Explore a 20-minute conference talk from USENIX WOOT '14 that delves into the concept of browser-based red pills. Learn how these Javascript-implemented tools can detect if a browser is running inside a virtual machine, potentially impacting the effectiveness of Web malware scanners. Discover multiple robust browser red pills that work across various browser platforms and emulation technologies. Gain insights into how these red pills can be used by digital rights management systems and malware authors. Examine the implications for Web scanners that rely on emulated environments to detect drive-by downloads and other malicious content. Consider potential mitigation strategies that Web scanners can employ to counter these red pills. Presented by researchers from Stanford University and Google, this talk offers a deep dive into timing side channels and their applications in browser security.
Overview
Syllabus
WOOT '14 - Tick Tock: Building Browser Red Pills from Timing Side Channels
Taught by
USENIX