Mathias Payer @gannimo Twitter profile

Last Seen Profiles

@cukienaknikmati

@BacicotBj

@penyukastw21

@JackDHolmes98

@AngelSa88718846

@stw_pdg

@Hamu_213

@thereallexilee

@KoneksiTerbatas

@Iraqi22ga

@cozyreinsfw

@thelboux

@JumperExtra

@stardust_reina

@STJSHARKSBSBALL

@PShenna95002

@asu_ars27551

@mako_grandma

@freshome

@GilesTamer40028

@nikos_gr1

@wayvbula

@JO6yeD42hJLl1PS

@VincyChanRsrch

@H0bcntw2uPI6Zp2

@galery_basah10

@jk1_ym

@bokeplokalmalam

@CemB

@ferrimas19

@SanjuanAle22178

@NNPP19983

@ringan_ksatria

@Naive364432

@romcna

@PiluPritis

Mathias Payer

@gannimo

7 years

Poor Marvin, sometimes life as a security robot is just too tough.

Bilal Farooqui

@bilalfarooqui

7 years

Our D.C. office building got a security robot. It drowned itself. We were promised flying cars, instead we got suicidal robots.

4K

106K

244K

8

252

1K

Mathias Payer

@gannimo

3 years

Some go fast, others are thorough. After a 6 year PhD, 2 year PostDoc, 7 years as AsstProf; 38 top tier papers, 10 graduated PhDs, and 7.5mio in funding, I was awarded tenure @EPFL_en . I thank my amazing students and collaborators, you made this possible!

81

20

759

Mathias Payer

@gannimo

4 years

Quick permission comparison for different Android apps. #SwissCovid only asks for permissions related to digital contact tracing, nothing more. Full source code:

17

329

639

Mathias Payer

@gannimo

4 years

BLURtooth (CVE-2020-15802) exploits the lack of cross-transport key validation, allowing an attacker to bypass BT and BLE security mechanisms to MITM, impersonate, or establish sessions with arbitrary devices.

2

278

611

Mathias Payer

@gannimo

4 years

Ever wondered about the security of your USB stack? We've explored it and found 10 CVEs on Linux and several crashes on Windows and MacOS with just a bit of fuzzing. Paper is ready, source will come at #SEC20 : Comments welcome!

5

142

507

Mathias Payer

@gannimo

5 years

Interested in binary rewriting, fuzzing, or sanitization? Introducing RetroWrite, our binary rewriting platform with AFL and ASan compatible transformations. Paper: Source: reproduce our results:

8

179

429

Mathias Payer

@gannimo

3 years

Intel deprecates SGX in their new 12th Generation Intel Core CPUs. Bad news for DRM and we'll need new targets for side channels!

25

83

363

Mathias Payer

@gannimo

3 years

You've been fuzzing and now have 254,000 unique crash seeds? Fear no more, our Igor (reference to Terry Pratchett's Discworld) has got you covered and will reduce the crashes to 48 unique bug clusters. To be presented at @acm_ccs

3

70

317

Mathias Payer

@gannimo

4 years

Third #DP3T real-life test @vbs_ddps / @EPFL_en . 100 soldiers are testing the beta app for 24 hours in day to day life. To collect ground truth, they exchange business cards (noting time and duration) for each observed contact that we then crosscheck.

9

58

248

Mathias Payer

@gannimo

5 years

@moxie Have a look at #DP3T white papers where we discuss the tradeoffs at length. Data transfer for infected idsis not that bad and no location is needed.

4

40

204

Mathias Payer

@gannimo

2 years

As it turns out, compilers happily spill the index for indirect jumps through a jump table after bounds checking, creating a TOCTTOU race for arbitrary control-flow hijacking. Check out our @HexHiveEPFL @IEEESSP "WarpAttack" paper:

2

51

200

Mathias Payer

@gannimo

5 years

Today we conducted real life experiments @EPFL_en to establish ground truth for BLE proximity tracing with our #DP3T app to fight #COVID19 ! Thanks to @vbs_ddps for subjects, @CHUVLausanne for testing yesterday, and @EPFL_en for fast ethics turnaround. Now off to crunch data!

