Adriaan Jacobs

Vanavond in #deafspraakopvrijdag: @conner_rousseau, @IveMarx en @QuintenJacobs3 over 1 jaar Arizona-regering, de democratie in gevaar en de Brusselse regeringsvorming. Om 20u35 op @vrtcanvas

Goed nieuws, 'Het betonnen beleid' van @QuintenJacobs3 krijgt een tweede druk!

Fundamentele technische & ethische problemen los je niet zomaar op met detailherzieningen. Bijna té goedkoop om op te schieten, ware het niet dat dit vanaf oktober realiteit kan worden nu de blokkerende minderheid tot op een kritiek punt is geslonken. fightchatcontrol.eu

Chat control is weinig effectief en heeft een enorme impact op onze privacy. Kortom, een slecht idee. Mijn column in @tijd met broer en doctoraatsonderzoeker cybersecurity @a3_jacobs 👇 tijd.be/opinie/algemee…

Vanavond in #deafspraak: @j_delandsheer over de acties van @pz_zuid in Peterbos, @elkevdbrandt en @QuintenJacobs3 over een jaar zonder Brusselse regering en @hildevanmieghem schreef 'Crescendo'. Om 20u35 op VRT Canvas

Our paper on Partial Multi-Variant Execution (PMVX) got accepted to @IEEEEUROSP'25! We show that, if carefully applied, the overhead of full-blown MVX can effectively be limited to the most security-sensitive parts of a program. 📜 adriaanjacobs.github.io/files/eurosp20…

Happy to receive the @EuroSecWorkshop'25 Best Paper Award for our paper "CUDA, Woulda, Shoulda: Returning Exploits in a SASS-y World" 🎉 Great recognition for @RoelsJonas' hard work! Check the 📜 here: adriaanjacobs.github.io/files/eurosec2…

Proud to announce I will be presenting our paper on GPU ROP attacks in Rotterdam @EuroSecWorkshop on March 31st. Read it here: adriaanjacobs.github.io/files/eurosec2…

Happy to share that both our @EuroSecWorkshop papers got accepted! Congrats to Jonas and Anton for producing such great research so early in their PhD. See you in Rotterdam! Also for @EuroSysConf and @ASPLOSConf after :) 📜: adriaanjacobs.github.io/files/eurosec2… 📜: adriaanjacobs.github.io/files/eurosec2…

Great chatting with @EvanDornbush about bounds checking and how to do it (im)properly, cfr. our recent @wootsecurity paper! The Rochefort was a nice touch :)

Our paper with @HansWinderix, @LeslyAnnDaniel1, and Frank Piessens received the distinguished paper award at @acm_ccs! If you are interested in mitigating control-flow leakage, read the paper mici.hu/papers/winderi… and check out the repository github.com/proteus-core/l…

Got military-grade security? Sure. But is it Victor Goeman-proof? Your home security cameras might not be, as shown in the paper “Reverse Engineering the Eufy Ecosystem: A Deep Dive into Security Vulnerabilities and Proprietary Protocols” #woot24

Did you think to be safe with store-only bounds checking? Definitely something to reconsider after reading the paper “Not Quite Write: On the Effectiveness of Store-Only Bounds Checking” by @a3_jacobs #woot24

In addition to doing top-notch research, @a3_jacobs also makes quality memes

We show that many types of bounds checkers are affected (pointer/object-based, spatial/temporal), and that the attack is realistic in real-world code. In essence, we find that bounds checking is simply not compatible with store-only instrumentation.

In our latest @wootsecurity paper, @StijnVolckaert and I demonstrate a fundamental weakness of store-only bounds checkers: invalidly-loaded pointers (through unchecked reads) give the attacker a near-arbitrary write primitive! paper: adriaanjacobs.github.io/files/woot24no…

Glad to share our recent work on lazypoline, accepted at @DsnIeee'24! Thanks to Merve Gülmez, Alicia Andries, @StijnVolckaert, and @systemsgreek for the collaboration. paper: adriaanjacobs.github.io/files/dsn24laz… code: github.com/lazypoline/laz…

Ultra happy to share that I will be starting as an Assistant Professor of Cybersecurity at TU Delft this Fall! I could not thank more my advisors, students, collaborators, family, and friends for their support. I would never be able to do it without you.

There’s this trend to compose unsafe static analysis with runtime fallbacks. I love it. This has been the basis for my approach on least-privilege: derive overly restrictive access controls and throw access-exceptions at runtime for safety checks or even just logging.

Hi everyone - I am officially on the job market! I am looking for faculty and research positions in Europe.