Federico Bento · Sep 13, 2019 · 12:30 PM UTC

Federico Bento

Federico Bento @uid1000

13 Sep 2019

"Control-Flow Integrity for the Linux kernel: A Security Evaluation" is the work I've done for my Masters thesis where I analyze how the PaX Team's (public) RAP holds up to stop ROP when applied to the Linux kernel. You may want to check out chapter 3. alunos.dcc.fc.up.pt/~up20140…

204

PaX Team · Sep 13, 2019 · 9:30 PM UTC

PaX Team @paxteam

13 Sep 2019

this is a sad joke for a 'thesis' i'm afraid. you should have kept true to your word and kept us in the loop about your findings to avoid all these errors.

Federico Bento · Sep 13, 2019 · 10:26 PM UTC

Federico Bento @uid1000

13 Sep 2019

You should also keep true to your word and assume defeat as I've found ways to bypass RAP on the public test patch?

PaX Team · Sep 18, 2019 · 9:45 PM UTC

PaX Team · Sep 18, 2019 · 9:45 PM UTC

PaX Team @paxteam

18 Sep 2019

Replying to @uid1000

you're also wrong that the post-meltdown UDEREF is not available publicly, it's part of the 4.4 grsec release someone made late last year on github, you could have easily studied it instead of baseless speculation and false statements.

Sep 18, 2019 · 9:45 PM UTC

Federico Bento · Sep 18, 2019 · 10:10 PM UTC

Federico Bento @uid1000

18 Sep 2019

Replying to @paxteam

Where were you when I asked you about UDEREF? Oh that's right, no answer. This really shows how much you really colaborate with people.

PaX Team · Sep 19, 2019 · 8:06 AM UTC

PaX Team @paxteam

19 Sep 2019

i was waiting on you to deliver on your promise you made last november to me but clearly failed to do so. at the beginning i assumed you approached us in good faith but clearly all you can do is ad hominem attacks and not actual research.

more replies