Though Oracle has released a patch, I'm not sure whether
it's a temporary patch or a permanent fix for the problem. Last month I came
across one colloquium by Dr.Michael Franz ( http://www.ics.uci.edu/~franz/ ) UC Irvine
held at UT Dallas. The talk was about "Software Immunity via Large Scale
Diversification".
The abstract is below for reference.
Abstract
-----------
We have been investigating compiler-generated software
diversity as a defense mechanism against software attacks. Imagine an "App
Store" containing a diversification engine (a "multicompiler")
that automatically generates a unique version of every program for every user.
All the different versions of the same program behave in exactly the same way
from the perspective of the end-user, but they implement their functionality in
subtly different ways. As a result, any specific attack will succeed only on a
small fraction of targets. An attacker would require a large number of
different attacks and would have no way of knowing a priori which
specific attack will succeed on which specific target. Equally importantly,
this approach makes it much more difficult for an attacker to generate attack
vectors by way of reverse engineering of security patches.
We have built such a multicompiler which is now
available as a prototype. We can diversify large software distributions such as
the Chromium web browser or a complete Linux distribution. I will present some
preliminary benchmarks and will also address some practical issues such as the
problem of reporting errors when every binary is unique, and updating of
diversified software.
-------------
So prof and his team had built a multicompiler which
would build unique version based on a seed value ( like how most
cryptographic algorithms work) for each and every user in the world. All the
different versions built behave in exactly the same way. So the end user wouldn't be
able to distinguish it. From the attacker perspective, this would require a
large number of attacks and he/she would have no way of knowing the seed value
through which the executable is made. Even if they can guess the seed, the
attack would be minimal restricted to a group of people or single user.
This process makes the life difficult when a patch is
released as it needs to be catered to each and every user as the company issuing patch should keep track off the versions running in every user, retrieve the seed used in the executable and generate the new executable based on some new seed/existing seed. In the talk
professor had mentioned this new technique is currently deployed at Mozilla.
What do you guys think on this?
No comments:
Post a Comment