Automating Seccomp Filter Generation for Linux Applications

Software vulnerabilities in applications undermine the security of applications. By blocking unused functionality, the impact of potential exploits can be reduced. While seccomp provides a solution for filtering syscalls, it requires manual implementation of filter rules for each individual application. Recent work has investigated automated approaches for detecting and installing the necessary filter rules. However, as we show, these approaches make assumptions that are not necessary or require overly time-consuming analysis. In this paper, we propose Chestnut, an automated approach for generating strict syscall filters for Linux userspace applications with lower requirements and limitations. Chestnut comprises two phases, with the first phase consisting of two static components, i.e., a compiler and a binary analyzer, that extract the used syscalls during compilation or in an analysis of the binary. The compiler-based approach of Chestnut is up to factor 73 faster than previous approaches without affecting the accuracy adversely. On the binary analysis level, we demonstrate that the requirement of position-independent binaries of related work is not needed, enlarging the set of applications for which Chestnut is usable. In an optional second phase, Chestnut provides a dynamic refinement tool that allows restricting the set of allowed syscalls further. We demonstrate that Chestnut on average blocks 302 syscalls (86.5%) via the compiler and 288 (82.5%) using the binary-level analysis on a set of 18 widely used applications. We found that Chestnut blocks the dangerous exec syscall in 50% and 77.7% of the tested applications using the compiler- and binary-based approach, respectively. For the tested applications, Chestnut prevents exploitation of more than 62% of the 175 CVEs that target the kernel via syscalls. Finally, we perform a 6 month long-term study of a sandboxed Nginx server

Systematic analysis of programming languages and their execution environments for spectre attacks

In this paper, we analyze the security of programming languages and their execution environments (compilers and interpreters) with respect to Spectre attacks. The analysis shows that only 16 out of 42 execution environments have mitigations against at least one Spectre variant, i.e., 26 have no mitigations against any Spectre variant. Using our novel tool Speconnector, we develop Spectre proof-of-concept attacks in 8 programming languages and on code generated by 11 execution environments that were previously not known to be affected. Our results highlight some programming languages that are used to implement security-critical code, but remain entirely unprotected, even three years after the discovery of Spectre

A Systematic Evaluation of Transient Execution Attacks and Defenses

Research on transient execution attacks including Spectre and Meltdown showed that exception or branch misprediction events might leave secret-dependent traces in the CPU's microarchitectural state. This observation led to a proliferation of new Spectre and Meltdown attack variants and even more ad-hoc defenses (e.g., microcode and software patches). Both the industry and academia are now focusing on finding effective defenses for known issues. However, we only have limited insight on residual attack surface and the completeness of the proposed defenses. In this paper, we present a systematization of transient execution attacks. Our systematization uncovers 6 (new) transient execution attacks that have been overlooked and not been investigated so far: 2 new exploitable Meltdown effects: Meltdown-PK (Protection Key Bypass) on Intel, and Meltdown-BND (Bounds Check Bypass) on Intel and AMD; and 4 new Spectre mistraining strategies. We evaluate the attacks in our classification tree through proof-of-concept implementations on 3 major CPU vendors (Intel, AMD, ARM). Our systematization yields a more complete picture of the attack surface and allows for a more systematic evaluation of defenses. Through this systematic evaluation, we discover that most defenses, including deployed ones, cannot fully mitigate all attack variants

COVID-19-associated Guillain-Barré syndrome in the early pandemic experience in Lombardia (Italy)

Objective To estimate the incidence and describe clinical characteristics and outcome of GBS in COVID-19 patients (COVID19-GBS) in one of the most hit regions during the frst pandemic wave, Lombardia. Methods Adult patients admitted to 20 Neurological Units between 1/3–30/4/2020 with COVID19-GBS were included as part of a multi-center study organized by the Italian society of Hospital Neuroscience (SNO). Results Thirty-eight COVID19-GBS patients had a mean age of 60.7 years and male frequency of 86.8%. CSF albuminocytological dissociation was detected in 71.4%, and PCR for SARS-CoV-2 was negative in 19 tested patients. Based on neurophysiology, 81.8% of patients had a diagnosis of AIDP, 12.1% of AMSAN, and 6.1% of AMAN. The course was favorable in 76.3% of patients, stable in 10.5%, while 13.2% worsened, of which 3 died. The estimated occurrence rate in Lombardia ranges from 0.5 to 0.05 GBS cases per 1000 COVID-19 infections depending on whether you consider positive cases or estimated seropositive cases. When we compared GBS cases with the pre-pandemic period, we found a reduction of cases from 165 to 135 cases in the 2-month study period in Lombardia. Conclusions We detected an increased incidence of GBS in COVID-19 patients which can refect a higher risk of GBS in COVID-19 patients and a reduction of GBS events during the pandemic period possibly due to a lower spread of more common respiratory infectious diseases determined by an increased use of preventive measures

La terra \ue8 bassa (ma noi voliamo altissimi)

Questo mese riflettori accesi sui droni agricoli a Bari, e precisamente alla fiera AgriLevante, la pi\uf9 importante manifestazione agricola del bacino del Mediterraneo, dove i droni sono ospitati in una esposizione collettiva organizzata da Dronitaly in collaborazione con FederUnacoma. Ma qual \ue8 la realt\ue0 dei droni \u201cverdi\u201d italiani? Ce lo raccontano gli esperti di Neos, spinoff dell\u2019Universit\ue0 di Padova che opera nell\u2019ambito dei rilevamenti da drone a uso agricolo e forestal