8

40

198

Mathias Payer

@gannimo

4 years

Fresh from the oven: our Swiss-branded #DP3T preview apps (developed with @ubique_ch ). Note that development and security reviews continue!

8

96

194

Mathias Payer

@gannimo

6 years

According to my minions, it works in reverse too!

0

74

186

Mathias Payer

@gannimo

5 years

Big news: #DP3T is going official, with support from @BAG_OFSP_UFSP we are working on the official Swiss app for decentralized, privacy-preserving proximity tracing!

EPFL and ETH Zurich advance digital contact tracing project

Secure contact tracing could be a powerful tool to fight the spread of COVID-19. A unique, decentralized system developed as part of an international consortium, including EPFL and ETH Zurich, will...

news.epfl.ch

6

79

187

Mathias Payer

@gannimo

7 years

Flash is dead (percentage of Chrome users visiting at least one page with flash per day) by @laparisa #NDSS18

20

60

169

Mathias Payer

@gannimo

2 months

Super honored to receive a @USENIXSecurity #security24 distinguishing paper award for our work on finding bugs in hypervisors. HyperPill is available at

6

5

181

Mathias Payer

@gannimo

6 years

Rejecting papers is fine. But, as a community, can we agree that any reject *must* include either a paragraph on what is expected for an accept or a reason why the paper is fundamentally flawed? Receiving strong rejects w/o feedback on how to improve is tough.

9

28

160

Mathias Payer

@gannimo

4 years

Today we conducted the second set of #DP3T real life experiments @EPFL_en with the help of @vbs_ddps , collecting both ground truth using our measurement app as well as an alpha test of our decentralized #COVID19 tracing app for both iOS and Android. Exciting times!

4

43

167

Mathias Payer

@gannimo

5 years

I'm deeply humbled to receive two prestigious European single PI grants this year: an @ERC_Research Starting Grant to combine the powers of testing and mitigation and an @snsf_ch Eccellenza grant to scale software security testing to massive code bases. #HexHive all the way! 🐝🤗

EPFL Computer and Communication Sciences

@ICepfl

5 years

Congratulations to IC professor @gannimo on another funding award for 2019: the @snsf_ch #Eccellenza Grant! He will use it to support an open-source project that aims to develop methods for identifying #software #security bugs.

0

2

34

21

10

162

Mathias Payer

@gannimo

4 years

To fuzzing academics: use Magma, a ground truth fuzzing benchmark that detects when your fuzzer reaches, triggers, and detects a bug and introduces a novel time to bug metric to compare to other fuzzers. arXiv paper coming soon. Feedback welcome!

6

48

161

Mathias Payer

@gannimo

6 years

Draft of my open book "Software Security: Principles, Policies, and Protection" available at Intended audience: developers/advanced students. Comments, feedback, and questions very welcome!

5

79

156

Mathias Payer

@gannimo

4 years

Who's using ASan and wants a ~50% performance improvement during fuzzing? #HexHive presents FuZZan, ASan optimized for high speed fuzzing, to be presented at @usenix ATC20. Source will be up soon! Comments welcome!

1

35

148

Mathias Payer

@gannimo

5 years

A note to my peers reviewing our papers: strongly rejecting a paper because of related work that will be published *after* we get your review is not OK. Please check your timeline. Also, please get past strongly defending your turf, this is exactly how you destroy a community. 😧

7

12

141

Mathias Payer

@gannimo

5 years

After releasing the SDKs earlier this week, we're openly releasing our #DP3T prototype applications (with people-friendly UI) for iOS and Android Get them while they are fresh and test them like crazy!

