Jump to content

Amaroq_Starwind

Members
  • Content Count

    334
  • Joined

  • Last visited

Posts posted by Amaroq_Starwind


  1. I wonder if any of WehnTrust's features should be incorporated into Malwarebytes. It could potentially improve security with its SEH Overwrite Protection, its Format String Vulnerable preventions, and its own ASLR capabilities, especially on older versions of Windows. And it's open source, which is really nice and makes adapting its features seem a lot more viable to me.

    https://archive.codeplex.com/?p=wehntrust

    Another security feature which is similar to Bottom-Up ASLR which could be a good supplement is Library Load Order Randomization (though that might require changes to the OS on Microsoft's part).

    Further still, additional security measures such as Shadow Stacks and Random XOR Canaries could both also be used to compliment ASLR if they haven't already been worked on.

    https://en.wikipedia.org/wiki/Buffer_overflow_protection#Random_XOR_canaries

    https://en.wikipedia.org/wiki/Shadow_stack

    One way to offset the potential compatibility problems of using Shadow Stacks; you could notify the user every time a program encounters an error as a result of an exception or a longjmp.

    Also of note for ASLR; making the program and drivers PAE aware and allowing then to use large memory pages could be used augment ASLR on Windows XP and Windows Server 2003 on systems with at least 4 Gigabytes of RAM (even if most of the operating system is unable to use it in the case of the 32-bit version of XP). And while it wasn't explicitly designed for security, experimenting with a Ravioli Memory implementation (which I made a thread about in General Discussion) might possibly have ancillary security benefits on top of avoiding memory fragmentation and providing more robust management of system resources.

    Now in response to @exile360, I was merely trying to point out that you seemed omit XP SP2 on the list of supported operating system for DEP. I'd like to share some final thoughts on that subject; though Data Execution Prevention is great,  better implementations do exist which allow even more flexibility, such as separating the bits for Write Access and Execution Access, and/or separating the bits for Privileged and Unpriviledged Execution, or even enforcing Sandboxed Execution. However, those various implementations are only supported in-hardware on non-x86 architectures, and even then, not all of those support the same features, and I'm not certain how viable software-based implementations could be without at least a partial rewrite of the operating system itself.


  2. There's another issue, however, with taking offensive measures to deal with the threat. Besides the risk of possible collateral damage, there could also be severe legal repercussions...

    Anyways, here are some of the articles I was looking at:

    1. https://www.symantec.com/connect/articles/malicious-malware-attacking-attackers-part-1
    2. https://www.symantec.com/connect/articles/malicious-malware-attacking-attackers-part-2
    3. https://whatis.techtarget.com/definition/offensive-security

  3. Oh crap! 😱

    Maybe more offensive security measures have to be taken if infrastructure is actively being targeted, actively striking back at intruders... But there aren't any obviously practical solutions that I can readily think of.

    On the Symantec website, there are a couple old articles titled along the lines of "Malicious Malware: Attacking the Attackers, but it is from 2006 and I don't know if those ideas are even viable anymore now that we have to worry about things like Ransomware, Botnets, and victim computers being hijacked as proxies.

    I posted a thread about D-Wave Systems very recently, so perhaps it might also be time for security providers to get on the horn with them about possibly using their resources to tackle infrastructure-wide cyberdefense.


  4. Turns out D-Wave systems actually developed an API so that you can utilize their quantum computing resources through a remote connection.

     https://docs.dwavesys.com/docs/latest/doc_rest_api.html 

    Before anyone asks... Yes, D-Wave is the real deal, I've been following them for years. They've even got a contract with Lockheed Martin, IIRC.

    So, does anyone here have ideas on what they'd use a quantum computer for~?


  5. 9 hours ago, exile360 said:

    Everything David said above is accurate, and I'll add that the only thing a VPN will do for your security is help to prevent anyone from snooping on your traffic between your system and the sites you connect with, but any information stored on those sites, as David already stated, is only as secure as the site providers make it via their own security measures.  So while a VPN may help to ensure that your ISP can't snoop on your surfing habits, help to secure your communications when using public Wi-Fi and help to ensure that you aren't a victim of any man-in-the-middle attacks, it will do absolutely nothing to secure your information from security breaches of public websites and services.

    The only secure information is the information that nobody has, so if you use any social media sites, online shopping sites or any other web based service, any information you provide is at risk of a potential future breach if that site/service is targeted for attack.

    Well with payment information at the very least, there's a new thing called privacy.com. It's basically a financial proxy so that you can use throwaway payment credentials on online websites.


  6. Well... I recently found out that OpenACC also runs on the integrated graphics on Intel CPUs and AMD APUs, and is compatible with conventional C language. Rad!

    Unfortunately, I am still not sure if MS Visual Studio can be made into an OpenACC compatible compiler or not (I mean, maybe it can through plug-ins?), or if OpenACC can run on ARM64. Additionally, it also seems like the demand for Malwarebytes on OpenACC is still extremely low, and this there is a negligible probability that it will happen any time soon...


  7. So, here's a series of blog posts that I feel like would be worth a read~

    https://www.reenigne.org/blog/rethinking-memory/ 

    l

    The short version: Basically, this is intended to give bare metal languages like C++ and Assembly the benefits of a Garbage Collected language, sans most of the associated downsides. Everything is explained in depth, and there's also a link on the blog to the source code.

    @exile360 I bet you'd be intrigued by this!


  8. Unfortunately due to the sandboxed nature of iOS apps, I don't know if Telegram and WhatsApp protections would be possible.

     

    They'd have to get in touch with the app developers directly, and I am not sure how Telegram's staff to a request from Malwarebytes. I mean, it's worth a try, but it would be potentially a very risky proposition from Telegram's perspective due to their almost religious focus on user privacy (which I'm very thankful for at times).

     

    Now, Telegram is open source, but I'm also not sure if Malwarebytes would want to make their own version of the Telegram client. Even with open source software, it takes a lot of time and effort to develop a client.


  9. This should probably go in the Comments and Suggestions section. This actually already exists as part of the Malwarebytes Toolset, aka Malwarebytes Techbench. However, it's not available for normal consumers, you need to be the owner of (or work for) a computer repair shop and sign up for the Techbench program.


  10. I know that programs like Sandboxie already exist, and recently Microsoft announced the Windows Sandbox, but...

    Is there any chance that Malwarebytes' Anti-Exploit measures be expanded to include pre-configured Sandbox environments for apps like Java, Adobe Flash/Acrobat, Skype, and the like, which could automatically initiate when those programs are launched?

    Those applications all seem fairly vulnerable, but are widely used, and for the most part should still run fine in a Sandbox environment. And when you look at the recently developed Windows Sandbox, it quickly becomes evident that it's actually very possible to run Sandboxes efficiently... especially if they're specifically configured for specific applications.

    So, does a Malwarebytes Sandbox seem like it would be a good idea and/or worthwhile investment, or is it far enough outside the purview of Malwarebytes to remain a task delegated to external software such as Sandboxie?

×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.