iSecPartners – Auditing high-value applications cheat-sheet

iSecPartners has released on GitHub a “cheat-sheet” for auditing high-value applications. It’s well worth a read. This list is intended to be a list of additional or more technical things to look for when auditing extremely high value applications. The applications may involve operational security for involved actors (such as law enforcement research), extremely valuable […]

Google Chrome 35+ and EMET 4.1 Compatability

Chromium engineers have provided excellent clarification on compatibility issues between Google Chrome v35+ and EMET 4.1 The specific issue we have encountered with Chromium compiled using VS 2013 relates to tail-call optimizations in wrapper functions for Windows APIs. By using jmp to enter the Windows API call from the wrapper, the Visual Studio compiler avoids […]

Data alignment and performance

I read an informative IBM article about data alignment and its importance when developing native code. Data alignment is an important issue for all programmers who directly use memory. Data alignment affects how well your software performs, and even if your software runs at all. As this article illustrates, understanding the nature of alignment can also […]