1. 1

    In StrangeLoop 2016, Dan Luu had an awesome talk about BitFunnel and search performance:

    Talk: https://www.youtube.com/watch?v=80LKF2qph6I

    Transcripts: http://bitfunnel.org/strangeloop/

    1. 3

      Nice write-up, especially the fix analysis at the end.

      How did you find the bug to begin with?

      1. 3

        I’m sorry for the late response. I only noticed your comment now.

        Not much of a war lore. I simply searched for problematic copy_from_user() cases :)

        1. 2

          Thanks! Too bad I can’t edit.

          1. 1

            Ask a mod to change it - @kyle @Irene or @jcs

            1. 3

              done

        1. 2

          Julia Evans is awesome! Definitely one for the RSS feed.

          1. 6

            Sounds like they’re trying to burn as many exploits used in expensive surveillance suites as possible. Good for them for having the budget to host this :)

            1. 4

              Yup! I’m thrilled to see the exploit-chains that are submitted.

              Their requirements are high:

              1. attack vectors: email rendered by gmail app, SMS opened by messenger app.
              2. remote code execution should elevate privileges to (at least) system security context.
              3. exploit-chain should work on both nexus 6p and nexus 5x (an attempt to eliminate vendor-specific threats).

              I recon that we’re about to see an exploit-chain that starts with the baseband-modem (i.e. messing with GSM / CDMA stuff).

              Exciting times :)