2019 on The Trail of Bits Blog

Mainnet360: joint economic and security reviews with Prysm Group

Mon, 09 Dec 2019 07:00:52 -0500

On Monday, October 28th at the Crypto Economics Security Conference, Trail of Bits announced a new joint offering with Prysm Group: Mainnet360. Carefully designed to produce a comprehensive assessment of the security and economic elements of blockchain software, Mainnet360 gives teams a broader perspective that will allow them to build safer and more resilient systems. […]

64 Bits ought to be enough for anybody!

Wed, 27 Nov 2019 06:01:30 -0500

How quickly can we use brute force to guess a 64-bit number? The short answer is, it all depends on what resources are available. So we’re going to examine this problem starting with the most naive approach and then expand to other techniques involving parallelization. We’ll discuss parallelization at the CPU level with SIMD instructions, […]

Introducing iVerify, the security toolkit for iPhone users

Thu, 14 Nov 2019 09:38:48 -0500

“If privacy matters, it should matter to the phone your life is on.” So says Apple in their recent ads about Privacy on the iPhone and controlling the data you share—but many of the security features they highlight are opt-in, and users often don’t know when or how to activate them. But hey… we got […]

Announcing the Crytic $10k Research Prize

Wed, 13 Nov 2019 07:00:35 -0500

At Trail of Bits, we make a significant effort to stay up to date with the academic world. We frequently evaluate our work through peer-reviewed conferences, and we love to attend academic events (see our recent ICSE and Crypto recaps).

Everything You Ever Wanted To Know About Test-Case Reduction, But Didn’t Know to Ask

Mon, 11 Nov 2019 07:00:11 -0500

Imagine reducing the amount of code and time needed to test software, while at the same time increasing the efficacy of your tests and making your debugging tasks easier—all with minimal human effort. It seems too good to be true, but we’re going to explain how test-case reduction can do all this (and maybe more). […]

Security assessment techniques for Go projects

Thu, 07 Nov 2019 07:00:06 -0500

The Trail of Bits Assurance practice has received an influx of Go projects, following the success of our Kubernetes assessment this summer. As a result, we’ve been adapting for Go projects some of the security assessment techniques and tactics we’ve used with other compiled languages. We started by understanding the design of the language, identifying […]

Two New Tools that Tame the Treachery of Files

Fri, 01 Nov 2019 07:00:18 -0400

Parsing is hard, even when a file format is well specified. But when the specification is ambiguous, it leads to unintended and strange parser and interpreter behaviors that make file formats susceptible to security vulnerabilities. What if we could automatically generate a “safe” subset of any file format, along with an associated, verified parser? That’s […]

Destroying x86_64 instruction decoders with differential fuzzing

Thu, 31 Oct 2019 07:00:01 -0400

TL;DR: x86_64 decoding is hard, and the number and variety of implementations available for it makes it uniquely suited to differential fuzzing. We’re open sourcing mishegos, a differential fuzzer for instruction decoders. You can use it to discover discrepancies in your own decoders and analysis tools! In the beginning, there was instruction decoding Decompilation and […]

How safe browsing fails to protect user privacy

Wed, 30 Oct 2019 07:00:57 -0400

Recently, security researchers discovered that Apple was sending safe browsing data to Tencent for all Chinese users. This revelation has brought the underlying security and privacy guarantees of the safe browsing protocol under increased scrutiny. In particular, safe browsing claims to protect users by providing them with something called k-anonymity. In this post we’ll show […]

Grace Hopper Celebration (GHC) 2019 Recap

Tue, 29 Oct 2019 11:30:14 -0400

A few weeks ago I had the inspiring experience of attending the annual Grace Hopper Celebration (GHC), the world’s largest gathering of women in technology. Over four days in Orlando, Florida, GHC hosted a slew of workshops and presentations, plus a massive career fair with over […]

