Return-Oriented Programming

December 22, 2011

A few days ago I delivered a session on return-oriented programming, in the context of stack-based buffer overflow exploitation, at the Distributed Systems, Networking and Security seminar (HUJI). Generally speaking, return-oriented programming (at least in limited form, such as return to libc, return to syscall) is not new at all. It is a very effective means of bypassing stack-based buffer overflow mitigations such as NX (non-executable stack) and W+X. The awesome thing about ROP is that code execution vulnerabilities don’t have to involve actual code being placed in memory – a carefully constructed sequence of stack words can...
no comments

SDP December 2011: .NET Production Debugging

December 15, 2011

Last Wednesday I delivered my last session at the SDP: Production Debugging of .NET Applications. After delivering a similar session in the June DevDays, I thought about how I can make it better by focusing on a smaller set of core debugging scenarios and making sure attendees get a chance to practice them first-hand. Indeed, we had time to discuss and practice the following: Capturing crash dumps and hang dumps with ADPlus, Windows Task Manager, and Procdump Analyzing crash dumps in Visual Studio 2010 and WinDbg to find...
tags: ,
no comments

SDP December 2011: What’s New in .NET 4.5 Keynote

December 13, 2011

Noam and I delivered a joint keynote at the first day of the SDP, covering the new APIs and internal features of .NET 4.5. With my love for internals, I took the easy route of talking about CLR internals and C# 5 async methods, and Noam talked about WCF, Entity Framework, WPF, ASP.NET MVC, and plenty of other frameworks which have been updated in .NET 4.5. As you probably know, .NET 4.5 is an in-place update for .NET 4.0, which means—as far as Microsoft is concerned—that it should work seamlessly where .NET 4.0 does, with full...
no comments

SDP December 2011: Introducing Windows 8 Keynote

December 10, 2011

The SDP started with my 40-minute keynote, Introducing Windows 8. I was working on it for more than 3 weeks, and wasn’t completely sure what I wanted in it until only a few days before the conference. That was also when I decided to ditch the slides and go for a fresh idea: a Metro-style Windows 8 application that contains both the slides and interactive code demos for the session. (The application’s tile and title page.) My personal view of Windows 8, after letting the news sink and playing with the system for a couple...
no comments

SDP December 2011: Everything New in C++

December 9, 2011

Noam and I delivered on Tuesday a joint session called Everything New in C++ at the SELA Developer Practice. It’s been a really fun session to work on, even though it was also a cold reminder how easy it is to forget “The C++ Way” when you stay away for a little while. The new C++ standard is not just a set of minor additions to the C++ language and libraries—it almost feels like a whole new language, what with the lambda functions, type inference, and rich concurrency libraries. While we were planning this full-day C++...
tags: , ,

SDP December 2011: Improving the Performance of .NET Applications

I apologize for the silence during the last two weeks—organizing the SDP and preparing three full-day sessions and two keynotes left no time to breathe :-) On Monday I delivered a session called Improving the Performance of .NET Applications at the SELA Developer Practice. Here are some of the practical scenarios we covered: Measuring application memory usage and allocation sources Diagnosing memory leak sources with memory profilers Using sampling and instrumentation profilers to find CPU bottlenecks and methods with problematic cache access patterns Reading performance...
no comments