Explore true stories of the dark side of the Internet with host Jack Rhysider as he takes you on a journey through the chilling world of hacking, data breaches, and cyber crime.
…
continue reading
Content provided by N2K Networks, Inc. and N2K Networks. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by N2K Networks, Inc. and N2K Networks or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Similar to CyberWire Daily
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Technical interviews about software topics.
…
continue reading
A daily dose of irreverent, offbeat, and informative takes on business & tech news. Hosted by Jon Weigell, Juliet Bennett Rylah, Mark Dent, Ben Berkley, Sara Friedman, Matthew Brown, and Rob Litterst from The Hustle.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
KQED's statewide radio news program, providing daily coverage of issues, trends, and public policy decisions affecting California and its diverse population.
…
continue reading
Wrap your day with the world’s biggest stories. We set the bar on the daily news catch-up, going deeper on news stories that speak to the moment. From the award-winning CBC News teams behind ‘The World at Six’ and ‘The World This Weekend’ comes this vibrant evening news program, updated seven days a week. Sort out what's real, what's relevant and what’s truly new, from a Canadian perspective, with hosts Susan Bonner, Tom Harrington, and Stephanie Skenderis. Context, analysis and surprise — a ...
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
What's News brings you the biggest news of the day, from business and finance to global and political developments that move markets. Get caught up in minutes twice a day on weekdays, then take a step back with our What’s News in Markets wrap-up on Saturday and our What’s News Sunday deep dive.
…
continue reading
It's not just Google. This Week in Google hosts, Leo Laporte, Jeff Jarvis, and Paris Martineau, cover all of Big Tech every Wednesday. Listeners tune in for thought-provoking and entertaining conversations about AI, Internet memes, the future of media, and the latest emerging tech. You won't want to miss a minute. Records live every Wednesday at 5:00pm Eastern / 2:00pm Pacific / 21:00 UTC.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Using bidirectionality override characters to obscure code. [Research Saturday]
Manage episode 307597178 series 112238
Content provided by N2K Networks, Inc. and N2K Networks. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by N2K Networks, Inc. and N2K Networks or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Guests Nicholas Boucher and Ross Anderson from the University of Cambridge join Dave Bittner to discuss their research, "Trojan Source: Invisible Vulnerabilities." The researchers present a new type of attack in which source code is maliciously encoded so that it appears different to a compiler and to the human eye. This attack exploits subtleties in text-encoding standards such as Unicode to produce source code whose tokens are logically encoded in a different order from the one in which they are displayed, leading to vulnerabilities that cannot be perceived directly by human code reviewers. ‘Trojan Source’ attacks, as they call them, pose an immediate threat both to first-party software and of supply-chain compromise across the industry. They present working examples of Trojan-Source attacks in C, C++, C#, JavaScript, Java, Rust, Go, and Python. They propose definitive compiler-level defenses, and describe other mitigating controls that can be deployed in editors, repositories, and build pipelines while compilers are upgraded to block this attack.
The project website and research can be found here:
- Trojan Source: Invisible Source Code Vulnerabilities project website
- Trojan Source: Invisible Vulnerabilities research paper
Learn more about your ad choices. Visit megaphone.fm/adchoices
3070 episodes
Share
Manage episode 307597178 series 112238
Content provided by N2K Networks, Inc. and N2K Networks. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by N2K Networks, Inc. and N2K Networks or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Guests Nicholas Boucher and Ross Anderson from the University of Cambridge join Dave Bittner to discuss their research, "Trojan Source: Invisible Vulnerabilities." The researchers present a new type of attack in which source code is maliciously encoded so that it appears different to a compiler and to the human eye. This attack exploits subtleties in text-encoding standards such as Unicode to produce source code whose tokens are logically encoded in a different order from the one in which they are displayed, leading to vulnerabilities that cannot be perceived directly by human code reviewers. ‘Trojan Source’ attacks, as they call them, pose an immediate threat both to first-party software and of supply-chain compromise across the industry. They present working examples of Trojan-Source attacks in C, C++, C#, JavaScript, Java, Rust, Go, and Python. They propose definitive compiler-level defenses, and describe other mitigating controls that can be deployed in editors, repositories, and build pipelines while compilers are upgraded to block this attack.
The project website and research can be found here:
- Trojan Source: Invisible Source Code Vulnerabilities project website
- Trojan Source: Invisible Vulnerabilities research paper
Learn more about your ad choices. Visit megaphone.fm/adchoices
3070 episodes
All episodes
×
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Similar to CyberWire Daily
Explore true stories of the dark side of the Internet with host Jack Rhysider as he takes you on a journey through the chilling world of hacking, data breaches, and cyber crime.
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Technical interviews about software topics.
…
continue reading
A daily dose of irreverent, offbeat, and informative takes on business & tech news. Hosted by Jon Weigell, Juliet Bennett Rylah, Mark Dent, Ben Berkley, Sara Friedman, Matthew Brown, and Rob Litterst from The Hustle.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
KQED's statewide radio news program, providing daily coverage of issues, trends, and public policy decisions affecting California and its diverse population.
…
continue reading
Wrap your day with the world’s biggest stories. We set the bar on the daily news catch-up, going deeper on news stories that speak to the moment. From the award-winning CBC News teams behind ‘The World at Six’ and ‘The World This Weekend’ comes this vibrant evening news program, updated seven days a week. Sort out what's real, what's relevant and what’s truly new, from a Canadian perspective, with hosts Susan Bonner, Tom Harrington, and Stephanie Skenderis. Context, analysis and surprise — a ...
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
What's News brings you the biggest news of the day, from business and finance to global and political developments that move markets. Get caught up in minutes twice a day on weekdays, then take a step back with our What’s News in Markets wrap-up on Saturday and our What’s News Sunday deep dive.
…
continue reading
It's not just Google. This Week in Google hosts, Leo Laporte, Jeff Jarvis, and Paris Martineau, cover all of Big Tech every Wednesday. Listeners tune in for thought-provoking and entertaining conversations about AI, Internet memes, the future of media, and the latest emerging tech. You won't want to miss a minute. Records live every Wednesday at 5:00pm Eastern / 2:00pm Pacific / 21:00 UTC.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