Formal Analysis of the CBC Casper Consensus Algorithm with TLA+

Fri, 25 Oct 2019 07:00:56 -0400

As a summer intern at Trail of Bits, I used the PlusCal and TLA+ formal specification languages to explore Ethereum’s CBC Casper consensus protocol and its Byzantine fault tolerance. This work was motivated by the Medium.com article Peer Review: CBC Casper by Muneeb Ali, Jude […]

Watch Your Language: Our First Vyper Audit

Thu, 24 Oct 2019 07:00:04 -0400

A lot of companies are working on Ethereum smart contracts, yet writing secure contracts remains a difficult task. You still have to avoid common pitfalls, compiler issues, and constantly check your code for recently discovered risks. A recurrent source of vulnerabilities comes from the early state of the programming languages available. Most developers are using […]

Multi-Party Computation on Machine Learning

Fri, 04 Oct 2019 10:13:15 -0400

During my internship this summer, I built a multi-party computation (MPC) tool that implements a 3-party computation protocol for perceptron and support vector machine (SVM) algorithms. MPC enables multiple parties to perform analyses on private datasets without sharing them with each other. I defveloped a technique that lets three parties obtain the results of machine […]

TSC Frequency For All: Better Profiling and Benchmarking

Thu, 03 Oct 2019 06:58:24 -0400

Have you ever tried using LLVM’s X-Ray profiling tools to make some flame graphs, but gotten obscure errors like: ==65892==Unable to determine CPU frequency for TSC accounting. ==65892==Unable to determine CPU frequency. Or worse, have you profiled every function in an application, only to find the sum of all function runtimes accounted for ~15 minutes […]

Tethered jailbreaks are back

Fri, 27 Sep 2019 15:09:08 -0400

Earlier today, a new iPhone Boot ROM exploit, checkm8 (or Apollo or Moonshine), was published on GitHub by axi0mX, affecting the iPhone 4S through the iPhone X. The vulnerability was patched in devices with A12 and A13 CPUs. As of this writing, the iPhone XS, XS Max, XR, 11, 11 Pro and 11 Pro Max […]

QueryCon 2019: A Turning Point for osquery

Fri, 20 Sep 2019 07:00:58 -0400

Has it really been 3 months since Trail of Bits hosted QueryCon? We’ve had such a busy and productive summer that we nearly forgot to go back and reflect on the success of this event! On June 20-21, Trail of Bits partnered with Kolide and Carbon Back to host the 2nd annual QueryCon, at the […]

Crypto 2019 Takeaways

Wed, 11 Sep 2019 06:50:16 -0400

This year’s IACR Crypto conference was an excellent blend of far-out theory and down-to-earth pragmatism. A major theme throughout the conference was the huge importance of getting basic cryptographic primitives right. Systems ranging from TLS servers and bitcoin wallets to state-of-the-art secure multiparty computation protocols were broken when one small sub-component was either chosen poorly […]

DeepState Now Supports Ensemble Fuzzing

Tue, 03 Sep 2019 06:50:44 -0400

We are proud to announce the integration of ensemble fuzzing into DeepState, our unit-testing framework powered by fuzzing and symbolic execution. Ensemble fuzzing allows testers to execute multiple fuzzers with varying heuristics in a single campaign, while maintaining an architecture for synchronizing generated input seeds across […]

Rewriting Functions in Compiled Binaries

Mon, 02 Sep 2019 06:50:31 -0400

As a summer intern at Trail of Bits, I’ve been working on building Fennec, a tool to automatically replace function calls in compiled binaries that’s built on top of McSema, a binary lifter developed by Trail of Bits. The Problem Let’s say you have a compiled binary, but you […]

Binary symbolic execution with KLEE-Native

Fri, 30 Aug 2019 06:50:08 -0400

KLEE-Native, a fork of KLEE that operates on binary program snapshots by lifting machine code to LLVM bitcode.

