Is this a new effort? I could've sworn that I've heard about this idea before, including the use of McSema...
-
-
-
mcsema has been around for years, but this is the first time we're describing the multi-compilation use case and our work with CFAR. Here are some past blogs about it: https://blog.trailofbits.com/category/mcsema/ …
End of conversation
New conversation -
-
-
Any concrete example?
-
See the post. It works on binaries as complicated as Apache HTTPD.
End of conversation
New conversation -
-
-
Do you end up recompiling dependencies? Could you?
-
Libraries and the like can be protected as well
End of conversation
New conversation -
-
-
Sounds very good. Did you check if it works on real test case CVEs for embedded programs? (For example, CVE-2017-12542 or CVE-2018-5924)
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Holy shit, that sounds both awesome and extremely hard to achieve. Dang! Congrats!!!!
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.