C and C++: A Security Perspective Security Beyond Memory Safety Using Modern C++ to Avoid Vulnerabilities by DesignMax Hoffmann Security Beyond Memory Safety CppCon 2024 2 Security Beyond Memory Safety Hoffmann Security Beyond Memory Safety CppCon 2024 3 FIFTY SHADES OF SHOOTING YOURSELF IN THE FOOT WITH A RAILGUNMax Hoffmann Security Beyond Memory Safety CppCon 2024 4Max Hoffmann Security Beyond yearsMax Hoffmann Security Beyond Memory Safety CppCon 2024 6Max Hoffmann Security Beyond Memory Safety CppCon 2024 7Max Hoffmann Security Beyond Memory Safety CppCon 2024 8Max Hoffmann Security Beyond Memory

Embracing an Adversarial Mindset for C++ Security Amanda Rousseau 9/18/2024 This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY1 Strategies for Secure C++ DevelopmentWHOAMI 0x401006 Microsoft 0x40100C Offensive 0x40100F Research & Security 0x401018 Engineering 0x40101A (MORSE) CURRENT 0x401000 MALWARE UNICORN AMANDA ROUSSEAU 0x402001 perspectiveFactors Influencing Trends Increased Security Awareness and Practices Adoption of Modern Technologies •secure coding, regular patching, comprehensive security testing •Improved Discovery Methods -

ies-noexcept 2. “Audit” 3rd party code with RealtimeSanitizerWith RealtimeSanitizer enabled: - Extensive unit testing - Extensive QA testing Compile with -Werror “Audit” 3rd party code with RealtimeSanitizer context ■ Can do this with function names, or thread priority ● DTrace also requires bypassing security on OSX, which is sometimes disallowed in some IT departments ● We want every platform to be supported

another level of indirection, through the section .plt.sec • Added because support for intel security features CET/MPX* didn’t fit in 16- byte .plt entry scheme. (* in a nutshell: branches marked help display this help message and exit 64Observing the Loader in action - Linux $ LD_AUDIT=1 Check!! 65Observing the Loader in action - Windows https://ofekshilon.com/2013/06/22/entry-po

Don't do that. •Code Review •Automated Tooling - part of CI107 How can we test it? 1. Historical Audit of Enum Values (Version Control Tracking) 2. Enumeration/Constant Versioning and Deprecation 3. Through Code Review Process 9. Symbolic Constant Tracking108 How can we test it? 1. Historical Audit of Enum Values (Version Control Tracking) 2. Enumeration/Constant Versioning and Deprecation 3.

signing and verifying of packages. As the awareness about the importance of software supply chain security grows, it is becoming more important the capability of being able to sign and verify software packages Copied 1 file: secure_scanner secure_scanner/1.0 package(): Packaged 1 file: secure_scanner ... Security Scanner: The path 'mypath' is secure! Let’s review the test_package/conanfile.py: from conan import /Users/luism/workspace/examples2/ ˓→tutorial/creating_packages/other_packages/tool_requires/consumer ... Security Scanner: The path '/Users/luism/workspace/examples2/tutorial/creating_packages/ ˓→other_packag

signing and verifying of packages. As the awareness about the importance of software supply chain security grows, it is becoming more important the capability of being able to sign and verify software packages Copied 1 file: secure_scanner secure_scanner/1.0 package(): Packaged 1 file: secure_scanner ... Security Scanner: The path 'mypath' is secure! Let’s review the test_package/conanfile.py: from conan import /Users/luism/workspace/examples2/ ˓→tutorial/creating_packages/other_packages/tool_requires/consumer ... Security Scanner: The path '/Users/luism/workspace/examples2/tutorial/creating_packages/ ˓→other_packag

signing and verifying of packages. As the awareness about the importance of software supply chain security grows, it is becoming more important the capability of being able to sign and verify software packages Copied 1 file: secure_scanner secure_scanner/1.0 package(): Packaged 1 file: secure_scanner ... Security Scanner: The path 'mypath' is secure! Let’s review the test_package/conanfile.py: from conan import /Users/luism/workspace/examples2/ ˓→tutorial/creating_packages/other_packages/tool_requires/consumer ... Security Scanner: The path '/Users/luism/workspace/examples2/tutorial/creating_packages/ ˓→other_packag

signing and verifying of packages. As the awareness about the importance of software supply chain security grows, it is becoming more important the capability of being able to sign and verify software packages Copied 1 file: secure_scanner secure_scanner/1.0 package(): Packaged 1 file: secure_scanner ... Security Scanner: The path 'mypath' is secure! Let’s review the test_package/conanfile.py: from conan import /Users/luism/workspace/examples2/ ˓→tutorial/creating_packages/other_packages/tool_requires/consumer ... Security Scanner: The path '/Users/luism/workspace/examples2/tutorial/creating_packages/ ˓→other_packag

signing and verifying of packages. As the awareness about the importance of software supply chain security grows, it is becoming more important the capability of being able to sign and verify software packages Copied 1 file: secure_scanner secure_scanner/1.0 package(): Packaged 1 file: secure_scanner ... Security Scanner: The path 'mypath' is secure! Let’s review the test_package/conanfile.py: from conan import /Users/luism/workspace/examples2/ ˓→tutorial/creating_packages/other_packages/tool_requires/consumer ... Security Scanner: The path '/Users/luism/workspace/examples2/tutorial/creating_packages/ ˓→other_packag