145 research outputs found
Measuring the Effects of Stack Overflow Code Snippet Evolution on Open-Source Software Security
This paper assesses the effects of Stack Overflow code snippet evolution on the security of open-source projects. Users on Stack Overflow actively revise posted code snippets, sometimes addressing bugs and vulnerabilities. Accordingly, developers that reuse code from Stack Overflow should treat it like any other evolving code dependency and be vigilant about updates. It is unclear whether developers are doing so, to what extent outdated code snippets from Stack Overflow are present in GitHub projects, and whether developers miss security-relevant updates to reused snippets. To shed light on those questions, we devised a method to 1) detect outdated code snippets versions from 1.5M Stack Overflow snippets in 11,479 popular GitHub projects and 2) detect security-relevant updates to those Stack Overflow code snippets not reflected in those GitHub projects. Our results show that developers do not update dependent code snippets when those evolved on Stack Overflow. We found that 2,405 code snippet versions reused in 2,109 GitHub projects were outdated, with 43 projects missing fixes to bugs and vulnerabilities on Stack Overflow. Those 43 projects containing outdated, insecure snippets were forked on average 1,085 times (max. 16,121), indicating that our results are likely a lower bound for affected code bases. An important insight from our work is that treating Stack Overflow code as purely static code impedes holistic solutions to the problem of copying insecure code from Stack Overflow. Instead, our results suggest that developers need tools that continuously monitor Stack Overflow for security warnings and code fixes to reused code snippets and not only warn during copy-pasting
Security considerations in the open source software ecosystem
Open source software plays an important role in the software supply chain, allowing stakeholders to
utilize open source components as building blocks in their software, tooling, and infrastructure. But
relying on the open source ecosystem introduces unique challenges, both in terms of security and trust,
as well as in terms of supply chain reliability.
In this dissertation, I investigate approaches, considerations, and encountered challenges of stakeholders in the context of security, privacy, and trustworthiness of the open source software supply
chain. Overall, my research aims to empower and support software experts with the knowledge and
resources necessary to achieve a more secure and trustworthy open source software ecosystem. In the
first part of this dissertation, I describe a research study investigating the security and trust practices
in open source projects by interviewing 27 owners, maintainers, and contributors from a diverse set
of projects to explore their behind-the-scenes processes, guidance and policies, incident handling, and
encountered challenges, finding that participantsâ projects are highly diverse in terms of their deployed
security measures and trust processes, as well as their underlying motivations. More on the consumer
side of the open source software supply chain, I investigated the use of open source components in
industry projects by interviewing 25 software developers, architects, and engineers to understand their
projectsâ processes, decisions, and considerations in the context of external open source code, finding
that open source components play an important role in many of the industry projects, and that most
projects have some form of company policy or best practice for including external code. On the side of
end-user focused software, I present a study investigating the use of software obfuscation in Android
applications, which is a recommended practice to protect against plagiarism and repackaging. The
study leveraged a multi-pronged approach including a large-scale measurement, a developer survey, and
a programming experiment, finding that only 24.92% of apps are obfuscated by their developer, that
developers do not fear theft of their own apps, and have difficulties obfuscating their own apps. Lastly,
to involve end users themselves, I describe a survey with 200 users of cloud office suites to investigate
their security and privacy perceptions and expectations, with findings suggesting that users are generally
aware of basic security implications, but lack technical knowledge for envisioning some threat models.
The key findings of this dissertation include that open source projects have highly diverse security
measures, trust processes, and underlying motivations. That the projectsâ security and trust needs are
likely best met in ways that consider their individual strengths, limitations, and project stage, especially
for smaller projects with limited access to resources. That open source components play an important
role in industry projects, and that those projects often have some form of company policy or best
practice for including external code, but developers wish for more resources to better audit included
components.