Reverse Taint Analysis Using Binary Ninja

Thu, 29 Aug 2019 06:50:20 -0400

We open-sourced a set of static analysis tools, KRFAnalysis, that analyze and triage output from our system call (syscall) fault injection tool KRF. Now you can easily figure out where and why, KRF crashes your programs. During my summer internship at Trail of Bits, I worked on KRF, […]

Wrapper's Delight

Mon, 26 Aug 2019 06:50:40 -0400

During my summer at Trail of Bits, I took full advantage of the latest C++ language features to build a new SQLite wrapper from scratch that is easy to use, lightweight, high performant, and concurrency friendly—all in under 750 lines of code.

A Day in the Life of Alessandro Gario, Senior Security Engineer

Fri, 09 Aug 2019 08:00:18 -0400

People interested in joining Trail of Bits often ask us what it’s like to work on the Engineering Services team. We felt that the best answer would be a profile of some of the talented individuals on our team, and let them describe their experiences at Trail of Bits in their own words. Today, we’re […]

246 Findings From our Smart Contract Audits: An Executive Summary

Thu, 08 Aug 2019 06:50:40 -0400

Until now, smart contract security researchers (and developers) have been frustrated by limited information about the actual flaws that survive serious development efforts. That limitation increases the risk of making critical smart contracts vulnerable, misallocating resources for risk reduction, and missing opportunities to employ automated analysis tools. We’re changing that. Today, Trail of Bits is […]

From The Depths Of Counterfeit Smartphones

Wed, 07 Aug 2019 06:50:51 -0400

In an age of online second-hand retailers, marketplace exchanges, and third-party refurb shops, it’s easier than ever to save hundreds of dollars when buying a phone. These channels provide an appealing alternative for people foregoing a retail shopping experience for a hefty discount. However, there is an additional option for those bargain hunters seeking even […]

Better Encrypted Group Chat

Tue, 06 Aug 2019 06:50:24 -0400

Broadly, an end-to-end encrypted messaging protocol is one that ensures that only the participants in a conversation, and no intermediate servers, routers, or relay systems, can read and write messages. An end-to-end encrypted group messaging protocol is one that ensures this for all participants in a conversation of three or more people. End-to-end encrypted group […]

Crytic: Continuous Assurance for Smart Contracts

Fri, 02 Aug 2019 06:50:36 -0400

Note: This blog has been reposted from Truffle Suite’s blog. We are proud to announce our new smart contract security product: https://crytic.io/. Crytic provides continuous assurance for smart contracts. The platform reports build status on every commit and runs a suite of security analyses for immediate feedback. The beta will be open soon. Follow us […]

Understanding Docker container escapes

Fri, 19 Jul 2019 21:01:09 -0400

Trail of Bits recently completed a security assessment of Kubernetes, including its interaction with Docker. Felix Wilhelm’s recent tweet of a Proof of Concept (PoC) “container escape” sparked our interest, since we performed similar research and were curious how this PoC could impact Kubernetes. Quick and dirty way to get out of a privileged k8s […]

Trail of Bits Named in Forrester Wave as a Leader in Midsize Cybersecurity Consulting Services

Tue, 16 Jul 2019 11:20:19 -0400

Trail of Bits was among the select companies that Forrester invited to participate in its recent report, The Forrester Wave™: Midsize Cybersecurity Consulting Services, Q2 2019. In this evaluation, Trail of Bits was cited as a Leader. We received the highest score among all participants in the current offering category, among the highest scores in […]

On LibraBFT’s use of broadcasts

Fri, 12 Jul 2019 06:50:24 -0400

LibraBFT is the Byzantine Fault Tolerant (BFT) consensus algorithm used by the recently released Libra cryptocurrency. LibraBFT is based on another BFT consensus algorithm called HotStuff. While some have noted the similarities between the two algorithms, they differ in some crucial respects. In this post we highlight one such difference: in LibraBFT, non-leaders perform broadcasts. […]

