2023-03-19:
LLM + Clean Room: Will LLMs be the death of code copyrights?
Disclaimer: I am not a lawyer. Furthermore, remember that laws differ between countries.
Let me preface this post by saying that I don't have answers – I have only (interesting) questions. And perhaps the answer to the question in the headline eventually will follow Betteridge's law of headlines anyway.
So what is all this about?
In reverse-engineering there is a concept called clean room design. In short, it's a method of "copying" (and I'm using this term very loosely) someone's implementation of an idea without infringing on their copyrights. And while the term is a bit more generic, I will focus on it's application to software (code). In short, the method boils down to 3 steps:
- Reverse-engineers analyze the source software and prepare detailed documentation about how things look like and how they are done.
- Lawyers review the documentation to make sure no piece of code was included (or more generally: no copyrightable items were included).
- Software engineers implement a new piece of software based on this documentation.
Read more...
[
2 comments ]
|
2022-10-16:
Rozwiązania MSHP CTF (październik 2022)
Odbywający się 17 października 2022 Sekurak Mega Hacking Party w zasadzie rozpoczął się dwa dni wcześniej od indywidualnego CTFa. W którego miałem nie grać. Bo miałem robić inne Ważniejsze Rzeczy™. Ale wyszło jak zwykle - i w sumie fajnie, bo CTF okazał się być bardzo sympatyczny.
Poniżej znajdują się rozwiązania zadań, w których udało mi się zdobyć flagę. Rozwiązania są dość skrótowe, ale starałem się mniej więcej wskazać jaką drogą poszedłem.
Rozwiązania innych osób:
Czytaj dalej...
[
2 komentarze ]
|
Five newest or recently updated notes (these are unfinished posts, code snippets, links or commands I find useful but always forget, and other notes that just don't fit on the blog):
Click here for a list of all notes.
 Security papers and research notes
Some conference slides are linked at the bottom of this page.
 Selected vulnerabilities
- A few Microsoft Windows privilege escalations and some DoSes patched by MS10-021 and MS10-011 - this research was presented on HITB Dubai 2010 and CONFidence 2010 (video available here).
- Well, actually a few more bugs in Windows kernel and drivers discovered during our Bochspwn research (see this post and this one) using our kfetch-toolkit.
They were patched in
MS13-016,
MS13-017,
MS13-031 and
MS13-036.
- Adobe Reader 9.5.1 and 10.1.3 multiple vulnerabilities - 62 unique crashes, from that 31 trivially exploitable and 9 more potentially exploitable, 11 CVE's assigned (CVE-2012-4149 to CVE-2012-4160). Some of these bugs were fixed for Windows and OSX releases of Adobe Reader in APSB12-16.
- Adobe Flash had also quite a lot of fixes (around 60 CVEs assigned). Some details can be found in these bulletins (in random order):
APSB12-27,
APSB12-24,
APSB12-22,
APSB13-17,
APSB13-14,
APSB13-11,
APSB13-09,
APSB13-05 and
APSB13-01.
- Contributed to discovery of multiple low-to-high vulnerabilities in Google Chrome (CVE-2012-2851, CVE-2012-2855, CVE-2012-2856, CVE-2012-2862, CVE-2012-2863 and some other) - some of these were mentioned in this post.
- A lot of bugs in ffmpeg and libav which resulted in 892 (sic!) patches in ffmpeg and 299 patches in libav (CVE-2011-3930 to CVE-2011-3952 and some other).
- Cygwin cygwin1.dll shared section local privilege escalation (demo video) - discovered while revisiting old-school classes of bugs (see paper above).
- Two minor bugs in PuTTY and aterm and rxvt found while playing with terminal control codes. Put here to create some illusion of diversity.
- Mozilla Firefox 2.0.0.11 and Opera 9.50 information leak, also midly affected Safair, Konqueror and some other products (CVE-2007-6524, CVE-2008-0420, CVE-2008-0894, CVE-2008-1573). A demo video is also available.
- A small but funny bug in Total Commander 7.01 - an FTP client gets attacked by the server, leading to a path traversal.
- And there were also these two: a local privilege escalation that required a USB stick of death, and a funny compiler bug.
The full list of vulnerabilities discovered by me (including collaborative work) can be found here (please note that the list might be out of date).
The Google Application Security / Research site might also contain some of my findings.
 Coding (selected posts)
 Tools and libraries
- PiXieServ is a simplified PXE (network boot) server for Windows and Linux-based OS, created for testing of very small home-made OS. See also the post about it.
- ExcpHook, a system-wide exception monitor for Windows XP 32-bit. Useful if you're fuzzing something that doesn't like having a debugger attached.
- Ent is an entropy measuring tool for reverse engineering reconnaissance (see also a post explaining how to use it).
- HiperDrop is a simple command line process memory dumper for Windows, with a few different work modes.
- asmloader - this little app executes headerless machine code (compiled assembly code). It's meant to be an aid in learning/teaching and playing with assembly, as well as the right tool when you just need to execute some machine code.
- NetSock is a simple socket/networking lib/wrapper for C++ I've wrote back in 2003 and update from time to time - I use it for most of my network-enabled projects.
|
 Edukacyjnie (wybrane posty)
Dla programistów:
Security / hacking:
- Hacking - jak uczyć się security/hackingu i spać spokojnie.
Dodatkowo, kilka przemyśleń na temat odnajdywania się na rynku pracy w IT:
 Programowanie (wybrane posty)
← trochę więcej postów jest po angielskojęzycznej stronie.
 Gamedev i GFX (wybrane posty)
Grafika generowana proceduralnie:
|