Though the Marshal serialization format has fallen out of favor over the past decade, due to a lack cross-language interoperability and security vulnerabilities, I think there’s a lot to learn from it. Having recently reimplemented Marshal.load to sidestep the security concerns, I want to reintroduce the Ruby community to the gem (see what I did there?) that is binary serialization. Let’s walk through how Marshal works under the hood, and see what ideas from it we can salvage for a modern take on data serialization.
Schedule
Samuel is the Security Engineer in Residence at Ruby Central, leading security efforts across RubyGems and RubyGems.org by day (and sometimes by night, CVEs never sleep). He's been working on Ruby tooling for the past decade, and has shipped hundreds of bugs across RubyGems & Bundler.