Twitter | Pretraživanje | |
Matt Miller
Interested in memory safety exploits & mitigations? Here's a new research paper that explores an ISA extension which tries to make it more difficult to corrupt pointers. All feedback on the security efficacy and overall design is appreciated :)
Memory safety attacks continue to be prevalent on computer systems in use today, as large amounts of unsafe C/C++ code continues to provide attackers with a large supply of buffer overrun, use after...
Microsoft Research Microsoft Research @MSFTResearch
Reply Retweet Označi sa "sviđa mi se" More
Patrick Jauernig 19. srp
Odgovor korisniku/ci @epakskape
You should have a look on our take on this (IMIX on USENIX Security 2018), I think it is quite similar :)
Reply Retweet Označi sa "sviđa mi se"
Matt Miller 22. srp
Odgovor korisniku/ci @JauernigPatrick
Thanks, I forwarded that paper ref on to the authors :)
Reply Retweet Označi sa "sviđa mi se"
Mathias Payer 21. srp
Odgovor korisniku/ci @epakskape
This policy enforces a neat property I'd call set integrity. Attackers can locate and still compromise pointer stores (or indexes into pointer arrays). Attacks will be harder but not impossible, becoming more program dependant. (Disclaimer: I only skimmed b/c mobile)
Reply Retweet Označi sa "sviđa mi se"
Graham Sutherland [Polynomial^DSS] 21. srp
Odgovor korisniku/ci @epakskape @sambowne
It's interesting. It has promise, but I think this bit is very concerning and needs further consideration to get rid of the interrupt loophole. Context switches are far too easily timed.
Reply Retweet Označi sa "sviđa mi se"
Daniel Bilar 22. srp
Odgovor korisniku/ci @epakskape @MrBenChung @yuvalyarom
You probably know this already but in case not: et al time protection ("missing OS abstraction") & aISA as abstraction shielder
Reply Retweet Označi sa "sviđa mi se"
Ori Damari 19. srp
Odgovor korisniku/ci @epakskape
It looks very innovative! 😊
Reply Retweet Označi sa "sviđa mi se"