7

54

131

Mathias Payer

@gannimo

5 years

Instead of focusing on binary code similarity (which is NP complete), we focus on code behavior, capturing and abstracting input/output behavior as IO vectors that define what a function does (and not how the code looks like). Preprint:

5

46

129

Mathias Payer

@gannimo

4 months

Major life achievement: on Friday I got up at 1h30 and climbed Mont Blanc from the Tête Rousse in 15hrs. A breathtaking experience that was extremely physically challenging. Several hours of climbing and extended walks on steep glaciers. A day I will always remember. 🧗🏔️

9

0

129

Mathias Payer

@gannimo

6 years

After a short responsible disclosure process and a few leaks, I'm excited to announce that I'll join @EPFL this fall. Looking forward to start (and continue) collaborating with all the great faculty at @ICepfl . #HexHive is going international!

23

11

123

Mathias Payer

@gannimo

8 years

Interested in fuzzing but did not have time to read all that AFL docs? Go watch that introductory talk

BSidesSF 113 Fuzz Smarter Not Harder An afl fuzz Primer Craig Young

These are the videos from BSides San Francisco 2016:http://www.irongeek.com/i.php?page=videos/bsidessf2016/mainlist

www.youtube.com

0

56

121

Mathias Payer

@gannimo

5 years

"FuzzGen: Automatic Fuzzer Generation" (synthesizing libFuzzer stubs through reflective full system analysis), jointly between @ICepfl #HexHive and folks at Google has been accepted at @USENIXSecurity #SEC20 . Stay tuned for full source and paper.

2

16

123

Mathias Payer

@gannimo

5 years

Happy to announce that #HexHive @ICepfl @EPFL_en receives an @ERC_Research #ERCStG for researching techniques to protect systems against current and future software vulnerabilities 🤩👩‍🔬👨‍🔬👾 Thanks to all who provided feedback on the proposal!

Mathias Payer receives ERC Starting Grant

School of Computer and Communication Sciences (IC) Professor Mathias Payer has been selected to receive a 2019 European Research Council (ERC) Starting Grant to support open-source research in...

actu.epfl.ch

16

8

123

Mathias Payer

@gannimo

4 years

Happy to announce that WOOT'21 @wootsecurity will be co-located at @IEEESSP and in association with @usenix in May 2021. Mark your calendar and submit your awesome work Jan27 (abstracts) and Jan29 (papers)---yes, earlier than usual. Details:

0

36

121

Mathias Payer

@gannimo

3 years

@Facebook First assumption: it's DNS (as DNS servers died and DNS traffic spiked everywhere), but it was BGP! (ht to @paul_pearce for the meme). @Cloudflare has a neat write-up that's generally accessible

2

28

112

Mathias Payer

@gannimo

2 years

Thank you @USENIXSecurity for rejecting our major revision and for delaying the notification by two months. It's gonna be an amazing experience to explain to the students about how the review process is not broken. Very frustrated right now about revisions.

11

3

120

Mathias Payer

@gannimo

4 years

Happy to share the camera ready for MAGMA (for SIGMETRICS'21), a ground truth fuzzing benchmark. Fuzzers are compared based on real bugs on real software, with ground truth. If you're into #fuzzing , get in touch and use MAGMA for your evaluation!

3

24

117

Mathias Payer

@gannimo

6 years

Want to protect the backward edge against ROP? CFI is too weak and parallel shadow stacks have security implications. We did a large security/performance study of shadow stacks (and implemented all of them). See the preprint at: We'd love to hear feedback!

Shining Light On Shadow Stacks

Control-Flow Hijacking attacks are the dominant attack vector against C/C++ programs. Control-Flow Integrity (CFI) solutions mitigate these attacks on the forward edge,i.e., indirect calls through...

arxiv.org

4

55

115

Mathias Payer

@gannimo

3 years

Dear reviewer 2: seriously? WTF? Context: strong reject because we (obviously) do not compare against related work coming out in 3 months from now (>6 months after our submission). Sigh. I'd love for other reviewers to call out such inconsistencies.

