|
Date: Wed, 12 Oct 2016 15:31:33 -0700 From: Kees Cook <keescook@...omium.org> To: "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com> Subject: Re: self introduction On Tue, Oct 11, 2016 at 8:19 PM, Gengjia Chen <chengjia4574@...il.com> wrote: > Hi all, Hi, welcome! > My name is Jiayy (@chengjia4574). I am currently a security researcher in > android and linux kernel. My researches consist on hunting vulnerabilities > in kernel code (most of them within drivers) and doing exploits using those > vulns. > I had found more than 40 vulnerabilities which were confirmed by Android > Security Team > in the past year. I also figured out some way to attack mitigation solutions > of kernel > (such as Bypass PXN). In your research have you seen a common kind of bug that results in the vulnerabilities you find? Is there anything that would have significantly made exploitation more difficult in the things you worked on? > Those works help me get familiar with the kernel(device tree, memory > management, > network , some features especially those associated with security such as > pxn, selinux, seccomp) and ARM instruction. However, it is not enough to get > involved in real security development in kernel. Therefore, I am looking for > task > I can accomplish to be involved into real kernel development! Recently I > found > this project (kernel self protection) and I thought it is so interesting. > > I don't know whether I can involve and where I can begin, I am looking > forward to > your response. Are you interested mostly in ARM-specific things? Are you interested in kernel-assisted userspace defenses too? -Kees -- Kees Cook Nexus Security
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.