https://miscreants.github.io/blog.trailofbits.com/2018/Recent content in 2018 on The Trail of Bits BlogHugoen-usMon, 31 Dec 2018 06:50:18 -0500https://miscreants.github.io/blog.trailofbits.com/2018/12/31/fuzzing-like-its-1989/Mon, 31 Dec 2018 06:50:18 -0500https://miscreants.github.io/blog.trailofbits.com/2018/12/31/fuzzing-like-its-1989/With 2019 a day away, let’s reflect on the past to see how we can improve. Yes, let’s take a long look back 30 years and reflect on the original fuzzing paper, An Empirical Study of the Reliability of UNIX Utilities, and its 1995 follow-up, Fuzz Revisited, by Barton P. Miller. In this blog post, […]https://miscreants.github.io/blog.trailofbits.com/2018/12/20/10000-research-fellowships-for-underrepresented-talent/Thu, 20 Dec 2018 10:00:32 -0500https://miscreants.github.io/blog.trailofbits.com/2018/12/20/10000-research-fellowships-for-underrepresented-talent/The Trail of Bits SummerCon Fellowship program is now accepting applications from emerging security researchers with excellent project ideas. Fellows will explore their research topics with our guidance and then present their findings at SummerCon 2019. We will be reserving at least 50% of our funding for marginalized, female-identifying, transgender, and non-binary candidates. If you’re […]https://miscreants.github.io/blog.trailofbits.com/2018/12/17/csaw-ctf-crypto-challenge-breaking-dsa/Mon, 17 Dec 2018 06:50:42 -0500https://miscreants.github.io/blog.trailofbits.com/2018/12/17/csaw-ctf-crypto-challenge-breaking-dsa/The Trail of Bits cryptographic services team contributed two cryptography CTF challenges to the recent CSAW CTF. Today we’re going to cover the easier one, titled “Disastrous Security Apparatus – Good luck, ‘k?” This problem involves the Digital Signature Algorithm (DSA) and the way an apparently secure algorithm can be made entirely insecure through surprising […]https://miscreants.github.io/blog.trailofbits.com/2018/11/27/10-rules-for-the-secure-use-of-cryptocurrency-hardware-wallets/Tue, 27 Nov 2018 06:50:43 -0500https://miscreants.github.io/blog.trailofbits.com/2018/11/27/10-rules-for-the-secure-use-of-cryptocurrency-hardware-wallets/Earlier this year, the Web3 Foundation (W3F) commissioned Trail of Bits for a security review and assessment of the risks in storing cryptocurrency. Everyone who owns cryptocurrency — from large institutions to individual enthusiasts — shares the W3F’s concerns. In service to the broader community, the W3F encouraged us to publish our recommendations for the […]https://miscreants.github.io/blog.trailofbits.com/2018/11/19/return-of-the-blockchain-security-empire-hacking/Mon, 19 Nov 2018 11:20:10 -0500https://miscreants.github.io/blog.trailofbits.com/2018/11/19/return-of-the-blockchain-security-empire-hacking/Remember last December’s Empire Hacking? The one where we dedicated the event to sharing the best information about blockchain and smart contract security? Let’s do that again, and let’s make it a tradition; a half-day mini conference focused exclusively on a single topic every December. On December 12, please join us at Buzzfeed’s NYC offices […]https://miscreants.github.io/blog.trailofbits.com/2018/11/16/trail-of-bits-devcon-iv-recap/Fri, 16 Nov 2018 06:50:22 -0500https://miscreants.github.io/blog.trailofbits.com/2018/11/16/trail-of-bits-devcon-iv-recap/We wanted to make up for missing the first three Devcons, so we participated in this year’s event through a number of talks, a panel, and two trainings. For those of you who couldn’t join us, we’ve summarized our contributions below. We hope to see you there next year. Using Manticore and Symbolic Execution to […]https://miscreants.github.io/blog.trailofbits.com/2018/11/07/we-crypto-now/Wed, 07 Nov 2018 06:50:17 -0500https://miscreants.github.io/blog.trailofbits.com/2018/11/07/we-crypto-now/Building and using cryptographic libraries is notoriously difficult. Even when each component of the system has been implemented correctly (quite difficult to do), improperly combining these pieces can lead to disastrous