12

2

115

Mathias Payer

@gannimo

4 months

Some top tier conferences have a heavy geographical bias. Software engineering leads in diversity while security mostly sticks to the US. We need to start moving! @NDSSSymposium @IEEESSP @USENIXSecurity live map:

9

26

117

Mathias Payer

@gannimo

6 years

After a long disclosure process we release #SMoTherSpectre , a transient execution attack that uses port contention as a side channel (instead of caches) to leak register/memory data. Details: paper: PoC:

GitHub - HexHive/SMoTherSpectre: Proof-of-concept code for the SMoTherSpectre exploit.

Proof-of-concept code for the SMoTherSpectre exploit. - HexHive/SMoTherSpectre

github.com

2

68

116

Mathias Payer

@gannimo

3 years

Arguably, the most important contribution to writing our paper I made today.

2

5

115

Mathias Payer

@gannimo

6 years

Live demo of foreshadow to extract data from SGX enclaves. #usesec18

1

27

113

Mathias Payer

@gannimo

2 years

Are you working with stubborn aarch64 code? Check out @cyan_pencil 's upcoming @USENIXSecurity #SEC23 paper on efficiently rewriting ARM binaries. Insight: using heuristics for optimization on a safe baseline is key! Comments welcome!

4

13

113

Mathias Payer

@gannimo

7 years

Missed my talk about type confusion at #34c3 ? Check out slides video and code

GitHub - HexHive/HexType: HexType: Efficient Detection of Type Confusion Errors for C++

HexType: Efficient Detection of Type Confusion Errors for C++ - GitHub - HexHive/HexType: HexType: Efficient Detection of Type Confusion Errors for C++

github.com

2

62

108

Mathias Payer

@gannimo

5 years

Holy fuck, just got the @acm_ccs reviews. What a shit show. Why must systems/software security folks be so massively negative? 😭

23

2

103

Mathias Payer

@gannimo

3 years

Have you ever wondered what #fuzzing is all about? Are you starting research in fuzzing? Join me and let's ride the fuzzing hype train together! @RAID_Conference

Riding the Fuzzing Hype Train (RAID'21 Keynote)

Fuzzing has established itself as the key technique to discover vulnerabilities in code. Let me take you on a journey through key fuzzing techniques while ex...

www.youtube.com

2

26

104

Mathias Payer

@gannimo

5 years

FirmFuzz, deep analysis of embedded firmware, fuzzing exposed web interfaces. This was extremely hard to publish (workshop instead of con) as reviewers wanted us to scale to 1000s of firmwares (darn you @aurelsec 😉) instead of deep analysis of a few

1

28

103

Mathias Payer

@gannimo

1 year

Reviewers: I see that your approach is novel and that you evaluated it extensively over several years of effort. Why don't you also get this adopted in practice and run some user studies in addition to what you already did? Gotta love systems/security reviewers 🫶🫶🫶

5

2

103

Mathias Payer

@gannimo

4 years

Interested in finding bugs but ASan is sucking up too much memory and too slow for your x86-64 binaries? FuZZan (presented today at #ATC20 ) will double your throughput. Source: Paper:

0

36

103

Mathias Payer

@gannimo

4 years

Want to learn what the fuzz is all about? We're about to embark on a 4 day @nullcon journey on the FuzzTrain. Day 0x01: let's get the engine started and burn those cycles!