Seriously, stop using RSA

Mon, 08 Jul 2019 06:50:43 -0400

Here at Trail of Bits we review a lot of code. From major open source projects to exciting new proprietary software, we’ve seen it all. But one common denominator in all of these systems is that for some inexplicable reason people still seem to think RSA is a good cryptosystem to use. Let me save […]

Avoiding Smart Contract “Gridlock” with Slither

Wed, 03 Jul 2019 14:42:53 -0400

A denial-of-service (DoS) vulnerability, dubbed ‘Gridlock,’ was publicly reported on July 1st in one of Edgeware’s smart contracts deployed on Ethereum. As much as $900 million worth of Ether may have been processed by this contract. Edgeware has since acknowledged and fixed the “fatal bug.” When we heard about Gridlock, we ran Slither on the […]

State of the Art Proof-of-Work: RandomX

Tue, 02 Jul 2019 06:50:11 -0400

RandomX is a new ASIC and GPU-resistant proof-of-work (PoW) algorithm originally developed for Monero, but potentially useful in any blockchain using PoW that wants to bias towards general purpose CPUs. Trail of Bits was contracted by Arweave to review this novel algorithm in a two person-week engagement and provide guidance on alternate parameter selection. But […]

Siderophile: Expose your Crate’s Unsafety

Mon, 01 Jul 2019 11:30:06 -0400

Today we released a tool, siderophile, that helps Rust developers find fuzzing targets in their codebases. Siderophile trawls your crate’s dependencies and attempts to finds every unsafe function, expression, trait method, etc. It then traces these up the callgraph until it finds the function in your crate that uses the unsafety. It ranks the functions […]

Use constexpr for faster, smaller, and safer code

Thu, 27 Jun 2019 06:50:06 -0400

With the release of C++14, the standards committee strengthened one of the coolest modern features of C++: constexpr. Now, C++ developers can write constant expressions and force their evaluation at compile-time, rather than at every invocation by users. This results in faster execution, smaller executables and, surprisingly, safer code. Undefined behavior has been the source […]

Panicking the right way in Go

Wed, 26 Jun 2019 06:50:58 -0400

A common Go idiom is to (1) panic, (2) recover from the panic in a deferred function, and (3) continue on. In general, this is okay, so long there are no global state changes between the entry point to the function calling defer, and the point at which the panic occurs. Such global state changes […]

Creating an LLVM Sanitizer from Hopes and Dreams

Tue, 25 Jun 2019 06:50:21 -0400

Each year, Trail of Bits runs a month-long winter internship aka “winternship” program. This year we were happy to host 4 winterns who contributed to 3 projects. This project comes from Carson Harmon, a new graduate from Purdue interested in compilers and systems engineering, and a new full-time member of our research practice. I set […]

Getting 2FA Right in 2019

Thu, 20 Jun 2019 06:50:12 -0400

Since March, Trail of Bits has been working with the Python Software Foundation to add two-factor authentication (2FA) to Warehouse, the codebase that powers PyPI. As of today, PyPI members can enable time-based OTP (TOTP) and WebAuthn (currently in beta). If you have an account on PyPI, go enable your preferred 2FA method before you […]

Trail of Bits @ ICSE 2019 – Recap

Wed, 19 Jun 2019 10:35:13 -0400

Three weeks ago, we presented our work on Slither at WETSEB, an ICSE workshop. ICSE is a top-tier academic conference, focused on software engineering. This edition of the event went very well. The organizers do their best to attract and engage industrials to the discussions. The conference had many talks in parallel. We wish we […]

Why you should go to QueryCon this week

Tue, 18 Jun 2019 06:50:09 -0400

QueryCon takes place this week at the Convene Conference Center in Downtown Manhattan, Thursday June 20th- Friday June 21st. If you don’t have a ticket yet, get one while you can. QueryCon is an annual conference about osquery, the open source project that’s helping many top tech companies manage their endpoints. We’ve been big fans […]

