Carter Yagemann

I'm a computer scientist and cybersecurity researcher. My interests include hacking, system design, and software engineering.

Articles



The Unfortunate Economics of Defense in Depth

A mantra we hear all the time in security is the notion of defense in depth. It's applied in numerous areas from protecting computer systems to safeguarding airports. Anyone who receives formal training in security will likely encounter the term at least once in their coursework. It's a milestone we …

Paper Accepted to ACM CCS 2018

A paper I co-authored has been accepted to the 25th ACM Conference on Computer and Communications Security (CCS'18) being held in Toronto, Canada from October 15, 2018 to October 19, 2018. Title: Enforcing Unique Code Target Property for Control-Flow Integrity Authors: Hong Hu, Chenxiong Qian, Carter Yagemann, Simon Pak Ho …

Weird Things Are Afoot In The Honeypot

Here's something you don't see every day. The logs from my SSH honeypot show someone brute-forcing the password for root and then executing: ls /data/data/com.android.providers.telephony/databases This is a strange directory to look for because it's where Android devices store the SQLite databases for SMS …

EFF and EFAIL: An Example of Hype Culture Gone Awry

I usually try to keep my blog posts technical and free of politics, but I can't hide my frustration over EFF's response to today's release of the EFAIL vulnerability. If you haven't heard by now, EFAIL is the name of a vulnerability having to do with how email clients like …

  • Sat 24 February 2018
  • Linux

Debian Apt Repo for libipt

As part of my Ph.D. research, I play around with Intel Processor Trace a lot. As a result, I frequently use libipt; both as a library for my own software and for the reference programs it includes. ptdump and ptxed are my goto utilities for quickly checking and manipulating …

  • Fri 09 February 2018
  • Misc

H&R Block "MyBlock" App + USA Government Website Analytics = PROFIT

I like data mining. For better or worse, it's the gold of the digital age. So when the USA government decided to make the analytical data for their publicly facing websites available for download, I jumped at the opportunity. Thanks to this lovely data source, I can get insights into …

How ASLR Helps Enable Exploits (CVE-2013-2028)

The other day I was playing around with CVE-2013-2028 along with my peer Hong Hu when we came across something odd: CVE-2013-2028 is only exploitable on 64-bit GNU/Linux when ASLR is enabled. After confirming this observation multiple times, we were left very surprised. How could ASLR possibly worsen the …

  • Sat 28 October 2017
  • Linux

Intel PT Data at Rest: A Compression Experiment

Full Disclosure: I am a researcher in Georgia Tech's ISTC-ARSA, which is funded by Intel. Although I reference two publications that share Xinyang Ge and Weidong Cui as authors, I am neither associated with them nor Microsoft Research at the time of writing. Intel Processor Trace (PT) is a powerful …

Windows _EX_FAST_REF Pointers and Virtual Machine Introspection

Last week I was working on a VMI-based malware unpacker for Linux and Windows when I came across an interesting problem. I was trying to implement a method that would, given a virtual address and process ID, return the address range of the memory segment it belongs to using VMI …