145 research outputs found

    Measuring the Effects of Stack Overflow Code Snippet Evolution on Open-Source Software Security

    Get PDF
    This paper assesses the effects of Stack Overflow code snippet evolution on the security of open-source projects. Users on Stack Overflow actively revise posted code snippets, sometimes addressing bugs and vulnerabilities. Accordingly, developers that reuse code from Stack Overflow should treat it like any other evolving code dependency and be vigilant about updates. It is unclear whether developers are doing so, to what extent outdated code snippets from Stack Overflow are present in GitHub projects, and whether developers miss security-relevant updates to reused snippets. To shed light on those questions, we devised a method to 1) detect outdated code snippets versions from 1.5M Stack Overflow snippets in 11,479 popular GitHub projects and 2) detect security-relevant updates to those Stack Overflow code snippets not reflected in those GitHub projects. Our results show that developers do not update dependent code snippets when those evolved on Stack Overflow. We found that 2,405 code snippet versions reused in 2,109 GitHub projects were outdated, with 43 projects missing fixes to bugs and vulnerabilities on Stack Overflow. Those 43 projects containing outdated, insecure snippets were forked on average 1,085 times (max. 16,121), indicating that our results are likely a lower bound for affected code bases. An important insight from our work is that treating Stack Overflow code as purely static code impedes holistic solutions to the problem of copying insecure code from Stack Overflow. Instead, our results suggest that developers need tools that continuously monitor Stack Overflow for security warnings and code fixes to reused code snippets and not only warn during copy-pasting

    Security considerations in the open source software ecosystem

    Get PDF
    Open source software plays an important role in the software supply chain, allowing stakeholders to utilize open source components as building blocks in their software, tooling, and infrastructure. But relying on the open source ecosystem introduces unique challenges, both in terms of security and trust, as well as in terms of supply chain reliability. In this dissertation, I investigate approaches, considerations, and encountered challenges of stakeholders in the context of security, privacy, and trustworthiness of the open source software supply chain. Overall, my research aims to empower and support software experts with the knowledge and resources necessary to achieve a more secure and trustworthy open source software ecosystem. In the first part of this dissertation, I describe a research study investigating the security and trust practices in open source projects by interviewing 27 owners, maintainers, and contributors from a diverse set of projects to explore their behind-the-scenes processes, guidance and policies, incident handling, and encountered challenges, finding that participants’ projects are highly diverse in terms of their deployed security measures and trust processes, as well as their underlying motivations. More on the consumer side of the open source software supply chain, I investigated the use of open source components in industry projects by interviewing 25 software developers, architects, and engineers to understand their projects’ processes, decisions, and considerations in the context of external open source code, finding that open source components play an important role in many of the industry projects, and that most projects have some form of company policy or best practice for including external code. On the side of end-user focused software, I present a study investigating the use of software obfuscation in Android applications, which is a recommended practice to protect against plagiarism and repackaging. The study leveraged a multi-pronged approach including a large-scale measurement, a developer survey, and a programming experiment, finding that only 24.92% of apps are obfuscated by their developer, that developers do not fear theft of their own apps, and have difficulties obfuscating their own apps. Lastly, to involve end users themselves, I describe a survey with 200 users of cloud office suites to investigate their security and privacy perceptions and expectations, with findings suggesting that users are generally aware of basic security implications, but lack technical knowledge for envisioning some threat models. The key findings of this dissertation include that open source projects have highly diverse security measures, trust processes, and underlying motivations. That the projects’ security and trust needs are likely best met in ways that consider their individual strengths, limitations, and project stage, especially for smaller projects with limited access to resources. That open source components play an important role in industry projects, and that those projects often have some form of company policy or best practice for including external code, but developers wish for more resources to better audit included components. This dissertation emphasizes the importance of collaboration and shared responsibility in building and maintaining the open source software ecosystem, with developers, maintainers, end users, researchers, and other stakeholders alike ensuring that the ecosystem remains a secure, trustworthy, and healthy resource for everyone to rely on

    LIPIcs, Volume 261, ICALP 2023, Complete Volume

    Get PDF
    LIPIcs, Volume 261, ICALP 2023, Complete Volum

    Specificity of the innate immune responses to different classes of non-tuberculous mycobacteria

