Alessandro Sorniotti

42 posts

Alessandro Sorniotti

@sigusr0

Security research @IBMResearch. Husband, father. Jogger.

Katılım Eylül 2020

109 Takip Edilen125 Takipçiler

Sabitlenmiş Tweet

Alessandro Sorniotti@sigusr0·21 Haz

Today we're inaugurating our group's new blog with a post on speculative bypass of stack canaries. Stay tuned for more goodies soon! ibm.github.io/system-securit…

Anil Kurmus@kurmus

Step by step description on bypassing stack canaries: we have a new blog, and an excellent post by @fkaasan assisted by @m4mbr3 and @sigusr0 ibm.github.io/system-securit…

English

Alessandro Sorniotti@sigusr0·14 Ağu

@gannimo @USENIXSecurity Congrats!!!

English

Mathias Payer@gannimo·14 Ağu

Super honored to receive a @USENIXSecurity #security24 distinguishing paper award for our work on finding bugs in hypervisors. HyperPill is available at nebelwelt.net/files/24SEC3.p…

English

172

5.5K

Alessandro Sorniotti retweetledi

Anil Kurmus@kurmus·12 Mar

If you liked exploiting use-after-frees, you will love exploiting speculative UaFs! Paper: download.vusec.net/papers/ghostra…

VUSec@vu5ec

How do synchronization primitives work during speculative execution? THEY DON'T! Disclosing #GhostRace (paper @USENIXSecurity). We turn all arch. race-free critical regions of OS/Hypervisors into Speculative Race Conditions. Joint work @vu5ec @IBMResearch: vusec.net/projects/ghost…

English

5.8K

Alessandro Sorniotti retweetledi

Mathias Payer@gannimo·9 Mar

#NDSS25 is calling for reviewers, please sign up and nominate your peers for the TPC: docs.google.com/forms/d/e/1FAI…

Mathias Payer@gannimo

What an awesome #NDSSSymposium2024! Over 4000 emails, more than half in the last two weeks. Over 1500 HotCRP comments. Over 600 attendees, 140 paper presentations across three parallel sessions, and two amazing keynotes. 10/10, amazing experience, would do again (after a break)!

English

Alessandro Sorniotti retweetledi

ACM CCS 2025@acm_ccs·23 Oca

The CCS deadline is coming very soon (January 28th), and we are looking forward to your awesome submissions! Submission website: ccs2024a.hotcrp.com

GIF

English

9.8K

Alessandro Sorniotti@sigusr0·24 May

@c_giuffrida @hanyrax @b4rbito Well done!!! Congrats!

English

Cristiano Giuffrida@c_giuffrida·23 May

Once again, well done @hanyrax and @b4rbito! With your outstanding efforts, we went from "Maybe we should write up a short paper on this analysis" all the way to award overflow state! Very well done!

Herbert Bos@herbertbos

Very proud that "Rage Against The Machine Clear" won the Dutch cyber security best research paper award. All credits to @hanyrax and @b4rbito who did the actual work. @vu5ec @c_giuffrida @ACCSS_NL Paper: usenix.org/conference/use…

English

1.9K

Alessandro Sorniotti retweetledi

Christian Rossow (@rossow@infosec.exchange)

Christian Rossow (@[email protected])@chrossow·10 Mar

Security researchers pay attention: Just about 2 weeks left to polish and submit your @RAID_Conference papers to book your ticket to Hong Kong in Oct 2023. CfP: raid2023.org/call.html 1/3

Christian Rossow (@rossow@infosec.exchange) tweet media

English

11.8K

Alessandro Sorniotti@sigusr0·8 Eyl

@Roberto_Di_P @HBKU Congrats, well deserved!

