Exploiting Smartphones
Some history of exploiting smartphones, starting with the iPhone, and a description of a paper about Android and Linux kernel defenses and where they are lacking.
Authors: Rik Farrow
Article shepherded by: Rik Farrow
Solving the First-Mile Problem
If side channels are like mind reading, this is mind control. Using lasers to execute arbitrary code.
Authors: Joe Loughry
Article shepherded by: Rik Farrow
Navigating the Kubernetes Odyssey
How ThousandEyes went from running in a bunch of servers in a garage, to being a full fledged, cloud native, multi-region platform in Kubernetes.
Authors: Raúl Benencia
Article shepherded by: Laura Nolan
Artificial Intelligence and the New Economics of Cyberattacks
A careful examination of the way that AI will affect both attackers and defenders
Authors: Vaibhav Garg, Jayati Dev
Article shepherded by: Rik Farrow
Measuring the Great Firewall's Multi-layered Web Filtering Apparatus
Authors: Nguyen Phong Hoang, Nick Feamster
Article shepherded by: Rik Farrow
Acto: Push-Button End-to-End Testing for Operation Correctness of Kubernetes Operators
Acto is an open-source end-to-end testing tool for correctness in Kubernetes operators.
Authors: Jiawei Tyler Gu, Xudong Sun, Zhen Tang, Chen Wang, Mandana Vaziri, Owolabi Legunsen, Tianyin Xu
Article shepherded by: Laura Nolan
Analysis of USENIX Paper Downloads
An analysis of the millions of paper and presentation downloads occurring in the summer of 2024, and what makes papers more popular.
Authors: Rik Farrow
Consequences of Compliance: The CrowdStrike Outage of 19 July 2024
Taking stock of the largest digital systems outage in history
Authors: Laura Nolan
Article shepherded by: Rik Farrow
Fuzzing BusyBox: Leveraging LLM and Crash Reuse for Embedded Bug Unearthing
Using LLMs to create seeds for fuzzing IoT binaries works well, as does keeping track of crashes occurring during the fuzzing of similar binaries.
Authors: Asmita, Yaroslav Oliinyk, Michael Scott, Ryan Tsang, Chongzhou Fang, Houman Homayoun
Article shepherded by: Rik Farrow
Choose One: Android Performance or Security!
Memory safety security mitigations on Android are undermined by its performance-driven system architecture, affecting even the newly introduced hardened memory allocator.
Authors: Philipp Mao, Mathias Payer
Article shepherded by: Rik Farrow
Data-Only Attacks Are Easier than You Think
Once considered too sophisticated and niche to pose a practical threat, data-only attacks can now be generated automatically with surprising ease.
Authors: Brian Johannesmeyer, Herbert Bos, Cristiano Giuffrida, Asia Slowinska
Article shepherded by: Rik Farrow
An Empirical Study of Rust-for-Linux: The Success, Dissatisfaction, and Compromise
Rust-for-Linux may not be as safe as it seems. We examine current experiences including performance Rust-for-Linux.
Authors: Hongyu Li, Liwei Guo, Yexuan Yang, Shangguang Wang, Mengwei Xu
Article shepherded by: Rik Farrow
Interview with Arnold Robbins
Arnold Robbins has been the maintainer of gawk for over three decades; he has also written or revised more than ten books related to Unix systems.
Authors: Rik Farrow, Arnold Robbins
Article shepherded by: Rik Farrow
Understanding and Improving Web Application Fingerprinting with WASABO
Web application fingerprinting tools can help both defenders and attackers. But how well do they actually work? We tested them in the lab and in the wild.
Authors: Nick Nikiforakis, Brian Kondracki
Article shepherded by: Rik Farrow
Telescope: Profiling Memory Access Patterns at the Terabyte-scale
Telescope is a new memory access profiling tool that can detect access patterns for terabytes-large working sets quickly, precisely and at low overheads.
Authors: Alan Nair, Sandeep Kumar, Aravinda Prasad
Article shepherded by: Rik Farrow
Anvil: Building Kubernetes Controllers That Do Not Break
Anvil is a set of tools used to prove the correctness of container controllers like Kubernetes, and includes several proven-correct examples of controllers.
Authors: Xudong Sun, Jiawei Tyler Gu, Cody Rivera, Tej Chajed, Jon Howell, Andrea Lattuada, Oded Padon, Lalith Suresh, Adriana Szekeres, Tianyin Xu
Article shepherded by: Rik Farrow
SIEVE: Cache eviction can be simple, effective, and scalable
SIEVE is a new cache eviction algorithm featuring the simplicity of FIFO with state-of-the-art performance; we describe how SIEVE works and why it's better.
Authors: Juncheng Yang, Yazhuo Zhang, Yao Yue, Ymir Vigfusson, Rashmi Vinayak
Article shepherded by: Rik Farrow
NSDI'24 Test-of-Time Award: Header Space Analysis
With almost 1,000 cites, Peyman Kazmian's NSDI'12 paper remains popular and has lead to the forming of a company.
Authors: Rik Farrow, Peyman Kazemian
Article shepherded by: Rik Farrow