Threads for pvachon

  1. 2

    My personal favourite is dcraw, a tool for camera raw photo processing. It’s 10,000+ lines of C, contains redefinitions of macros and makes extensive reuse of shared static buffers and such for various purposes.

    1. 4

      Variants of this have been talked about for years, of course, going back to [1] in 1997 (a minor result in this case) and later in 2007 [2] showing this kind of trickery simulating window chrome in the browser. H/T to Steve Bellovin for digging these references out!

      Hardware tokens seem like a silver bullet, but they pose their own UI/UX challenges, and not to mention the need for a workflow when people lose or forget the token… usually the part attackers would abuse.

      For a very sophisticated attack, remember that the token itself does not know who it is talking to. If you know the rpId for a site and the key handle for a user’s enrolment, then subvert the browser’s controls… you can get the authenticator to sign any challenge. Hopefully that is a high enough bar to keep that out of the more mainstream realm though.

      Still, bring on the hardware tokens and platform authenticators, it’s the best solution we have.

      [1] [2]