results. Cryptography, when rolled right, forms the bedrock of any secure application. By combining cutting-edge mathematics and disciplined software engineering, modern crypto-systems guarantee data and communication privacy.https://miscreants.github.io/blog.trailofbits.com/2018/10/29/how-contract-migration-works/Mon, 29 Oct 2018 06:50:16 -0400https://miscreants.github.io/blog.trailofbits.com/2018/10/29/how-contract-migration-works/Smart contracts can be compromised: they can have bugs, the owner’s wallet can be stolen, or they can be trapped due to an incorrect setting. If you develop a smart contract for your business, you must be prepared to react to events such as these. In many cases, the only available solution is to deploy […]https://miscreants.github.io/blog.trailofbits.com/2018/10/26/the-good-the-bad-and-the-weird/Fri, 26 Oct 2018 06:50:13 -0400https://miscreants.github.io/blog.trailofbits.com/2018/10/26/the-good-the-bad-and-the-weird/Let’s automatically identify weird machines in software. Combating software exploitation has been a cat-and-mouse game ever since the Morris worm in 1988. Attackers use specific exploitation primitives to achieve unintended code execution. Major software vendors introduce exploit mitigation to break those primitives. Back and forth, back and forth. The mitigations have certainly raised the bar […]https://miscreants.github.io/blog.trailofbits.com/2018/10/22/a-guide-to-post-quantum-cryptography/Mon, 22 Oct 2018 06:50:12 -0400https://miscreants.github.io/blog.trailofbits.com/2018/10/22/a-guide-to-post-quantum-cryptography/For many high-assurance applications such as TLS traffic, medical databases, and blockchains, forward secrecy is absolutely essential. It is not sufficient to prevent an attacker from immediately decrypting sensitive information. Here the threat model encompasses situations where the adversary may dedicate many years to the decryption of ciphertexts after their collection. One potential way forward […]https://miscreants.github.io/blog.trailofbits.com/2018/10/19/slither-a-solidity-static-analysis-framework/Fri, 19 Oct 2018 06:50:09 -0400https://miscreants.github.io/blog.trailofbits.com/2018/10/19/slither-a-solidity-static-analysis-framework/Slither is the first open-source static analysis framework for Solidity. Slither is fast and precise; it can find real vulnerabilities in a few seconds without user intervention. It is highly customizable and provides a set of APIs to inspect and analyze Solidity code easily. We use it in all of our security reviews. Now you […]https://miscreants.github.io/blog.trailofbits.com/2018/10/12/introduction-to-verifiable-delay-functions-vdfs/Fri, 12 Oct 2018 06:50:10 -0400https://miscreants.github.io/blog.trailofbits.com/2018/10/12/introduction-to-verifiable-delay-functions-vdfs/Finding randomness on the blockchain is hard. A classic mistake developers make when trying to acquire a random value on-chain is to use quantities like future block hashes, block difficulty, or timestamps. The problem with these schemes is that they are vulnerable to manipulation by miners. For example, suppose we are trying to run an […]https://miscreants.github.io/blog.trailofbits.com/2018/10/05/how-to-spot-good-fuzzing-research/Fri, 05 Oct 2018 06:50:52 -0400https://miscreants.github.io/blog.trailofbits.com/2018/10/05/how-to-spot-good-fuzzing-research/Of the nearly 200 papers on software fuzzing that have been published in the last three years, most of them—even some from high-impact conferences—are academic clamor. Fuzzing research suffers from inconsistent and subjective benchmarks, which keeps this potent field in a state of arrested development. We’d like to help explain why this has happened and […]https://miscreants.github.io/blog.trailofbits.com/2018/10/04/ethereum-security-guidance-for-all/Thu, 04 Oct 2018 06:50:23 -0400https://miscreants.github.io/blog.trailofbits.com/2018/10/04/ethereum-security-guidance-for-all/We came away from ETH Berlin with two overarching impressions: first, many developers were hungry for any guidance on security, and