In StrangeLoop 2016, Dan Luu had an awesome talk about BitFunnel and search performance:
Nice write-up, especially the fix analysis at the end.
How did you find the bug to begin with?
I’m sorry for the late response. I only noticed your comment now.
Not much of a war lore. I simply searched for problematic copy_from_user() cases :)
This link goes to the middle of the presentation. The start is at https://docs.google.com/presentation/d/e/2PACX-1vTMBZV_hXgZkEyGBUw8K_pvPjrDBhceV-TYuHWw-Nc3LXA8PZwkW2zQj268W8XBhSkfDEXZ6DN7jrvC/pub
Thanks! Too bad I can’t edit.
Ask a mod to change it - @kyle @Irene or @jcs
Julia Evans is awesome! Definitely one for the RSS feed.
Sounds like they’re trying to burn as many exploits used in expensive surveillance suites as possible. Good for them for having the budget to host this :)
Yup! I’m thrilled to see the exploit-chains that are submitted.
Their requirements are high:
I recon that we’re about to see an exploit-chain that starts with the baseband-modem (i.e. messing with GSM / CDMA stuff).
Exciting times :)