#TIL: tilde (~) used in POSIX shell scripts does not expand inside double quotes. export PATH locations either without double quotes or use env var \$HOME instead. unix.stackexchange.com/questions/1518…

ad-free currently not available as download on #fdroid web store and android client. issue being resolved gitlab.com/fdroid/fdroid-…

#adfree got a new logo. Many thanks to Janis Bitta (who does not have twitter?) Logo available in next release. #codeandcoffee github.com/abertschi/ad-f…

Congratulations Andrin Bertschi for your outstanding work on realizing a Truffle-based implementation of PHP and your great thesis presentation! The project is online at GitHub: github.com/abertschi/graa…

The screen capture of my thesis presentation is online. It summarizes the results of an experimental Truffle-hosted language runtime for the PHP programming language. GraalVM youtube.com/watch?v=Dzahab…

postcards supports new Swiss Post endpoints and new swissid authentication (code+code_verifier), version 2.0 released to PyPI. thanks to everyone involved🇨🇭📮🚀github.com/abertschi/post…

Reach out to us if you are interested! My focus area will be on using automated testing techniques to find various kinds of bugs in data-centric software, but I'm interested also in many related areas.

Had a great time presenting our latest work, Acai, at the ZTHA workshop. Acai enhances Arm CCA, enabling confidential VMs to securely use accelerators like GPUs & FPGAs. Check our Usenix Security'24 paper: arxiv.org/pdf/2305.15986… Acai is open source: sectrs-acai.github.io

Shout out to the Acai team! Supraja Sridhara , Andrin Bertschi, Zauney, Benedict Schlueter, Fabio Aliberti

Can a malicious cloud provider send bad notifications to break confidential VMs? Disclosing #AhoiAttacks that break confidential computing offered by AMD SEV-SNP and Intel TDX by abusing interrupt delivery. Check our USENIX Security & IEEE S&P papers. ahoi-attacks.github.io/?1337

We provide an overview of this new family of attacks ahoi-attacks.github.io/blog/ahoi-over… Track CVE-2024-25742, CVE-2024-25743, CVE-2024-25744 for more updates on fixes and patches A fantastic effort by SECTRS @ ETH Zurich team: Benedict Schlueter Supraja Andrin Bertschi Zauney

After more than 6 months of hard work, we are thrilled to disclose #AhoiAttacks that break confidential computing offered by AMD SEV-SNP and Intel TDX with malicious interrupts. ahoi-attacks.github.io

Computer scientists at ETH Zurich have discovered a gap in the latest security mechanisms used by AMD and Intel chips. This affects major cloud providers including AWS and Google. brnw.ch/21wIwV2 #CloudSecurity #CloudServices

Confidential VMs Hacked via New Ahoi Attacks securityweek.com/confidential-v…

WeSee: Using Malicious #VC Interrupts to Break AMD SEV-SNP got the Distinguished Paper award at IEEE #SP24! Blog & artifacts: ahoi-attacks.github.io/wesee/ Our talk is on May 22, Wed in Track 2, Ballroom 5 @ 1:25 PM #ahoi Congrats Benedict Schlueter Supraja Andrin Bertschi

We will be presenting two papers today at USENIX Security Track 3 Salon E @ 1:30pm Supraja Acai connects Arm CCA confidential VMs to accelerators (eg Nvidia H100) efficiently Benedict Schlueter Heckler, another Ahoi attack, breaks AMD SEV-SNP and Intel TDX with interrupts

No public Arm CCA hardware? No problem. Learn how #OpenCCA makes CCA research possible on $250 boards, driving open innovation in confidential computing. #CCSummit #ArmCCA Opaque Systems Andrin Bertschi hubs.la/Q03lqnzd0