This blog post is the second installment in our eBPF blog post series, following our blog post about eBPF selftests.| Bootlin
This blog post is the second installment in Bootlin eBPF blog post series, following the blog post about eBPF selftests.| ebpf.foundation
The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.| OpenSSF Best Practices Working Group
Protecting devices from malicious use is often a cat-and-mouse game between security researchers identifying software vulnerabilities (CVEs) and product-makers patching them before attackers can exploit them. As a result, devices can no longer be developed, shipped and forgotten. Instead, manufacturers must commit to keeping those devices up to date and free from critical vulnerabilities for …| www.thegoodpenguin.co.uk
Forever ago I set up tooling to generate graphs representing the adoption of various hardening features in Ubuntu packaging. These were very interesting in 2006 when stack protector was making its way into the package archive. Similarly in 2008 and 2009 as FORTIFY_SOURCE and read-only relocations made their way through the archive. It took a while to really catch hold, but finally PIE-by-default started to take off in 2016 through 2018:| codeblog
I discovered during the analysis of the CVE-2021-31616 vulnerability that the stack canary logic in the KeepKey firmware was broken and could be bypassed to perform practical stack smashing attacks. Further investigation revealed that the incorrect stack protection assembler code is produced through a bug in certain GCC 9 and GCC 10 compiler versions for ARM, where it has been present for about a year. This problem has the potential to affect a wide range of ARM based embedded systems.| invd blog
AddressSanitizer (ASan) is an instrumentation tool created by Google security researchers to identify memory access problems in C and C++ programs.| sergioprado.blog
A community and blog for embedded software makers| Interrupt