My Infiltrate slides about recent progress in Windows kernel infoleak detection: http://j00ru.vexillium.org/slides/2018/infiltrate.pdf … Topics covered: • Windows x64 instrumentation • Leaks to file systems • Double-write conditions • Visual Studio .pdb heap disclosure
-
-
Replying to @j00ru
Probably didn't find anything in the typical Linux userland interface because ~2013 we did some similar instrumentation to make some leaks fall out - modified the magic for STACKLEAK/SANITIZE to a value we told a fuzzer to never provide to the kernel,inspected copy_to_user for it
5 replies 3 retweets 11 likes -
Replying to @grsecurity
Always one step ahead! :) It's surely one of the reasons I didn't have an easy time hunting for Linux infoleaks. Is this effort documented somewhere publicly so that I can cite it properly?
1 reply 0 retweets 4 likes
I see, thanks for the clarification. Though I believe some degree of documentation would be helpful for explaining the discrepancy between the current state of security in different OS, using concrete sources instead of anecdotes and git commits
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.