After we conjugated through all possible permutations of "apply ML wrongly to a security problem which is, in fact, adversarial", I really do not like how some people seem to like going through "conjugate through all possible permutations of how these can be broken"....
3
4
36
infosec academia: solving problems no one had since 2004
8
9
3
48
Infosec academia found Spectre and Meltdown, built Nexmon, weaponized Rowhammer, ended MD5, and built more effective forks of AFL than I can count. Infosec academia is doing just fine.
4
5
1
61
Disagree on Spectre and Meltdown; Jann Horn and Paul Kocher were not infosec academia and were the first discoverers (academia reverse engineered from Linux changes); AFL forks: Not sure whether stringent evaluation will confirm the "more effective" claim. Agreed on Nexmon & RH.
5
1
17
I am not academia either.
1
7
So lots of bad papers come out of infosec academia, but certainly, there is a lot of good stuff coming from academia. With the exception of Spectre/Meltdown, the side channel space is completely dominated by academia. CFI started in academia. etc.
3
1
18
CFI didn't start in academia but with yours truly ;). hint: pax-future.txt
2
6
1
22
I should have guessed that. Apologies.
2
6
While there were ideas to restrict control-flow before CFI, CFI was formalized and implemented in academia then iterated on several times. We try to explain the situation and give an overview in our survey: nebelwelt.net/publications/f…
2
4
9
Replying to @gannimo @anders_fogh @halvarflake @dakami @0xcharlie
as for 'formalized', it's wrong too, if you read and understand their model, it's basically a tautology (assumes a model in which control flow violations aren't possible then "proves" it). btw, where's any mention of RAP (or FPValidator for that matter) in your 'survey'?

Dec 11, 2018 · 11:11 PM UTC

3
3
Replying to @paxteam @anders_fogh @halvarflake @dakami @0xcharlie
I invite you to write up what RAP does so that we have a clear description that can be used to compare it to other work. As is, the presentation is too sparse for a clear cut comparison. We could fuzzy cite it but then you'll not be happy either.
3
2
in your very next tweet you admit that you do in fact know what it does and even tried to compare it (given that the kernel version of RAP has been open source for years now). next lame excuse? btw, how can you cite aslr.txt given the above requirements?
1
more replies
Replying to @paxteam @anders_fogh @halvarflake @dakami @0xcharlie
Also, we once tried to compare against RAP in a project but ran into compatibility issues and gave up in the end as it was not worth the effort compared to the (stronger?) LLVM-CFI/shadow stack combination.
1
1
1
2
what compatibility issues and why did you never report anything to me? FWIW, the public version works with linux fine, it's production quality.
2
Replying to @paxteam @gannimo @anders_fogh @halvarflake @dakami @0xcharlie
If you want your work cited, go write it up properly. Academia frowns on citation of commercial tools without at least a whitepaper explaining and evaluating the research.
2
2
i never wrote up ASLR 'properly' either yet that didn't prevent anyone from referencing aslr.txt. how do you explain that? also the kernel version of RAP is open source, what prevents you from seeing yourself how it works?