2

20

100

Mathias Payer

@gannimo

5 years

We're simulating real-life scenarios, measuring BLE proximity with the help of the Swiss military in ground truth experiments. We'll of course openly release all data after processing! #DP3T

Pascal Fua

@FuaPv

5 years

06:50, EPFL campus: The army is here to help us perform a COVID experiment ( #D3PT ) that should help speed up the end of the crisis

3

21

101

4

30

99

Mathias Payer

@gannimo

5 years

On one hand I'm answering debug requests about a prototype I opensourced 8 years ago. On the other hand, our Oakland paper gets rejected because all 3 reviewers require us to compare against two competitors that are not even available on request. Why do we even bother? 😩🤔

4

5

102

Mathias Payer

@gannimo

5 years

Despite rejecting our #ISCA20 paper, I'm happy with the process. We received 5 thoughtful reviews, an extensive 2 paragraph discussion of our rebuttal, and strong suggestions on how to improve. All this despite >400 papers. This encourages me to look more at non-security venues!

2

4

101

Mathias Payer

@gannimo

2 years

Exactly 10 years after starting my post doc @UCBerkeley with @dawnsongtweets , we're returning to California for my sabbatical @iseclab @ucsantabarbara where I'll work with @giovanni_vigna and Chris on exciting system security challenges. Holler if you're nearby!

2

98

Mathias Payer

@gannimo

4 years

I usually stay out of politics on twitter but the current situation requires a statement. I stand with #BlackLivesMatter . The massive amount of systematic social injustice was one of the reasons why we left the United States. Stay safe my friends and fight the good fight!

0

4

95

Mathias Payer

@gannimo

4 years

Modest proposal to PC chairs: all missing reviews, after the grace period, will be interpreted as strong accepts. This would curb reviewing delays and help us in the push towards #PositiveReviewing 😉

10

2

97

Mathias Payer

@gannimo

3 years

This year, we published in SIGMETRICS, ICSE, ISSTA, MICRO, ISCA, and ASPLOS. Some papers were repeatedly harshly rejected from security venues but accepted openly at SE/SYS/ARCH venues. It's easy to reject, as reviewers, let's search for reasons to accept! #PositiveReviewing

6

10

97

Mathias Payer

@gannimo

18 days

When fuzzers play Doom (or learn to dance Tango). Our paper on automatic state inference through coverage abstraction received the best paper award @RAID_Conference . Congrats @PickleBryne and @qiangliu717 !

3

15

96

Mathias Payer

@gannimo

6 years

Interested in exploitation? Check out automatically synthesizing data-only exploits through Block-Oriented Programming from #CCS18 . Quick intro: and a readme so that you can play with the source:

GitHub - HexHive/BOPC: Block Oriented Programming -- Compiler

Block Oriented Programming -- Compiler. Contribute to HexHive/BOPC development by creating an account on GitHub.

github.com

1

36

94

Mathias Payer

@gannimo

4 years

TFW your president installs the app you worked on day and night for the last 3 months. #HighRiskHighGain

Martin Vetterli

@MartinVetterli

4 years

I just installed the #SwissCovid proximity tracing app for use on #EPFL campus! Still in pilot phase, but everyone in🇨🇭should be able to test it soon - Stay tuned! #CoronaInfoCH #COVID19 #DP3T

2

19

83

1

3

91

Mathias Payer

@gannimo

5 years

This is an amazing opportunity for our field to reduce travel. After this is all over we should organize 1-2 yearly networking events to mingle but keep conferences online!

IEEE S&P

@IEEESSP

5 years

Due to the devloping COVID-19 situation, #SP20 is being converted into an all-digital conference experience. The dates of the now digital conference will remain the same and more details will be available soon.

2

132

155

7

14

95

Mathias Payer

@gannimo

2 years

Interesting, ML/AI papers are twice as likely to be rejected than software analysis papers #NDSS2022 . Top area-wise acceptance rates are future internet architectures, security of hardware platforms, cyber-crime, and software/firmware analysis.

3

22

93

Mathias Payer

@gannimo

5 years

After ETHZ and EPFL, CISPA dropped out of @PeppPt . Step by step, academics are distancing themselves from the @PeppPt centralized "privacy through blind trust" approach and continue their #PrivacyByDesign work on #DP3T where all designs, trade-offs, and prototypes are public!

