Security on JIT

<b>On the security of JIT based Smalltalk VMs and the possibility of a self contained Smalltalk system</b>

<b>Abstract:</b> <p> In this presentation we are going to share our experience in evaluating some of the security implications of using a Just-in-time nativizer for executing Smalltalk code. Using a very simple yet incredible current and powerful 20 years old JIT based VM, Digitalk Smalltalk, as our subject study, we'll explore how the Smalltalk bytecode is mapped into native code, evaluate and exploit the possibilities of abusing the JIT to generate native code that violates some Smalltalk invariants, and ultimately allows us to directly manipulate both data and code and escape the boundaries of the VM into the real world.

For better understanding, we'll take the exploration a step further, and we'll write live and working documentation of the JIT nativizer in Smalltalk itself, and play with the idea of trying this Smalltalk version of the nativizer to nativize itself and the system hosting it, touching on the subjects of self contained execution environment and opening the door to COLA-like systems completely written in Smalltalk. </p>

<b>Bio:</b> <p> In the last 17 years Gerardo 'gera' Richarte has been dedicated to computer security. He has spoken in different conferences including BlackHat, CanSecWest and PacSec among others, and taught assembly language and exploit writing classes for private, public and military students. For the last 13 years he's been part of Core Security Technologies, where he was a Sr. Security Consulting, Sr. Security Software Engineer and Reverse-Engineer, Expert Exploit Writer, and has been working in the last years, as researcher and technical leader. During all these years he's published some papers, advisories and open source tools as a humble thank you to the community that has given so much to him.

Gerardo 'richie' Richarte started Smalltalking and Squeaking in 1998 at Leandro Caniglia's MathMorphs class, where he was one of the main creators and implementors of the MorphicWrappers, as well as some other MathMorphs components. In the early days of Squeak he was an active member of the list, where he contributed a few bits of code. Being a member of the original 2001 SqueakNOS team, he awakened the project almost 5 years latter to bring it back to its second incarnation. Today, he's still unofficially Smalltalking, and spending a bigportion of his time reading and writing assembly and other low level stuff, both inside and outside Smalltalk. </p>