After we conjugated through all possible permutations of "apply ML wrongly to a security problem which is, in fact, adversarial", I really do not like how some people seem to like going through "conjugate through all possible permutations of how these can be broken"....
3
4
36
infosec academia: solving problems no one had since 2004
8
9
3
48
Infosec academia found Spectre and Meltdown, built Nexmon, weaponized Rowhammer, ended MD5, and built more effective forks of AFL than I can count. Infosec academia is doing just fine.
4
5
1
61
Disagree on Spectre and Meltdown; Jann Horn and Paul Kocher were not infosec academia and were the first discoverers (academia reverse engineered from Linux changes); AFL forks: Not sure whether stringent evaluation will confirm the "more effective" claim. Agreed on Nexmon & RH.
5
1
17
I am not academia either.
1
7
So lots of bad papers come out of infosec academia, but certainly, there is a lot of good stuff coming from academia. With the exception of Spectre/Meltdown, the side channel space is completely dominated by academia. CFI started in academia. etc.
3
1
18
Replying to @anders_fogh @halvarflake @dakami @0xcharlie
CFI didn't start in academia but with yours truly ;). hint: pax-future.txt

Dec 11, 2018 · 9:04 PM UTC

2
6
1
22
Replying to @paxteam @halvarflake @dakami @0xcharlie
I should have guessed that. Apologies.
2
6
Replying to @paxteam @halvarflake @anders_fogh @dakami @0xcharlie
The first paper calling it CFI to my memory is the one from Microsoft at CCS2005, so not academia either
1