This dissertation emphasizes the importance of collaboration and shared responsibility in building and maintaining the open source software ecosystem, with developers, maintainers, end users,
researchers, and other stakeholders alike ensuring that the ecosystem remains a secure, trustworthy, and
healthy resource for everyone to rely on
LIPIcs, Volume 261, ICALP 2023, Complete Volume
LIPIcs, Volume 261, ICALP 2023, Complete Volum
Specificity of the innate immune responses to different classes of non-tuberculous mycobacteria
Mycobacterium avium is the most common nontuberculous mycobacterium (NTM) species causing infectious disease. Here, we characterized a M. avium infection model in zebrafish larvae, and compared it to M. marinum infection, a model of tuberculosis. M. avium bacteria are efficiently phagocytosed and frequently induce granuloma-like structures in zebrafish larvae. Although macrophages can respond to both mycobacterial infections, their migration speed is faster in infections caused by M. marinum. Tlr2 is conservatively involved in most aspects of the defense against both mycobacterial infections. However, Tlr2 has a function in the migration speed of macrophages and neutrophils to infection sites with M. marinum that is not observed with M. avium. Using RNAseq analysis, we found a distinct transcriptome response in cytokine-cytokine receptor interaction for M. avium and M. marinum infection. In addition, we found differences in gene expression in metabolic pathways, phagosome formation, matrix remodeling, and apoptosis in response to these mycobacterial infections. In conclusion, we characterized a new M. avium infection model in zebrafish that can be further used in studying pathological mechanisms for NTM-caused diseases
Lost in technology: Towards a critique of repugnant rights
Modern law is founded on an idea of justice that is made felt through rights and entitlements legal subjects enjoy. As such, for law and its idea of justice, rights are inherently good and therefore abundant. On encounter with injustice, it has become commonplace to inquire what laws and rights have been flouted, as if injustice would disappear in encounter with rights that encode justice. But what if no number of laws and rights â even with faultless execution â is up for the task of upholding what we deem just? In this dissertation, I look at the heart of this question, and find the lawâs answer not simply wanting but repugnant.
The research is animated by interaction of three topoi: personhood, technology, and international law. The first part concerns how these concepts are perceived in law and by those working with laws. As part of the unearthing of the conceptual ground rules, a trilemma between effectiveness, responsiveness, and coherence familiar from regulatory research and international law rears its head. I show how setting the priority on effective and responsive solutions has amounted to derogation of justice and diminishment of lawâs foundational entity, a natural person. I explore whether these outcomes could be avoided within liberal international law and answer my own question on the negative. I title this systematic outcome a theory of repugnant rights.
The latter part of the dissertation concerns technology, its regulation, and tendency to produce repugnant outcomes in international law. I focus on bio- and information technologies and their legal coding as tools to dismantle legal protection provided by our quality of being human. I will show how intricate legal norms break and remake us in ways that blur the boundaries between persons and things. Once something falls beyond or below the category of a person, its legal status can be warped, twisted, and turned â all while remaining at armâs length from the person it was once legally part of. Technological intervention to such things allows for effective circumvention of legal shelter provided by human rights, as I show through example of regulation of surrogacy and data storage.
To come to terms with the repugnancy, I seek shelter from anger as a transitory category that would enable us to move across the present impasse with rights. I suggest that at the very least international lawyers ought to be angry at quotidian horrors international law upholds. And through such anger overcome the misery and repugnancy of international law.---
Moderni oikeus pohjaa ajatukseen oikeudenmukaisuudesta, joka ilmenee oikeussubjektien nauttimien ja kĂ€yttĂ€mien oikeuksien vĂ€lityksellĂ€. NĂ€in ymmĂ€rrettynĂ€ oikeuden ja sen omaaman oikeudenmukaisuuden kĂ€sityksen kannalta oikeudet ovat itseisarvoisesti hyviĂ€, mikĂ€ selittÀÀ niiden suuren mÀÀrĂ€n. Kun kohtaamme epĂ€oikeudenmukaisuutta tapaamme kysyĂ€, mitĂ€ lakeja ja oikeuksia on loukattu, ikÀÀn kuin epĂ€oikeudenmukaisuus kaikkoaisi sen kohdatessa oikeuden sisĂ€ltĂ€mĂ€n oikeudenmukaisuuden idean. Mutta entĂ€ jos mikÀÀn mÀÀrĂ€ lakeja ja oikeuksia â edes tĂ€ydellisesti tĂ€ytĂ€ntöönpantuna â ei riitĂ€ puolustamaan oikeudenmukaisena pitĂ€mÀÀmme? VĂ€itöskirjassani kurkistan tĂ€mĂ€n kysymyksen ytimeen ja löydĂ€n vastauksen, joka ei ole ainoastaan riittĂ€mĂ€tön vaan myös vastenmielinen.
