36C3 - A systematic evaluation of OpenBSD's mitigations
https://media.ccc.de/v/36c3-10519-a_systematic_evaluation_of_openbsd_s_mitigations
OpenBSD markets itself as a secure operating system, but doesn't provide much evidences to back this claim. The goal of this talk is to evaluate how effective OpenBSD's security mitigation are, in a systematic, rational and comprehensive way.
OpenBSD's website advertises a secure and modern operating system, with cool and modern mitigations. But no rational analysis is provided: are those mitigations effective? what are their impacts on performances, inspectability and complexity? against what are they supposed to defend? how easy are they to bypass? where they invented by OpenBSD or by others? is OpenBSD's reputation warranted?
This talk aims at answering all those questions, for all OpenBSD's mitigations, because, in the words of Ryan Mallon:
Threat modelling rule of thumb: if you don’t explain exactly what you are securing against and how you secure against it, the answers can be assumed to be: “bears” and “not very well”.
For example, OpenBSD added last year a MAP_STACK flag to its mmap function, and branded it as a security measure against "ROPchains". But this mitigation used to be part of Windows until 2012, and was removed because of at least generic public bypasses. It's also implemented on Linux since 2008, but for other reasons :)
All the research done for this talk is available on isopenbsdsecu.re
stein
https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10519.html
Видео 36C3 - A systematic evaluation of OpenBSD's mitigations канала media.ccc.de
OpenBSD markets itself as a secure operating system, but doesn't provide much evidences to back this claim. The goal of this talk is to evaluate how effective OpenBSD's security mitigation are, in a systematic, rational and comprehensive way.
OpenBSD's website advertises a secure and modern operating system, with cool and modern mitigations. But no rational analysis is provided: are those mitigations effective? what are their impacts on performances, inspectability and complexity? against what are they supposed to defend? how easy are they to bypass? where they invented by OpenBSD or by others? is OpenBSD's reputation warranted?
This talk aims at answering all those questions, for all OpenBSD's mitigations, because, in the words of Ryan Mallon:
Threat modelling rule of thumb: if you don’t explain exactly what you are securing against and how you secure against it, the answers can be assumed to be: “bears” and “not very well”.
For example, OpenBSD added last year a MAP_STACK flag to its mmap function, and branded it as a security measure against "ROPchains". But this mitigation used to be part of Windows until 2012, and was removed because of at least generic public bypasses. It's also implemented on Linux since 2008, but for other reasons :)
All the research done for this talk is available on isopenbsdsecu.re
stein
https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10519.html
Видео 36C3 - A systematic evaluation of OpenBSD's mitigations канала media.ccc.de
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
34C3 - Are all BSDs created equally?George Neville-Neil, Security Fantasies and Realities for the BSDsNomadBSD: Persistent Live USB OSLinus Torvalds: Security is never perfect [LinuxCon Seattle 2015]The OpenBSD Hypervisor in the wild, a short story.TBW60: #OpenBSD @BSDCAN 2017 Interview36C3 - From Managerial Feudalism to the Revolt of the Caring ClassesBooting faster36C3 - Boeing 737MAX: Automated CrashesdotSecurity 2016 - Theo de Raadt - Privilege Separation and PledgeConsole Hacking 2016 (33c3)36C3 - Security Nightmares 0x14Firmware security, why it matters and how you can have itTom Interviews Theo de Raadt of the OpenBSD ProjectThe Art of Code - Dylan BeattieHackfest 2015: Theo de Raadt presented "Pledge: A new security technology in openbsd"The OpenBSD web stack - Michael W. LucasBuild your own NSA (33c3)dwm (suckless) - why I prefer it to i3 [ricing FreeBSD & OpenBSD]