Superb research about real-world side channel attacks on Yubikeys, very cool write up, and a special bonus for using the word “epsilonesque” on page 8

The Azrieli Foundation International Postdoctoral Fellowship for the 2025-26 academic year is open for applications. The deadline to apply is November 18, 2024. Happy to host you in my lab! More details here: azrielifoundation.org/fellows/intern…

תכלה שנה וקללותיה, תחל שנה וברכותיה. Wishing you all a beautiful and different new year.

Lovely - very difficult to implement a time-based countermeasure when the adversary controls the timers!

Spec-o-Scope: Cache Probing at Cache Speed - Exploiting microarchitectural weird gates for cache attacks with measurement time of only 5 cycles! Congratulations to my student Gal Horowitz for this great work and a distinguish paper award at ACM CCS 2024! Joint work with Yuval Yarom.

Good luck to the morning session of the introduction to computer networks course. An honor to teach this incredible generation.

Apple indeed added a feature called "inactivity reboot" in iOS 18.1. This is implemented in keybagd and the AppleSEPKeyStore kernel extension. It seems to have nothing to do with phone/wireless network state. Keystore is used when unlocking the device. github.com/search?q=repo%…

Got some negative or unrealistic threat model results that still bring interesting insights? A side channel that requires root to leak something from the kernel? Reproducing prior work? Somewhat related to microarchitecture? Here's your venue: uasc.cc

CFP for uASC 25 is still open. We have rolling reviews, and 1 submission is already accepted. If you have interesting results on microarchitecture security (incl. weak threat models or reproducing prior work), check out the CFP at uasc.cc The CFP closes **Jan 28**

The uASC registration is open now: uasc.cc Also the uASC deadline is approaching: January 27 AoE. We accept papers, posters, and talks. We have conference proceedings. We're interested in any insights broadly around microarchitecture security.

This is a great venue (and I'm on the CFP board) - please consider submitting your talk!

This story of a NYC rent-a-bike arbitrage/scam/hack is a great lesson in threat modeling. What the commenters missed is that a few blocks away, chaps in nice suits make much more money by doing basically the same thing, only with stocks instead of bikes. 🚲reddit.com/r/Citibike/com…

I am chairing the second edition of the microarchitecture security conference (uASC'26). Paper deadline for the first cycle is July 15. Please spread the word, submit, and/or join us in charming Leuven in February 2026! More info: uasc.cc

Trying out Veo 3, adding some funny twist to this classic

Standing room only for Ran Bar-Zik's keynote at @OWASP #AppSecIL!

youtube.com/watch?v=RALbD5…

🍿 From soldering irons to silver screens… Every great story deserves a premiere — and so does your research. Submit your Call For Papers (CFP) to #hw_ioNL2025 and show the world your Oscar-worthy bugs. Know More: hardwear.io/netherlands-20… #CFP #callforpapers #hardwaresecurity