Photos and videos
David Kohlbrenner retweeted
I was relying on this app to publicize that I am defending in April! And looking for 2023 jobs! Guess I'll used...LinkedIn...now?
TL;DR If you want to understand/improve security processes using data and research science methods, shoot me a note. I'll post more later if I can
4
35
85
12 Jul 2022
Retpolines leaking is unfortunate, but its good that we have concrete examples of how.
While there, read the addendum (and the timeline on addendum, oof). Looking forward to _that_ paper quite a bit!
Today @kavehrazavi and I are finally allowed to talk about #Retbleed. In 2018, #SpectreV2 was fixed by replacing indirect jumps with returns. But, returns can be poisoned like indirect jumps, throwing us us back to 2018 again. Paper, demo, addendum, code @ comsec.ethz.ch/retbleed
1
David Kohlbrenner retweeted
1 Jul 2022
Excited to share that our proposal for a @dagstuhl seminar on "Microarchitectural attacks and defenses" has been accepted! Organizers: yours truly, @BloodyTangerine, @dkohlbre, and Chris Fletcher
4
10
58
14 Jun 2022
This project was wild. @YingchenWang96 and @ricpacca knocked it out the park at every step. Check it out!
It is time to think about a different way of writing safe, timing-independent, code :)
14 Jun 2022
We found a way to mount *remote timing* attacks on *constant-time* cryptographic code running on modern x86 processors. How is that possible? With #hertzbleed! Here is how it works (with @YingchenWang96).
hertzbleed.com/
7
David Kohlbrenner retweeted
13 Jun 2022
Please help distribute: I am hiring a postdoc to join my lab at @dukecompsci. Email me (with your CV) if you are interested in human-centered security and privacy, especially when it relates to data from medical/robotic application domains, and/or marginalized populations. 🙂
1
49
87
David Kohlbrenner retweeted
10 Jun 2022
We found a way to defeat pointer authentication (and forge kernel pointers from userspace) on the Apple M1 via a new hardware attack.
Here’s how it works-
pacmanattack.com
20
274
844
29 Apr 2022
We found a way to leak data on Apple Silicon processors that is "at rest": that is, data the core never reads speculatively or non-speculatively.
This will be an odd one, so stick around for the 🧵 and see prefetchers.info
UPDATE (March 26 2024)
Using Data Memory-Dependent Prefetchers to Leak Data at Rest
prefetchers.info 9
205
622
29 Apr 2022
For more information check out prefetchers.info and go see the talk at
@IEEESSP 2022 by @jose_vicarte on May 24th
UPDATE (March 26 2024)
Using Data Memory-Dependent Prefetchers to Leak Data at Rest
prefetchers.info 3
31
24 May 2022
And now it is May 24th!
At (or remotely at) IEEE S&P? Check out @jose_vicarte 's talk on "Augury: Using Data Memory-Dependent Prefetchers to Leak Data at Rest" coming up shortly in Session 7A.
2
David Kohlbrenner retweeted
10 May 2022
Today, GPZ and Google Cloud are releasing a technical report on a security research project in collaboration with AMD on their Secure Processor and the Secure Encrypted Virtualization feature. It includes some interesting bugs we found. Read the blog at googleprojectzero.blogspot.c…
2
78
217
David Kohlbrenner retweeted
I really want to get more hackers to our Security Summit. It seems most of our old frandversaries went corporate ;-). They're still great friends, but I miss attackers' voice in the room.
So who's still hacking phones/cars/iot for fun/profit? Ping me to request an invite.
plz RT
13
32
58
David Kohlbrenner retweeted
15 Nov 2021
#MondayMotivation Please do consider joining our community and working with cool researchers like @abhishekunique7! 😎 We are accepting applications to our Ph.D. program via the @UWGradSchool through December 15. Start here: cs.washington.edu/academics/…
15 Nov 2021
Excited to be working with all these amazing people very soon! Exciting times ahead😀 On that note I'm also hoping to recruit students this cycle to start in Fall 22. If you like ML and robotics and want to get things to work in the real world, definitely apply to UW!, 1/3
3
4