I'll be presenting at TU Graz, Austria on November 8, 2018 18:00 @ Hörsaal i12, Inffeldgasse 16b. This is a public lecture open to anyone. The topic is "Moving Beyond `std::cout`" I'll see you there! #cplusplus

Thank you for this awesome game! vector CSAW Cybersecurity Games and Conference

Congratulations to all of the winning teams of the CSAW CTF NA edition: Perfect Blue, PPP, and RPISEC: ctf.csaw.io/scoreboard Special congratulations to LosFuzzys for being the first team at any location to solve all Sourcery (sourcery.pwnadventure.com) challenges.

I am happy to announce that Collide+Power, our new and generic software-based power side-channel technique, has been accepted at USENIX Security 2023 #usesec23. collidepower.com

I'm happy to announce that my first paper, "IdleLeak: Exploiting Idle State Side Effects for Information Leakage", has been accepted at #NDSS2024 🥳 ndss-symposium.org/wp-content/upl… Also, a huge thanks to my co-authors Andreas Kogler Jonas - j² Daniel Gruss

If you're at the NDSS Symposium, please have a chat with my PhD student Fabian Rauscher. He has worked on several interesting projects on OS/HV and processor security.

Our new paper "Generic and Automated Drive-by GPU Cache Attacks from the Browser" has been accepted at AsiaCCS! 🎉 We show basic cache attack primitives on NVIDIA&AMD, and more complex attacks on NVIDIA. You can read it and try a tiny POC here ginerlukas.com/gpuattacks/.

Announcing #SnailLoad, a website- and video-fingerprinting attack via TCP connections, without any attacker code on the victim machine: snailload.com Great collaboration with Roland Czerny, @notimaginary, Fabian Rauscher, Simone Franza and Daniel Gruss (1/3)

Excited to announce the release of the Rapid Data Analysis (RDA) framework! RDA streamlines side-channel analysis with plotting, processing, and analysis tools—usable directly from the terminal or in scripts. Check it out: github.com/0xhilbert/rda #SideChannel

Announcing #CounterSEVeillance, a novel attack on AMD SEV-SNP inferring control-flow information and operand properties from performance-counter data with single-instruction resolution. Thanks to Hannes Weissteiner, Robin Leander Schröder and Daniel Gruss for the amazing collaboration!

Got some negative or unrealistic threat model results that still bring interesting insights? A side channel that requires root to leak something from the kernel? Reproducing prior work? Somewhat related to microarchitecture? Here's your venue: uasc.cc

Reminder: Tomorrow, Florian A., lunkw1ll and I will give a talk at #38c3 about #Rowhammer at 12:00. If you want to check whether your computers are vulnerable to #Rowhammer, visit flippyr.am.

Recently, Daniel Gruss, Martin Heckel, and Florian A. gave a talk about #Rowhammer at #38C3. Now, they are looking for participants for their large-scale Rowhammer study! 🔨 Find out more about Rowhammer & participate in the study 👇 isec.tugraz.at/flippyram or flippyr.am

I am happy to announce that my first paper has been accepted at USENIX Security! We propose TEEcorrelate, a mitigation that statistically decorrelates reported performance counters from real ones during TEE execution.