tags: podcast stack canary memory attacks

Security Headlines - DynaGuard special

Security Headlines - DynaGuard special with Theofilos Petsios

dynaguard Security headlines

In this episode of Security Headlines, we are joined by a great mind in the
memory security space. A spark was created when Theofilos peaked
into the realms of security. So he packed his bag and got to the next
plane to the US in order to deep-dive more into the security field during
his studies. He became fascinated by the world of writing exploits
and “smashing the stack” as we say in the hacking field. He is a
brilliant guy when it comes to memory attack and he has co-written a
solution that solves the stack canary problem.
We had the chance to sit down with Theofilos Petsios and
get to hear his view on security, development and a lot more.
That you can tune into right here:

https://anchor.fm/firo-solutions/episodes/DynaGuard-Special-en5dtr

Stack canaries is a security mitigation technique that has been widely
adopted and you will find it in most systems today. But does it really work?

Topics that we touch upon in this episode:

Stack canaries

Address layer space randomization

Blind Return Oriented Programming (BROP)

Return Oriented Programming

Static code analysis

Rest in peace Andrea Bittau

security mitigations

Write Xor Execute(W^X)

DynaGuard

Where stack canaries fail and the operating systems approach to it.

hardening systems

where the future of security is going

CVE’s over time

Memory corruption bugs

builtin security in the compilers

Security vs Overhead

Using memory in the Thread-local storage

adoption of security mitigations

stack clash

Pin, Intel’s dynamic binary instrumentation framework

Defense Advanced Research Projects Agency

whitepapers and Proof of concepts

Fuzzing

building better security tools

Cost vs benefit in the security field

Switching from userspace to kernel space mitigations

linters

secure codebases

formal verifications

“Stack canaries is just one little stone, one a the beach that keeps getting hit by big waves”

https://twitter.com/theofilospe
https://www.cs.columbia.edu/~theofilos/files/slides/dynaguard.pdf https://www.cs.columbia.edu/~theofilos/files/papers/2015/dynaguard.pdf http://www.scs.stanford.edu/brop/
http://www.scs.stanford.edu/brop/bittau-brop.pdf
https://capsule8.com/blog/millions-of-binaries-later-a-look-into-linux-hardening-in-the-wild/
https://youtu.be/Er44ur7wkXQ?t=44
https://en.wikipedia.org/wiki/Stack_buffer_overflow
https://en.wikipedia.org/wiki/Thread-local_storage
https://securityaffairs.co/wordpress/60248/hacking/stack-clash-vulnerability.html
https://github.com/nettrino/DynaGuard
https://software.intel.com/content/www/us/en/develop/articles/pin-a-dynamic-binary-instrumentation-tool.html
https://github.com/nezha-dt/nezha
https://llvm.org/docs/LibFuzzer.html
https://github.com/nettrino/vimconf