Alessandro Sorniotti
@sigusr0
Security research @IBMResearch. Husband, father. Jogger.
You might like
Today we're inaugurating our group's new blog with a post on speculative bypass of stack canaries. Stay tuned for more goodies soon! ibm.github.io/system-securit…
Step by step description on bypassing stack canaries: we have a new blog, and an excellent post by @fkaasan assisted by @m4mbr3 and @sigusr0 ibm.github.io/system-securit…
If you liked exploiting use-after-frees, you will love exploiting speculative UaFs! Paper: download.vusec.net/papers/ghostra…
How do synchronization primitives work during speculative execution? THEY DON'T! Disclosing #GhostRace (paper @USENIXSecurity). We turn all arch. race-free critical regions of OS/Hypervisors into Speculative Race Conditions. Joint work @vu5ec @IBMResearch: vusec.net/projects/ghost…
#NDSS25 is calling for reviewers, please sign up and nominate your peers for the TPC: docs.google.com/forms/d/e/1FAI…
What an awesome #NDSSSymposium2024! Over 4000 emails, more than half in the last two weeks. Over 1500 HotCRP comments. Over 600 attendees, 140 paper presentations across three parallel sessions, and two amazing keynotes. 10/10, amazing experience, would do again (after a break)!
The CCS deadline is coming very soon (January 28th), and we are looking forward to your awesome submissions! Submission website: ccs2024a.hotcrp.com
Security researchers pay attention: Just about 2 weeks left to polish and submit your @RAID_Conference papers to book your ticket to Hong Kong in Oct 2023. CfP: raid2023.org/call.html 1/3
The paper submission deadline for the second cycle of @NDSSSymposium is on Jul29 AoE, so finish those papers and submit them at: ndss23-fall.hotcrp.com
The Call for Papers for @USENIXSecurity 23 is out! First deadline: June 7th. @inplaintext and I are looking forward to your very excellent submissions. We’ve made some changes this year that we hope will improve authors’ and reviewers' experiences 🧵
The Call for Papers for the 32nd USENIX Security Symposium is now available! The Summer deadline is June 7. View the CFP for more info, including important changes to the publication model: bit.ly/usesec23cfp
Planning to submit to the first cycle for @NDSSSymposium #NDSS23? Now is a good time to register your paper and conflicts: ndss23-summer.hotcrp.com Submission deadline is May 13 AoE. You still have a week to polish!
The very first @jsysresearch JSys deadline in system security is coming up on May 01. Get your papers ready, we'll be looking forward to your submissions! 📝✍️📯📢#PositiveReviewing jsys.org/cfp_security/
The @jsysresearch system security track is open for submissions. Deadline for your amazing work on system and software security is May01, so sharpen your pencils! JSys is a new gold open access journal for systems research jsys.org/cfp_security/ Please RT!
A new blog post is out! Today we talk about speculatively bypassing bounds checks in Go! The mitigations we proposed found their way in the Go compiler. ibm.github.io/system-securit…
JSys now has a system security track! We combine conference-inspired reviewing (short turn around, positive reviewing, one-shot revisions) with an open-access journal model. First submission deadline for the security track is May 22! jsys.org/cfp_security/ Go submit & please RT
Thrilled to announce that @jsysresearch will feature two new areas from the next deadline (May 22) onwards! First, @gannimo has agreed to serve as Area Chair for a new Systems Security area! This is one of the areas requested most by authors. jsys.org/cfp_security/
Part II of the post on the security of ElGamal in PGP is out today! This time we look at a side channel attack in libgcrypt and how interop issues make it exploitable in practice. Once again, thanks to my co-authors @luca_defeo and Bertram Poettering ibm.github.io/system-securit…
FC22 CFP is out! Register your papers by Sep 2. Submission Sep 9 + up to 4 days of Satoshi Grace Period. fc22.ifca.ai/cfp.html
A new post in our group's blog is out today! We're discussing some of the issues we discovered about the way OpenPGP handles ElGamal encryption (CVE-2021-33560). Joint work with @luca_defeo and Bertram Poettering ibm.github.io/system-securit…
As part of #FlashbackFriday, we look back to #ACSAC2020's sponsored talks on "Memory Corruption Attacks in the Spectre Era" youtu.be/oSlEdjKol08 and "Unleashing Cyber Reasoning" youtu.be/9IlUoGpXvYo. A huge thank you to last year's sponsor IBM! @IBMSecurity @IBMResearch
youtube.com
YouTube
ACSAC 2020 Sponsored Talk: Memory Corruption Attacks in the Spectre...
United States Trends
- 1. LINGORM HER AND HERS FANCON 370K posts
- 2. #BUNCHITA 1,470 posts
- 3. Frankenstein 82.4K posts
- 4. #KirbyAirRiders 1,898 posts
- 5. Giulia 15.6K posts
- 6. taylor york 8,867 posts
- 7. Tulane 4,466 posts
- 8. Supreme Court 183K posts
- 9. Aaron Gordon 5,022 posts
- 10. #SmackDown 48.1K posts
- 11. #TheLastDriveIn 4,023 posts
- 12. #River 4,860 posts
- 13. Pluribus 31.3K posts
- 14. Justice Jackson 6,106 posts
- 15. Brown Jackson 5,710 posts
- 16. Connor Bedard 3,213 posts
- 17. Gozyuger 2,277 posts
- 18. Russ 14.4K posts
- 19. Tatis 2,245 posts
- 20. Northwestern 5,136 posts
Something went wrong.
Something went wrong.