Twitter | Pretraživanje | |
snupe
Computer Scientist; Reverse Engineer; Program Analysis; PL/FM; Hardware Security; Fuzzing; Rust; Former Research Professor; Aspiring Rapper
20
Tweetovi
739
Pratim
8.075
Osobe koje vas prate
Tweetovi
snupe proslijedio/la je tweet
Dr Heidy Khlaaf (هايدي خلاف) 15. pro
In the past three years of working on large safety critical systems, I've learned that verification isn't the real problem, but it's writing specifications. Don't @ me.
Reply Retweet Označi sa "sviđa mi se"
snupe 14. pro
Odgovor korisniku/ci @Aaaaaaa93564923 @aatxe
Oxide from is interesting. See his paper and the related works section.
Reply Retweet Označi sa "sviđa mi se"
snupe 13. pro
Odgovor korisniku/ci @silviocesare
The key is that it takes a significant amount of time investment to be good at something, whether it be exploit dev or say boxing. Very few professors have real exploit dev experience, therefore it is difficult for them to really comprehend the necessary methods to teach.
Reply Retweet Označi sa "sviđa mi se"
snupe proslijedio/la je tweet
John Regehr 19. ruj
memory tagging should be a game changer for C and C++; get with the program, and !!
Reply Retweet Označi sa "sviđa mi se"
snupe 27. lis
Odgovor korisniku/ci @pepijndevos
Sure, but at what cost? ;)
Reply Retweet Označi sa "sviđa mi se"
snupe 27. lis
Odgovor korisniku/ci @DanSwinhoe
Definitely not "unhackable", but pretty good memory safety.
Reply Retweet Označi sa "sviđa mi se"
snupe 27. lis
Odgovor korisniku/ci @BenLaurie
Also, if memory serves correct, CHERI does not protect against data-only use after free attacks. So not exactly exact ;)
Reply Retweet Označi sa "sviđa mi se"
snupe 27. lis
Odgovor korisniku/ci @BenLaurie
Well maybe you should broaden your scope a bit and look beyond memory safety? For instance, how does CHERI enforce a policy for a mission critical system such that X can never happen before Y?
Reply Retweet Označi sa "sviđa mi se"
snupe 10. lis
The Rust programming language has significant potential to be impactful with respect to software security, particularly as the formal verification tools for the language mature.
Reply Retweet Označi sa "sviđa mi se"
snupe 15. kol
Formal Methods is the answer to ending CPU side channel attacks:
Reply Retweet Označi sa "sviđa mi se"
snupe 10. kol
Bruce Schneier is trying to hawk badges. I guess times are rough bro?
Reply Retweet Označi sa "sviđa mi se"
snupe 8. kol
It was just explained to me by a prominent security company that "symbolic execution" is the same thing as "dynamic taint analysis."
Reply Retweet Označi sa "sviđa mi se"
snupe proslijedio/la je tweet
Stephen Watt 16. ožu
Pretty smart move of Beto to let the world know about his being a member of CDC.... that way when oppo research tries to dig up dirt from his past, nobody can accuse him of being a hacker!
Reply Retweet Označi sa "sviđa mi se"
snupe proslijedio/la je tweet
andreasdotorg 21. srp
The 70s called, they want their Lisp Machine architecture back.
Reply Retweet Označi sa "sviđa mi se"
snupe proslijedio/la je tweet
Renata Hodovan 26. srp 2017.
with grammar without writing grammar? New release of is out!
Reply Retweet Označi sa "sviđa mi se"
snupe proslijedio/la je tweet
DARPA 14. ožu
ICYMI: we're bringing our SSITH hardware defenses to the 2019 & 2020 Voting Villages! SSITH aims to demo that correctly constructed electronics can be a substantive part of a system’s security by limiting the impact of errors made within the software stack.
Reply Retweet Označi sa "sviđa mi se"
snupe proslijedio/la je tweet
Emin Gün Sirer 23. svi 2018.
So many academics forget that our goal, as a profession, is *not* to publish papers. It's to change the world.
Reply Retweet Označi sa "sviđa mi se"
snupe 17. lip
Contrary to popular belief, riscv-boom is vulnerable to Spectre attacks.
Reply Retweet Označi sa "sviđa mi se"
snupe proslijedio/la je tweet
Dr Heidy Khlaaf (هايدي خلاف) 20. stu 2018.
I never understood the fear mongering behind ML systems becoming self-aware. My first research project in Uni was on ML and I had the revelation that although powerful, they were utterly stupid, so I switched to PL. 10 years later, verifying DNNs, my god are they still stupid.
Reply Retweet Označi sa "sviđa mi se"
snupe 16. lip
Perhaps the most underrated security/verification research:
Reply Retweet Označi sa "sviđa mi se"