Context keyed payload encoding - AthCon 2010 update

AthCon 2010 is now over and I must say that I’m really looking forward to next year’s event! Kudos to Christian, Kyprianos, Fotis, Chariton, Bernardo, Sandro, Iftach, Corrado, Rodrigo, Alberto and everyone else for making this such a great event!

FreeBSD kernel exploitation mitigations

In my recent Black Hat Europe 2010 talk I gave an overview of the kernel exploitation prevention mechanisms that exist on FreeBSD. A few people at the conference have subsequently asked me to elaborate on the subject. In this post I will collect all the information from my talk and the various discussions I had in the Black Hat conference hallways.

Black Hat Europe 2010 update

Black Hat Europe 2010 is now over and after a brief ash cloud caused delay I am back in Greece. It has been a great conference, flawlessly organised and with many outstanding presentations. I would like to thank everyone that attended my presentation but also all the kind people that spoke to me before and afterwards. I hope to meet all of you again at a future event.

Update on canary randomisation for hardened Linux applications

This article is a followup to our last year’s advisory on canary randomisation for applications of the Debian distribution.