Why do we need security measure likes control flow integrity and buffer overflow guard if we have good access control protocol in place?

Reading into information security, I noticed two branches. Access control when communication with external device by using some type of cryptographic authentication and encryption mechanism and things like control flow integrity. My question is why do we need the latter if former is good enough. Are there example of control flow exploits on access control protocol implementation themselves? My focus is mainly on embedded devices.

what the trustworthy way to verify the integrity of source code?

In some of the organizations, takes the hash value of source code build to maintain the integrity of source code review process.According to reviewer if you change the source code than the hash of that source code is changed. But what about when we zip that source code files than also hash of that source code build is changed.

So, My question is

1) I am not sure this method fulfill the requirement of integrity check ?

2) Is there any alternatives for such kind of integrity check ?

Integrity Check on power on VS. Secure boot

Can we consider the Integrity Check on power-on and the secure boot equal from security point of view?

Secure boot is about allowing only a trusted SW to boot on the processor. A chain of trust can be built as a result of sequence of a securely booted Software components: for example:

  • Bootloader authenticates the OS.
  • The OS authenticates Application.

Let’s imagine that a system provides an Integrity check on power on, which means on power-on, the stored data (Bootloader, OS, Application) is hashed and the new hash is compared to the old stored hash of the same data. In this case, the integrity of all the stored SW component are going to be checked all together. Then a boot-up is only allowed when the integrity check was successful.

Does it make a difference to check the integrity/authenticity of the SW one after one (secure boot) or to conduct an integrity check on all of them together on power-on? In other words, when can we consider the integrity check and the secure boot equal?

How does Chrome’s Renderer Code Integrity Protection Work?

I recently heard of Chrome’s Renderer Code Integrity Protection, which is apparently supposed to prevent unsigned dlls from being loaded into the chrome.exe process, and figured I’d test what would happen if I tampered with one of Chrome’s default dlls. So, I opened chrome.dll in a hex editor, appended some random data to the end of the file, saved it and verified the “Digital Signatures” tab no longer appeared when I looked through the dll’s properties, and opened Chrome. To my surprise, it opened as normal. No crashes, no warnings, nothing. I took a look through the process in Process Explorer and verified the module wasn’t signed (“No signature was present in the subject”).

To see how far I could push this, I did the same with every dll in Chrome’s Application folder, reopened Chrome, checked that every chrome.exe process in process explorer was loading at least one tampered dll, and browsed for a few minutes. Never got a crash, error, or notification that an invalidly-signed dll had been loaded. I verified I was on Chrome version 79 (in which the features was re-enabled after being temporarily disabled in 78), that none of the processes had been launched with the command line option to disable the protection, and that I didn’t somehow have the registry setting that disables the protection set.

From my admittedly limited research on the subject, Renderer Code Integrity protection makes use of a Windows 10 feature to require that all modules loaded by any process opting into the feature are signed (I did my testing on an up to date Windows 10 box). It would seem logical that tampering with one of those modules would prevent it from being loaded, causing the application to either crash or produce some kind of warning that a critical dll had been tampered with. However, I haven’t been able to find out much else about the feature, with most sites just repeating “it prevents anyone from injecting code into Chrome”. Does anyone know the nitty gritty details on how Renderer Code Integrity works and why invalidating the signatures of every dll in Chrome’s application folder does nothing to prevent those dlls from being loaded?

Do integrity and authentication always come together?

I cannot come up with a case where there is only one of them.

When there is integrity, a random person cannot modify the message without being noticed. That is, an unauthenticated user cannot modify the message without being noticed. Therefore there is authentication.

When there is authentication, nobody except the sender can change the message after MAC or signature is added. Therefore there is integrity.

Am I missing something?

PC Component Firmware integrity and security

I recently bought a new laptop.

If you read the news you must’ve noticed Vault 6 and Vault 7 leaks (from Wikileaks), which contain rootkits which sit on your Hard Drive Firmware, MBR and other hidden partitions. Since it’s out in the open not only state actors should be able to make such kind of hard to get rid of malware.

How do I check the integrity (checksums or similar) and secure the firmware on my hardware components (Hard Drive, Motherboard, SSD, USB Hub etc etc)?

How can I protect the confidentiality, integrity and authenticity of my communication if I am victim of a Man-in-the-Middle attack?

Imagine a scenario where my ISP attempts to use a Man-in-the-Middle attack against me to read and possibly modify my internet traffic.

What can I do to access the internet and still ensure that my traffic remains confidential and integer?

Furthermore, are there techniques I can employ to make it more difficult for the ISP to notice that I am trying to evade their Man-in-the-Middle attack?

How to protect data integrity in IoT network?

The security of IoT devices is very important to protect the data uploaded by IoT devices. Because if an attacker force an IoT device to upload misleading/false data, the analytics and insights generated by IoT system would lead to corrupted information.

Therefore in order to make sure that data uploaded by IoT device is guninue and not fake which is the best technique? or in other words how to ensure that the data sent is sent by an authentic device and not the fake (hacked) device?