{"id":641,"date":"2019-04-03T18:51:47","date_gmt":"2019-04-03T16:51:47","guid":{"rendered":"http:\/\/blog.pi3.com.pl\/?p=641"},"modified":"2019-04-03T18:55:29","modified_gmt":"2019-04-03T16:55:29","slug":"windows-internals","status":"publish","type":"post","link":"https:\/\/blog.pi3.com.pl\/?p=641","title":{"rendered":"Windows Internals"},"content":{"rendered":"\n<p><br><\/p>\n\n\n\n<p>One of the author of Windows Internals (Andrea Allievi) asked me and my friend David Kaplan if we could write a section about System Guard Runtime Attestation for their book. We&#8217;ve written about 3-4 pages describing internals of that project which we fully designed. Our section will be included in Windows Internals 7th edition part 2 (release date around August 2019):<\/p>\n\n\n\n<figure class=\"wp-block-embed-twitter wp-block-embed is-type-rich is-provider-twitter\"><div class=\"wp-block-embed__wrapper\">\n<div class=\"embed-twitter\"><blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\">Secure Kernel chapter of the new Windows Internals is done! &#8230; including also a section of System Guard Runtime Attestation (thanks <a href=\"https:\/\/twitter.com\/Adam_pi3?ref_src=twsrc%5Etfw\">@Adam_pi3<\/a> and <a href=\"https:\/\/twitter.com\/depletionmode?ref_src=twsrc%5Etfw\">@depletionmode<\/a>) + Trustlets, Enclaves and SK Memory manager.  Hurrah! I start to see the end of the tunnel \ud83d\ude42<\/p>&mdash; Andrea Allievi (@aall86) <a href=\"https:\/\/twitter.com\/aall86\/status\/1112967108772560896?ref_src=twsrc%5Etfw\">April 2, 2019<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/div>\n<\/div><\/figure>\n\n\n\n<p>Windows Defender System Guard Runtime Attestation (SGRA \/ SGRM) is internally known as a project Octagon which me and Dave fully designed and implemented together with Octagon v-team. Octagon is now included in every Windows build and first implementation of this new technology has been introduced in Windows 10 April 2018 Update (RS4). You can learn more about this project here:<\/p>\n\n\n\n<p><a href=\"https:\/\/www.microsoft.com\/security\/blog\/2018\/04\/19\/introducing-windows-defender-system-guard-runtime-attestation\/\">https:\/\/www.microsoft.com\/security\/blog\/2018\/04\/19\/introducing-windows-defender-system-guard-runtime-attestation\/<\/a><\/p>\n\n\n\n<p>Best regards,<br>Adam<\/p>\n","protected":false},"excerpt":{"rendered":"<p>One of the author of Windows Internals (Andrea Allievi) asked me and my friend David Kaplan if we could write a section about System Guard Runtime Attestation for their book. We&#8217;ve written about 3-4 pages describing internals of that project which we fully designed. Our section will be included in Windows Internals 7th edition part [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[5,6],"tags":[],"class_list":["post-641","post","type-post","status-publish","format-standard","hentry","category-exploiting","category-ideas"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=\/wp\/v2\/posts\/641","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=641"}],"version-history":[{"count":2,"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=\/wp\/v2\/posts\/641\/revisions"}],"predecessor-version":[{"id":647,"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=\/wp\/v2\/posts\/641\/revisions\/647"}],"wp:attachment":[{"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=641"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=641"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=641"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}