Open source provides transparency for code reviews, fosters collaboration with diverse experts, and prevents vendor lock-in for businesses.
The rapid pace of AI development often pushes security to a lower priority, creating risks as non-technical users are given powerful, low-level system access.
Agentic AI is in an exploratory phase where it is often misapplied to problems that have simpler, more traditional solutions.
The nono project provides a simple, easy-to-use sandbox that uses kernel-level security to isolate AI agents and prevent unauthorized system access.
This demonstration shows how to use nono from the command line to restrict file access, protect credentials with phantom keys, and roll back unwanted changes made by an agent.
Nono protects systems by blocking destructive commands like 'rm -rf' by default and provides a secure audit trail of all actions an agent performs.
Drawing parallels with Let's Encrypt and Sigstore, making security tools free, simple, and user-friendly is the key to achieving widespread adoption.
The success of nono demonstrates the power of building tools that solve real problems observed in developer communities like Discord.
23:29Deepu
35:37Liran Tal
53:54Tarek Ziadé
29:00Alex Soto
26:28Anna Oliveira
30:36Mackenzie Jackson
53:04Alex Nahas
55:37Chris Heilmann, Daniel Cranney & Kumar McMillan
Jobs that call for the skills explored in this talk.
IO Sphere
Charing Cross, United Kingdom
nono
Ignite Technical Resources
Richmond, United Kingdom
Apple's Security Engineering & Architecture
