Information Security News
Grant Willcox, a student studying ethical hacking at the University of Northumbria in the UK, is claiming that the Wassenaar Arrangement, an arms control treaty that was expanded last year to prohibit the export of various kinds of software exploit, is forcing him to censor his dissertation.
Willcox's research investigates ways in which Microsoft's EMET software can be bypassed. EMET is a security tool that includes a variety of mitigation techniques designed to make exploiting common memory corruption flaws harder. In the continuing game of software exploit cat and mouse, EMET raises the bar, making software bugs harder to take advantage of, but does not outright eliminate the problems. Willcox's paper explored the limitations of the EMET mitigations and looked at ways that malware could bypass them to enable successful exploitation. He also applied these bypass techniques to a number of real exploits.
Typically this kind of dissertation would be published in full. Security researchers routinely explore techniques for bypassing system protections, with this research being one of the things that guides the development of future mitigations. Similarly, publishing the working exploit code (with a safe payload, to prove the concept) is standard within the research community.
Is the information security industry having a midlife crisis?
The daily announcements about breaches and lost data confirm that criminals are winning the security battle, but how can InfoSec reposition itself in order to win the war? Last month, Tsion Gonen, chief strategy officer at SafeNet spoke at the CIO ...