ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Ollie Whitehouse: GS and ASLR in Windows Vista"
Episode Synopsis
"Introduction:The following presentation is twparts, the first covers aspects of Microsoft's GS implementation and usage. The second is a complementary section dealing with ASLR in Windows Vista, its implementation and some surprising results...
Part I Synopsis:
GS is a Visual Studicompiler option that was introduced in Visual Studi2002 tmitigate the local stack variable overflows that resulted in arbitrary code execution. The following paper details the methods Symantec used tassess which binaries within Windows Vista 32bit leveraged GS as a defensive mechanism. This paper presents the results of this analysis, the techniques that have been developed, and supporting material. The results in this paper are from the 32bit RTM release of Microsoft Windows Vista
Part II Synopsis:
Address Space Layout Randomization (ASLR) is a mitigation technique designed thinder the ability of an attacker tachieve arbitrary code execution when exploiting software vulnerabilities. As the name implies, ASLR involves placing a computer program and its associated memory at random locations, either between reboots or executions, thinder the attacker's ability treliably locate either their shell code or other required data. This paper is the result of a brief analysis of the implementation of ASLR within Microsoft Windows Vista 32bit RTM, conducted by Symantec's Advanced Threat Research. " "Mr Whitehouse has worked in information security both as a consultant and researcher. This has included being employed by companies in a variety of industries ranging from financial services ttelecommunications. Mr Whitehouse originally created Delphis Consulting's security practice in 1999. Mr Whitehouse joined @stake Inc in 2000 as a Managing Security Architect before becoming European Technical Director in 2004. After Symantec's acquisition of @stake Inc in 2004 Mr Whitehouse continued as Technical Manager for its professional services division in London until 2005. In mid 2005 he took a full time research role with Symantec Research Labs in Government research. Mr Whitehouse subsequently moved tSymantec's Response division joining its Advanced Threats Research team specializing in mobile platforms and related technologies.
Mr Whitehouse as previously published research on the security of mobile telecommunication networks, mobile devices and Bluetooth. In addition he has alsdiscovered numerous security vulnerabilities in a wide range of desktop and server applications. His previous research has led him tpresent at CanSecWest, RuxCON, UNCON and Chaos Communication Camp among others"
Part I Synopsis:
GS is a Visual Studicompiler option that was introduced in Visual Studi2002 tmitigate the local stack variable overflows that resulted in arbitrary code execution. The following paper details the methods Symantec used tassess which binaries within Windows Vista 32bit leveraged GS as a defensive mechanism. This paper presents the results of this analysis, the techniques that have been developed, and supporting material. The results in this paper are from the 32bit RTM release of Microsoft Windows Vista
Part II Synopsis:
Address Space Layout Randomization (ASLR) is a mitigation technique designed thinder the ability of an attacker tachieve arbitrary code execution when exploiting software vulnerabilities. As the name implies, ASLR involves placing a computer program and its associated memory at random locations, either between reboots or executions, thinder the attacker's ability treliably locate either their shell code or other required data. This paper is the result of a brief analysis of the implementation of ASLR within Microsoft Windows Vista 32bit RTM, conducted by Symantec's Advanced Threat Research. " "Mr Whitehouse has worked in information security both as a consultant and researcher. This has included being employed by companies in a variety of industries ranging from financial services ttelecommunications. Mr Whitehouse originally created Delphis Consulting's security practice in 1999. Mr Whitehouse joined @stake Inc in 2000 as a Managing Security Architect before becoming European Technical Director in 2004. After Symantec's acquisition of @stake Inc in 2004 Mr Whitehouse continued as Technical Manager for its professional services division in London until 2005. In mid 2005 he took a full time research role with Symantec Research Labs in Government research. Mr Whitehouse subsequently moved tSymantec's Response division joining its Advanced Threats Research team specializing in mobile platforms and related technologies.
Mr Whitehouse as previously published research on the security of mobile telecommunication networks, mobile devices and Bluetooth. In addition he has alsdiscovered numerous security vulnerabilities in a wide range of desktop and server applications. His previous research has led him tpresent at CanSecWest, RuxCON, UNCON and Chaos Communication Camp among others"
In God we trust