Obfuscate Logs Without an External Script by Executing Uninvoked C++ Code - Andrei Zissu CppNow 23
https://www.cppnow.org
https://www.linkedin.com/company/cppnow
---
Execution of Uninvoked C++ Code to Obfuscate Logs Without An External Script - Andrei Zissu - CppNow 2023
Slides: https://github.com/boostcon
---
Can your code have logging entries whose sensitive messages don't show up in the shipped binaries? And can the following code snippet ever work?
static bool initially_false = false;
void no_one_calls_me() { DO_ON_INIT(initially_false = true); }
int main() {assert(initially_false == true); return 0;}
Well yes, this is actual working C++17 code, without any external pre-processing step! And yes, we can use this tool to produce a logger with vanishing strings!
As part of this talk we will go behind the scenes of the DO_ON_INIT utility, the process involved in developing the idea and its surprisingly simple implementation details (under 20 lines of C++17 code, and even less in C++20). We shall also see how this utility is instrumental in making possible the no-strings-attached logger and its associated automatically-generated decoding facility.
This talk is not just about logging! The vanishing logs are the use case for which I developed DO_ON_INIT, which is in itself a general-use utility allowing you to run custom code at the beginning of time. And unlike other log obfuscation mechanisms I've seen, the mechanism outlined in this talk uses no external tooling or preprocessing script - what happens in C++ stays in C++.
This is yet another example of emergent behavior in C++, consisting of unrelated language features being put to use together in a novel and unexpected way. Could your idea be next?
---
Andrei Zissu
Andrei Zissu is a veteran cross-industry C++ developer, notably having worked on low-level reverse engineering systems employing API hooking, DLL injection and other advanced techniques. In early 2022 he joined the WG21 standards committee as a member of the Israeli NB. His current main focus in WG21 is on finally getting reflection into C++ (fingers crossed).
Andrei is currently Windows Software Developer Tech Lead at Morphisec, an Israeli defensive cyber company developing revolutionary Automatic Moving Target Defense. The feature presented in this talk was developed by him while working at Binah.ai, an Israeli remote health monitoring startup. The feature was being gradually staged into production code in Binah.ai's C++17 codebase.
---
Video Sponsors: think-cell and Bloomberg Engineering
Audience Audio Sponsors: Innoplex and Maryland Research Institute
---
Videos Filmed & Edited By Bash Films: https://bashfilms.com/
YouTube Channel Managed & Optimized By Digital Medium Ltd: https://events.digital-medium.co.uk
---
CppNow 2024
https://www.cppnow.org
https://twitter.com/cppnow
---
#boost #cpp #cppprogramming
社交媒体聆听
Principais aplicativos móveis de saúde baseados em inteligência artificial
Bem-vindos ao 24º episódio do nosso canal 'Inteligência Médica - O Futuro Agora', onde exploramos as fronteiras da tecnologia na saúde. Neste episódio, mergulhamos no mundo inovador dos aplicativos móveis de saúde baseados em inteligência artificial (IA). Descubra como esses aplicativos estão transformando o cuidado com a saúde, oferecendo soluções personalizadas e melhorando a experiência do usuário. Abordamos uma variedade de aplicativos, desde o Noom, focado em um estilo de vida saudável, até o Binah.ai, que oferece monitoramento de saúde através de vídeo. Exploramos como esses aplicativos estão sendo utilizados na prática e o impacto positivo que estão tendo na saúde dos usuários. Além disso, discutimos os desafios e considerações éticas associados a essas tecnologias, incluindo a necessidade de supervisão humana e a segurança dos dados. Por fim, olhamos para o futuro, destacando o enorme potencial que os aplicativos de saúde baseados em IA têm para continuar melhorando os resultados de saúde e a eficiência dos serviços. Junte-se a nós nesta jornada fascinante para entender como a inteligência artificial está moldando o futuro da saúde. #InteligênciaArtificial #SaúdeDigital #AplicativosDeSaúde #InovaçãoEmSaúde #TecnologiaMédica #Telemedicina #SaúdeBaseadaEmIA #FuturoDaSaúde #CuidadosDeSaúde #InovaçãoTecnológica #MonitoramentoDeSaúde #DiagnósticoInteligente #SaúdeMóvel #MedicinaDoFuturo #TecnologiaEmSaúde
Binah.ai The #1 Health and Wellness Checks Software
Obfuscate Logs Without an External Script by Executing Uninvoked C++ Code - Andrei Zissu CppNow 23
https://www.cppnow.org https://www.linkedin.com/company/cppnow --- Execution of Uninvoked C++ Code to Obfuscate Logs Without An External Script - Andrei Zissu - CppNow 2023 Slides: https://github.com/boostcon --- Can your code have logging entries whose sensitive messages don't show up in the shipped binaries? And can the following code snippet ever work? static bool initially_false = false; void no_one_calls_me() { DO_ON_INIT(initially_false = true); } int main() {assert(initially_false == true); return 0;} Well yes, this is actual working C++17 code, without any external pre-processing step! And yes, we can use this tool to produce a logger with vanishing strings! As part of this talk we will go behind the scenes of the DO_ON_INIT utility, the process involved in developing the idea and its surprisingly simple implementation details (under 20 lines of C++17 code, and even less in C++20). We shall also see how this utility is instrumental in making possible the no-strings-attached logger and its associated automatically-generated decoding facility. This talk is not just about logging! The vanishing logs are the use case for which I developed DO_ON_INIT, which is in itself a general-use utility allowing you to run custom code at the beginning of time. And unlike other log obfuscation mechanisms I've seen, the mechanism outlined in this talk uses no external tooling or preprocessing script - what happens in C++ stays in C++. This is yet another example of emergent behavior in C++, consisting of unrelated language features being put to use together in a novel and unexpected way. Could your idea be next? --- Andrei Zissu Andrei Zissu is a veteran cross-industry C++ developer, notably having worked on low-level reverse engineering systems employing API hooking, DLL injection and other advanced techniques. In early 2022 he joined the WG21 standards committee as a member of the Israeli NB. His current main focus in WG21 is on finally getting reflection into C++ (fingers crossed). Andrei is currently Windows Software Developer Tech Lead at Morphisec, an Israeli defensive cyber company developing revolutionary Automatic Moving Target Defense. The feature presented in this talk was developed by him while working at Binah.ai, an Israeli remote health monitoring startup. The feature was being gradually staged into production code in Binah.ai's C++17 codebase. --- Video Sponsors: think-cell and Bloomberg Engineering Audience Audio Sponsors: Innoplex and Maryland Research Institute --- Videos Filmed & Edited By Bash Films: https://bashfilms.com/ YouTube Channel Managed & Optimized By Digital Medium Ltd: https://events.digital-medium.co.uk --- CppNow 2024 https://www.cppnow.org https://twitter.com/cppnow --- #boost #cpp #cppprogramming
总共有 36 条社交媒体数据需要解锁才能查看