February 2006 - Posts

• Cool trick for detecting a hacked compiler

  It's funny - but I seem to remember back in my undergrad days when this classic paper was re-published in this form - http://www.acm.org/classics/sep95/ . Actually, I didn't know anything about the paper directly. Rather, around that time, I remember Read More... Posted Sunday, February 19, 2006 1:54 PM by dangriff | 2 Comments

• Readings on NT system calls

  I've lately been digging into how NT user mode API calls, as well as system calls into the kernel, can be patched. This began as idle curiosity about system integrity checks, but has evolved into full-blown awe about the detailed analyses of these subjects Read More... Posted Saturday, February 11, 2006 5:11 PM by dangriff | 1 Comments