2

52

95

Mathias Payer

@gannimo

2 years

Pumped to learn that HAKCs---Hardware Assisted Kernel Compartmentalization won the distinguished paper award @NDSSSymposium . This is a first step towards multi-layer, performance-sensitive compartmentalization. Lots more to come in this exciting area!

5

7

93

Mathias Payer

@gannimo

7 years

Our paper "T-Fuzz: fuzzing by program transformation" was accepted to @IEEESSP #SP18 . Core idea: when fuzzing, don't limit yourself to input mutation, mutate the program too to trigger deep crashes! Joint #HexHive work between Hui, @Zardus , and me.

4

26

92

Mathias Payer

@gannimo

4 years

Not trusting the 10k dependencies you import? Fear no more, we present Enclosures @ASPLOSConf , first-level language support to compartmentalize untrusted components! All fame goes to @AdrienGhosn , jointly with @MariosKogias , @JamesLarus and @ebugnion

2

22

92

Mathias Payer

@gannimo

5 months

As it turns out, fuzzing IoT devices is challenging due to extremely constrained resources. We explored Cortex-M TrustZone apps to find bugs. And we found them @IEEESSP #IEEESP2024 Paper:

1

17

92

Mathias Payer

@gannimo

5 years

Not bragging but Switzerland in Fall is beautiful 🤩

2

1

90

Mathias Payer

@gannimo

2 years

Reviewer 2 (of 2): your paper does not compare against $SYSTEM that was published 1 week before the submission deadline, covers a completely different language environment, and solves an orthogonal problem. Strong reject. ♥️♥️♥️

7

3

89

Mathias Payer

@gannimo

2 months

As it turns out, the secure monitor, Android's most trusted component is full of bugs. @_chli_ and @0ddc0de discovered lots of serious issues @USENIXSecurity though fuzzing. Paper:

1

23

88

Mathias Payer

@gannimo

3 years

Mentoring other researchers is one of the most fun aspects of my job. This is the response I got form a student close to graduation when asking him about doing a post doc. The response made me incredibly sad. Folks, we need to fix this or we'll lose the next generation!

Davide Balzarotti

@balzarot

3 years

CCS came out as "Professional negligence": reviewers do not care, not about the papers, not about the conference, not about co-reviewers, not about the program chairs. Seems to me like a fairly accurate assessment of most security conferences :(

2

5

40

5

10

88

Mathias Payer

@gannimo

4 years

Interested in security? systems? or even developing secure systems? Join us for the "developing secure systems summit" with the amazing @galen_hunt @herbertbos @laparisa Andreas @convoluted_code @jhasomesh and @mmazurek_ . We kick off Nov18. Check out

2

18

84

Mathias Payer

@gannimo

5 years

Great news: over the course of an hour I received notifications that a large grant was accepted, then two papers made it into a top tier conference, and a gift grant came in! 🥳🎉 A little later, at 3:30, I was woken by a crying toddler who thought that it was daytime 🤷‍♂️🤗😴

3

0

86

Mathias Payer

@gannimo

2 years

Today I received the certificate for our @NDSSSymposium distinguished paper award for our paper "Preventing Kernel Hacks with HAKCs". Thanks! 🤗 I also thank the post for their careful treatment of the letter. As we say in 🇱🇮: it looks like a cow was trying to eat it. 🐮💌

1

86

Mathias Payer

@gannimo

4 years

We are looking for PhD students, PostDocs, and interns to join us in software and systems security projects. Our focus: {fuzzing, sanitization, mitigations} for {memory corruption, type safety violations, side channels}. Come join the 🐝🐝🐝 Please RT

EPFL Computer and Communication Sciences

@ICepfl

4 years

Mathias Payer ( @gannimo ) has openings for #PhD students in his group. Find out more about his #research at: , and learn more about our @EPFL #EDIC #computerscience PhD program:

0

6

27

1

45

84

Mathias Payer

@gannimo

5 years

Wow, #HexHive paper #SMoTherSpectre finally accepted to @acm_ccs (SP->SEC->CCS->CCS) Despite being stronger than PortSmash we struggled convincing reviewers and built a) stronger analysis, b) SMoTher gadget search tool, b) attacks against OpenSSH/SSL. Stay tuned for paper/code!