VÀitöksessÀni operoin oikeushenkilön, teknologian ja kansainvÀlisen oikeuden rajapinnoilla. VÀitökseni ensimmÀinen osa koskee sitÀ, kuinka oikeuden ja lakien parissa työskentelevÀt mieltÀvÀt nÀmÀ kÀsitteet. NÀiden kÀsitteiden tarkastelun yhteydessÀ havaitsen sÀÀntelytutkimuksesta ja kansainvÀlisestÀ oikeudesta tutun tehokkuuden, responsiivisuuden ja johdonmukaisuuden vÀlisen trilemman. Osoitan, miten tehokkaiden ja responsiivisten ratkaisujen asettaminen etusijalle on merkinnyt lipeÀmistÀ oikeudenmukaisuudesta ja samalla oikeuden keskeisen subjektin, luonnollisen henkilön, merkityksen pienentymistÀ. Tutkin, voitaisiinko tÀmÀ trilemma vÀlttÀÀ liberaalin kansainvÀlisen oikeuden puitteissa, ja vastaan omaan kysymykseeni kielteisesti. NimeÀn tÀmÀn tuloksen vastenmielisten oikeuksien teoriaksi.
VÀitöskirjan jÀlkimmÀinen osa kÀsittelee teknologiaa, sen sÀÀtelyÀ ja sen taipumusta tuottaa vastenmielisiÀ lopputuloksia kansainvÀlisessÀ oikeudessa. Tarkastelen lÀhemmin bio- ja informaatioteknologioita ja niiden oikeudellista sÀÀntelyÀ, sekÀ sitÀ millaisia vÀlineitÀ ne tarjoavat ihmisyyden tarjoaman oikeudellisen suojan purkamiseen. Osoitan kuinka monimutkaiset oikeudelliset normit rikkovat ja muokkaavat meitÀ tavoilla, jotka hÀmÀrtÀvÀt ihmisten ja asioiden vÀlisiÀ rajoja. Kun jokin ei ole enÀÀ henkilö, sen oikeudellista asemaa voidaan vÀÀristÀÀ, vÀÀntÀÀ ja kÀÀntÀÀ. Teknologinen puuttuminen tÀllaisiin esineisiin ja asioihin mahdollistaa ihmisoikeuksien tarjoaman laillisen suojan tehokkaan kiertÀmisen, kuten osoitan sijaissynnytyksen ja datan tallennuksen sÀÀntelyn kautta.
Vastauksena oikeuden vastenmielisyydelle haen suojaa vihasta. Viha tarjoaa sellaisen tilapÀisen kategorian, jonka avulla voimme vÀlttÀÀ havaitsemani oikeuksien umpikujan. Katson, ettÀ kansainvÀlisen oikeuden harjoittajien olisi vÀhintÀÀnkin oltava vihaisia kohdatessaan kansainvÀlisen oikeuden synnyttÀmiÀ ja mahdollistamia jokapÀivÀisiÀ kauhuja. Turvautumalla vihaan, jonka voimme myöhemmin asettaa sivuun, voisimme selÀttÀÀ kansainvÀlisen oikeuden surkeuden ja sen vastenmielisyyden
âAnd all the pieces matter...â Hybrid Testing Methods for Android App's Privacy Analysis
Smartphones have become inherent to the every day life of billions of people worldwide, and they
are used to perform activities such as gaming, interacting with our peers or working. While extremely
useful, smartphone apps also have drawbacks, as they can affect the security and privacy of users.
Android devices hold a lot of personal data from users, including their social circles (e.g., contacts),
usage patterns (e.g., app usage and visited websites) and their physical location. Like in most software
products, Android apps often include third-party code (Software Development Kits or SDKs) to
include functionality in the app without the need to develop it in-house. Android apps and third-party
components embedded in them are often interested in accessing such data, as the online ecosystem
is dominated by data-driven business models and revenue streams like advertising.
