Axelle Apvrille

Subscribe to Axelle Apvrille: eMailAlertsEmail Alerts
Get Axelle Apvrille: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Axelle Apvrille

In an era where everybody is connected to a potentially harmful Internet with an increasing number of complex and distributed applications, controlling what the computers do has become significantly harder. At the core, simple actions (executing software, e-commerce, etc.) rely on trust relationships; what if your computer (or the merchant's) has been compromised and alters your perception of reality? Indeed, at the beginning, Neo did not know there was a Matrix because he trusted everything he saw... Closer to our world, and without being paranoid, one of the first actions intruders or rootkits take is to replace common commands with fake ones. Is it then possible to guarantee that we'll really execute the code we intended to? How far can you trust the computer of a given merchant not to reveal your credit card number? This is precisely what trusted computing is abo... (more)

Stop Malicious Code Execution at the Kernel Level

This article presents a Linux kernel module capable of verifying digital signatures of ELF binaries before running them. This kernel module is available under the GPL license at http://sourceforge.net/projects/disec, and has been successfully tested for kernel 2.5.66 and above. Why Check the Signature of Your Binaries Before Running Them? The problem with blindly running executables is that you are never sure they actually do what you think they are supposed to do (and nothing more). Viruses spread so much on Microsoft Windows systems mainly because users are frantic to execute wh... (more)