Security research @IBMResearch. Husband, father. Jogger.
Joined September 2020
- Tweets 42
- Following 109
- Followers 123
- Likes 138
1 Photos and videos
Pinned Tweet
21 Jun 2021
Today we're inaugurating our group's new blog with a post on speculative bypass of stack canaries. Stay tuned for more goodies soon!
ibm.github.io/system-securit…
21 Jun 2021
Step by step description on bypassing stack canaries: we have a new blog, and an excellent post by @fkaasan assisted by @m4mbr3 and @sigusr0 ibm.github.io/system-securit…
6
10
Alessandro Sorniotti retweeted
12 Mar 2024
If you liked exploiting use-after-frees, you will love exploiting speculative UaFs! Paper: download.vusec.net/papers/gh…
How do synchronization primitives work during speculative execution? THEY DON'T!
Disclosing #GhostRace (paper @USENIXSecurity). We turn all arch. race-free critical regions of OS/Hypervisors into Speculative Race Conditions. Joint work @vu5ec @IBMResearch: vusec.net/projects/ghostrace
15
40
5,769
Alessandro Sorniotti retweeted
9 Mar 2024
#NDSS25 is calling for reviewers, please sign up and nominate your peers for the TPC: docs.google.com/forms/d/e/1F…
29 Feb 2024
What an awesome #NDSSSymposium2024! Over 4000 emails, more than half in the last two weeks. Over 1500 HotCRP comments. Over 600 attendees, 140 paper presentations across three parallel sessions, and two amazing keynotes. 10/10, amazing experience, would do again (after a break)!
2
6
28
7,006
Alessandro Sorniotti retweeted
23 Jan 2024
The CCS deadline is coming very soon (January 28th), and we are looking forward to your awesome submissions!
Submission website: ccs2024a.hotcrp.com/
13
29
9,831
Alessandro Sorniotti retweeted
Security researchers pay attention: Just about 2 weeks left to polish and submit your @RAID_Conference papers to book your ticket to Hong Kong in Oct 2023. CfP: raid2023.org/call.html 1/3
1
18
30
11,821
Alessandro Sorniotti retweeted
28 Jul 2022
The paper submission deadline for the second cycle of @NDSSSymposium is on Jul29 AoE, so finish those papers and submit them at: ndss23-fall.hotcrp.com/
1
5
Alessandro Sorniotti retweeted
16 May 2022
The Call for Papers for @USENIXSecurity 23 is out! First deadline: June 7th. @inplaintext and I are looking forward to your very excellent submissions.
We’ve made some changes this year that we hope will improve authors’ and reviewers' experiences
🧵
3 May 2022
The Call for Papers for the 32nd USENIX Security Symposium is now available! The Summer deadline is June 7. View the CFP for more info, including important changes to the publication model: bit.ly/usesec23cfp
1
33
99
Alessandro Sorniotti retweeted
7 May 2022
Planning to submit to the first cycle for @NDSSSymposium #NDSS23? Now is a good time to register your paper and conflicts: ndss23-summer.hotcrp.com/ Submission deadline is May 13 AoE. You still have a week to polish!
7
15
Alessandro Sorniotti retweeted
20 Apr 2022
The very first @jsysresearch JSys deadline in system security is coming up on May 01. Get your papers ready, we'll be looking forward to your submissions! 📝✍️📯📢#PositiveReviewing jsys.org/cfp_security/
20
25
Alessandro Sorniotti retweeted
5 Apr 2022
The @jsysresearch system security track is open for submissions. Deadline for your amazing work on system and software security is May01, so sharpen your pencils! JSys is a new gold open access journal for systems research jsys.org/cfp_security/ Please RT!
18
29
24 Feb 2022
A new blog post is out! Today we talk about speculatively bypassing bounds checks in Go! The mitigations we proposed found their way in the Go compiler. ibm.github.io/system-securit…
2
8
Alessandro Sorniotti retweeted
22 Feb 2022
JSys now has a system security track! We combine conference-inspired reviewing (short turn around, positive reviewing, one-shot revisions) with an open-access journal model. First submission deadline for the security track is May 22! jsys.org/cfp_security/ Go submit & please RT
22 Feb 2022
Thrilled to announce that @jsysresearch will feature two new areas from the next deadline (May 22) onwards!
First, @gannimo has agreed to serve as Area Chair for a new Systems Security area! This is one of the areas requested most by authors.
jsys.org/cfp_security/
20
36
6 Sep 2021
Part II of the post on the security of ElGamal in PGP is out today! This time we look at a side channel attack in libgcrypt and how interop issues make it exploitable in practice. Once again, thanks to my co-authors @luca_defeo and Bertram Poettering
ibm.github.io/system-securit…
11
19
Alessandro Sorniotti retweeted
3 Aug 2021
FC22 CFP is out!
Register your papers by Sep 2.
Submission Sep 9 up to 4 days of Satoshi Grace Period.
fc22.ifca.ai/cfp.html
2
19
50
20 Jul 2021
A new post in our group's blog is out today! We're discussing some of the issues we discovered about the way OpenPGP handles ElGamal encryption (CVE-2021-33560). Joint work with @luca_defeo and Bertram Poettering
ibm.github.io/system-securit…
5
9
Alessandro Sorniotti retweeted
14 May 2021
As part of #FlashbackFriday, we look back to #ACSAC2020's sponsored talks on "Memory Corruption Attacks in the Spectre Era" youtu.be/oSlEdjKol08 and "Unleashing Cyber Reasoning" youtu.be/9IlUoGpXvYo. A huge thank you to last year's sponsor IBM! @IBMSecurity @IBMResearch
2
9