second; too few security firms were accessible. When we began taking on blockchain security engagements in 2016, there were no tools engineered for the work. Useful documentation was hard to find and hidden among […]https://miscreants.github.io/blog.trailofbits.com/2018/09/26/effortless-security-feature-detection-with-winchecksec/Wed, 26 Sep 2018 06:50:53 -0400https://miscreants.github.io/blog.trailofbits.com/2018/09/26/effortless-security-feature-detection-with-winchecksec/We’re proud to announce the release of Winchecksec, a new open-source tool that detects security features in Windows binaries. Developed to satisfy our analysis and research needs, Winchecksec aims to surpass current open-source security feature detection tools in depth, accuracy, and performance without sacrificing simplicity. Feature detection, made simple Winchecksec takes a Windows PE binary […]https://miscreants.github.io/blog.trailofbits.com/2018/09/10/protecting-software-against-exploitation-with-darpas-cfar/Mon, 10 Sep 2018 09:00:55 -0400https://miscreants.github.io/blog.trailofbits.com/2018/09/10/protecting-software-against-exploitation-with-darpas-cfar/Today, we’re going to talk about a hard problem that we are working on as part of DARPA’s Cyber Fault-Tolerant Attack Recovery (CFAR) program: automatically protecting software from 0-day exploits, memory corruption, and many currently undiscovered bugs. You might be thinking: “Why bother? Can’t I just compile my code with exploit mitigations like stack guard, […]https://miscreants.github.io/blog.trailofbits.com/2018/09/06/rattle-an-ethereum-evm-binary-analysis-framework/Thu, 06 Sep 2018 02:30:38 -0400https://miscreants.github.io/blog.trailofbits.com/2018/09/06/rattle-an-ethereum-evm-binary-analysis-framework/Most smart contracts have no verified source code, but people still trust them to protect their cryptocurrency. What’s more, several large custodial smart contracts have had security incidents. The security of contracts that exist on the blockchain should be independently ascertainable. Ethereum VM (EVM) Bytecode Ethereum contracts are compiled to EVM – the Ethereum Virtual […]https://miscreants.github.io/blog.trailofbits.com/2018/09/05/contract-upgrade-anti-patterns/Wed, 05 Sep 2018 06:00:21 -0400https://miscreants.github.io/blog.trailofbits.com/2018/09/05/contract-upgrade-anti-patterns/A popular trend in smart contract design is to promote the development of upgradable contracts. At Trail of Bits, we have reviewed many upgradable contracts and believe that this trend is going in the wrong direction. Existing techniques to upgrade contracts have flaws, increase the complexity of the contract significantly, and ultimately introduce bugs. To […]https://miscreants.github.io/blog.trailofbits.com/2018/08/23/introducing-windows-acl-working-with-acls-in-rust/Thu, 23 Aug 2018 07:50:39 -0400https://miscreants.github.io/blog.trailofbits.com/2018/08/23/introducing-windows-acl-working-with-acls-in-rust/Access Control Lists (ACLs) are an integral part of the Microsoft Windows security model. In addition to controlling access to secured resources, they are also used in sandboxing, event auditing, and specifying mandatory integrity levels. They are also exceedingly painful to programmatically manipulate, especially in Rust. Today, help has arrived — we released windows-acl, a […]https://miscreants.github.io/blog.trailofbits.com/2018/08/22/get-an-open-source-security-multiplier/Wed, 22 Aug 2018 00:05:44 -0400https://miscreants.github.io/blog.trailofbits.com/2018/08/22/get-an-open-source-security-multiplier/An increasing number of organizations and companies (including the federal government) rely on open-source projects in their security operations architecture, secure development tools, and beyond. Open-source solutions offer numerous advantages to development-savvy teams ready to take ownership of their security challenges. Teams can implement them to provide foundational capabilities, like “process logs” or “access machine […]https://miscreants.github.io/blog.trailofbits.com/2018/08/14/fault-analysis-on-rsa-signing/Tue, 