6

4

84

Mathias Payer

@gannimo

9 months

Research is an upward journey and continuous learning experience. I'm humbled by this nomination and look forward to future endeavors in software security with the goal of protecting systems. A big thank you to all my colleagues, endorsers, and nominator! @EPFL_en @ICepfl

Association for Computing Machinery

@TheOfficialACM

9 months

🌟Thrilled to introduce the exceptional individuals who have been inducted as ACM Distinguished Members for 2023. Their expertise & commitment to excellence make them invaluable contributors to our shared journey. Join us in celebrating these inductees! 👏

1

6

34

13

4

84

Mathias Payer

@gannimo

4 years

PSA: CVE-2020-15957 fixed in the @SwissCovid backend. Bug would have allowed to ignore signature check when uploading keys, allowing an attacker to sneak in keys. This was not exploited in the wild. Bug was responsibly disclosed by André Cirre.

Missing signature validation of JWT when alg=none

### Impact When dp3t-sdk-backend is configured to check a JWT before uploading/publishing keys, it was possible to skip the signature check by providing a JWT token with `"alg":"non...

github.com

2

19

81

Mathias Payer

@gannimo

3 years

TFW several papers that build on your work get accepted at top tier venues while your work is going through several major revisions just to be rejected by "that" reviewer again and again 🤷

4

2

81

Mathias Payer

@gannimo

3 years

What the fuzz is all about? I had a great time at @nohatcon talking about some recent fuzzing research. Slides: and code: Questions welcome!

2

19

81

Mathias Payer

@gannimo

6 years

Believing in numbers and fair evaluation, I've compared RAP and LLVM-CFI. RAP is faster, LLVM-CFI is more precise. RAP is incredibly hard to use and its future is uncertain while LLVM-CFI is just a command line argument away. Details at Comments welcome 🤗

18

28

79

Mathias Payer

@gannimo

10 months

#37c3 is back and it was amazing as always. Check out my blog for a quick writeup of cool hacks, a thriving community, and hacker art!

2

15

81

Mathias Payer

@gannimo

3 years

Interested in fuzzing? Wanna talk to the experts? Join us next Wed, May05 at DS3, featuring @mboehme_ , @kayseesee , and @metr0 . Mark your calendar and register at: (please RT)

1

37

79

Mathias Payer

@gannimo

5 years

You asked for more code, #DP3T delivers. We're releasing our current alpha implementations publicly and look for feedback, comments, and reviews! We have Android: iOS: and backend services:

GitHub - DP-3T/dp3t-sdk-backend: The backend implementation for DP3T

The backend implementation for DP3T. Contribute to DP-3T/dp3t-sdk-backend development by creating an account on GitHub.

github.com

2

49

77

Mathias Payer

@gannimo

3 years

The @wootsecurity WOOT'21 program is out with lots of great talks and two amazing keynotes by @natashenka and @sara_rampazzi . I'm extremely excited and you should all register as soon as we open up!

1

31

77

Mathias Payer

@gannimo

5 years

In Switzerland it's customary to serve home made cake on your birthday. As I'm at the @USENIXSecurity PC meeting, 🍩 are the next best thing!

12

2

78

Mathias Payer

@gannimo

6 years

"Side channel attacks will be the buffer overflows of the next 30 years"

1

34

78

Mathias Payer

@gannimo

8 months

As always, Herbert's @NDSSSymposium #NDSSSymposium2024 keynote blew my mind. Looking at missed opportunities of interactions between hackers and academics, Herbert @vu5ec gave us a whirlwind tour of memory corruption and possible mitigations.

5

9

76

Mathias Payer

@gannimo

2 years

Are you fuzzing virtual devices? Check out our @IEEESSP paper "ViDeZZo" which brings structural awareness and intra-message dependencies to build up complex state in virtual devices to trigger deep bugs. Paper: Source:

1

15

75

Mathias Payer

@gannimo

6 years

No love for our peripheral fuzzing at Oakland. A new technique and ~50 Linux 0days are apparently not enough these days. We should think about selling the vulns instead, it's more lucrative than publishing papers. (Nah, we'll iterate and try to better explain the advantages.)

4

10

75

Mathias Payer

@gannimo

6 years

Great fun talking about T-Fuzz at #AsiaCCS18 . Extended presentation: … paper: … source: Questions/collaborations/extensions welcome! (joint HexHive work with Hui Peng and @Zardus )

2

30

75

Mathias Payer

@gannimo

7 years

Yay, the book "The Continuing Arms Race: Code-Reuse Attacks and Defenses" where I wrote a couple of chapters in on memory/type safety and code pointer integrity (with Vova) got published:

1

21

72

Mathias Payer

@gannimo

2 years

Today marks my last day in the UCSB SecLab 🏄. It was crazy fun to spend a sabbatical in one of the most amazing security groups. I learned a lot about research and with these impressions I'll head home to the @HexHiveEPFL 🐝. Santa Barbara and the SecLab will remain in my ❤️ 🤙

1

0

75

Mathias Payer

@gannimo

4 years

Oakland early reject review: "I was unable to gleam any good takeaways from this paper, and it was hard to get through [...] I stopped reading the algorithms partway through, and it's not clear to me what a reader would gain by forcing their way through them." 👏👏👏

14

4

74

Mathias Payer

@gannimo

4 years

Today the #SwissCovid app goes live. This marks an important milestone for #DP3T and our gargantuan efforts to provide privacy-preserving proximity tracing. Looking forward to seeing many installations!

3

15

73

Mathias Payer

@gannimo

4 years

Interested in doing a PhD @ICepfl in Switzerland? I highlight some key constraints and pros/cons about doing a PhD @EPFL_en compared to doing a PhD in the US.

2

18

73

Mathias Payer

@gannimo

5 years

Saturday/Sunday submission deadlines are brutal. Good luck everyone crunching for the @USENIXSecurity deadline!

7

3

72

Mathias Payer

@gannimo

2 years

Congratulations to @PrashastSriv for passing his PhD defense "Practical Methods for Fuzzing Real-world Systems" @PurdueCS @PurSecLab @HexHiveEPFL ! He'll be off to a post doc, so stay tuned for his future publications!

5

9

73

Mathias Payer

@gannimo

1 year

En route to @USENIXSecurity and @defcon . Our group @EPFL_en @ICepfl will present 6 papers 🤯. Find us to talk about fuzzing 🐰, binary rewriting ❤️, how developers handle undefined behavior 👨‍🔬👩‍🔬, or just to banter about software security in general.

1

6

73

Mathias Payer

@gannimo

4 years

Writing grant proposals is not just about money but brainstorming with friends about challenging topics. A grant is much broader than a paper, it's about vision, not just design, implementation, and evaluation. Even if rejected, I learned from each submission. #AcademicTwitter

5

6

72

Mathias Payer

@gannimo

2 years

Honored to receive an #FSE2022 distinguishing paper award for our work on effective browser API fuzzing through the analysis of variable interactions. Credit, as always, goes to the hardworking students! Paper is at:

FSE 2025

@FSEconf

2 years

🏆🏆🏆 #FSE2022 ACM SIGSOFT Distinguished Paper Awards have been announced!! Congrats to the authors for their amazing work! 🏆🏆🏆 We will tweet out details about each paper this week.

0

8

65

4

3

72