There was a post earlier today on Daily Dave about a DoS vulnerability in Chrome which supposedly was caused by a Microsoft runtime library when trying to access URL schemes that are bogus. It reminded me of this:
Posted in Rants | Permalink | Trackback | No Comments »
Just finished reading Zen and the Art of Motorcycle Maintenance for like the 100th time. I responded to a recent post on Daily Dave and somehow it seemed to trigger some thoughts about romantic and classical perspectives on software bugs. If you’ve read the book at all, neither perspective is right or wrong, except they are just different ways of looking at the same problem and both are equally valid since Quality is what drives them and more importantly creates them.
Posted in Rants | Permalink | Trackback | No Comments »
The Mu Dynamics Research Team released advisory “MU-200807-01” today. Details: MU-200807-01
Posted in Advisories | Permalink | Trackback | 1 Comment »
IPS’ are just fun, aren’t they? Bunch of high-speed pattern matchers with built-in protocol decodes. Well, I built one a while back and got tired after 5 years. There’re only so many signatures you can have in a product before you run out of DFA/NFA space and you have to resort to turning off less important ones (i.e., *ahem* low severity) for the sake of performance. Interestingly enough, performance and security are at cross-roads. The more secure you are, the slower you run. Just the way things works, I suppose.
Posted in IPS | Permalink | Trackback | 1 Comment »
If you’ve gone through my CanSecWest slides, I talk a lot about Field’s and how they are the fundamental units of protocols (network or file formats). The linkage information between the Field’s and across messages is a pretty powerful way to infer the cyclomatic complexity of the code that parses these messages. When generating test cases (fuzzing being one kind), we can leverage these structural and semantic linkages to generate systematic constraint violations that ultimately exercise the various branches taken in the parser.
Posted in Mutations, Research | Permalink | Trackback | No Comments »
Sitting at the airport in Vancouver on my way back home. It’s going to be good to go back to sunny California. It’s pretty gloomy out here with occasional rain and snow. But anyways, I had a blast at the conference and thank to Dragos and Yuriko (and I’m sure countless others that I don’t know about) for organizing this. It was also good to meet people that I’ve exchanged emails with.
Posted in Talk | Permalink | Trackback | No Comments »
XDR, as specified in rfc-4506, forms the underpinnings of Mount, NFS, NFS4 and a host of other protocols. Broadly all of this can be grouped under Sun RPC for implementing Remote Procedure Calls.
The XDR is truly an IDL (Interface Definition Language) for a Sun RPC service. On most *nix operating systems you will find a set of .x files located in:
/usr/include/rpcsvc/
that specify how to talk to these services.
More »
Posted in Ruby, Tools | Permalink | Trackback | No Comments »
The Mu Security Research Team released advisory “MU-200803-01” today. Details: MU-200803-01
Posted in Advisories | Permalink | Trackback | No Comments »
The Mu Security Research Team released advisory “MU-200802-01” today. Details: Mu-200802-01
Posted in Advisories | Permalink | Trackback | No Comments »
CHSM is a pretty nifty way to model finite state machines in Java or C++. It uses a DSL (Domain Specific Language) with embedded code blocks which is then compiled into the actual source. This FSM in Ruby is an attempt to model something very similar as a DSL.
Posted in Ruby, Tools | Permalink | Trackback | No Comments »