14 Aug 2018 12:39:52 -0400https://miscreants.github.io/blog.trailofbits.com/2018/08/14/fault-analysis-on-rsa-signing/This spring and summer, as an intern at Trail of Bits, I researched modeling fault attacks on RSA signatures. I looked at an optimization of RSA signing that uses the Chinese Remainder Theorem (CRT) and induced calculation faults that reveal private keys. I analyzed fault attacks at a low level rather than in […]https://miscreants.github.io/blog.trailofbits.com/2018/08/01/bluetooth-invalid-curve-points/Wed, 01 Aug 2018 07:05:38 -0400https://miscreants.github.io/blog.trailofbits.com/2018/08/01/bluetooth-invalid-curve-points/A serious bluetooth bug has received quite a bit of attention lately. It’s a great find by Biham and Newman. Given BLE’s popularity in the patch-averse IoT world, the bug has serious implications. And yet, it’s remarkably clean and simple. Unlike many elliptic curve bugs, an average human can totally understand the bug and how […]https://miscreants.github.io/blog.trailofbits.com/2018/07/06/optimizing-lifted-bitcode-with-dead-store-elimination/Fri, 06 Jul 2018 07:50:11 -0400https://miscreants.github.io/blog.trailofbits.com/2018/07/06/optimizing-lifted-bitcode-with-dead-store-elimination/Tim Alberdingk Thijm As part of my Springternship at Trail of Bits, I created a series of data-flow-based optimizations that eliminate most “dead” stores that emulate writes to machine code registers in McSema-lifted programs. For example, applying my dead-store-elimination (DSE) passes to Apache httpd eliminated 117,059 stores, or 50% of the store operations to Remill’s […]https://miscreants.github.io/blog.trailofbits.com/2018/06/29/trail-of-bits-donates-100000-to-support-young-researchers-through-summercon/Fri, 29 Jun 2018 07:50:15 -0400https://miscreants.github.io/blog.trailofbits.com/2018/06/29/trail-of-bits-donates-100000-to-support-young-researchers-through-summercon/We have a soft spot in our hearts for SummerCon. This event, the longest-running hacker conference in the US, is a great chance to host hacker friends from around the world in NYC, catch up in person, and learn about delightfully weird security topics. It draws a great crowd, ranging from “hackers to feds to […]https://miscreants.github.io/blog.trailofbits.com/2018/06/27/announcing-the-trail-of-bits-osquery-support-group/Wed, 27 Jun 2018 07:50:53 -0400https://miscreants.github.io/blog.trailofbits.com/2018/06/27/announcing-the-trail-of-bits-osquery-support-group/As great as it is, osquery could be a whole lot better. (Think write access for extensions, triggered responses upon detection, and even better performance, reliability and ease of use.) Facebook’s small osquery team can’t respond to every request for enhancement. That’s understandable. They have their hands full with managing the osquery community, reviewing PRs, […]https://miscreants.github.io/blog.trailofbits.com/2018/06/08/querycon-2018-our-talks-and-takeaways/Fri, 08 Jun 2018 07:50:05 -0400https://miscreants.github.io/blog.trailofbits.com/2018/06/08/querycon-2018-our-talks-and-takeaways/Sometimes a conference just gets it right. Good talks, single track, select engaged attendees, and no sales talks. It’s a recipe for success that Kolide got right on its very first try with QueryCon, the first-ever osquery conference. It’s no secret that we are huge fans of osquery, Facebook’s award-winning open source endpoint detection tool. […]https://miscreants.github.io/blog.trailofbits.com/2018/05/30/manage-your-fleets-firewalls-with-osquery/Wed, 30 May 2018 11:06:46 -0400https://miscreants.github.io/blog.trailofbits.com/2018/05/30/manage-your-fleets-firewalls-with-osquery/We’re releasing an extension for osquery that lets you manage the local firewalls of your fleet. Each of the three major operating systems provides a native firewall, capable of blocking incoming and outgoing access when configured. However, the interface for each of these three firewall systems are dissimilar and each requires different methods of