The format wasn’t particularly great even to someone who’s interested in the field and familiar with dynamic taint analysis (but not an expert :) ). The issue was that it focused a bit too heavily on showing what their product could do, so it had a lot of videos instead of a more tractable “our taint analysis tool shows that the lower four bits of this byte come from byte three of the PE header after it’s passed through x, y, and z”. (Page table entries are used to implement virtual memory, though expanding the acronym at least once would have been helpful. That being said, the code mentions page tables multiple times.)

I'm in the security field and do work similar to this professionally. This article it poorly written and i found the videos shown absolutely useless. If you want to see how technical articles should read, take a look at j00ru's blog (research that found this). That is how you write about this stuff.

Thank goodness!

I looked at the article and it made me mad because it seemed to be a bunch of nonsense.

I mean the second video paragraph is: "A closer look at the memcpy arguments shows that this address is built as 0xfffff8035b2a0000 + 0xe7ff, so we taint the value 0xe7ff to find where it comes from." But there's absolutely zero explanation of what we're looking at.

So it made me mad because it made me feel stupid for not understanding it, when in reality it's just poorly written. Poor communication is theft.

> I assume the audience of a post like this is other security researchers?

Or "low level/back end" developers; people knowledgeable with operating systems, assembly, and hardware.