#usenix β Public Fediverse posts
Live and recent posts from across the Fediverse tagged #usenix, aggregated by home.social.
-
Another ππ½ one β #phkmalloc in #FreeBSD:
βphkmallocβ, Poul-Henning Kamp (https://phk.freebsd.dk/sagas/phkmalloc/).
On HN: https://news.ycombinator.com/item?id=44432900
On Lobsters: https://lobste.rs/s/6bduaj/phkmalloc
-
Looks like I'll be attending The Last USENIX ATC (and OSDI)
Boston, July 7β9
-
USENIX NSDI β24 β Accelerating Skewed Workloads With Performance Multipliers in the TurboDB Distributed Database β Source: securityboulevard.com https://ciso2ciso.com/usenix-nsdi-24-accelerating-skewed-workloads-with-performance-multipliers-in-the-turbodb-distributed-database-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #networkinfrastructure #OpenAccessResearch #CyberSecurityNews #SecurityBoulevard #SecurityResearch #USENIXNSDI24 #USENIX
-
USENIX NSDI β24 β Harvesting Idle Memory for Application-managed Soft State with Midas β Source: securityboulevard.com https://ciso2ciso.com/usenix-nsdi-24-harvesting-idle-memory-for-application-managed-soft-state-with-midas-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #networkinfrastructure #OpenAccessResearch #CyberSecurityNews #SecurityBoulevard #SecurityResearch #USENIXNSDI24 #DEFCON32 #USENIX
-
USENIX NSDI β24 β SIEVE is Simpler than LRU: An Efficient Turn-Key Eviction Algorithm for Web Caches β Source: securityboulevard.com https://ciso2ciso.com/usenix-nsdi-24-sieve-is-simpler-than-lru-an-efficient-turn-key-eviction-algorithm-for-web-caches-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #networkinfrastructure #OpenAccessResearch #CyberSecurityNews #SecurityBoulevard #SecurityResearch #USENIXNSDI24 #USENIX
-
USENIX NSDI β24 β DISTMM: Accelerating Distributed Multimodal Model Training β Source: securityboulevard.com https://ciso2ciso.com/usenix-nsdi-24-distmm-accelerating-distributed-multimodal-model-training-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #networkinfrastructure #OpenAccessResearch #CyberSecurityNews #SecurityBoulevard #USENIXNSDI24 #USENIX
-
USENIX NSDI β24 β Accelerating Neural Recommendation Training with Embedding Scheduling β Source: securityboulevard.com https://ciso2ciso.com/usenix-nsdi-24-accelerating-neural-recommendation-training-with-embedding-scheduling-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #networkinfrastructure #OpenAccessResearch #CyberSecurityNews #SecurityBoulevard #SecurityResearch #USENIXNSDI24 #USENIX
-
USENIX NSDI β24 β Reasoning About Network Traffic Load Property at Production Scale β Source: securityboulevard.com https://ciso2ciso.com/usenix-nsdi-24-reasoning-about-network-traffic-load-property-at-production-scale-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #networkinfrastructure #OpenAccessResearch #CyberSecurityNews #SecurityBoulevard #SecurityResearch #USENIXNSDI24 #USENIX
-
USENIX NSDI β24 β A High-Performance Design, Implementation, Deployment, and Evaluation of The Slim Fly Network β Source: securityboulevard.com https://ciso2ciso.com/usenix-nsdi-24-a-high-performance-design-implementation-deployment-and-evaluation-of-the-slim-fly-network-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #networkinfrastructure #OpenAccessResearch #CyberSecurityNews #SecurityBoulevard #SecurityResearch #USENIXNSDI24 #USENIX
-
USENIX NSDI β24 β Netcastle: Network Infrastructure Testing At Scale β Source: securityboulevard.com https://ciso2ciso.com/usenix-nsdi-24-netcastle-network-infrastructure-testing-at-scale-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #networkinfrastructure #OpenAccessResearch #CyberSecurityNews #SecurityBoulevard #SecurityResearch #USENIXNSDI24 #USENIX
-