configuration. […]https://miscreants.github.io/blog.trailofbits.com/2018/05/29/manage-santa-within-osquery/Tue, 29 May 2018 07:50:31 -0400https://miscreants.github.io/blog.trailofbits.com/2018/05/29/manage-santa-within-osquery/We’re releasing an extension for osquery that lets you manage Google Santa without the need for a separate sync server. Google Santa is an application whitelist and blacklist system for macOS ideal for deployment across managed fleets. It uses a sync server from which daemons pull rules onto managed computers. However, the sync server provides […]https://miscreants.github.io/blog.trailofbits.com/2018/05/28/collect-ntfs-forensic-information-with-osquery/Mon, 28 May 2018 12:06:07 -0400https://miscreants.github.io/blog.trailofbits.com/2018/05/28/collect-ntfs-forensic-information-with-osquery/We’re releasing an extension for osquery that will let you dig deeper into the NTFS filesystem. It’s one more tool for incident response and data collection. But it’s also an opportunity to dispense with forensics toolkits and commercial services that offer similar capabilities. Until now, osquery has been inadequate for performing the kind of filesystem […]https://miscreants.github.io/blog.trailofbits.com/2018/05/03/state-machine-testing-with-echidna/Thu, 03 May 2018 06:50:48 -0400https://miscreants.github.io/blog.trailofbits.com/2018/05/03/state-machine-testing-with-echidna/Property-based testing is a powerful technique for verifying arbitrary properties of a program via execution on a large set of inputs, typically generated stochastically. Echidna is a library and executable I’ve been working on for applying property-based testing to EVM code (particularly code written in Solidity). Echidna is a library for generating random sequences of […]https://miscreants.github.io/blog.trailofbits.com/2018/04/10/what-do-you-wish-osquery-could-do/Tue, 10 Apr 2018 06:50:44 -0400https://miscreants.github.io/blog.trailofbits.com/2018/04/10/what-do-you-wish-osquery-could-do/Welcome to the third post in our series about osquery. So far, we’ve described how five enterprise security teams use osquery and reviewed the issues they’ve encountered. For our third post, we focus on the future of osquery. We asked users, “What do you wish osquery could do?” The answers we received ranged from small […]https://miscreants.github.io/blog.trailofbits.com/2018/04/06/how-to-prepare-for-a-security-audit/Fri, 06 Apr 2018 06:50:33 -0400https://miscreants.github.io/blog.trailofbits.com/2018/04/06/how-to-prepare-for-a-security-audit/You’ve just approved a security review of your codebase. Do you: Send a copy of the repository and wait for the report, or Take the extra effort to set the project up for success? By the end of the review, the difference between these answers will lead to profoundly disparate results. In the former case, […]https://miscreants.github.io/blog.trailofbits.com/2018/04/04/vulnerability-modeling-with-binary-ninja/Wed, 04 Apr 2018 06:50:35 -0400https://miscreants.github.io/blog.trailofbits.com/2018/04/04/vulnerability-modeling-with-binary-ninja/Plenty of static analyzers can perform vulnerability discovery on source code, but what if you only have the binary? How can we model a vulnerability and then check a binary to see if it is vulnerable? The short answer: use Binary Ninja’s MLIL and SSA form. Together, they make it easy to build and solve a system of equations with a theorem prover that takes binaries and turns them, alchemy-like, into vulnerabilities!https://miscreants.github.io/blog.trailofbits.com/2018/03/23/use-our-suite-of-ethereum-security-tools/Fri, 23 Mar 2018 00:28:08 -0400https://miscreants.github.io/blog.trailofbits.com/2018/03/23/use-our-suite-of-ethereum-security-tools/Two years ago, when we began taking on blockchain security engagements, there were no tools engineered for the work. No static analyzers, fuzzers, or reverse engineering tools for Ethereum. So, we invested significant time and expertise to create what we needed, adapt what we already had, and refine the work continuously over dozens of audits. […]https://miscreants.github.io/blog.trailofbits.com/2018/03/22/an-accessible-overview-of-meltdown-and-spectre-part-2/Thu, 22 Mar 2018 06:50:19 -0400https://miscreants.github.io/blog.trailofbits.com/2018/03/22/an-accessible-overview-of-meltdown-and-spectre-part-2/This is the second half of our blog post on the Meltdown an Spectre vulnerabilities, describing Spectre Variant 1 (V1) and Spectre Variant 2 (V2). If you have not done so already, please review the first blog post for an accessible review of computer architecture fundamentals. This blog post will start by covering the technical […]https://miscreants.github.io/blog.trailofbits.com/2018/03/15/amd-flaws-technical-summary/Thu, 15 Mar 2018 13:58:03 -0400https://miscreants.github.io/blog.trailofbits.com/2018/03/15/amd-flaws-technical-summary/Two weeks ago, we were engaged by CTS Labs as independent consultants at our standard consulting rates to review and confirm the technical accuracy of their preliminary findings. We participated neither in their research nor in their subsequent disclosure process. Our recommendation to CTS was to disclose the vulnerabilities through a CERT. Our review of […]https://miscreants.github.io/blog.trailofbits.com/2018/03/09/echidna-a-smart-fuzzer-for-ethereum/Fri, 09 Mar 2018 13:19:34 -0500https://miscreants.github.io/blog.trailofbits.com/2018/03/09/echidna-a-smart-fuzzer-for-ethereum/Today we released Echidna, our next-generation EVM smart fuzzer at EthCC. It’s the first-ever fuzzer to target smart contracts, and has powerful features like abstract state-machine modeling and automatic minimal test case generation. We’ve been working on it for quite some time, and are thrilled to finally share it with the world. Different interfaces for […]https://miscreants.github.io/blog.trailofbits.com/2018/03/08/2017-in-review/Thu, 08 Mar 2018 07:50:56 -0500https://miscreants.github.io/blog.trailofbits.com/2018/03/08/2017-in-review/What a roller coaster of a year! Well, outside of our office. Inside, 2017 was excellent. We published novel research that advanced – among others – the practices of automated bug discovery, symbolic execution, and binary translation. In the process, we improved many foundational tools that an increasing number of security researchers will come to […]https://miscreants.github.io/blog.trailofbits.com/2018/02/09/parity-technologies-engages-trail-of-bits/Fri, 09 Feb 2018 07:50:46 -0500https://miscreants.github.io/blog.trailofbits.com/2018/02/09/parity-technologies-engages-trail-of-bits/We’re helping Parity Technologies secure their Ethereum client. We’ll begin by auditing their codebase, and look forward to publishing results and the knowledge we gained in the future. Parity Technologies combines cryptography, cellular systems, peer-to-peer technology and decentralized consensus to solve the problems that have gone unaddressed by conventional server-client architecture. Their Ethereum client is designed for […]https://miscreants.github.io/blog.trailofbits.com/2018/01/30/an-accessible-overview-of-meltdown-and-spectre-part-1/Tue, 30 Jan 2018 07:50:39 -0500https://miscreants.github.io/blog.trailofbits.com/2018/01/30/an-accessible-overview-of-meltdown-and-spectre-part-1/In the past few weeks the details of two critical design flaws in modern processors were finally revealed to the public. Much has been written about the impact of Meltdown and Spectre, but there is scant detail about what these attacks are and how they work. We are going to try our best to fix […]https://miscreants.github.io/blog.trailofbits.com/2018/01/23/heavy-lifting-with-mcsema-2-0/Tue, 23 Jan 2018 07:50:03 -0500https://miscreants.github.io/blog.trailofbits.com/2018/01/23/heavy-lifting-with-mcsema-2-0/Four years ago, we released McSema, our x86 to LLVM bitcode binary translator. Since then, it has stretched and flexed; we added x86-64 support, put it on a performance-focused diet, and improved its usability and documentation. McSema wasn’t the only thing improving these past years, though. At the same time, programs were increasingly adopting modern […]