Leaves of Hash

Mon, 17 Jun 2019 06:50:58 -0400

Trail of Bits has released Indurative, a cryptographic library that enables authentication of a wide variety of data structures without requiring users to write much code. Indurative is useful for everything from data integrity to trustless distributed systems. For instance, developers can use Indurative to add Binary Transparency to a package manager — so users […]

Announcing Manticore 0.3.0

Fri, 07 Jun 2019 06:50:57 -0400

Earlier this week, Manticore leapt forward to version 0.3.0. Advances for our symbolic execution engine now include: “fast forwarding” through concrete execution that you don’t care about, support for Linux binaries statically compiled for AArch64, and an interface for selectively solving for interesting test cases. We’ve been working really hard on these and other features […]

Using osquery for remote forensics

Fri, 31 May 2019 11:59:48 -0400

System administrators use osquery for endpoint telemetry and daily monitoring. Security threat hunters use it to find indicators of compromise on their systems. Now another audience is discovering osquery: forensic analysts. While osquery core is great for querying various system-level data remotely, forensics extensions will give it the ability to inspect to deeper-level data structures […]

Fuzzing Unit Tests with DeepState and Eclipser

Fri, 31 May 2019 07:00:31 -0400

If unit tests are important to you, there’s now another reason to use DeepState, our Google-Test-like property-based testing tool for C and C++. It’s called Eclipser, a powerful new fuzzer very recently presented in an ICSE 2019 paper. We are proud to announce that Eclipser is now fully integrated into DeepState. Eclipser provides many of […]

Announcing Automated Reverse Engineering Trainings

Thu, 30 May 2019 07:00:28 -0400

Consider our modular trainings. They can be organized to suit your company’s needs. You choose the number of skills and days to spend honing them.

Slither: The Leading Static Analyzer for Smart Contracts

Mon, 27 May 2019 06:30:58 -0400

We have published an academic paper on Slither, our static analysis framework for smart contracts, in the International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), colocated with ICSE. Our paper shows that Slither’s bug detection outperforms other static analysis tools for finding issues in smart contracts in terms of speed, robustness, and […]

Announcing the community-oriented osquery fork, osql

Thu, 18 Apr 2019 12:24:51 -0400

For months, Facebook has been heavily refactoring the entire osquery codebase, migrating osquery away from standard development tools like CMake and integrating it with Facebook’s internal tooling. Their intention was to improve code quality, implement additional tests, and move the project to a more modular architecture. In practice, the changes sacrificed support for a number […]

Announcing QueryCon 2019

Tue, 09 Apr 2019 07:50:47 -0400

Exciting news: We’re hosting the second annual QueryCon on June 20th-21st in New York City, co-sponsored by Kolide and Carbon Black! Register here QueryCon has become the foremost event for the osquery and osql open-source community. QueryCon brings together core maintainers, developers, and end-users to teach, discuss, and collaborate on Facebook’s award-winning open-source endpoint detection […]

User-Friendly Fuzzing with Sienna Locomotive

Mon, 08 Apr 2019 07:50:13 -0400

Fuzzing is a great way to find bugs in software, but many developers don’t use it. We hope to change that today with the release of Sienna Locomotive, a new open-source fuzzer for Windows that emphasizes usability. Sienna Locomotive aims to make fuzzing accessible to developers with limited security expertise. Its user-oriented features make it […]

Performing Concolic Execution on Cryptographic Primitives

Mon, 01 Apr 2019 07:50:55 -0400

For my winternship and springternship at Trail of Bits, I researched novel techniques for symbolic execution on cryptographic protocols. I analyzed various implementation-level bugs in cryptographic libraries, and built a prototype Manticore-based concolic unit testing tool, Sandshrew, that analyzed C cryptographic primitives under a symbolic and concrete environment. Sandshrew is a first step […]

