Ripples in the Gene Pool: Creating Genetic Mutations to Survive the Vulerability Window

Presented at DEF CON 14 (2006), Aug. 6, 2006, 2 p.m. (50 minutes).

Reverse engineers often like to argue that a prime motivator for their activities is the desire to discover and patch vulnerabilities in closed-source binary software. Given the veritable plethora.. nay, Katrina-like flood of vulnerabilities being discovered on a near daily basis, one has to wonder where all these binary patches are hiding. Clearly this argument is a sham to make reverse engineers feel better about their DMCA violating activities. Now, just to be clear, there have been one or two third party binary patches released in the past year, but why haven't there been more? Is it truly a difficult task to develop such a patch or are our sights simply set too high? Is a true fix to the problem a requirement or is it sufficient to modify the vulnerable program just enough to make it immune to scripted attacks, the goal being to provide sufficient protection to survive until a vendor supplied patch can truly fix the problem. Dan Geer argued that a software monoculture is a dangerous thing leading to the rapid spread of malicious code in the event of a public vulnerability disclosure. The goal of this talk is to discuss simple yet effective measures to introduce sufficient genetic diversity into an inbred piece of software to allow it to survive in the wild until a vendor supplied update becomes available.


Presenters:

  • Chris Eagle - Senior Lecturer of Computer Science
    Chris Eagle is a Defcon Black Badge holder, and the Dean of Hacking for the Sk3wl0fr00t. When not at a CTF table, he is the Associate Chairman of the Computer Science Department at the Naval Postgraduate School (NPS) in Monterey, CA. A computer engineer/scientist for 20+ years, his research interests include computer network operations, computer forensics and reverse/anti-reverse engineering. He has been a speaker at conferences such as Black Hat, CodeCon, and Shmoocon and is a co-author of the book "Gray Hat Hacking".

Links:

Similar Presentations: