Stories
Slash Boxes
Comments

SoylentNews is people

Student Claims Wassenaar Arrangement Prevents Him From Publishing Dissertation

posted by takyon on Saturday July 04 2015, @06:28PM   Printer-friendly
from the mind-control dept.

AnonTechie writes:

Grant Willcox, a student studying ethical hacking at the University of Northumbria in the UK, is claiming that the Wassenaar Arrangement, an arms control treaty that was expanded last year to prohibit the export of various kinds of software exploit, is forcing him to censor his dissertation.

Willcox's research investigates ways in which Microsoft's EMET software can be bypassed. EMET is a security tool that includes a variety of mitigation techniques designed to make exploiting common memory corruption flaws harder. In the continuing game of software exploit cat and mouse, EMET raises the bar, making software bugs harder to take advantage of, but does not outright eliminate the problems. Willcox's paper explored the limitations of the EMET mitigations and looked at ways that malware could bypass them to enable successful exploitation. He also applied these bypass techniques to a number of real exploits.

Typically this kind of dissertation would be published in full. Security researchers routinely explore techniques for bypassing system protections, with this research being one of the things that guides the development of future mitigations. Similarly, publishing the working exploit code (with a safe payload, to prove the concept) is standard within the research community.

However, Willcox's paper doesn't do this. Writing on his blog, he explains that some pages have been removed due to a combination of the Wassenaar Arrangement's restrictions, and the university's ethics board forbidding the release of exploits. He says that he will release the exploits only to consultancies within the UK, thereby avoiding any exports.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Student Claims Wassenaar Arrangement Prevents Him From Publishing Dissertation | Log In/Create an Account | Top | 10 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1, Interesting) by Anonymous Coward on Saturday July 04 2015, @09:26PM

    by Anonymous Coward on Saturday July 04 2015, @09:26PM (#205117)

    Or he handled things in the wrong order. Tell Microsoft about the vulnerabilities before the whole publishing, releasing thing. If he found them, then odds are the bad guys have or will find them. Once they are all patched up (and, incidentally, I think EMET should tie into Windows/Microsoft Update once installed, to make this easier), then you can show the actual exploits, talk about them, etc. No ethical issues abound if they are relatively worthless once released.

    Also, EMET isn't the only program that offers these kinds of exploit mitigation (MalwareBytes Anti-Exploit and HitmanPro.Alert come immediately to mind). So I can see how maybe he thought he wasn't attacking a particular piece of software or company, but the whole theory of protecting yourself like this.

    Starting Score:    0  points
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Total Score:   1  

  • (Score: 0) by Anonymous Coward on Saturday July 04 2015, @10:22PM

    by Anonymous Coward on Saturday July 04 2015, @10:22PM (#205122)

    OR HE COULD JUST go for it. Publish and see what happens

    Fuck the consequences.

    • (Score: 1) by redneckmother on Sunday July 05 2015, @03:35AM

      by redneckmother (3597) on Sunday July 05 2015, @03:35AM (#205188)

      well, i dunno... the consequences could be ... extreme ...

      I do agree that he should publish.

      --
      Mas cerveza por favor.