USENIX NSDI β24 β MESSI: Behavioral Testing of BGP Implementations β Source: securityboulevard.com https://ciso2ciso.com/usenix-nsdi-24-messi-behavioral-testing-of-bgp-implementations-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #networkinfrastructure #OpenAccessResearch #CyberSecurityNews #SecurityBoulevard #SecurityResearch #USENIXNSDI24 #USENIX
-
USENIX NSDI β24 β EPVerifier: Accelerating Update Storms Verification with Edge-Predicate β Source: securityboulevard.com https://ciso2ciso.com/usenix-nsdi-24-epverifier-accelerating-update-storms-verification-with-edge-predicate-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #networkinfrastructure #CyberSecurityNews #SecurityBoulevard #SecurityResearch #OpenResearch #USENIXNSDI24 #USENIX
-
USENIX NSDI β24 β Hairpin: Rethinking Packet Loss Recovery in Edge-based Interactive Video Streaming β Source: securityboulevard.com https://ciso2ciso.com/usenix-nsdi-24-hairpin-rethinking-packet-loss-recovery-in-edge-based-interactive-video-streaming-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #networkinfrastructure #OpenAccessResearch #CyberSecurityNews #SecurityBoulevard #SecurityResearch #USENIXNSDI24 #USENIX
-
USENIX NSDI β24 β Finding Adversarial Inputs for Heuristics using Multi-level Optimization β Source: securityboulevard.com https://ciso2ciso.com/usenix-nsdi-24-finding-adversarial-inputs-for-heuristics-using-multi-level-optimization-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #networkinfrastructure #OpenAccessResearch #CyberSecurityNews #SecurityBoulevard #SecurityResearch #USENIXNSDI24 #USENIX
-
The second to last trifecta of #HackerSummerCamp, here is the #DCG201 2024 guide for @usenixassociation, @soups & @wootsecurity: https://defcon201.medium.com/hacker-summer-camp-2024-guides-part-sixteen-usenix-security-trifecta-2024-c0e80833eb2d
#usenix #usenix2024 #usenixsecurity #soups #soups2024 #woot #w00t @defcon @philly2600 @bsidesphilly
-
β Upcoming Fall USENIX Security
Terrapin Attack: Breaking SSH Channel
Tldr:
π€SSH β‘οΈ TCP β‘οΈ Unauthenticated (MiTM-able) Control Messages Hell.
πPut your SSH Session into an Stateless UDP Tunnel (eg. WireGuard) or use mosh.
(Unauthenticated) TCP is a security mess from the 1980s and leads to false integrity assumptions (see China Great FireWall RST/ACKs) and has to finally die. Now.
π€Cryptographic agility will - sooner or later - ALWAYS translate direct into (downgrade) attack hell. Later is now.
Generate SSH Ed25519 keys.
π ssh-keygen -t ed25519Lock (Client & Server) your OpenSSH Cipher & Kex config.
π Cipher: ChaCha20-Poly1305
π KeyExchage: curve25519-sha256https://www.usenix.org/system/files/sec24fall-prepub-40-baumer.pdf
#ssh #openssh #security #downgrade #cipher #kex #terrapin #usenix
-
USENIX Security β23 β Controlled Data Races In Enclaves: Attacks And Detection β Source: securityboulevard.com https://ciso2ciso.com/usenix-security-23-controlled-data-races-in-enclaves-attacks-and-detection-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #SecurityConferences #CyberSecurityNews #SecurityBoulevard #USENIXSecurityβ23 #USENIX
-
USENIX Security β23 β Reusable Enclaves For Confidential Serverless Computing β Source: securityboulevard.com https://ciso2ciso.com/usenix-security-23-reusable-enclaves-for-confidential-serverless-computing-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #SecurityConferences #CyberSecurityNews #SecurityBoulevard #USENIXSecurityβ23 #USENIX
-
USENIX Security β23 β Itβs All In Your Head(Set): Side-Channel Attacks On AR/VR Systems β Source: securityboulevard.com https://ciso2ciso.com/usenix-security-23-its-all-in-your-headset-side-channel-attacks-on-ar-vr-systems-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #SecurityConferences #CyberSecurityNews #SecurityBoulevard #USENIXSecurityβ23 #USENIX
-
USENIX Security β23 β Donβt be Dense: Efficient Keyword PIR for Sparse Databases β Distinguished Paper Award Winner β Source: securityboulevard.com https://ciso2ciso.com/usenix-security-23-dont-be-dense-efficient-keyword-pir-for-sparse-databases-distinguished-paper-award-winner-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #SecurityConferences #CyberSecurityNews #SecurityBoulevard #USENIXSecurityβ23 #USENIX
