Security Headlines

DynaGuard Special

Listen

Description

In this episode of Security Headlines, we are joined by a great mind in the  

memory security space. A spark was created when Theofilos peaked   

into the realms of security. So he packed his bag and got to the next plane to the US in order to deep-dive more into the security field during  

his studies. He became fascinated by the world of writing exploits  

and "smashing the stack" as we say in the hacking field.  He is a   

brilliant guy when it comes to memory attack and he has co-written a   

solution that solves the stack canary problem.   

We had the chance to sit down with Theofilos Petsios and    

get to hear his view on security, development and a lot more.  

That you can tune into right here:  

Stack canaries is a security mitigation technique that has been widely  

adopted and you will find it in most systems today. But does it really work?  

Topics that we touch upon in this episode:    

Stack canaries   

Address layer space randomization   

Blind Return Oriented Programming (BROP)   

Return Oriented Programming    

Static code analysis    

Rest in peace Andrea Bittau    

security mitigations   

Write Xor Execute(W^X)   

Dynaguard   

Where stack canaries fail and the operating systems approach to it.  

hardening systems  

where the future of security is going  

CVE's over time   

Memory corruption bugs   

builtin security in the compilers    

Security vs Overhead   

Using memory in the Thread-local storage

adoption of security mitigations   

stack clash   

Pin, Intel's dynamic binary instrumentation framework     

Defense Advanced Research Projects Agency   

whitepapers and Proof of concepts    

Fuzzing    

building better security tools    

Cost vs benefit in the security field     

Switching from userspace to kernel space mitigations   

linters    

secure codebases    

formal verifications   

"Stack canaries is just one little stone, one a the beach that keeps getting hit by big waves"

External links

https://twitter.com/theofilospe   

https://www.cs.columbia.edu/~theofilos/files/slides/dynaguard.pdf

https://www.cs.columbia.edu/~theofilos/files/papers/2015/dynaguard.pdf

http://www.scs.stanford.edu/brop/   

http://www.scs.stanford.edu/brop/bittau-brop.pdf   

https://github.com/nettrino/DynaGuard    

https://software.intel.com/content/www/us/en/develop/articles/pin-a-dynamic-binary-instrumentation-tool.html   

https://github.com/nezha-dt/nezha    

https://llvm.org/docs/LibFuzzer.html     

https://github.com/nettrino/vimconf  

https://capsule8.com/blog/millions-of-binaries-later-a-look-into-linux-hardening-in-the-wild/

https://youtu.be/Er44ur7wkXQ?t=44