MESS Lab lunch to celebrate Zhenghao Hu’s first Oakland paper! 😋

I can't stop laughing at this.

I pitched MESS Lab projects today at NYU's Undergraduate Research Expo! This kind of talk is a lot of fun and I had a great time :) You can see the presentation slides with notes here: moyix.net/~moyix/messlab…

Our paper is finally out! We've built this to automatically find IRQ handlers and patch the firmware to remove/bypass certain hardware features (e.g. bluetooth, UART etc.) live tweet updates happening now👇

I am very excited and honored to announce that I've received an U.S. National Science Foundation CAREER award that will let my lab spend the next five years working on new ways to generate highly realistic vulnerability corpora! nsf.gov/awardsearch/sh…

Excited that the MESS lab will have two papers at NDSS workshops this year! – "Beyond the C: Retargetable Decompilation using Neural Machine Translation" with Iman Hosseini at BAR – "What the Fork? Finding and Analyzing Malware in GitHub Forks" with Alan Cao at MADWeb

Congratulations to Zekun Shen (@Bruceshenzk) who just successfully defended his PhD thesis, "Facilitating Bug-Finding with Code Transformation"! His work helped close gaps in coverage for UAF detection and found bugs lurking in Linux kernel device drivers :)

📣 Call for papers - SCORED ‘22 📣 Excited to announce this new workshop on all things SW supply chain security ACM CCS 2024 ‘22! Website: scored.dev. Short papers and demos welcome! Santiago laurent and I are looking forward to your submissions!

With great power comes great responsibility.

My new favorite gdb command is `t a a bt` which gives the backtrace of all running threads.

Lily I just spent five minutes of my life making this

The three hard problems in supply chain security today are: 1) vulnerability management, 2) key management, 3) the UNIX process model, and of course 4) off-by-one errors.

🦀📕 In the foreword of Rust Atomics and Locks, Paul E. McKenney explains how not only Rust developers might find my book useful: marabos.nl/atomics/forewo…

Really lovely news to start the new year with - I’ve been promoted to Associate Professor with tenure! I’m so grateful to my friends, colleagues, students and collaborators at NYU and beyond for helping me get here! <3

Hello from #atc23 and #osdi23 ! If you see me and want to talk about software fault isolation, library oses, unikernels, or anything Rust related, say hi! Or say hi regardless!

Look what I just found on page 864 of the FY’24 National Defense Authorization Act. armed-services.senate.gov/imo/media/doc/…

The Linux kernel has been accidentally hardcoded to a maximum of 8 cores for the past 15 years and nobody noticed 🤐 thehftguy.com/2023/11/14/the…

twitter not paying whitehats. what could go wrong? this one just disclosed a vulnerability that would have allowed people to gain control of the twitter accounts of users who merely clicked malicious links

New blog post: The Return of the Frame Pointers (Fedora, Ubuntu) brendangregg.com/blog/2024-03-1…