the InfoSec Conference App (http:// cc.thinkst.com) • Built the Chrome GPG plugin (http://thinkst.com/ tools/cr-gpg) • Built 2 of the bots in #zacon (fpm & kiba) • Built other stuff we don’t talk about :> 2
this and have thrown money and resources at the problem microsoft has invested a ton of time, money and research and still get their code owned periodically.. and even if you are the one programmer in the world whose code is 100%, you still have to run code written by other programmers.. this is not going to be viable for a loong time.
like: DEP / ASLR / GS / SEHOP They are excellent, and in some cases really make exploitation much harder.. but.. they are mostly designed to stop generic exploitation. (so it stops worms and malware). They are bypassable with a sufficiently sophisticated attacker.
that we will be compromised. we now work form that point and ask how can we frustrate an attacker completely o how much can we limit him to either be unattractive as a target.. or to slow him down enough for us to detect him.
- http://office.microsoft.com/en-us/excel-help/what-is-protected-view-HA010355931.aspx - By using Protected View, you can read a file and inspect its contents while reducing the risks that can occur. Google Chrome : http://www.chromium.org/developers/design-documents/sandbox Adobe ReaderX - Protected Mode is new functionality in Reader X that opens PDF ﬁles within an isolated, sandboxed instance of the application. It protects your computer and data from malicious code that might be contained in a PDF ﬁle. Protected Mode is enabled by default and lets you securely interact with a fully functional, robust PDF.
works Previously, codenamed “Seatbelt” For XNU systems, implemented as a TrustedBSD policy module Runtime configurable, per-process access control policy Used to contain AppStore application on iOS underneath -> uses a kernel extension (sandbox.kext) to enforce the sn profiles.
to compiletime2 (explain that we do some basic error handling) show the difference.. important: summarise! most ppl dont know what they just saw. so say it: so you see.. just adding that line, prevented the app from reading or writing ﬁles..
was a private interface till now.. now its being used heavily.. Apple has decreed that all applications submitted to the Mac App Store must be sandboxed, starting in November. (a submitting app needs to submit and “entitlement” saying what functionality it needs.. (so a mail client cant spawn a shell))