The research community has developed many methods and techniques for analyzing the privacy
and security risks of mobile apps, mostly relying on two techniques: static code analysis and dynamic
runtime analysis. Static analysis analyzes the code and other resources of an app to detect potential
app behaviors. While this makes static analysis easier to scale, it has other drawbacks such as
missing app behaviors when developers obfuscate the appâs code to avoid scrutiny. Furthermore,
since static analysis only shows potential app behavior, this needs to be confirmed as it can also
report false positives due to dead or legacy code. Dynamic analysis analyzes the apps at runtime to
provide actual evidence of their behavior. However, these techniques are harder to scale as they need
to be run on an instrumented device to collect runtime data. Similarly, there is a need to stimulate
the app, simulating real inputs to examine as many code-paths as possible. While there are some
automatic techniques to generate synthetic inputs, they have been shown to be insufficient.
In this thesis, we explore the benefits of combining static and dynamic analysis techniques to
complement each other and reduce their limitations. While most previous work has often relied on
using these techniques in isolation, we combine their strengths in different and novel ways that allow
us to further study different privacy issues on the Android ecosystem. Namely, we demonstrate the
potential of combining these complementary methods to study three inter-related issues:
âą A regulatory analysis of parental control apps. We use a novel methodology that relies on
easy-to-scale static analysis techniques to pin-point potential privacy issues and violations of
current legislation by Android apps and their embedded SDKs. We rely on the results from our
static analysis to inform the way in which we manually exercise the apps, maximizing our ability
to obtain real evidence of these misbehaviors. We study 46 publicly available apps and find
instances of data collection and sharing without consent and insecure network transmissions
containing personal data. We also see that these apps fail to properly disclose these practices
in their privacy policy.
âą A security analysis of the unauthorized access to permission-protected data without user consent.
We use a novel technique that combines the strengths of static and dynamic analysis, by
first comparing the data sent by applications at runtime with the permissions granted to each
app in order to find instances of potential unauthorized access to permission protected data.
Once we have discovered the apps that are accessing personal data without permission, we
statically analyze their code in order to discover covert- and side-channels used by apps and SDKs to circumvent the permission system. This methodology allows us to discover apps using
the MAC address as a surrogate for location data, two SDKs using the external storage as a
covert-channel to share unique identifiers and an app using picture metadata to gain unauthorized
access to location data.
âą A novel SDK detection methodology that relies on obtaining signals observed both in the appâs
code and static resources and during its runtime behavior. Then, we rely on a tree structure
together with a confidence based system to accurately detect SDK presence without the need
of any a priory knowledge and with the ability to discern whether a given SDK is part of legacy
or dead code. We prove that this novel methodology can discover third-party SDKs with more
accuracy than state-of-the-art tools both on a set of purpose-built ground-truth apps and on a
dataset of 5k publicly available apps.
With these three case studies, we are able to highlight the benefits of combining static and dynamic
analysis techniques for the study of the privacy and security guarantees and risks of Android
apps and third-party SDKs. The use of these techniques in isolation would not have allowed us to
deeply investigate these privacy issues, as we would lack the ability to provide real evidence of potential
breaches of legislation, to pin-point the specific way in which apps are leveraging cover and side
channels to break Androidâs permission system or we would be unable to adapt to an ever-changing
ecosystem of Android third-party companies.The works presented in this thesis were partially funded within the framework of the following projects
and grants:
âą European Unionâs Horizon 2020 Innovation Action program (Grant Agreement No. 786741,
SMOOTH Project and Grant Agreement No. 101021377, TRUST AWARE Project).
âą Spanish Government ODIO NÂșPID2019-111429RB-C21/PID2019-111429RBC22.
âą The Spanish Data Protection Agency (AEPD)
âą AppCensus Inc.This work has been supported by IMDEA Networks InstitutePrograma de Doctorado en IngenierĂa TelemĂĄtica por la Universidad Carlos III de MadridPresidente: Srdjan Matic.- Secretario: Guillermo SuĂĄrez-Tangil.- Vocal: Ben Stoc
A Software Vulnerabilities Odysseus: Analysis, Detection, and Mitigation
Programming has become central in the development of human activities while not
being immune to defaults, or bugs. Developers have developed specific methods and
sequences of tests that they implement to prevent these bugs from being deployed in
releases. Nonetheless, not all cases can be thought through beforehand, and automation
presents limits the community attempts to overcome. As a consequence, not all bugs
can be caught.