English

Roberto Di Pietro@Roberto_Di_P·8 Eyl

I am honored to have been assigned by @HBKU the "Individual Inventor Award": shorturl.at/dimq7. Thanks to all the people and institutions that have made this possible! #innovation #intellectualproperty #patents #technology #businessdevelopment #research #CyberSecurity

English

Alessandro Sorniotti@sigusr0·3 Eyl

@gannimo Not good.. 😅

English

Mathias Payer@gannimo·2 Eyl

Hmmm 🤔

Alessandro Sorniotti retweetledi

Mathias Payer@gannimo·28 Tem

The paper submission deadline for the second cycle of @NDSSSymposium is on Jul29 AoE, so finish those papers and submit them at: ndss23-fall.hotcrp.com

English

Alessandro Sorniotti@sigusr0·9 Haz

@kavehrazavi Congrats!

English

Kav@kavehrazavi·9 Haz

I am finally able to announce that I have received an ERC Starting Grant (funded by CH-SERI) to investigate proactive microarchitectural security at the hardware design stage. Existing times ahead, consider joining! We have open PhD/PostDoc positions. ee.ethz.ch/news-and-event…

English

122

Alessandro Sorniotti retweetledi

Carmela Troncoso@carmelatroncoso·16 May

The Call for Papers for @USENIXSecurity 23 is out! First deadline: June 7th. @inplaintext and I are looking forward to your very excellent submissions. We’ve made some changes this year that we hope will improve authors’ and reviewers' experiences 🧵

USENIX Security@USENIXSecurity

The Call for Papers for the 32nd USENIX Security Symposium is now available! The Summer deadline is June 7. View the CFP for more info, including important changes to the publication model: bit.ly/usesec23cfp

English

Alessandro Sorniotti retweetledi

Mathias Payer@gannimo·7 May

Planning to submit to the first cycle for @NDSSSymposium #NDSS23? Now is a good time to register your paper and conflicts: ndss23-summer.hotcrp.com Submission deadline is May 13 AoE. You still have a week to polish!

English

Alessandro Sorniotti retweetledi

Mathias Payer@gannimo·20 Nis

The very first @jsysresearch JSys deadline in system security is coming up on May 01. Get your papers ready, we'll be looking forward to your submissions! 📝✍️📯📢#PositiveReviewing jsys.org/cfp_security/

English

Alessandro Sorniotti retweetledi

Mathias Payer@gannimo·5 Nis

The @jsysresearch system security track is open for submissions. Deadline for your amazing work on system and software security is May01, so sharpen your pencils! JSys is a new gold open access journal for systems research jsys.org/cfp_security/ Please RT!

English

Alessandro Sorniotti@sigusr0·24 Şub

A new blog post is out! Today we talk about speculatively bypassing bounds checks in Go! The mitigations we proposed found their way in the Go compiler. ibm.github.io/system-securit…

English

Alessandro Sorniotti retweetledi

Mathias Payer@gannimo·22 Şub

JSys now has a system security track! We combine conference-inspired reviewing (short turn around, positive reviewing, one-shot revisions) with an open-access journal model. First submission deadline for the security track is May 22! jsys.org/cfp_security/ Go submit & please RT

jsysresearch@jsysresearch

Thrilled to announce that @jsysresearch will feature two new areas from the next deadline (May 22) onwards! First, @gannimo has agreed to serve as Area Chair for a new Systems Security area! This is one of the areas requested most by authors. jsys.org/cfp_security/

English

Alessandro Sorniotti@sigusr0·27 Oca

@m4mbr3 Well done! Congrats!!!

English

Andrea Mambretti@m4mbr3·26 Oca

Happy (but also a bit sad) to announce that after 25+ years I yesterday left for good the student status and was awarded the ultimate academic title, the PhD. Turns out that by sitting around long enough, they will get tired and do anything to get rid of you 😂 #PhDByExhaustion

English

Alessandro Sorniotti@sigusr0·11 Ara

Sweet! Congrats to my co-authors @luca_defeo and Bertram Poettering!

English

Alessandro Sorniotti@sigusr0·6 Eyl

Part II of the post on the security of ElGamal in PGP is out today! This time we look at a side channel attack in libgcrypt and how interop issues make it exploitable in practice. Once again, thanks to my co-authors @luca_defeo and Bertram Poettering ibm.github.io/system-securit…

English

Keşfet

@gannimo @USENIXSecurity @c_giuffrida @hanyrax @b4rbito @RAID_Conference @Roberto_Di_P @HBKU