AMS Algorithmus: "die empirische Analyse zeigt eben, dass ... das Faktum eine Frau zu sein oder einer höheren Altersgruppe anzugehören zu einer Verringerung der Arbeitsmarktchancen führt." (epicenter.works/document/2055) Fortführung von Diskrimination #arbeitsmarktservice #austria

Question: you are simulating a RISC-V CPU that is running a C program. You are recording a VCD (or FST) trace. How do you correlate between the instruction address in the waveform and the line of C code?

Happy International Day of Women and Girls in Science 2023 ✨☀️#WomenInScienceDay

Dreams don't affect reality, but they may influence your actions. Turns out this applies to AMD CPUs too! After a long embargo, we can now present Inception, a new transient exec. attack that leaks data on all AMD Zen CPUs. With johannes and Kav. youtu.be/2wCjU8iJ9G4

Oh! 37 new bugs (28 new CVEs) discovered in 5 RISC-V CPUs (e.g., BOOM and CVA6)! #Cascade fuzzes #RISC-V CPUs based on novel basic principles. Try it on your own CPU, it’s open! comsec.ethz.ch/cascade (with Kathi Ceesay-Seitz Kav)

Our latest work, #ZenHammer 🔨, shows that #AMD Zen 2/3/4 systems are equally vulnerable to frequency-based #Rowhammer as #Intel systems. We also present the first #Rowhammer bit flips on #DDR5 DRAM. (1/2)

For the first time, we imaged and reverse engineered 6 modern DDR4/5 DRAM chips (comsec.ethz.ch/hifi-dram) Due to the incredibly small feature size of modern ICs, we use SEM combined with FIB reaching pixel resolutions as low as 3.4nm. Then we evaluate 10 years of DRAM research.

New RISC-V CPU developments provide the opportunity to consider security by design. Recently discovered vulnerabilities (e.g., ghostwriteattack.com by CISPA), however, show that also new designs are insecure. Is it a lack of care or lack of security verification tooling?

We define 𝜇CFI, a new CPU security property that detects microarchitectural constant time violations and CPU vulnerabilities that allow control-flow-hijacking attacks (4 RISC-V CVEs) or proves their absence: comsec.ethz.ch/research/hardw… (Paper at CCS'24) Flavien Solt Kav

HW defenses against Spectre are tricky: they need to be applied correctly by the SW, and we need to trust that the HW does what its supposed to. Our latest work "Breaking the Barrier" exploits loopholes in both of these issues on Intel and AMD parts. comsec.ethz.ch/breaking-the-b…

The first ever end-to-end cross-process Spectre exploit? I worked on this during an internship with grsecurity! An in-depth write-up here: grsecurity.net/cross_process_…