Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a deep dive into IBM i's revolutionary security architecture in this 45-minute conference talk from Recon 2024. Learn how this platform (formerly known as AS/400 and iSeries), which powers critical infrastructure in telecommunications and financial institutions, implements control flow integrity through hardware-assisted memory tagging. Discover how the system's integrated compiler embeds security checks within program objects, providing robust protection despite being released in 1988. Follow along as speaker Bálint Varga-Perke extends PowerPC support in Ghidra to analyze IBM's proprietary POWER-AS instruction set, revealing how the system operates at the RISC instruction level. The presentation covers the platform's object-oriented operating system, single-level storage, Machine Interface, security levels, reverse engineering tools, memory safety mechanisms, and even demonstrates a memory corruption-based exploit to inspire further research. Varga-Perke, a founder of Silent Signal and contributor to the CIS Benchmark for IBM i, brings his expertise in penetration testing and reverse engineering to document this unique platform's security features at the RISC level.
