🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Thrilled to have defended my thesis today! I am very grateful to my supervisors and mentors, to my colleagues (the PhD hat is so sweet!), friends, and family. And a big thank you to the committee and the audience. I am looking forward to an in-person celebration, when possible 🎉

I am honored to announce that our (ahmad, hamed, Michael Schwarz, Christian Rossow (@[email protected])) work on automatic discovery of side channels was accepted at USENIX Security '21. We developed Osiris, a fuzzer searching for instructions that can be abused as microarchitectural timing side channels. (1/3)

Yesterday I successfully defended my PhD thesis :D I want to use this opportunity to thank everyone that was part of this journey(be it family, friends, colleagues, or peers in our field). You all contributed to making this a wonderful experience. Thank you so much!

Great work by a bunch of awesome researchers! If you ever wondered how deploying a CSP works (or does not work) for folks that have not read the CSP standard cover to cover, look no further.

Together with Yasemin Acar, I am workshop's co-chair for NDSS Symposium 2022. Get your proposals in until October 3! All details available at ndss-symposium.org/call-for-works…. We particularly encourage proposals that involve junior members in the reviewing process! Spread the word :-)

Well-designed content security policies (CSP) should be able to prevent cross-site scripting attacks. But do they actually keep your application secure? Or do they fail in practice? Let's find out, at #FuzzConEurope fuzzcon.eu/2021/session/l…

Out of 7 trips with Deutsche Bahn Personenverkehr between my hometown and Zurich, not a single trip concluded without major delays. In today’s episode: train starts 35 minutes late. Ah btw the next train to Zurich has high demand so good luck with that seat reservation.

Super excited to see a student I supervised win a price for his Bachelor Thesis! Moritz Wilhelm, a student in my group and now Master student at Saarland Informatics Campus Universität Saarland won the CAST price for best bachelor thesis (cispa.de/en/news-and-ev…)

Well deserved, Ben! I could not have wished for a better academic mentor/advisor. I saw that swag.cispa.saarland/jobs.html features some new pointers for prospective PhD students. This is an excellent place to be for Web research, don't miss out on the opportunity folks.

Apparently I have a hat now!

My team @google is hiring software engineers with a security background in the bay area. We are developing various security scanning tools with a focus on quality and scale. Many of our tools are open source. PM me for details and please RT.

Oh man, time really does fly. I still remember attending this MAD workshop in 2019, go crazy and submit your Web Security research!

I am happy and very excited to be presenting V8 Security’s latest fuzzing work at HITCON!

The Web is going MAD again! Join us for the 6th #MADWeb (Measurements, Attacks, and Defenses for the Web) workshop NDSS Symposium on March 1, 2024! Please, help us spread the words. Paper submission deadline: Jan 10 AoE CfP: madweb.work CC Yinzhi Cao

OMG, our "Cookie Crumbles" paper got into the Top-10 Web Hacking Techniques of 2023 by PortSwigger Research! Have a look at the paper if you haven't yet usenix.org/conference/use… and check the other outstanding finalists! Thank you ❤️

Want to help us to keep OSS infra a tad more secure? It even has the AI/ML label attached, so jump aboard the hype train and contribute some detectors to the Tsunami network scanner.

Lujo (Lujo Bauer) and I are seeking nominations for service on the program committee for USENIX Security '25. You may nominate yourself or someone else by Friday, May 24, 2024: forms.gle/VAWFhYzuBQo6kP….

Ben’s group is THE place to be. Go apply and once you are done with academia let me show you how to have fun at Google these days :)