-
USENIX Security β23 β Authenticated Private Information Retrieval β Source: securityboulevard.com https://ciso2ciso.com/usenix-security-23-authenticated-private-information-retrieval-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #SecurityConferences #CyberSecurityNews #SecurityBoulevard #USENIXSecurityβ23 #USENIX
-
USENIX Security β23 β SMACK: Semantically Meaningful Adversarial Audio Attack β Source: securityboulevard.com https://ciso2ciso.com/usenix-security-23-smack-semantically-meaningful-adversarial-audio-attack-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #SecurityConferences #CyberSecurityNews #SecurityBoulevard #USENIXSecurityβ23 #USENIX
-
USENIX Security β23 β A Bugβs Life: Analyzing the Lifecycle and Mitigation Process of Content Security Policy Bugs β Distinguished Paper Award Winner β Source: securityboulevard.com https://ciso2ciso.com/usenix-security-23-a-bugs-life-analyzing-the-lifecycle-and-mitigation-process-of-content-security-policy-bugs-distinguished-paper-award-winner-source-security/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #SecurityConferences #CyberSecurityNews #SecurityBoulevard #USENIX
-
USENIX Security β23 β Silent Bugs Matter: A Study of Compiler-Introduced Security Bugs β Source: securityboulevard.com https://ciso2ciso.com/usenix-security-23-silent-bugs-matter-a-study-of-compiler-introduced-security-bugs-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #SecurityConferences #CyberSecurityNews #SecurityBoulevard #USENIX
-
Brown Secure Systems Lab (https://gitlab.com/brown-ssl/) had a strong representation @usenixassociation sponsored events this year! Neophytos Christou presented IvySyn at USENIX Security Symposium (SEC) '23, while Di Jin talked about EPF at USENIX Annual Technical Conference (ATC) '23 earlier in July!
IvySyn fuzzes Deep Learning (DL) frameworks (TensorFlow, PyTorch) for memory-safety bugs and automatically synthesizes Python code snippets for triggering the respective vulnerabilities | https://www.usenix.org/.../usenixse.../presentation/christou | https://gitlab.com/brown-ssl/ivysyn
EPF (ab)uses the (e)BPF interpreter for bypassing various kernel hardening mechanisms in Linux -- we also introduce a set of lightweight defenses against EPF-style attacks | https://www.usenix.org/conference/atc23/presentation/jin | https://gitlab.com/brown-ssl/epf
-
-
#AI based #password candidate generation is super interesting to me, but so far the best generators (CMU's #neuralnetwork based generator presented at #USENIX 16, and Dr Matt Weir's #PCFG generator) are still about on par with existing #Markov implementations and rule-based #cracking.
#PassGAN, on the other hand, falls well short of existing password cracking techniques and candidate generators.
While I hold out a lot of hope for future AI-powered password cracking, it ain't here yet, and it definitely isn't PassGAN.
-
A few thoughts on this year's USENIX Enigma conference in Santa Clara - about the usability of privacy applications, privacy camps, and tech over-regulation.
https://www.tabeawilke.com/latest/enigma-2023
#privacy #privacybydesign #enigma #usenix #tech #usercentereddesign #security #safetysecurity
-
Overview #usenix #enigma2023:
usenix.org/conference/enigma2023
Must-Follow Accounts:
-
omg this talk from Brendan Gregg is amazing and full of other gems including the Blame-Someone-Else Anti-Method π€£
-
The deadline for the USENIX ATC '23 Call for Papers is a couple months away! Abstract registrations are due on Thurs., Jan. 5, with complete paper submissions due the following Thurs., Jan. 12. View the CFP and make plans to submit your work: https://bit.ly/usenixatc23cfp #atc23 #usenix