Paul's Security Weekly - Episode 447 - 6:00PM
Intro, Sponsors & Announcements
Paul: This week, We interview Chis Domas.
Larry: Broadcasting live from G Unit Studios in Rhode Island, the show where exploits run wild, packets aren’t the only things getting sniffed, systems aren't the only things getting penetrated, functions are the only things getting wrapped, bits aren't the only things getting banged and the cocktails flow steady its Paul’s Security Weekly!
- Brought to you by Black Hills Information Security, the leaders in penetration testing and active defense. Email firstname.lastname@example.org to request a quote today!
- And by Netsparker, the developers of the ONLY false positive free web application security scanners, enabling you to automatically identify vulnerabilities and security flaws in all your websites, web applications and web services. Netsparker scanners are available in two editions, Netsparker Desktop and Netsparker Cloud, the enterprise level online scanning service. For more information visit their website on https//www.netsparker.com/securityweekly/
- This segment is sponsored by The SANS institute the most trusted source for computer security training, certification and research. visit www.sans.org to learn more
Larry: Here's your host, here's a man who has no idea what he's going to say, eh?, Paul Asadoorian!
Paul: Hello everyone and welcome to Paul's Security Weekly - Episode 447 for Thursday, January 14th 2016
Interview: Chis Domas - 6:05PM-7:00PM
Chris Domas is an embedded systems engineer and cyber security researcher, focused on innovative approaches to low level hardware and software RE and exploitation.
- World's first single instruction C compiler
- Based on a proof that the "mov" instruction is Turing-complete
- Takes C code and compiles it into only "mov" instructions (unconditional data transfers on x86)
- Proved the Turing-completeness of the x86 instructions: xor, adc, add, xadd, sub, sbb, and others & allows compiling to wide variety of single and dual instruction targets
- Illustrated applications in hidden computation, code obfuscation, anti-reverse engineering
The Memory Sinkhole:
- Discovered 20 year old hardware privilege escalation vulnerability in x86 architecture
- Allowed circumventing x86 security mechanisms to enter ring -2 (SMM)
- Demonstrated exploitation of vulnerability to install SMM rootkit
- (non-serious project) Psychological warfare in reverse engineering
- Illustrated that carefully crafting a program's control flow can be used to generate images and send messages to a reverse engineer
- Explored software visualization as a method of reverse engineering
- I've unfortunately not been able to release this project, which is a sore point for many people. I can talk about ..cantor.dust.., but I can't comment on any expected release, etc., and would like to avoid the issue.
Stories of the Week - 7:00PM-8:00PM
- Brought to you by Pwnie Express - Check out the community edition and turn your Nexus 7 into a lean and mean pen testing machine. For all those hard to reach places, there's Pwnie Express, visit them on the web at http://pwnieexpress.com
- And by Tenable Network Security, creators of Nessus, the world's best vulnerability scanner! Jumpstart your security program today and evaluate SecurityCenter CV, THE continuous monitoring solution. www.tenable.com
- And by Onapsis the leading provider of solutions to protect ERP systems from cyber-attacks. Customers can secure their SAP and Oracle business-critical platforms from espionage, sabotage and financial fraud risks. Visit them on the web at http://www.onapsis.com/
- DSA-3444 wordpress - security update
- Fortinet SSH Backdoor Found In Firewalls
- Was Sean Penn really responsible for El Chapo’s arrest? | Fusion
- Denial-of-Service Flaw Patched in DHCP
- Curious Tale of a Microsoft Silverlight Zero Day
- "Adobe Patches Code Execution Flaws in Reader
- The Infamous 'Hacker Manifesto' Just Turned 30
- $30 Webcam Spun Into Persistent Network Backdoor
- Microsoft finally has a proper way to opt out of Windows 7/8 to Windows 10 upgrades
- Why thinking like a criminal is good for security
- IoT Security: $1-per-Thing To Protect Connected Devices
- "Cisco fixes unauthorized access flaws in access points
- Powerball lessons for infosec
- Mythical vuln-disclosure program
I need links but...
- The witch who removes Viruses with a Magic - about as effective as "real" AV
- TrendMicro API goodies from Tavis Ormandy - Wow, node.js fail and others.