JIT and Security
Jonathan "Duke" Leto
jonathan at leto.net
Thu Aug 11 21:53:09 UTC 2011
Howdy,
This paper+presentation "Attacking Client Side JIT Compilers"
describes many new exploitation techniques that JITs open up:
http://www.matasano.com/research/jit/
They also do a very good job of explaining how all the most common
JITs currently work and how the attempt to prevent these kinds of
attacks.
Well worth a read, and should serve as a lesson to us: Security needs
to be thought of from day one when designing a JIT.
Duke
--
Jonathan "Duke" Leto <jonathan at leto.net>
Leto Labs LLC
209.691.DUKE // http://labs.leto.net
NOTE: Personal email is only checked twice a day at 10am/2pm PST,
please call/text for time-sensitive matters.
More information about the parrot-dev
mailing list