Despite my long inactivity on the blog, it's true that behind the scene I'm still active.
Recently among the other I read a paper that need some attention: Memory Errors: The Past, the Present, and the Future
Authors:
Victor van der Veen†
, Nitish dutt-Sharma†
, Lorenzo Cavallaro†,∗ Herbert Bos†
†The Network Institute, VU University Amsterdam
∗Royal Holloway, University of London
Abstract:
Memory error exploitations have been around for
over 25 years and still rank among the top 3 most dangerous
software errors. Why haven’t we been able to stop them? Given
the host of security measures on modern machines, are we less
vulnerable than before, and can we expect to eradicate memory
error problems in the near future? In this paper, we present a
quarter century worth of memory errors: attacks, defenses, and
statistics. A historical overview provides insight in past trends and
developments, while an investigation of real-world vulnerabilities
and exploits allows us to speculate on the significance of memory
errors in the foreseeable future.