    Get PDF
    Mycobacterium avium is the most common nontuberculous mycobacterium (NTM) species causing infectious disease. Here, we characterized a M. avium infection model in zebrafish larvae, and compared it to M. marinum infection, a model of tuberculosis. M. avium bacteria are efficiently phagocytosed and frequently induce granuloma-like structures in zebrafish larvae. Although macrophages can respond to both mycobacterial infections, their migration speed is faster in infections caused by M. marinum. Tlr2 is conservatively involved in most aspects of the defense against both mycobacterial infections. However, Tlr2 has a function in the migration speed of macrophages and neutrophils to infection sites with M. marinum that is not observed with M. avium. Using RNAseq analysis, we found a distinct transcriptome response in cytokine-cytokine receptor interaction for M. avium and M. marinum infection. In addition, we found differences in gene expression in metabolic pathways, phagosome formation, matrix remodeling, and apoptosis in response to these mycobacterial infections. In conclusion, we characterized a new M. avium infection model in zebrafish that can be further used in studying pathological mechanisms for NTM-caused diseases

    Lost in technology: Towards a critique of repugnant rights

    Get PDF
    Modern law is founded on an idea of justice that is made felt through rights and entitlements legal subjects enjoy. As such, for law and its idea of justice, rights are inherently good and therefore abundant. On encounter with injustice, it has become commonplace to inquire what laws and rights have been flouted, as if injustice would disappear in encounter with rights that encode justice. But what if no number of laws and rights – even with faultless execution – is up for the task of upholding what we deem just? In this dissertation, I look at the heart of this question, and find the law’s answer not simply wanting but repugnant. The research is animated by interaction of three topoi: personhood, technology, and international law. The first part concerns how these concepts are perceived in law and by those working with laws. As part of the unearthing of the conceptual ground rules, a trilemma between effectiveness, responsiveness, and coherence familiar from regulatory research and international law rears its head. I show how setting the priority on effective and responsive solutions has amounted to derogation of justice and diminishment of law’s foundational entity, a natural person. I explore whether these outcomes could be avoided within liberal international law and answer my own question on the negative. I title this systematic outcome a theory of repugnant rights. The latter part of the dissertation concerns technology, its regulation, and tendency to produce repugnant outcomes in international law. I focus on bio- and information technologies and their legal coding as tools to dismantle legal protection provided by our quality of being human. I will show how intricate legal norms break and remake us in ways that blur the boundaries between persons and things. Once something falls beyond or below the category of a person, its legal status can be warped, twisted, and turned – all while remaining at arm’s length from the person it was once legally part of. Technological intervention to such things allows for effective circumvention of legal shelter provided by human rights, as I show through example of regulation of surrogacy and data storage. To come to terms with the repugnancy, I seek shelter from anger as a transitory category that would enable us to move across the present impasse with rights. I suggest that at the very least international lawyers ought to be angry at quotidian horrors international law upholds. And through such anger overcome the misery and repugnancy of international law.