the Clojure programming language. He has also been a long time contributor to the Debian project by participating on the Clojure and Java Teams. Tom is passionate about the role of Free Software, Open Hardware, and Free Culture in making the world a better place as demonstrated by co-organizing the FOSDEM devroom on Legal and Policy Issues, volunteering for Copyleft Conf and as a member of the Software Freedom Conservancy Evaluation Committee.


The condensation of virtually everything into a single device -- the smartphone -- has normalized deviant behaviors that create security risks. For example, many smartphone users conduct secure transactions while juggling several other apps, thus creating opportunities for adversaries to exploit human error. Furthermore, running both secure and insecure code on a common CPU increases the risk of exposing user secrets thanks to microarchitectural side channels -- a large, complex, and opaque attack surface. System architects have introduced "secure enclaves" as a technique to minimize the attack surface between sensitive secrets and an untrusted CPU. In theory, secret key material never leaves the perimeter of the enclave – keys are generated and stored permanently within the enclave. Regardless of the implementation details, secure enclaves inevitably rely on an untrusted CPU to relay messages to the user. This is because there is typically just one screen and keyboard presented to the user, and these elements are directly connected to the untrusted CPU. Thus, secure enclaves can only protect keys from being compromised; they cannot protect the data itself from compromise. This talk introduces Betrusted, a device designed to partition a set of secure applications into a physically separate device that is designed using security-first principles: the hardware is simple, open source, and is user-verifiable from the keyboard to the LCD. Putting secure apps on a separate screen also helps users focus on their secure transactions, while minimizing attack surfaces and eliminating microarchitectural sidechannels. The Betrusted project’s scope will eventually range from secure silicon all the way to application layer code, and we are looking for developers of all stripes who are interested in contributing to the project.