Sebastian Österlund

At Linux Security Summit Europe in Amsterdam. Current talk is on FineIBT Enhanced, with Scott Constable & @sirmc lsseu2025.sched.com/event/25GEN/fi… Follow event info here: social.kernel.org/LinuxSecSummit #linuxsecuritysummit

Happy to report that our InSpectreGadget paper won a Distinguished Paper award at @USENIXSecurity: download.vusec.net/papers/inspect… @vu5ec @SanWieb @HBitmasks @c_giuffrida Here is @SanWieb presenting the paper:

🚀 kAFL release v0.9 ! ✨kernel upgraded from 6.0 ➡️ 6.8 (fixes compatibility issues with last gen CPUs) github.com/IntelLabs/kAFL…

This took a significant amount of time and money, and now we know what DRAM vendors are doing in their sense amplifiers! Lots of research opportunities moving forward. All the images and the reverse engineered circuits are now publicly available.

Interested in low-level hacking, embedded systems, and trusted execution environments? We currently have a PhD opening, feel free to reach out for more information! Application deadline: April 1st 2024.

We have open PhD/PostDoc positions in the COMSEC group at ETH. If you want to build the next high-profile hardware attack, come up with new analysis techniques, or work on strong software/hardware mitigations at the OS/compiler/HDL level, you should apply! comsec.ethz.ch/join

Emulated full system snapshot fuzzing by Intel 👀 @novafacing/111064363648478739" target="_blank" rel="nofollow noopener">haunted.computer/@novafacing/11…

A year ago I made a video about the RIDL CPU vulnerability. In case you haven't seen it, here it is uploaded to Twitter directly! The most interesting part of this has been learning about the prior research that later lead to the discovery of these modern side-channel vulnerabilities. I also spend more time explaining "speculative execution" and how these CPU cache timings can be used as a side-channel. If you haven't seen it yet, give it another chance :)

Our Quarantine @RAID_Conference paper is online! Quarantine enforces strict CPU core-based isolation to mitigate transient execution attacks vs. cloud VMs. Joint work by Mathé Hertogh @manuwiesinger @sirmc @nSinusR Nadav Amit @herbertbos @c_giuffrida: download.vusec.net/papers/quarant…

Our uncontained paper @USENIXSecurity is online! Find out how the Linux kernel is the "container of" several type confusion bugs, detected by our sanitizer & static analyzer. Joint work by @JakobKoschel @borrello_pietro @dcdelia @herbertbos @c_giuffrida: vusec.net/projects/uncon…

Let’s see how long it takes until they start playing a loop of Swan Lake on TV… youtu.be/Xd2nTXsivHs

🚀 RELEASE: kAFL v0.6 ➡️ 6.0 kernel ➡️ new repo: IntelLabs/kafl.actions: github.com/IntelLabs/kafl… What if you could integrate kAFL in your favorite Github Action pipeline ? Now you can ! ✨

📢 We are hiring! If you are into the security of low-level things such as kernels, compilers, hardware designs and like to do your PhD in ETH's top-notch environment, you should definitely consider applying! #PhD #Security #HDL #RISCV #Rowhammer #Spectre jobs.ethz.ch/job/view/JOPG_…

Disclosing CHOP, aka how attackers can bypass commodity return address protections such as stack cookies by hijacking the exception handling process. Paper to appear @NDSSSymposium: download.vusec.net/papers/chop_nd…. Joint work by @victor_duta Fabian Freyer @pagabuc @nSinusR @c_giuffrida

LibAFL QEMU full-system mode is a thing! Check out the example that fuzz a small ARM FreeRTOS firmware at github.com/AFLplusplus/Li… Next step: fast memory and devices snapshots

@kavehrazavi @marazzi_michele @FlavienSolt Congrats! Seeing the hard work you put into setting up these crazy courses paying off is really, really deserved!

A surprise award from the students! the award spells my name, but clearly it was a huge team effort. In particular, Finn de Ridder, @marazzi_michele @FlavienSolt built assignments around a new RISC-V kernel we have developed for teaching Computer Engineering to our BSc students.

My Talk "How I started chasing speculative type confusion bugs in the kernel and ended up with 'real' ones " @linuxplumbers is now uploaded on YT (youtube.com/watch?v=LigVc7…). You can check it out if you missed it ;)

How I started chasing speculative type confusion bugs in the kernel and ended up with 'real' ones @JakobKoschel gave a talk at the @linuxplumbers conference about the tool for discovering speculative type confusion bugs in the Linux kernel. Video: youtu.be/KkOdMwZRpYY?t=… [1/2]

#tbt to @LiveOverflow's partnership with #ProjectCircuitBreaker on discovering vulnerabilities in Intel CPUs. Check it out here: youtu.be/x_R1DeZxGc0

I forgot to tweet out my last video on finding bugs in CPUs 😱 It’s one of my all time favorite videos and I’m very proud of it! A lot of effort went into researching and making the video. Thanks again @sirmc and @IntelSecurity for making it happen 🥰 youtube.com/watch?v=x_R1De…