Pardon my laziness to watch the whole video, but i guess there is no mention of this article i found pretty interesting a couple of years ago https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-carlini.pdf …
-
-
-
I didn't specifically mention that paper, but I'm familiar with it and I think the recommendations in the conclusion are consistent with the Clang CFI and SCS implementations, especially given their deployment within the memory protection environment of the kernel.
End of conversation
New conversation -
-
-
in the q/a session you mention that there are no better HW CFI schemes proposed. there are some papers out there, e.g., https://doi.org/10.1145/2857705.2857722 … and some others for RISC-V. there is also a RISC-V WG forming to specify HW CFI (fwd+bwd). but yes, one shouldn't hold one's breath :)
-
Thanks for the pointer! Yeah, I guess maybe a better phrasing for that answer might have been "nothing on any committed architecture roadmap that I know of" ;)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.