--- Moderni oikeus pohjaa ajatukseen oikeudenmukaisuudesta, joka ilmenee oikeussubjektien nauttimien ja kĂ€yttĂ€mien oikeuksien vĂ€lityksellĂ€. NĂ€in ymmĂ€rrettynĂ€ oikeuden ja sen omaaman oikeudenmukaisuuden kĂ€sityksen kannalta oikeudet ovat itseisarvoisesti hyviĂ€, mikĂ€ selittÀÀ niiden suuren mÀÀrĂ€n. Kun kohtaamme epĂ€oikeudenmukaisuutta tapaamme kysyĂ€, mitĂ€ lakeja ja oikeuksia on loukattu, ikÀÀn kuin epĂ€oikeudenmukaisuus kaikkoaisi sen kohdatessa oikeuden sisĂ€ltĂ€mĂ€n oikeudenmukaisuuden idean. Mutta entĂ€ jos mikÀÀn mÀÀrĂ€ lakeja ja oikeuksia – edes tĂ€ydellisesti tĂ€ytĂ€ntöönpantuna – ei riitĂ€ puolustamaan oikeudenmukaisena pitĂ€mÀÀmme? VĂ€itöskirjassani kurkistan tĂ€mĂ€n kysymyksen ytimeen ja löydĂ€n vastauksen, joka ei ole ainoastaan riittĂ€mĂ€tön vaan myös vastenmielinen. VĂ€itöksessĂ€ni operoin oikeushenkilön, teknologian ja kansainvĂ€lisen oikeuden rajapinnoilla. VĂ€itökseni ensimmĂ€inen osa koskee sitĂ€, kuinka oikeuden ja lakien parissa työskentelevĂ€t mieltĂ€vĂ€t nĂ€mĂ€ kĂ€sitteet. NĂ€iden kĂ€sitteiden tarkastelun yhteydessĂ€ havaitsen sÀÀntelytutkimuksesta ja kansainvĂ€lisestĂ€ oikeudesta tutun tehokkuuden, responsiivisuuden ja johdonmukaisuuden vĂ€lisen trilemman. Osoitan, miten tehokkaiden ja responsiivisten ratkaisujen asettaminen etusijalle on merkinnyt lipeĂ€mistĂ€ oikeudenmukaisuudesta ja samalla oikeuden keskeisen subjektin, luonnollisen henkilön, merkityksen pienentymistĂ€. Tutkin, voitaisiinko tĂ€mĂ€ trilemma vĂ€lttÀÀ liberaalin kansainvĂ€lisen oikeuden puitteissa, ja vastaan omaan kysymykseeni kielteisesti. NimeĂ€n tĂ€mĂ€n tuloksen vastenmielisten oikeuksien teoriaksi. VĂ€itöskirjan jĂ€lkimmĂ€inen osa kĂ€sittelee teknologiaa, sen sÀÀtelyĂ€ ja sen taipumusta tuottaa vastenmielisiĂ€ lopputuloksia kansainvĂ€lisessĂ€ oikeudessa. Tarkastelen lĂ€hemmin bio- ja informaatioteknologioita ja niiden oikeudellista sÀÀntelyĂ€, sekĂ€ sitĂ€ millaisia vĂ€lineitĂ€ ne tarjoavat ihmisyyden tarjoaman oikeudellisen suojan purkamiseen. Osoitan kuinka monimutkaiset oikeudelliset normit rikkovat ja muokkaavat meitĂ€ tavoilla, jotka hĂ€mĂ€rtĂ€vĂ€t ihmisten ja asioiden vĂ€lisiĂ€ rajoja. Kun jokin ei ole enÀÀ henkilö, sen oikeudellista asemaa voidaan vÀÀristÀÀ, vÀÀntÀÀ ja kÀÀntÀÀ. Teknologinen puuttuminen tĂ€llaisiin esineisiin ja asioihin mahdollistaa ihmisoikeuksien tarjoaman laillisen suojan tehokkaan kiertĂ€misen, kuten osoitan sijaissynnytyksen ja datan tallennuksen sÀÀntelyn kautta. Vastauksena oikeuden vastenmielisyydelle haen suojaa vihasta. Viha tarjoaa sellaisen tilapĂ€isen kategorian, jonka avulla voimme vĂ€lttÀÀ havaitsemani oikeuksien umpikujan. Katson, ettĂ€ kansainvĂ€lisen oikeuden harjoittajien olisi vĂ€hintÀÀnkin oltava vihaisia kohdatessaan kansainvĂ€lisen oikeuden synnyttĂ€miĂ€ ja mahdollistamia jokapĂ€ivĂ€isiĂ€ kauhuja. Turvautumalla vihaan, jonka voimme myöhemmin asettaa sivuun, voisimme selĂ€ttÀÀ kansainvĂ€lisen oikeuden surkeuden ja sen vastenmielisyyden

    “And all the pieces matter...” Hybrid Testing Methods for Android App's Privacy Analysis

