Fearsome File Formats

This conference talk explores the evolution of file format security challenges a decade after the "Funky File Formats" presentation at 31c3. Discover why specifications alone aren't enough to prevent vulnerabilities, even with extensive open-source parser testing and fuzzing. Journey through the darker corners of the file format landscape, where even seemingly simple formats can present unexpected challenges. Learn about emerging complex constructs like near-polyglots, timecryption, and hashquines, and how AI has become a new element in file format security. Join Ange Albertini for this 46-minute "FileCraft" adventure that examines whether security has truly improved over the past ten years.