Improving Security Through Egalitarian Binary Recompilation

In this thesis, we try to bridge the gap between which program transformations are possible at source-level and which are possible at binary-level. While binaries are typically seen as opaque artifacts, our binary recompiler Egalito (ASPLOS 2020) enables users to parse and modify stripped binaries on existing systems. Our technique of binary recompilation is not robust to errors in disassembly, but with an accurate analysis, provides near-zero transformation overhead. We wrote several demonstration security tools with Egalito, including code randomization, control-flow integrity, retpoline insertion, and a fuzzing backend. We also wrote Nibbler (ACSAC 2019, DTRAP 2020), which detects unused code and removes it. Many of these features, including Nibbler, can be combined with other defenses resulting in multiplicatively stronger or more effective hardening. Enabled by our recompiler, an overriding theme of this thesis is our focus on deployable software transformation. Egalito has been tested by collaborators across tens of thousands of Debian programs and libraries. We coined this term egalitarian in the context of binary security. Simply put, an egalitarian analysis or security mechanism is one that can operate on itself (and is usually more deployable as a result). As one demonstration of this idea, we created a strong, deployable defense against code reuse attacks. Shuffler (OSDI 2016) randomizes function addresses, moving functions periodically every few milliseconds. This makes an attacker's job extremely difficult, especially if they are located across a network (which necessitates ping time) -- JIT-ROP attacks take 2.3 to 378 seconds to complete. Shuffler is egalitarian and defends its own code and target code simultaneously; Shuffler actually shuffles itself. We hope our deployable, egalitarian binary defenses will allow others to improve upon state-of-the-art and paint binaries as far more malleable than they have been in the past

Saline nasal irrigation for acute upper respiratory tract infections (Review)

BACKGROUND: Acute upper respiratory tract infections (URTIs), including the common cold and rhinosinusitis, are common afflictions that cause discomfort and debilitation and contribute significantly to workplace absenteeism. Treatment is generally by antipyretic and decongestant drugs and sometimes antibiotics, even though most infections are viral. Nasal irrigation with saline is often employed as an adjunct treatment for URTI symptoms despite a relative lack of evidence for benefit in this clinical setting. This review is an update of the Cochrane review by Kassel et al, which found that saline was probably effective in reducing the severity of some symptoms associated with acute URTIs

Making Lock-free Data Structures Verifiable with Artificial Transactions

Among all classes of parallel programming abstractions, lock-free data structures are considered one of the most scalable and efficient because of their fine-grained style of synchronization. However, they are also challenging for developers and tools to verify because of the huge number of possible interleavings that result from fine-grained synchronizations. This paper address this fundamental problem between performance and verifiability of lock-free data structures. We present TXIT, a system that greatly reduces the set of possible interleavings by inserting transactions into the implementation of a lock-free data structure. We leverage hardware transactional memory support from Intel Haswell processors to enforce these artificial transactions. Evaluation on six popular lock-free data structures shows that TXIT makes it easy to verify lock-free data structures while incurring acceptable runtime overhead. Further analysis shows that two inefficiencies in Haswell are the largest contributors to this overhead

Religious Identity, Religious Attendance, and Parental Control

Using a national sample of adolescents aged 10–18 years and their parents (N = 5,117), this article examines whether parental religious identity and religious participation are associated with the ways in which parents control their children. We hypothesize that both religious orthodoxy and weekly religious attendance are related to heightened levels of three elements of parental control: monitoring activities, normative regulations, and network closure. Results indicate that an orthodox religious identity for Catholic and Protestant parents and higher levels of religious attendance for parents as a whole are associated with increases in monitoring activities and normative regulations of American adolescents

Effects of antiplatelet therapy on stroke risk by brain imaging features of intracerebral haemorrhage and cerebral small vessel diseases: subgroup analyses of the RESTART randomised, open-label trial

Background Findings from the RESTART trial suggest that starting antiplatelet therapy might reduce the risk of recurrent symptomatic intracerebral haemorrhage compared with avoiding antiplatelet therapy. Brain imaging features of intracerebral haemorrhage and cerebral small vessel diseases (such as cerebral microbleeds) are associated with greater risks of recurrent intracerebral haemorrhage. We did subgroup analyses of the RESTART trial to explore whether these brain imaging features modify the effects of antiplatelet therapy

The Quiescent Intracluster Medium in the Core of the Perseus Cluster

Clusters of galaxies are the most massive gravitationally-bound objects in the Universe and are still forming. They are thus important probes of cosmological parameters and a host of astrophysical processes. Knowledge of the dynamics of the pervasive hot gas, which dominates in mass over stars in a cluster, is a crucial missing ingredient. It can enable new insights into mechanical energy injection by the central supermassive black hole and the use of hydrostatic equilibrium for the determination of cluster masses. X-rays from the core of the Perseus cluster are emitted by the 50 million K diffuse hot plasma filling its gravitational potential well. The Active Galactic Nucleus of the central galaxy NGC1275 is pumping jetted energy into the surrounding intracluster medium, creating buoyant bubbles filled with relativistic plasma. These likely induce motions in the intracluster medium and heat the inner gas preventing runaway radiative cooling; a process known as Active Galactic Nucleus Feedback. Here we report on Hitomi X-ray observations of the Perseus cluster core, which reveal a remarkably quiescent atmosphere where the gas has a line-of-sight velocity dispersion of 164+/-10 km/s in a region 30-60 kpc from the central nucleus. A gradient in the line-of-sight velocity of 150+/-70 km/s is found across the 60 kpc image of the cluster core. Turbulent pressure support in the gas is 4% or less of the thermodynamic pressure, with large scale shear at most doubling that estimate. We infer that total cluster masses determined from hydrostatic equilibrium in the central regions need little correction for turbulent pressure.Comment: 31 pages, 11 Figs, published in Nature July

