Dailydave mailing list archives
Re: Reminder: I attend painful meetings so you don't have to
From: Andrew <munin () mimisbrunnr net>
Date: Fri, 11 Dec 2015 12:46:46 -0500
Yes, that's what I said in my second paragraph. To re-state: You actually can capture a precise notion of "standard execution path of a program" but this doesn't help you define exploits because an exploit can exist within the standard path of a program, such as certain kinds of data only attacks, or almost all types of side channel information disclosures. On 12/11/2015 12:45 PM, Rodrigo Branco wrote:
Andrew, CFG does not protect against valid path computing invalid data, aka, data-only attacks. I believe that is what Sergey meant, but copying him to grow the discussion ;) regards, On Dec 11, 2015 6:40 AM, "Andrew" <munin () mimisbrunnr net <mailto:munin () mimisbrunnr net>> wrote: > Dr. Sergey Bratus did an excellent job of looking at how there is NO WAY TO DEFINE THE STANDARD EXECUTION PATH OF A PROGRAM. Really? What about the information that Control Flow Guard generates? Then there's a map of "for each indirect branch, these are the allowable targets of that indirect branch." It seems that any control flow integrity system builds and describes some approximation of the "standard execution paths of a program" by design. Of course even if you get "execution path" right it doesn't even capture stuff like side channels, which I guess is what Bratus is talking about when he says "Advanced exploitation is rapidly becoming synonymous with the system operating exactly as designed — and yet getting manipulated by attackers" although I don't know if "attacks from the 70s" are really "advanced" ... On 12/09/2015 02:30 PM, Dave Aitel wrote: > http://cybersecpolitics.blogspot.com/2015/12/the-force-awakens-dec-8-wassenaar.html > > You should read that probably. Basically everyone on this list is > effected by those issues. > > -dave > > > > > _______________________________________________ > Dailydave mailing list > Dailydave () lists immunityinc com <mailto:Dailydave () lists immunityinc com> > https://lists.immunityinc.com/mailman/listinfo/dailydave > _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com <mailto:Dailydave () lists immunityinc com> https://lists.immunityinc.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Reminder: I attend painful meetings so you don't have to Dave Aitel (Dec 09)
- Re: Reminder: I attend painful meetings so you don't have to Arrigo Triulzi (Dec 11)
- Re: Reminder: I attend painful meetings so you don't have to Andrew (Dec 11)
- Re: Reminder: I attend painful meetings so you don't have to Rodrigo Branco (Dec 18)
- Re: Reminder: I attend painful meetings so you don't have to Andrew (Dec 18)
- Re: Reminder: I attend painful meetings so you don't have to dan (Dec 20)
- Re: Reminder: I attend painful meetings so you don't have to Chris Rohlf (Dec 21)
- Re: Reminder: I attend painful meetings so you don't have to James Gannon (Dec 21)
- Re: Reminder: I attend painful meetings so you don't have to Mara Tam (Dec 21)
- Re: Reminder: I attend painful meetings so you don't have to Rodrigo Branco (Dec 18)