|
|
bet | 11/11 | Sana | 27.10.2022 | Hajmi | 10,05 Mb. | | #857052 |
| Bog'liq wetzels dissecting qnx infiltrate 2018 (1)
Conclusions Conclusions - Mostly ok on toolchain side
- Problems reside on OS-side
- QNX cannot benefit directly from work in GP OS security because not easy to port 1-to-1
- Result: homebrew DIY mitigations
- Lack of prior attention by security researchers is evident
- Vulns that feel like they’re from the early ‘00s
- Embedded RNG design remains difficult
- Entropy issues means design burden rests with system integrators
Conclusions Conclusions Questions? See ‘Dissecting QNX’ whitepaper @s4mvartaka j.wetzels@midnightbluelabs.com www.midnightbluelabs.com
@bl4ckic3 ali@ali.re
Do'stlaringiz bilan baham: |
|
|