Last week I presented my research about “Adding ASLR to jailbroken iPhones” at the Power of Community 2010 (POC2010) security conference in Seoul. During my talk I explained how one can use a modified ‘rebase’ utility to rebase the dynamic linker dyld on the iPhone. Rebasing dyld is important because it contains enough code gadgets that can be used to kickstart arbitrary shellcode on jailbroken iPhones. A tool called Antid0te will be released until the end of this year that allows normal users to add ASLR to their iPhones. The release of this tool was originally planned for 24th December 2010 but it had to be postponed because I got really ill and also my glasses broke.
Over on Reddit.com recently a discussion was kicked off asking people what framework they used for REST – their tool of choice for making API creation simple.
On PHPMaster.com they’ve posted a new tutorial by Sean Hudgston that helps you understand HTTP digest authentication, a simple way to authenticate a user or script against your application.
On the Symfony blog today Fabien Potencier talks about some small things that matter – some of the smaller updates that have been made to the Symfony 2 framework recently that have helped to make it better and more flexible.