Ferret: Automatically Finding RFC Compliance Bugs in DNS Nameservers
Our SCALE approach jointly generates zone files and corresponding queries to cover RFC behaviors specified by an executable model of DNS resolution
Authors: Siva Kesava Reddy Kakarla, Ryan Beckett, Todd Millstein, George Varghese
Article shepherded by: Sangeetha Abdu Jyothi
An Analysis of Open-source Automated Threat Modeling Tools and Their Extensibility from Security into Privacy
Automated tools can lessen the burden of threat modeling for security and privacy, but picking a tool is difficult without insight into functionality and user experience.
Authors: Kristen Tan, Vaibhav Garg
Article shepherded by: Rik Farrow
How to Start on Formal Methods and Share It
You might have heard of formal methods. we decided to learn a thing or two about formal method and try to use it in some way in general software development.
Authors: Melby Sjamsuddin, Meimei Liang
Article shepherded by: Rik Farrow
ctFS: Converting File Index Traversals to Hardware Memory Translation through Contiguous File Allocation for Persistent Memory
A Persistent Memory Filesystem that uses virtual memory mapping to physical memory to speed up file access
Authors: Ruibin Li, Xiang Ren, Xu Zhao, Siwei He, Michael Stumm, Ding Yuan
Article shepherded by: Alexandra Fedorova
Lessons Learned in 10 Years of SRE: Part 1 - Starting SRE
It is vital to have clear motivations, align with business goals, have the right kind of expertise, to pay attention to culture, and to build trust.
Authors: Andrea Spadaccini
Article shepherded by: Laura Nolan
Getting Zoned Storage out of the Friend Zone
Zone Namespaces provide a new interface to SSDs, giving applications writers the ability to improve SSD efficiency and performance.
Authors: Matias Bjørling, George Amvrosiadis, Bill Jannen, Rik Farrow
Article shepherded by: Bill Jannen, Rik Farrow
Imposing a Cyber Penalty Against Attackers with Cyber Deception
This research demonstrates that defensive deception both slows down and helps detect attackers.
Authors: Kimberly Ferguson-Walter
Article shepherded by: Rik Farrow
Diciclo: Data-Intensive Container Isolation for Multitenant Clouds
Diciclo is a general framework for building user-level file and network services for container storage.
Authors: Giorgos Kappes, Stergios V. Anastasiadis
Article shepherded by: Rik Farrow
Prodspec and Annealing
A technical deep dive into Google's intent-based production management.
Authors: Pierre Palatin, Betsy Beyer
Article shepherded by: Laura Nolan
The Web3 Fraud
Web3 is not a revolution in decentralization. It's just an inefficient way to promote cryptocurrencies.
Authors: Nicholas Weaver
Article shepherded by: Rik Farrow
A Tutorial on Building Custom Linux Appliances
A tutorial that shows how to easily build a simple Linux environment running with a focus on providing a platform for running experiments in systems research.
Authors: Han Dong, Jonathan Appavoo
Article shepherded by: Rik Farrow
Squeezing the Cybersecurity Lemons – A Labeling Regime for IoT Products
IoT security labels must be developed accounting for the diversity of devices and deployment contexts, the sustainability of labeling regimes, and the user experience of consumers.
Authors: Vaibhav Garg, Andreas Kuehn
Article shepherded by: Rik Farrow
Practical Doomsday
A thoughtful review of risks faced in developed countries, and what you can do to be prepared.
Authors: Rik Farrow
Article shepherded by: Rik Farrow
(How) Do people change their passwords after a breach?
Our research shows that many users ignore serious warnings about the need to change passwords and not reuse them.
Authors: Sruti Bhagavatula, Lujo Bauer, Apu Kapadia
Article shepherded by: Rik Farrow
It's Good to be Lazy
Taking good notes allows you to be lazy: you won't have to search for solutions to problems you have already solved before. I also suggest tools that help with note-taking.
Authors: Andreas Gerler
Article shepherded by: Rik Farrow
A Vulnerable System
An easy-to-read book covering the history of computer security.
Authors: Rik Farrow
Article shepherded by: Rik Farrow
Gazing into the VOID
Laura Nolan argues that reading incident reports can improve our ability to respond to production problems.
Authors: Laura Nolan
Article shepherded by: Effie Mouzeli
Improving On-call Fatigue
Daria argues the notion that "On-call shifts should be stressful and trying”, by suggesting ideas on how to spin on-call to be positive, educating, and bring teams together.
Authors: Daria Barteneva
Article shepherded by: Effie Mouzeli
