Twitter | Search | |
Florian Tramèr
PhD Student in the Applied Crypto Group at Stanford. Interested in Security, Cryptography and Machine Learning
15
Tweets
124
Following
116
Followers
Tweets
Florian Tramèr Oct 11
Replying to @florian_tramer
I did receive a notification when papers that I'm reviewing were commented on. (guess I've leaked the fact I'm not a reviewer of some particular paper)
Reply Retweet Like
Florian Tramèr Oct 11
I've commented on an submission on two weeks ago. Didn't receive any email notifications and checked back today: 35 new comments and 5 direct responses to my question... Any way to get a notification when there's activity on a paper you commented on?
Reply Retweet Like
Florian Tramèr Oct 9
Replying to @him_sahni @NeurIPSConf
Haha this is also the first time I have a paper there so it will probably be a bit awkward trying to mentor others.
Reply Retweet Like
Florian Tramèr Oct 9
The "and more" includes many participants who were recognized for writing high quality reviews for papers: I'm proud of being part of that group, along with many other students and "novice" researchers.
Reply Retweet Like
Florian Tramèr Oct 9
Cool new workshop: "New in ML" offers mentorship to authors who have not yet published at NeurIPS: Submit by Oct 15 for reviews and possibly mentorship by leaders in the field, Joshua Bengio, , , and more
Reply Retweet Like
Florian Tramèr Oct 4
The timing leakage itself is not surprising (Zcash mentions that a co-located attacker can exploit this ). What's surprising is that the timing leaks to a remote adversary due to interactions with the P2P layer. I'd say this is bad even in experimental code
Reply Retweet Like
Florian Tramèr Oct 3
Oh yeah, the REJECT variant is very simple to trigger. I just stumbled upon the exception for the version byte while reading through Zcash's codebase.
Reply Retweet Like
Florian Tramèr retweeted
Jutta Horstmann Sep 27
for Ad Blocking is getting a lot of traction. Audience is filling up the room for Florian Tramer's presentation on the challenges around that topic.
Reply Retweet Like
Florian Tramèr Oct 3
Is this bounty for an exploit that works before or after the fix introduced in Zcash's v2.0.7-3? We don't have an attack for the fixed version.
Reply Retweet Like
Florian Tramèr Oct 3
We've implemented proof-of-concepts for each attack and validated them in regtest mode on a local LAN. It's hard to tell if an attack like this has been deployed on the mainnet as only the targeted victim nodes could see evidence of an attack in their logs.
Reply Retweet Like
Florian Tramèr retweeted
str4d Oct 2
Thank you , and for your excellent work identifying and analysing these attacks, and for your professionalism and prompt engagement during the security response process 🙂
Reply Retweet Like
Florian Tramèr retweeted
Ycash Foundation Oct 2
Here is more information about the "PING" and "REJECT" attacks. Don't forget to upgrade to the latest versions of YecWallet and ycashd to project your Ycash nodes from these attacks!
Reply Retweet Like
Florian Tramèr retweeted
kennyog Oct 2
Electric Coin Company were great to work with when disclosing our side channel attacks on Zcash anonymity:
Reply Retweet Like
Florian Tramèr retweeted
Electric Coin Company Oct 2
On Tuesday September 24th we released version 2.0.7-3 of Zcashd to address two security issues. Read full details in this blogpost:
Reply Retweet Like
Florian Tramèr retweeted
kennyog Oct 2
How to break Zcash anonymity using side channel leakage, joint work with and :  
Reply Retweet Like