« earlier | later » Page 1 of 11

research!rsc: Running the “Reflections on Trusting Trust” Compiler edit / delete

With analysis of the surprisingly short source code.

to backdoor bell-labs compiler history retrocomputing security unix ... on 26 October 2023

Double-Free RCE in VLC. A honggfuzz how-to | Pen Test Partners edit / delete

to fuzzing mod-ers security vlc ... on 29 June 2020

Destroying x86_64 instruction decoders with differential fuzzing | Trail of Bits Blog edit / delete

A neat use of fuzzing.

to cpu fuzzing security testing x86 ... on 29 June 2020

Chrome: 70% of all security bugs are memory safety issues | ZDNet edit / delete

to ers memory-safety security ... on 29 June 2020

Formal validation of the Arm v8-M specification – Alastair Reid – Researcher at ARM Ltd edit / delete

Alastair gave a presentation about this at a workshop I attended; very interesting stuff (and his blog generally is well worth reading).

to arm ers formal-methods security validation ... on 05 May 2018

SEI CERT C++ Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems (2016 Edition) edit / delete

There's also a wiki.

to security software-engineering ... on 05 May 2018

MCS 494, UNIX Security Holes, Fall 2004 edit / delete

Dan Bernstein's Unix security module. This is a bit dated now, but the material is interesting, and the assessment materials have some nice ideas.

to security teaching unix ... on 10 November 2017

Secure Software Design and Programming: Class Materials by David A. Wheeler edit / delete

to security software-engineering teaching ... on 10 November 2017

Willy Tarreau's stuff: Look back to an end-of-life LTS kernel : 3.10 edit / delete

"The end of the 3.10 branch is a good opportunity to have a look back at how that worked, and to remind some important rules regarding how to choose a kernel for your products, or the risks associated with buying products running unmaintained kernels."

to kernel linux lts security software-engineering support ... on 05 November 2017

Twice the bits, twice the trouble: vulnerabilities induced by migrating to 64-bit platforms | the morning paper edit / delete

"In this study, Wressnegger et al. reveal how a codebase originally written for 32-bit, and which is perfectly secure on 32-bit platforms, can have new vulnerabilities simply by compiling it for 64-bit systems." No surprises for anyone who follows oss-security etc., but the paper's a good overview.

to architecture porting security vulnerabilities ... on 06 April 2017

« earlier | later » Page 1 of 11

Browser bookmarks: tasty+ | tasty= Log in | Export | Atom

Tags related to security

- security
 
1 + academia
1 + access-control
1 + acme
1 + ag0700
1 + ag0803
2 + ag0907
6 + amusements
2 + api
1 + architecture
1 + arduino
3 + arm
1 + authentication
1 + autoconf
1 + avr
1 + backdoor
1 + bell-labs
1 + bitcoin
1 + blockchain
1 + bounds-checking
1 + bounty
1 + browser
2 + buffer
2 + buffer-overflow
2 + bug
2 + bugs
1 + build-systems
2 + c
2 + c++
4 + ca
1 + camera
1 + capability
1 + capsicum
4 + ccc
4 + certificate
1 + certificates
1 + cesrg
1 + checking
1 + chromium
1 + chroot
1 + clang
1 + cloud
1 + code
3 + compiler
1 + conference
2 + container
1 + coop
1 + coverage
1 + coverage-directed
1 + coverity
2 + cpu
1 + crime
10 + crypto
12 + cryptography
1 + cs
1 + cypherpunks
1 + debian
1 + debugging
1 + dect
1 + design
1 + dh
2 + djb
1 + ebooks
1 + ecc
1 + economics
1 + el0805
1 + elective
3 + electronics
3 + encryption
2 + ers
1 + ethereum
1 + ethical-hacking
1 + ethics
3 + exploit
1 + firefox
1 + folk-song
4 + formal-methods
1 + freedom
3 + fuzzing
2 + gameboy
5 + games
1 + gcc
1 + git
1 + goto
2 + gpg
1 + gsm
2 + hardening
5 + history
1 + homebrew
1 + homeplugav
1 + http
1 + https
1 + intel
1 + ip
1 + ipsec
1 + javascript
1 + journalism
1 + jquery
1 + kerberos
3 + kernel
1 + keyboard
1 + keylogger
1 + langsec
2 + language-design
1 + letsencrypt
1 + library
1 + licensing
12 + linux
1 + livecd
1 + lts
1 + luks
1 + lvm
1 + mac
1 + memory-safety
1 + metaphors
2 + mgo
1 + microcode
4 + microcontroller
1 + mmc
1 + mod-ers
1 + monitoring
3 + nacl
5 + network
6 + networking
1 + noise
1 + notary
1 + ocaml
1 + openssh
2 + openssl
1 + org
2 + os
2 + overflow
2 + p2p
1 + packet
1 + pam
2 + papers
1 + parser
1 + password
1 + patterns
1 + pgp
2 + philosophy
2 + phone
1 + phreaking
1 + pki
1 + playstation
1 + podcasts
2 + politics
1 + porting
1 + prime
2 + privacy
1 + privilege-separation
4 + programming
1 + proof
1 + ps2
2 + python
1 + radio
1 + ramensky
1 + random
1 + research
3 + retrocomputing
1 + retrotech
6 + reverse-engineering
1 + risc
1 + rop
1 + safe
2 + safety
4 + sandbox
1 + scanner
1 + scm
1 + scotland
1 + sd
1 + search
2 + seccomp
1 + shuffle
1 + sni
1 + snowden
14 + software
6 + software-engineering
3 + ssh
12 + ssl
4 + static-analysis
1 + stoll
1 + strategy
1 + support
1 + syscall
1 + systems
1 + tandy
1 + tcp
1 + tea
6 + teaching
1 + telecom
5 + testing
14 + tls
2 + tor
1 + tunnel
4 + unix
1 + usability
1 + usable-security
2 + usb
1 + validation
1 + varan
3 + verification
1 + video
1 + vlc
1 + vpn
1 + vulnerabilities
1 + vulnerability
3 + web
1 + webcam
1 + whistleblowing
2 + wireless
1 + wpa
1 + writing
1 + x86
1 + xbox