Security Researcher
3
Talks Delivered
3
Events Spoken At
2
Countries Visited
3
Years Speaking
3
Total Talks Given
I'm a security researcher with a passion for OS internals and all things low-level. Over the years I have specialised in Android & the Linux kernel, but have dabbled in a number of domains.
When I'm not figuring out how things work and breaking them, I love to share my experiences and help others; whether it's via my blog, talks or mentoring.
Areas of Expertise
Presentation Types
Audience Types
From its humble beginnings in 1991, the Linux kernel has made its way into everyday life: desktops, servers, smartphones and embedded devices all make use of it. With over 32.8 million Linux users, in addition to 1.6 billion Android users, security is key.
Across the industry we are seeing the security landscape evolve rapidly due to a wide range of factors and the Linux kernel is no exception to this, with vulnerabilities becoming increasingly complex and harder to find.
In this talk Sam explores the challenges surrounding finding impactful vulnerabilities in the Linux kernel today, what kind of vulnerabilities are still out there and the techniques and approaches we can use to find them.
In the last 31 years since Linux was first announced a lot has changed, not least of which has been our attitude and approach to computer security.
As our technology has grown in complexity and the cat-and-mouse game between attackers and defenders goes on, the domain knowledge required to exploit these systems has continued to grow. With new exploitation techniques building on previous ones, and as mitigations respond to these trends, it can be hard to keep track; let alone look ahead.
In this talk, Sam hopes to make this task a little easier, opening up the world of Linux kernel exploitation. Borrowing from Charles Dickens’ “A Christmas Carol”, join in on a journey of Tux’s Security Past, Present & Future.
2022 has been one hell of a year for Linux exploitation, with several high profile vulnerabilities including DirtyPipe (CVE-2022-0847), Pwnkit (CVE-2021-4034) and many other equally cool but unbranded bugs (like CVE-2022-27666). Having worked on these exploits and more, from trivial to complex, I can tell you they all had one thing in common: all involved local vulnerabilities.
Follow me on a journey as I discovered a remote stack overflow in a kernel network module (CVE-2022-0435), while enumerating it for primitives to help exploit another bug entirely.
So if you’re interested in a hollistic view of the exploit development process, the nitty gritty of low level kernel exploitation or just fancy witnessing my slow descent into madness as I become a walking, talking TIPC manual then this may just be the talk for you.
