Twitter | Pretraživanje | |
VUSec
Systems and Network Security Group . Co-led by
155
Tweetovi
129
Pratim
2.219
Osobe koje vas prate
Tweetovi
VUSec 27. sij
Another day, another embargo and addendum! “New” (not really!) variants of the day: L1D evictions (Fig 6, RIDL paper) or and vector registers or . See . As a bonus: a faster RIDL exploit that leaks a root hash in 4s:
Reply Retweet Označi sa "sviđa mi se"
VUSec 14. sij
Our NDSS paper, ABSynthe is now online: ABSynthe takes a target program and a microarchitecture and automatically synthesizes new side channels. With cool leakage maps!
Reply Retweet Označi sa "sviđa mi se"
VUSec 5. pro
Odgovor korisniku/ci @0x6d696368 @GernotHeiser @herbertbos
Fixed this. Sorry!
Reply Retweet Označi sa "sviđa mi se"
VUSec 4. pro
Odgovor korisniku/ci @noopwafel @GernotHeiser
Yes, and this is why we did not say anything about incremental work (which we love), negative results (which we love), or analysis of things that do not work (which we love).
Reply Retweet Označi sa "sviđa mi se"
VUSec 4. pro
Odgovor korisniku/ci @lcavallaro
Interesting. Thanks for the link. Will add a link.
Reply Retweet Označi sa "sviđa mi se"
VUSec 4. pro
We compiled a long list of Threats to Validity/Relevance in Security Research for our students, building on common sense & our papers on malware experiments and on benchmarking (and inspired by 's excellent blog). Perhaps useful for others?
Reply Retweet Označi sa "sviđa mi se"
VUSec proslijedio/la je tweet
Financial Times 13. stu
Intel is still working to close a potentially damaging loophole in its chip architecture that could allow hackers to steal data, almost two years after the issue was disclosed
Reply Retweet Označi sa "sviđa mi se"
VUSec proslijedio/la je tweet
Thorsten Holz 12. stu
Interesting article on RIDL and side-effects:
Reply Retweet Označi sa "sviđa mi se"
VUSec proslijedio/la je tweet
Stephan van Schaik 12. stu
In other news Rogue In-Flight Data Load won the 2nd place for Applied Research at 2019. I met many nice and interesting people at the poster presentation :).
Reply Retweet Označi sa "sviđa mi se"
VUSec proslijedio/la je tweet
Kim Zetter 12. stu
When Intel released patch for CPU vulns last May, it said the patch fixed all the vulns. But researchers at say this isn't true and Intel knew it. Intel asked them not to disclose this and to alter conf. paper about the vulns. My story for
Reply Retweet Označi sa "sviđa mi se"
VUSec 12. stu
Long embargos without transparency hurt endusers who remain unknowingly exposed to serious flaws. covers our saga with in her piece. remains a problem after 1+ year, 2 flawed patches and 2 embargos (+1 still ongoing).
Reply Retweet Označi sa "sviđa mi se"
VUSec proslijedio/la je tweet
Stephan van Schaik 12. stu
RIDL actually works on Cascade Lake and Whiskey Lake as our PoCs on show and Intel’s acknowledgements on . See for the story.
Reply Retweet Označi sa "sviđa mi se"
VUSec proslijedio/la je tweet
Kav 12. stu
deserves a lot of credit for this. She is better at finding variants than engineers. Also kudos to Jonas Theis, our master student who put together the fast /etc/shadow exploit as a term project!
Reply Retweet Označi sa "sviđa mi se"
VUSec proslijedio/la je tweet
Andy Greenberg 12. stu
Microarchitectural processor vulnerabilities like Spectre and Meltdown were bad, but at least Intel fixed them promptly. Now it seems another deep-seated chip flaw lingered in Intel’s silicon for more than a year after the company was warned about it.
Reply Retweet Označi sa "sviđa mi se"
VUSec proslijedio/la je tweet
Alyssa Milburn 12. stu
Intel are disclosing 77 vulns today (), some in their CPUs - HW bugs are always painful, but hardware is never perfect. Happy to see TAA disclosed after I found it >1y ago, but @dkg0414's page size issue looks a lot more painful. JCC icache errata too.
Reply Retweet Označi sa "sviđa mi se"
VUSec 12. stu
Odgovor korisniku/ci @themadstephan @noopwafel i 5 ostali
Video shows leaking root password hash in default settings in 30s!
Reply Retweet Označi sa "sviđa mi se"
VUSec 12. stu
Today, last-minute embargo on parts of ends. The "new" is just a variant we reported in Sep 2018, and it leaks your root hashes fast! Latest Intel patches remain broken. See for addendum and exploits.
Reply Retweet Označi sa "sviđa mi se"
VUSec proslijedio/la je tweet
Herbert Bos 13. lis
@vu5sec Great line-up for our VUSec/AMSec Workshop on System Security: Michael Franz (UC Irvine) Mathias Payer (EPFL) Stijn Volckaert (KU Leuven) Lucas Davi (U. Duisburg) Stefan Brunthaler ( U. der Bundeswehr) Robert Buhren (TU Berlin) Free/open for all.
Reply Retweet Označi sa "sviđa mi se"
VUSec proslijedio/la je tweet
Victoria Walberg 26. ruj
Great start to with keynoting
Reply Retweet Označi sa "sviđa mi se"
VUSec proslijedio/la je tweet
Hany Ragab 26. ruj
Reply Retweet Označi sa "sviđa mi se"