Presented at ToorCon San Diego 15 (2013)
Oct. 20, 2013, 4 p.m.
It's been thirty years since Ken Thompson's famous "Reflections on Trusting Trust" (well, 29, but what's an off-by-one?). Back then, few hackers expected to actually encounter a planted bug, and now we speculate what commonly used software might not have them. But, if we somehow managed to eliminate all bugs, could we then trust software? We believe that the answer is "not really": bugs are a part of the problem but by far not all of it.
Any complex enough input is indistinguishable from bytecode for a "weird" virtual machine hiding in the parser. Unless we radically redesign data formats, telling what data could do when fed to software is much harder than it needs to be. For code, of course, it's known to be undecidable, but it may surprise you how many "tables" are as good as code: for example, so are ELF relocations + dynamic symbols, and so are IDT+GDT+TSS for an ia32 processor (no instructions needed for a Turing-complete computation). This talk will summarize two years of our explorations with @BxSays and @JulianBangert of such "weird machine" programming environments, and what these weird machines mean for "Trusting Trust" beyond bugs.
Sergey Bratus believes that hacking has become a distinct computing research and engineering discipline: while academia focuses on abstractions, models, and frameworks, hackers expose "weird machines" inside actual systems, and show how much unexpected computation power they are capable of. On his day job as a Research Assistant Professor at Dartmouth College, he is extremely fortunate to work with brilliant students who hack ELF, DWARF, 802.11, 802.15.4, and many other nice things.