These defaults are causing particular concerns in case bugs can be exploited to
breach the programâs security policy. They are then called vulnerabilities and provide
specific actors with undesired access to the resources a program manages. It damages
the trust in the program and in its developers, and may eventually impact the adoption
of the program. Hence, to attribute a specific attention to vulnerabilities appears as a
natural outcome. In this regard, this PhD work targets the following three challenges:
(1) The research community references those vulnerabilities, categorises them, reports
and ranks their impact. As a result, analysts can learn from past vulnerabilities in
specific programs and figure out new ideas to counter them. Nonetheless, the resulting
quality of the lessons and the usefulness of ensuing solutions depend on the quality and
the consistency of the information provided in the reports.
(2) New methods to detect vulnerabilities can emerge among the teachings this
monitoring provides. With responsible reporting, these detection methods can provide
hardening of the programs we rely on. Additionally, in a context of computer perfor-
mance gain, machine learning algorithms are increasingly adopted, providing engaging
promises.
(3) If some of these promises can be fulfilled, not all are not reachable today.
Therefore a complementary strategy needs to be adopted while vulnerabilities evade
detection up to public releases. Instead of preventing their introduction, programs can
be hardened to scale down their exploitability. Increasing the complexity to exploit
or lowering the impact below specific thresholds makes the presence of vulnerabilities
an affordable risk for the feature provided. The history of programming development
encloses the experimentation and the adoption of so-called defence mechanisms. Their
goals and performances can be diverse, but their implementation in worldwide adopted
programs and systems (such as the Android Open Source Project) acknowledges their
pivotal position.
To face these challenges, we provide the following contributions:
âą We provide a manual categorisation of the vulnerabilities of the worldwide adopted
Android Open Source Project up to June 2020. Clarifying to adopt a vulnera-
bility analysis provides consistency in the resulting data set. It facilitates the
explainability of the analyses and sets up for the updatability of the resulting
set of vulnerabilities. Based on this analysis, we study the evolution of AOSPâs
vulnerabilities. We explore the different temporal evolutions of the vulnerabilities affecting the system for their severity, the type of vulnerability, and we provide a
focus on memory corruption-related vulnerabilities.
âą We undertake the replication of a machine-learning based detection algorithms
that, besides being part of the state-of-the-art and referenced to by ensuing works,
was not available. Named VCCFinder, this algorithm implements a Support-
Vector Machine and bases its training on Vulnerability-Contributing Commits
and related patches for C and C++ code. Not in capacity to achieve analogous
performances to the original article, we explore parameters and algorithms, and
attempt to overcome the challenge provided by the over-population of unlabeled
entries in the data set. We provide the community with our code and results as a
replicable baseline for further improvement.
âą We eventually list the defence mechanisms that the Android Open Source Project
incrementally implements, and we discuss how it sometimes answers comments
the community addressed to the projectâs developers. We further verify the extent
to which specific memory corruption defence mechanisms were implemented in the
binaries of different versions of Android (from API-level 10 to 28). We eventually
confront the evolution of memory corruption-related vulnerabilities with the
implementation timeline of related defence mechanisms
AI for Everyone?
We are entering a new era of technological determinism and solutionism in which governments and business actors are seeking data-driven change, assuming that Artificial Intelligence is now inevitable and ubiquitous. But we have not even started asking the right questions, let alone developed an understanding of the consequences. Urgently needed is debate that asks and answers fundamental questions about power. This book brings together critical interrogations of what constitutes AI, its impact and its inequalities in order to offer an analysis of what it means for AI to deliver benefits for everyone. The book is structured in three parts: Part 1, AI: Humans vs. Machines, presents critical perspectives on human-machine dualism. Part 2, Discourses and Myths About AI, excavates metaphors and policies to ask normative questions about what is âdesirableâ AI and what conditions make this possible. Part 3, AI Power and Inequalities, discusses how the implementation of AI creates important challenges that urgently need to be addressed. Bringing together scholars from diverse disciplinary backgrounds and regional contexts, this book offers a vital intervention on one of the most hyped concepts of our times
- âŠ