The ability to monitor code as it is executed and measure against predefined sources of input, known as dynamic taint analysis (DTA), is a very common method in information security. However, it can lead to serious performance degradation as mentioned by the authors of Dynamic Taint Analysis for Automatic Detection, Analysis and Signature Generation of Exploits on Commodity Software

Using TaintCheck to monitor a process’s execution exacts a 1.5X to 40X performance penalty

A new paper uses a virtual machine with software DTA, called Minemu, to speed performance and detect memory exploits.

The research question we address in this paper is whether the slow-down is a fundamental performance barrier, or an artifact of bolting information flow tracking on emulators not designed for it? To answer this question, we designed a new emulator architecture for the x86 architecture from scratch—with the sole purpose of minimizing the instructions needed to propagate taint. The emulator, Minemu, reduces the slowdown of DTA in most real applications to a factor of 1.5 to 3. It is significantly faster than existing solutions, even though we have not applied some of their most significant optimizations yet. We believe that the new design may be suitable for certain classes of applications in production systems.

The SEC has released a brief on Investment Adviser Use of Social Media

Firms’ use of social media must comply with various provisions of the federal securities laws, including, but not limited to, the antifraud provisions, compliance provisions, and recordkeeping provisions.

The SEC points out several staff observations that should help clarify their concern with the social behavior of registered investment advisors (RIA) or firms.

1. Unclear procedures reduce the accuracy of compliance program measurement
2. Sites that allow third-party content need policies on what is permissible
3. Social media communication often falls under required record retention and accessibility rules