1 files changed, 15 insertions, 1 deletions

diff --git a/Events/XDC2013/XDC2013DavidHerrmannDRMSecurity.mdwn b/Events/XDC2013/XDC2013DavidHerrmannDRMSecurity.mdwn
index a1471b04..ab05a59f 100644
--- a/Events/XDC2013/XDC2013DavidHerrmannDRMSecurity.mdwn
+++ b/Events/XDC2013/XDC2013DavidHerrmannDRMSecurity.mdwn
@@ -2,10 +2,24 @@
 
 #### Abstract
 
+During the last few years, users of the DRM API have increased significantly.
+Aside from the X-Server different parts of the linux desktop stack use the DRM
+API directly. This includes Plymouth, Weston, Mir, kmscon and more.
+While the DRM and KMS APIs could mostly withstand the strain, the lack of a sole
+user-space DRM user showed several shortcomings in the design. We cannot rely
+on X-Server or DDX fixes to work around kernel API deficiencies, anymore. We
+have to carefully take all the different DRM applications into account while
+changing or improving the DRM API.
+By opening /dev/dri/ to more applications than the X-Server, we also open it for
+spoofing attacks. In this talk I want to built on the results of last year's
+DRM2 talk (XDC-2012) and address the GEM-Flink, DRM-mmap() and DRM-Master
+related spoofing attacks. I developed several examples that reveal how easy it
+is to misuse these and will discuss the fixes that were introduced to DRM during
+the last year.
+
 #### Links
 
 * [[Paper|DRM_SECURITY]]
 * [[Slides|slides.pdf]]
 * Video: youtube, webm
 
-