Dissecting QNX
Offered By: Recon Conference via YouTube
Course Description
Overview
Delve into a comprehensive analysis of QNX, a proprietary real-time operating system for embedded systems, in this 56-minute conference talk from Recon Brussels 2018. Explore the first-ever reverse-engineering and analysis of QNX's exploit mitigations, secure random number generators, and memory management internals. Examine NX/DEP, ASLR, Stack Cookies, and RELRO mitigations, as well as /dev/random and kernel PRNGs for QNX versions up to 6.6 and the 64-bit QNX 7.0. Uncover design issues and vulnerabilities in these systems, and learn about their implications for memory corruption exploitability and cryptographic ecosystem strength. Gain insights into available patches and hardening measures for defenders looking to secure QNX-based systems. Benefit from the expertise of Ali Abbasi, a Ph.D. candidate specializing in embedded system security, and Jos Wetzels, an independent security researcher focusing on embedded systems security.
Syllabus
Recon Brussels 2018 - Dissecting QNX
Taught by
Recon Conference
Related Courses
Harnessing Intel Processor Trace on Windows for FuzzRecon Conference via YouTube Reverse Engineering Satellite Based IP Content Distribution
Recon Conference via YouTube Reverse Engineering Windows Defender's JavaScript Engine
Recon Conference via YouTube DIY ARM Debugger for Wi-Fi Chips
Recon Conference via YouTube Subverting Your Server Through Its BMC - The HPE iLO4 Case
Recon Conference via YouTube