BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//talks.toorcon.net//toorcon-2021//talk//WRQEVD
BEGIN:VTIMEZONE
TZID:PST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T100000Z
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T110000Z
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-toorcon-2021-WRQEVD@talks.toorcon.net
DTSTART;TZID=PST:20211012T130000
DTEND;TZID=PST:20211012T135000
DESCRIPTION:In the recent years\, we have seen some of the major players in
  the industry switch from x86-based processors to ARM processors. Most not
 able is Apple\, who has supported the transition to ARM from x86 with a bi
 nary translator\, Rosetta 2\, which has recently gotten the attention of m
 any researchers and reverse engineers. However\, you might be surprised to
  know that Intel has their own binary translator\, Houdini\, which runs AR
 M binaries on x86.\nIn this talk\, we will discuss Intel's proprietary Hou
 dini translator\, which is primarily used by Android on x86 platforms\, su
 ch as higher-end Chromebooks and desktop Android emulators. We will start 
 with a high-level discussion of how Houdini works and is loaded into proce
 sses. We will then dive into the low-level internals of the Houdini engine
  and memory model\, including several security weaknesses it introduces in
 to processes using it. Lastly\, we will discuss methods to escape the Houd
 ini environment\, execute arbitrary ARM and x86\, and write Houdini-target
 ed malware that bypasses existing platform analysis.
DTSTAMP:20260417T160357Z
LOCATION:The Point
SUMMARY:Sleight of ARM: Demystifying Intel Houdini - Brian Hong
URL:https://talks.toorcon.net/toorcon-2021/talk/WRQEVD/
END:VEVENT
END:VCALENDAR