Taint analysis aims to track data flows in systems, with potential use cases for security, privacy and performance. This paper describes an end-to-end dynamic taint analysis solution for WhatsApp. We use exploratory UI testing to generate realistic interactions and inputs, serving as data sources on the clients and then we track data propagation towards sinks on both client and server sides. Finally, a reporting pipeline localizes tainted flows in the source code, applies deduplication, filters false positives based on production call sites, and files tasks to code owners. Applied to WhatsApp, our approach found 89 flows that were fixed by engineers, and caught 50% of all privacy-related flows that required escalation, including instances that would have been difficult to uncover by conventional testing.
Fri 19 JulDisplayed time zone: Brasilia, Distrito Federal, Brazil change
11:00 - 12:30 | |||
11:00 18mTalk | Come for syntax, stay for speed, understand defects: An Empirical Study of Defects in Julia Programs Journal First Akond Rahman Auburn University, Dibyendu Brinto Bose Graduate Student, Raunak Shakya Mineral Worths, Rahul Pandita GitHub, Inc. Link to publication DOI Authorizer link Pre-print | ||
11:18 18mTalk | An Empirically Grounded Path Forward for Scenario-based Testing of Autonomous Driving Systems Industry Papers | ||
11:54 9mTalk | Automated End-to-End Dynamic Taint Analysis for WhatsApp Industry Papers Sopot Cela Meta, Andrea Ciancone Meta, Per Gustafsson Meta, Ákos Hajdu Meta, Yue Jia Meta, Timotej Kapus Meta, Maksym Koshtenko Meta, Will Lewis Meta, Ke Mao Meta, Dragos Martac Meta | ||