Mastodawn

We just significantly improved the explanation of control-flow integrity (CFI) in the Low Level Software Security Book, see https://llsoftsec.github.io/llsoftsecbook/#control-flow-integrity-cfi

The new version offers clearer, more detailed explanations to help readers better understand this important security concept.

We’d love to hear your feedback — share your thoughts here or open an issue on github at https://github.com/llsoftsec/llsoftsecbook

#LLSoftSecBook #CFI

Low-Level Software Security for Compiler Developers

kbeyls May 6, 2024

Thank you Anders Waldenborg for writing a chapter on Underhanded Code for the Low Level Software Security Book, see https://llsoftsec.github.io/llsoftsecbook/#underhanded-code. #LLSoftSecBook

Low-Level Software Security for Compiler Developers

kbeyls Dec 22, 2023

I'm trying to describe transient execution attacks in #LLSoftSecBook. I opened a PR to start introducing them and categorizing them into Spectre-like, Meltdown-like, LVI-like. I could use feedback on the PR - please have a look if this interests you, either as an expert or someone looking to learn.
https://github.com/llsoftsec/llsoftsecbook/pull/224

Introduce transient execution attacks by kbeyls · Pull Request #224 · llsoftsec/llsoftsecbook

This patch only introduces a high-level categorization of transient execution attacks. The detailed description of the various Spectre-, Meltdown-, LVI-style attacks will be for later patches. Note...

GitHub

gkouv Jul 3, 2023

I just added a section on bounds checking to #LLSoftSecBook, please take a look! Feedback and contributions to this or any other part of the book are welcome! https://llsoftsec.github.io/llsoftsecbook/#bounds-checking

Low-Level Software Security for Compiler Developers

kbeyls Jun 23, 2023

I just wrote a section on branch-predictor based side-channels for #LLSoftSecBook. Please take a look at https://llsoftsec.github.io/llsoftsecbook/#branch-predictor-based-side-channels. We really appreciate your feedback on this and any other content in the book.

Low-Level Software Security for Compiler Developers

kbeyls May 22, 2023

Lucian Popescu just started an awesome chapter on compiler-introduced security vulnerabilities for #LLSoftSecBook! Please take a look! We’d really appreciate your feedback on this and any other content in the book. https://llsoftsec.github.io/llsoftsecbook/#compiler-introduced-security-vulnerabilities

Low-Level Software Security for Compiler Developers

gkouv Apr 6, 2023

I just wrote a section on JIT compiler vulnerabilities for #LLSoftSecBook, please take a look! We’d really appreciate your feedback on this and any other content in the book. https://llsoftsec.github.io/llsoftsecbook/#jit-compiler-vulnerabilities

Low-Level Software Security for Compiler Developers

Arpit Feb 21, 2023

Something new to read "Low-Level Software Security for Compiler Developers" https://llsoftsec.github.io/llsoftsecbook #llsoftsecbook

Low-Level Software Security for Compiler Developers

kbeyls Feb 2, 2023

We've made the online version of the Low Level Software Security book a lot nicer-looking recently, see https://llsoftsec.github.io/llsoftsecbook. Please let us know what you think can be improved further in the book. There's a "report" 💡 button at the top now to make that easy. #LLSoftSecBook