Quantitative High-Throughput Screen Identifies Inhibitors of the Schistosoma mansoni Redox Cascade

Schistosomiasis is a tropical disease associated with high morbidity and mortality, currently affecting over 200 million people worldwide. Praziquantel is the only drug used to treat the disease, and with its increased use the probability of developing drug resistance has grown significantly. The Schistosoma parasites can survive for up to decades in the human host due in part to a unique set of antioxidant enzymes that continuously degrade the reactive oxygen species produced by the host's innate immune response. Two principal components of this defense system have been recently identified in S. mansoni as thioredoxin/glutathione reductase (TGR) and peroxiredoxin (Prx) and as such these enzymes present attractive new targets for anti-schistosomiasis drug development. Inhibition of TGR/Prx activity was screened in a dual-enzyme format with reducing equivalents being transferred from NADPH to glutathione via a TGR-catalyzed reaction and then to hydrogen peroxide via a Prx-catalyzed step. A fully automated quantitative high-throughput (qHTS) experiment was performed against a collection of 71,028 compounds tested as 7- to 15-point concentration series at 5 µL reaction volume in 1536-well plate format. In order to generate a robust data set and to minimize the effect of compound autofluorescence, apparent reaction rates derived from a kinetic read were utilized instead of end-point measurements. Actives identified from the screen, along with previously untested analogues, were subjected to confirmatory experiments using the screening assay and subsequently against the individual targets in secondary assays. Several novel active series were identified which inhibited TGR at a range of potencies, with IC50s ranging from micromolar to the assay response limit (∼25 nM). This is, to our knowledge, the first report of a large-scale HTS to identify lead compounds for a helminthic disease, and provides a paradigm that can be used to jump-start development of novel therapeutics for other neglected tropical diseases

Reduced Plasmodium vivax Erythrocyte Infection in PNG Duffy-Negative Heterozygotes

BACKGROUND: Erythrocyte Duffy blood group negativity reaches fixation in African populations where Plasmodium vivax (Pv) is uncommon. While it is known that Duffy-negative individuals are highly resistant to Pv erythrocyte infection, little is known regarding Pv susceptibility among heterozygous carriers of a Duffy-negative allele (+/−). Our limited knowledge of the selective advantages or disadvantages associated with this genotype constrains our understanding of the effect that interventions against Pv may have on the health of people living in malaria-endemic regions. METHODS AND FINDINGS: We conducted cross-sectional malaria prevalence surveys in Papua New Guinea (PNG), where we have previously identified a new Duffy-negative allele among individuals living in a region endemic for all four human malaria parasite species. We evaluated infection status by conventional blood smear light microscopy and semi-quantitative PCR-based strategies. Analysis of a longitudinal cohort constructed from our surveys showed that Duffy heterozygous (+/−) individuals were protected from Pv erythrocyte infection compared to those homozygous for wild-type alleles (+/+) (log-rank tests: LM, p = 0.049; PCR, p = 0.065). Evaluation of Pv parasitemia, determined by semi-quantitative PCR-based methods, was significantly lower in Duffy +/− vs. +/+ individuals (Mann-Whitney U: p = 0.023). Overall, we observed no association between susceptibility to P. falciparum erythrocyte infection and Duffy genotype. CONCLUSIONS: Our findings provide the first evidence that Duffy-negative heterozygosity reduces erythrocyte susceptibility to Pv infection. As this reduction was not associated with greater susceptibility to Pf malaria, our in vivo observations provide evidence that Pv-targeted control measures can be developed safely

Quantum state preparation and macroscopic entanglement in gravitational-wave detectors

Long-baseline laser-interferometer gravitational-wave detectors are operating at a factor of 10 (in amplitude) above the standard quantum limit (SQL) within a broad frequency band. Such a low classical noise budget has already allowed the creation of a controlled 2.7 kg macroscopic oscillator with an effective eigenfrequency of 150 Hz and an occupation number of 200. This result, along with the prospect for further improvements, heralds the new possibility of experimentally probing macroscopic quantum mechanics (MQM) - quantum mechanical behavior of objects in the realm of everyday experience - using gravitational-wave detectors. In this paper, we provide the mathematical foundation for the first step of a MQM experiment: the preparation of a macroscopic test mass into a nearly minimum-Heisenberg-limited Gaussian quantum state, which is possible if the interferometer's classical noise beats the SQL in a broad frequency band. Our formalism, based on Wiener filtering, allows a straightforward conversion from the classical noise budget of a laser interferometer, in terms of noise spectra, into the strategy for quantum state preparation, and the quality of the prepared state. Using this formalism, we consider how Gaussian entanglement can be built among two macroscopic test masses, and the performance of the planned Advanced LIGO interferometers in quantum-state preparation