TL;DR Domas' "Memory Sinkhole" is a clever attack, but in today's OS landscape, can be mitigated via a small software update.
Yesterday at Black Hat USA, I watched as Christopher Domas shed some light on a very exciting/terrifying vulnerability. He discovered that SMRAM accesses can be duped to read/write from the LAPIC . . .
Posted in: x86
Or: Check your ego at the door
While watching Haroon Meer's TROOPERS keynote, I was struck by the major, structural shortcomings in the InfoSec industry; and how little impact it really had on the world. I was left asking myself, even with the sorry state of security, and today's endless parade of bugs and breaches, who is feeling the pain? Haroon highlights that . . .
I recently gave a talk at TROOPERS on the topic of the implicit trust relationships in an organization's IT infrastructure. The recording of this talk has just been posted to YouTube and is embedded below:
My goal was to explain to the audience how many layers there are in even small networks, and how weaknesses in one layer can allow . . .
Thanks for your interest in HARES; I'm glad you're interested in the fascinating world of x86 and I wanted to answer some questions & address some misunderstandings I've been seeing following the publication of the WIRED article on HARES. As the article was much less technical than my upcoming talks, please understand . . .
I will be speaking at RMISC this May; my talk is titled: Hidden trust, a "dark web" of trust relationships that your organization doesn't know about.
The talk will begin with a brief summary will be provided on the current state-of-the-art in kernel, firmware and hypervisor-level attacks and defenses and how the cat-and-mouse . . .
I will be speaking at INFILTRATE this April; my talk is titled: "HARES: Hardened Anti-Reverse Engineering System ".
The talk will describe a prototype anti-reverse engineering technique providing a method to seamlessly execute AES-encrypted applications with neither the key nor any decrypted instructions residing in accessible . . .