Synode: understanding and automatically preventing injection attacks on Node.js

March 12, 2018March 11, 2018 ~ adriancolyer ~ 6 Comments

Synode: understanding and automatically preventing injection attacks on Node.js Staicu et al., NDSS’18 If you’re using JavaScript on the server side (node.js), then you’ll want to understand the class of vulnerabilities described in this paper. JavaScript on the server side doesn’t enjoy some of the same protections as JavaScript running in a browser. In particular, … Continue reading Synode: understanding and automatically preventing injection attacks on Node.js

A survey on security and privacy issues of Bitcoin

February 15, 2018February 9, 2018 ~ adriancolyer ~ 5 Comments

A survey on security and privacy issues of Bitcoin Conti et al., arVix 2017 At the core of this survey is a catalogue of security attacks on Bitcoin, together with known defences or mitigations where applicable. We’ve touched on many of these before in one way or another, but it’s helpful to see them all … Continue reading A survey on security and privacy issues of Bitcoin

RustBelt: securing the foundations of the Rust programming language

January 18, 2018January 12, 2018 ~ adriancolyer ~ 2 Comments

RustBelt: Securing the foundations of the Rust programming language Jung et al., POPL, 2018 Yesterday we saw the value of meta-engineering development processes in order to produce better (more secure) outcomes. Included in Bernstein’s recommendations was careful selection of programming language. Rust is a language in that spirit. It has long been a “holy grail” … Continue reading RustBelt: securing the foundations of the Rust programming language

Some thoughts on security after ten years of qmail 1.0

January 17, 2018May 13, 2019 ~ adriancolyer ~ 21 Comments

Some thoughts on security after ten years of qmail 1.0 Bernstein, 2007 I find security much more important than speed. We need invulnerable software systems, and we need them today, even if they are ten times slower than our current systems. Tomorrow we can start working on making them faster. That was written by Daniel … Continue reading Some thoughts on security after ten years of qmail 1.0

Spectre attacks: exploiting speculative execution

January 16, 2018January 12, 2018 ~ adriancolyer ~ 12 Comments

Spectre attacks: exploiting speculative execution Kocher et al., 2018 Yesterday we looked at Meltdown and some of the background on how modern CPUs speculatively execute instructions. Today it’s the turn of Spectre of course, which shares some of the same foundations but is a different attack, not mitigated by KAISER. On a technical front, Spectre … Continue reading Spectre attacks: exploiting speculative execution

Meltdown

January 15, 2018January 12, 2018 ~ adriancolyer ~ 14 Comments

Meltdown Lipp et al., 2018 I’m writing this approximately one week ahead of when you get to read it, so it’s entirely possible by this time that you’ve already heard more than you can stand about Meltdown and Spectre! Behind the news headlines though, there’s a lot of good information in the accompanying papers, and … Continue reading Meltdown

Tail attacks on web applications

December 11, 2017December 9, 2017 ~ adriancolyer ~ 2 Comments

Tail attacks on web applications Shan et al., CCS’17 This paper introduces a stealthy DDoS attack on classic n-tier web applications. It is designed to push the tail latency high while simultaneously being very hard to detect using traditional monitoring tools. The attack exploits ‘millibottlenecks’ — caused by buffers in the system that fill up … Continue reading Tail attacks on web applications

Economic factors of vulnerability trade and exploitation

December 8, 2017December 3, 2017 ~ adriancolyer ~ 1 Comment

Economic factors of vulnerability trade and exploitation Allodi, CCS’17 Today we’re going on a tour inside a prominent Russian cybercrime market, identified in the paper as ‘RuMarket’ (not its real name). The author infiltrated the market using a fake identity, and was subsequently able to collect data on market activities from 2010 to 2017. RuMarket … Continue reading Economic factors of vulnerability trade and exploitation

The dynamics of innocent flesh on the bone: code reuse ten years later

December 6, 2017December 3, 2017 ~ adriancolyer ~ 1 Comment

The dynamics of innocent flesh on the bone: code reuse ten years later van der Veen et al., CCS’17 It’s been ten years since the publication of “The geometry of innocent flesh on the bone,” the paper that introduce the notion of Return Oriented Programming and use of gadgets to craft exploits. In the intervening … Continue reading The dynamics of innocent flesh on the bone: code reuse ten years later

Hindsight: understanding the evolution of UI vulnerabilities in mobile browsers

December 5, 2017December 3, 2017 ~ adriancolyer

Hindsight: understanding the evolution of UI vulnerabilities in mobile browsers Luo et al., CCS’17 Towards the end of last year, browsing on mobile devices overtook browsing on the desktop. And so when we think about mobile security, in addition to thinking about malicious applications, we also need to start thinking much more seriously about mobile … Continue reading Hindsight: understanding the evolution of UI vulnerabilities in mobile browsers