    Get PDF
    Smartphones have become inherent to the every day life of billions of people worldwide, and they are used to perform activities such as gaming, interacting with our peers or working. While extremely useful, smartphone apps also have drawbacks, as they can affect the security and privacy of users. Android devices hold a lot of personal data from users, including their social circles (e.g., contacts), usage patterns (e.g., app usage and visited websites) and their physical location. Like in most software products, Android apps often include third-party code (Software Development Kits or SDKs) to include functionality in the app without the need to develop it in-house. Android apps and third-party components embedded in them are often interested in accessing such data, as the online ecosystem is dominated by data-driven business models and revenue streams like advertising. The research community has developed many methods and techniques for analyzing the privacy and security risks of mobile apps, mostly relying on two techniques: static code analysis and dynamic runtime analysis. Static analysis analyzes the code and other resources of an app to detect potential app behaviors. While this makes static analysis easier to scale, it has other drawbacks such as missing app behaviors when developers obfuscate the app’s code to avoid scrutiny. Furthermore, since static analysis only shows potential app behavior, this needs to be confirmed as it can also report false positives due to dead or legacy code. Dynamic analysis analyzes the apps at runtime to provide actual evidence of their behavior. However, these techniques are harder to scale as they need to be run on an instrumented device to collect runtime data. Similarly, there is a need to stimulate the app, simulating real inputs to examine as many code-paths as possible. While there are some automatic techniques to generate synthetic inputs, they have been shown to be insufficient. In this thesis, we explore the benefits of combining static and dynamic analysis techniques to complement each other and reduce their limitations. While most previous work has often relied on using these techniques in isolation, we combine their strengths in different and novel ways that allow us to further study different privacy issues on the Android ecosystem. Namely, we demonstrate the potential of combining these complementary methods to study three inter-related issues: ‱ A regulatory analysis of parental control apps. We use a novel methodology that relies on easy-to-scale static analysis techniques to pin-point potential privacy issues and violations of current legislation by Android apps and their embedded SDKs. We rely on the results from our static analysis to inform the way in which we manually exercise the apps, maximizing our ability to obtain real evidence of these misbehaviors. We study 46 publicly available apps and find instances of data collection and sharing without consent and insecure network transmissions containing personal data. We also see that these apps fail to properly disclose these practices in their privacy policy. ‱ A security analysis of the unauthorized access to permission-protected data without user consent. We use a novel technique that combines the strengths of static and dynamic analysis, by first comparing the data sent by applications at runtime with the permissions granted to each app in order to find instances of potential unauthorized access to permission protected data. Once we have discovered the apps that are accessing personal data without permission, we statically analyze their code in order to discover covert- and side-channels used by apps and SDKs to circumvent the permission system. This methodology allows us to discover apps using the MAC address as a surrogate for location data, two SDKs using the external storage as a covert-channel to share unique identifiers and an app using picture metadata to gain unauthorized access to location data. ‱ A novel SDK detection methodology that relies on obtaining signals observed both in the app’s code and static resources and during its runtime behavior. Then, we rely on a tree structure together with a confidence based system to accurately detect SDK presence without the need of any a priory knowledge and with the ability to discern whether a given SDK is part of legacy or dead code. We prove that this novel methodology can discover third-party SDKs with more accuracy than state-of-the-art tools both on a set of purpose-built ground-truth apps and on a dataset of 5k publicly available apps. With these three case studies, we are able to highlight the benefits of combining static and dynamic analysis techniques for the study of the privacy and security guarantees and risks of Android apps and third-party SDKs. The use of these techniques in isolation would not have allowed us to deeply investigate these privacy issues, as we would lack the ability to provide real evidence of potential breaches of legislation, to pin-point the specific way in which apps are leveraging cover and side channels to break Android’s permission system or we would be unable to adapt to an ever-changing ecosystem of Android third-party companies.The works presented in this thesis were partially funded within the framework of the following projects and grants: ‱ European Union’s Horizon 2020 Innovation Action program (Grant Agreement No. 786741, SMOOTH Project and Grant Agreement No. 101021377, TRUST AWARE Project). ‱ Spanish Government ODIO NÂșPID2019-111429RB-C21/PID2019-111429RBC22. ‱ The Spanish Data Protection Agency (AEPD) ‱ AppCensus Inc.This work has been supported by IMDEA Networks InstitutePrograma de Doctorado en IngenierĂ­a TelemĂĄtica por la Universidad Carlos III de MadridPresidente: Srdjan Matic.- Secretario: Guillermo SuĂĄrez-Tangil.- Vocal: Ben Stoc

