LISA made LISA obsolete (That's a compliment!)
My memories (good and bad) of the USENIX LISA conference.
Authors: Thomas A. Limoncelli
Article shepherded by: Rik Farrow
Experimental Security Analysis of the App Model in Business Collaboration Platforms
These third-party apps that you installed in your Slack/Teams workspace may violate your privacy expectations in many unexpected ways.
Authors: Yunang Chen, Yue Gao, Nick Ceccio, Rahul Chatterjee, Kassem Fawaz, Earlence Fernandes
Article shepherded by: Rik Farrow
Python Distilled
Python Distilled teaches you how to get the most out of Python 3 in a short book with lots of examples and clear explanations.
Authors: Rik Farrow
Article shepherded by: Rik Farrow
Wanted Hacked or Patched:
A targeted open source bug bounty initiative that allows users to secure third party code by crowdsourcing the security analysis to external researchers.
Authors: Chujiao Ma, Matthew Bosack, Wendy Rothschell, Noopur Davis, Vaibhav Garg
Article shepherded by: Rik Farrow
Provably-Safe Multilingual Software Sandboxing using WebAssembly
WebAssembly’s safety guarantees are only as strong as the implementation enforcing them. We show two approaches to provably sandbox Wasm code, using formal verification and Rust.
Authors: Jay Bosamiya, Wen Shih Lim, Bryan Parno
Article shepherded by: Rik Farrow
The Sticky Problem of Measuring Passwords
Designing a tool that can take measurements on password has many challenges. We describe the process behind designing Gossamer, a framework for securely measuring passwords.
Authors: Marina Sanusi Bohuk, Mazharul Islam, Thomas Ristenpart, Rahul Chatterjee
Article shepherded by: Rik Farrow
Transcending POSIX: The End of an Era?
We provide a holistic view of the POSIX abstractions by a systematic review of the key factors that drove their evolution, and discuss our perspective of the future.
Authors: Pekka Enberg, Ashwin Rao, Jon Crowcroft, Sasu Tarkoma
Article shepherded by: Rik Farrow
Three Years of Crowdsourcing Smart Home Network Traffic
Examining the security and privacy of thousands of real-world smart home networks using IoT Inspector
Authors: Danny Yuxing Huang
Article shepherded by: Rik Farrow
Musings, July 2022
There is lots of evidence that there are few really good programmers, and Copilot isn't the solution.
Authors: Rik Farrow
Article shepherded by: Rik Farrow
Investigating Managed Language Runtime Performance
We instrumented and benchmarked Python and Node.js, finding out just how much slower they can be than Java, Go or C++ and why
Authors: David Lion, Adrian Chiu, Michael Stumm, Ding Yuan
Article shepherded by: Rik Farrow
Redesigning Hardware to Support Security: CHERI
Over a decade of research has resulted in a tool chain and RISC hardware that change pointers from integers to their own, safe, type
Authors: Rik Farrow
Article shepherded by: Rik Farrow
Metastable Failures in the Wild
We find that metastable failures are universally observed and provide an insider view of how they happen at Twitter
Authors: Lexiang Huang, Matthew Magnusson, Abishek Bangalore Muralikrishna, Salman Estyak, Rebecca Isaacs, Abutalib Aghayev, Timothy Zhu, Aleksey Charapko
Article shepherded by: Rik Farrow
What SRE Could Be
SRE could be - should be - much more than it is today. Please help.
Authors: Niall Murphy
Article shepherded by: Laura Nolan
Computer Security and the Internet
This is a security text book that covers a very broad set of topics concisely and clearly.
Authors: Rik Farrow
Article shepherded by: Rik Farrow
Jurassic Cloud
Large parts of our “modern” stack are 30+ years old, just like its architectural principles. The result - software dinosaurs roaming the Jurassic Cloud, out of place, out of time.
Authors: Avishai Ish-Shalom
Article shepherded by: Effie Mouzeli
Revisiting B+-tree vs. LSM-tree
LSM-trees have been preferred over B+-trees for some database storage but in-storage transparent compression effectively closes their gap
Authors: Yifan Qiao, Xubin Chen, Ning Zheng, Jiangpeng Li, Yang Liu, Tong Zhang
Article shepherded by: Rik Farrow
Understanding Software Dynamics
Uncovering the causes of long tail latency, while learning about about the quirks of compilers, CPUs, systems, and how best to observe your systems.
Authors: Rik Farrow
Article shepherded by: Rik Farrow
Ferret: Automatically Finding RFC Compliance Bugs in DNS Nameservers
Our SCALE approach jointly generates zone files and corresponding queries to cover RFC behaviors specified by an executable model of DNS resolution
Authors: Siva Kesava Reddy Kakarla, Ryan Beckett, Todd Millstein, George Varghese
Article shepherded by: Sangeetha Abdu Jyothi
