WashU Bear Shell Daily

Trustworthy Security was born on a regular Tuesday afternoon, during the month of January in the year of 2002. The security would be about to change drastically, with its front line commander, Bill Gates, telling his troops about his plans. It all started with an email: From: Bill Gates Sent: Tuesday, January 15, 2002 5:22 PM To: Microsoft and Subsidiaries: All FTE Subject: Trustworthy computing  The internet was being heavily attacked by many viruses, worms and other applications such as Code Red, Nimda, and LoveLetter. They were about to face a new enemy: Trustworthy Computing  [0001] What is Trustworthy Computing? Bill Gates first introduced Trustworthy Computing by sending out an e-mail to more than 50,000 Microsoft employees, defining the moment for both the company's future and the industry.  It is an approach to computer software and hardware aimed to enable security, reliability, privacy and business integrity.  In Bill Gates email, he sta...

[0x00] Valgrind! What does Valgrind means to you and your memory? [0x01] Hey, Your memory looks good to me This is a typical layout of a linux (32-bit) process's virtual memory. From high address to low address, we can see regions reserved for kernel, user stack, shared libraries, runtime heap, static data segment and program region.  Every time we do a malloc() or calloc(), the OS will allocate one piece of memory in the runtime heap for us to use. Although the size of heap are larger enough in most cases (even for a 32-bit program's virtual memory), there is no reason we want to see a heap memory leak. And if your program is a long live process but unfortunately keeps leaking, the heap segment might be exhausted. So how can you detect the potential memory leak, or any other memory error? [0x02] What is Valgrind Valgrind is an instrumentation framework for building dynamic analysis tools. There are Valgrind tools that can automatically detect m...

The Overview of SGX What is the SGX? With more and more attack on systems and bigger danger inside the internet. We get a new technology which named The Security Guard Extensions (The SGX). Actually the SGX aimed to separate the whole applications to two parts: secure part and unsecure part. The secure part named enclave. Which is stored in protected memory. Between the enclave and application, there is an interface is implemented. Which is consists of e-calls and o-calls. The e-calls are inside the enclave for calling to the unsecured code. The o-calls are located in the unsecured code for collecting data inside the enclave. The enclave is totally protected which means any access from external are not allowed. Only when the untrusted part of application call the trusted function then the code inside the enclave can see the data. When it returns, the enclave data are still stays in safe memory. figure.1 Actually while the application’s host in pr...