    A Software Vulnerabilities Odysseus: Analysis, Detection, and Mitigation

    Get PDF
    Programming has become central in the development of human activities while not being immune to defaults, or bugs. Developers have developed specific methods and sequences of tests that they implement to prevent these bugs from being deployed in releases. Nonetheless, not all cases can be thought through beforehand, and automation presents limits the community attempts to overcome. As a consequence, not all bugs can be caught. These defaults are causing particular concerns in case bugs can be exploited to breach the program’s security policy. They are then called vulnerabilities and provide specific actors with undesired access to the resources a program manages. It damages the trust in the program and in its developers, and may eventually impact the adoption of the program. Hence, to attribute a specific attention to vulnerabilities appears as a natural outcome. In this regard, this PhD work targets the following three challenges: (1) The research community references those vulnerabilities, categorises them, reports and ranks their impact. As a result, analysts can learn from past vulnerabilities in specific programs and figure out new ideas to counter them. Nonetheless, the resulting quality of the lessons and the usefulness of ensuing solutions depend on the quality and the consistency of the information provided in the reports. (2) New methods to detect vulnerabilities can emerge among the teachings this monitoring provides. With responsible reporting, these detection methods can provide hardening of the programs we rely on. Additionally, in a context of computer perfor- mance gain, machine learning algorithms are increasingly adopted, providing engaging promises. (3) If some of these promises can be fulfilled, not all are not reachable today. Therefore a complementary strategy needs to be adopted while vulnerabilities evade detection up to public releases. Instead of preventing their introduction, programs can be hardened to scale down their exploitability. Increasing the complexity to exploit or lowering the impact below specific thresholds makes the presence of vulnerabilities an affordable risk for the feature provided. The history of programming development encloses the experimentation and the adoption of so-called defence mechanisms. Their goals and performances can be diverse, but their implementation in worldwide adopted programs and systems (such as the Android Open Source Project) acknowledges their pivotal position. To face these challenges, we provide the following contributions: ‱ We provide a manual categorisation of the vulnerabilities of the worldwide adopted Android Open Source Project up to June 2020. Clarifying to adopt a vulnera- bility analysis provides consistency in the resulting data set. It facilitates the explainability of the analyses and sets up for the updatability of the resulting set of vulnerabilities. Based on this analysis, we study the evolution of AOSP’s vulnerabilities. We explore the different temporal evolutions of the vulnerabilities affecting the system for their severity, the type of vulnerability, and we provide a focus on memory corruption-related vulnerabilities. ‱ We undertake the replication of a machine-learning based detection algorithms that, besides being part of the state-of-the-art and referenced to by ensuing works, was not available. Named VCCFinder, this algorithm implements a Support- Vector Machine and bases its training on Vulnerability-Contributing Commits and related patches for C and C++ code. Not in capacity to achieve analogous performances to the original article, we explore parameters and algorithms, and attempt to overcome the challenge provided by the over-population of unlabeled entries in the data set. We provide the community with our code and results as a replicable baseline for further improvement. ‱ We eventually list the defence mechanisms that the Android Open Source Project incrementally implements, and we discuss how it sometimes answers comments the community addressed to the project’s developers. We further verify the extent to which specific memory corruption defence mechanisms were implemented in the binaries of different versions of Android (from API-level 10 to 28). We eventually confront the evolution of memory corruption-related vulnerabilities with the implementation timeline of related defence mechanisms

    AI for Everyone?

    Get PDF
    We are entering a new era of technological determinism and solutionism in which governments and business actors are seeking data-driven change, assuming that Artificial Intelligence is now inevitable and ubiquitous. But we have not even started asking the right questions, let alone developed an understanding of the consequences. Urgently needed is debate that asks and answers fundamental questions about power. This book brings together critical interrogations of what constitutes AI, its impact and its inequalities in order to offer an analysis of what it means for AI to deliver benefits for everyone. The book is structured in three parts: Part 1, AI: Humans vs. Machines, presents critical perspectives on human-machine dualism. Part 2, Discourses and Myths About AI, excavates metaphors and policies to ask normative questions about what is ‘desirable’ AI and what conditions make this possible. Part 3, AI Power and Inequalities, discusses how the implementation of AI creates important challenges that urgently need to be addressed. Bringing together scholars from diverse disciplinary backgrounds and regional contexts, this book offers a vital intervention on one of the most hyped concepts of our times
    • 

    corecore