Results of the Underhanded C Contest
12 days ago
- #Nuclear verification
- #NaN poisoning
- #Underhanded C Contest
- The 2015 Underhanded C Contest focused on a real-world problem in nuclear verification, sponsored by the Nuclear Threat Initiative.
- Over 40 high-quality submissions were received, with many using NaN poisoning attacks as a common trick.
- NaN poisoning involves introducing a NaN (Not a Number) through computations, which can propagate and affect comparisons.
- Several submissions were highlighted for their clever use of NaN poisoning, including those by Peter Eastman and Michael Dunphy.
- The contest emphasized the need for realistic attacks, distinguishing between data-triggered and environment-triggered attacks.
- Runners-up included entries by Philipp Klenze, Ghislain Lemaur, Josh Lospinoso, Stephen Dolan, Matt Bierner, Gregory Stewart, and Stephen Oman, each with unique underhanded techniques.
- The winning entry by Linus Åkesson involved a type confusion bug where double-precision numbers were mistakenly treated as single-precision, leading to a misinterpretation of spectral data.
- Åkesson's entry was praised for its realism, ingenuity, and the subtlety of the bug, which was transparent to preprocessing and filtering.