CODE Colloquium: Computer Security "Exploits" and the weird machine
Thomas Dullien, Google Project Zero
Abstract
"Exploits" for memory corruptions and other undefined or unexpected behavior are a staple of offensive security research. But what are "exploits" - and how can it be that a machine can be made to misbehave in a completely different way than the designers intended? To understand what is going on requires a shift in our perception of computers, computational devices and programming: We need to realize that computers are general-purposes devices that are specialized by software to only perform a specific task, and that nearly arbitrary computation arises easily when software fails to constrain all possible "orbits" through the state space. This talk provides an intuitive introduction to the concept of "weird machines" and "weird machine programming". The topic should be of interest to anyone who has written (or will have to write) exploits, and to anyone who deals with mitigations and CPU architectures.
Biographie
Thomas Dullien is a security researcher and ex-entrepreneur well-known for his contributions to the theory and practice of vulnerability development and software reverse engineering. He worked on intermediate languages for assembly-level code analysis in the early 2000s, pioneered "BinDiffing", and contributed to early Windows exploitation techniques. He won what was then Germany's biggest privately financed research prize in the natural sciences in 2006 (the Horst-Goertz Prize) for work on graph-based code similarity; started and ran a company to commercialize this research that got acquired by Google, and has since worked on a wide range of topics - from the very practical (turning security patches into attacks) and quite concrete (turning physics-induced DRAM bitflips into useful attacks) to the rather theoretical (attempting to clarify the theoretical foundations of exploitation). After 5 years of integrating his company into Google and 2 years as a researcher in Google's renowned "Project Zero" team, he left to start another company (optimyze.cloud) in January 2019.
Veranstaltungsort
Der Einlass erfolgt ab 17:30 Uhr über den Haupteingang des FI CODE
Carl-Wery-Straße 18., 81739 München
Im Anschluss an die Veranstaltung laden wir zu einem kleinen Get-Together.
Wir bitten um verbindliche Anmeldung bis 19.1.2019 an code@unibw.de.