You’re thinking about scale all wrong

Scale isn’t about large numbers To hear modern architects, system designers, consultants and inexperienced (but forgivable) developers talk about scale, you’d think every product and service was built to be the next Twitter or Facebook. Ironically, almost everything they create to be scalable would crash and burn if that actually happened. Even Google and Amazon aren’tContinue reading “You’re thinking about scale all wrong”

Automatic Mitigation of Meltdown

Let’s look at what Meltdown is and how it works, as well as how it is stopped. A lot has been written about the Meltdown vulnerability, but it is still commonly misunderstood. A few diagrams may help. First, let’s consider a simplified memory hierarchy for a computer: main memory, split into user memory and kernelContinue reading “Automatic Mitigation of Meltdown”

Fun with binaries!

ASLR and DEP defeated with three instructions and one offset! This is Part 2 of my previous post that demonstrated how you craft undetectable attacks against binaries, using our colorful Open Source Entropy Visualization tool. I left you with a cliffhanger… so let’s begin there! Recap of the cliffhanger The cliffhanger I left you withContinue reading “Fun with binaries!”