Other articles

  1. A journey on evaluating Control-Flow Integrity (CFI): LLVM-CFI versus RAP

    This post started out of the need to provide a little more clarification after a long and heated discussions on Twitter (initial discussion and follow up) about the origins of Control-Flow Integrity (CFI), the contributions of academia, and the precision, performance, and compatibility of different existing implementations.

    CFI is a …

    read more
  2. On differences between the CFI, CPS, and CPI properties

    At OSDI'14 we published our paper on [1] where we introduce two new security properties that protect programs against control-flow hijack attacks enabled by memory corruption vulnerabilities. The design space in this area is already very cluttered and we use this blog post to highlight the differences between the individual …

    read more