Fuzzing In The Year 2000

Thu, 28 Mar 2019 07:50:56 -0400

It is time for the second installment of our efforts to reproduce original fuzzing research on modern systems. If you haven’t yet, please read the first part. This time we tackle fuzzing on Windows by reproducing the results of “An Empirical Study of the Robustness of Windows NT Applications Using Random Testing” (aka ‘the NT […]

What Application Developers Need To Know About TLS Early Data (0RTT)

Mon, 25 Mar 2019 09:00:23 -0400

TLS 1.3 represents the culmination of over two decades of experience in deploying large-scale transport security. For the most part it simplifies and improves the security of TLS and can act as a drop-in replacement for TLS 1.2. However, one new feature in the protocol represents a significant security risk to some existing applications: TLS […]

Symbolic Path Merging in Manticore

Fri, 25 Jan 2019 07:50:16 -0500

Each year, Trail of Bits runs a month-long winter internship “winternship” program. This year we were happy to host 4 winterns who contributed to 3 projects. This is the first in a series of blog posts covering the 2019 Wintern class. Our first report is from Vaibhav Sharma (@vbsharma), a PhD student at the University […]

Fuzzing an API with DeepState (Part 2)

Wed, 23 Jan 2019 07:50:06 -0500

Alex Groce, Associate Professor, School of Informatics, Computing and Cyber Systems, Northern Arizona University Mutation Testing Introducing one bug by hand (as we did in Part 1) is fine, and we could try it again, but “the plural of anecdote is not data.” However, this is not strictly true. If we have enough anecdotes, we […]

Fuzzing an API with DeepState (Part 1)

Tue, 22 Jan 2019 07:50:21 -0500

Alex Groce, Associate Professor, School of Informatics, Computing and Cyber Systems, Northern Arizona University Using DeepState, we took a handwritten red-black tree fuzzer and, with minimal effort, turned it into a much more fully featured test generator. The DeepState fuzzer, despite requiring no more coding effort, supports replay of regression tests, reduction of the size […]

How McSema Handles C++ Exceptions

Mon, 21 Jan 2019 07:50:27 -0500

C++ programs using exceptions are problematic for binary lifters. The non-local control-flow “throw” and “catch” operations that appear in C++ source code do not map neatly to straightforward binary representations. One could allege that the compiler, runtime, and stack unwinding library collude to make exceptions work. We recently completed our investigation into exceptions and can […]

Empire Hacking: Ethereum Edition 2

Fri, 18 Jan 2019 07:50:58 -0500

On December 12, over 150 attendees joined a special, half-day Empire Hacking to learn about pitfalls in smart contract security and how to avoid them. Thank you to everyone who came, to our superb speakers, and to BuzzFeed for hosting this meetup at their office. Watch the presentations again It’s hard to find such rich […]

How to write a rootkit without really trying

Thu, 17 Jan 2019 07:50:53 -0500

We open-sourced a fault injection tool, KRF, that uses kernel-space syscall interception. You can use it today to find faulty assumptions (and resultant bugs) in your programs. Check it out! This post covers intercepting system calls from within the Linux kernel, via a plain old kernel module. We’ll go through a quick refresher on syscalls […]

On Bounties and Boffins

Mon, 14 Jan 2019 06:50:53 -0500

Trying to make a living as a programmer participating in bug bounties is the same as convincing yourself that you’re good enough at Texas Hold ‘Em to quit your job. There’s data to back this up in Fixing a Hole: The Labor Market for Bugs, a chapter in New Solutions for Cybersecurity, by Ryan Ellis, […]

What do La Croix, octonions, and Second Life have in common?

Wed, 02 Jan 2019 06:50:33 -0500

This year for CSAW CTF, Trail of Bits contributed two cryptography problems. In the first problem, you could combine two bugs to break DSA much like the Playstation 3 firmware hackers. The other challenge–-weirder and mathier–-was split into two parts: one for the qualifiers, one in finals. This challenge, “Holywater,” was some of the most fun I’ve ever had making a CTF problem.