Most deep neural networks are trained by stochastic gradient descent. Now “stochastic” is a fancy Greek word for “random”; it means that the training data are fed into the model in random order. So what happens if the bad guys can cause the order to be not random? You guessed it – all bets are … Continue reading Data ordering attacks
Today, Richard Grisenthwaite (Arm SVP and Principal Architect) announced that Arm is releasing their first simulator for the CHERI-extended Morello architecture, the Morello FVP (Fixed Virtual Platform), and also an open-source software stack that includes their adaptation of our CHERI Clang/LLVM to Morello, and early work on Morello support for Android. These build on the Morello architecture specification, released in late September 2020. We are releasing a first developer preview release of the CHERI reference software stack ported to Morello – intended to show a rich integration of CHERI into a contemporary OS design, as well as demonstration applications. This stack includes CheriBSD, a BSD-licensed reference design and open-source applications adapted to CHERI including OpenSSH, nginx, and WebKit.
We are pleased to announce two new research and/or software-development posts contributing to the CHERI project and Arm’s forthcoming Morello prototype processor, SoC, and development board. Learn more about CHERI and Morello on our project web site. Fixed-term: The funds for this post are available for up to 2 years, with the possibility of extension … Continue reading Job ad: Research Assistants/Associates in Compilers or Operating Systems for CHERI and the Arm Morello Board
Does the road wind up-hill all the way? Yes, to the very end. Will the day’s journey take the whole long day? From morn to night, my friend. Christina Rossetti, 1861: Up-Hill. This week’s COVID briefing paper takes a personal perspective as I recount my many adventures in complying with a call for testing from … Continue reading Of testing centres, snipe, and wild geese: COVID briefing paper #8
Deep neural networks (DNNs) have been a very active field of research for eight years now, and for the last five we’ve seen a steady stream of adversarial examples – inputs that will bamboozle a DNN so that it thinks a 30mph speed limit sign is a 60 instead, and even magic spectacles to make … Continue reading How to jam neural networks
Jurassic Park is often (mistakenly) left out of the hacker movie canon. It clearly demonstrated the risk of an insider attack on control systems (Velociraptor rampage, amongst other tragedies…) nearly a decade ahead of the Maroochy sewage incident, it’s the first film I know of with a digital troll (“ah, ah, ah, you didn’t say … Continue reading Three Paper Thursday: Vulnerabilities! We’ve got vulnerabilities here! … See? Nobody cares.
Software Guard eXtensions (SGX) represents Intel’s latest foray into trusted computing. Initially intended as a means to secure cloud computation, it has since been employed for DRM and secure key storage in production systems. SGX differs from its competitors such as TrustZone in its focus on reducing the volume of trusted code in its “secure … Continue reading Three Paper Thursday: What’s Intel SGX Good For?
I’m at Financial Cryptography 2020 and will try to liveblog some of the talks in followups to this post. The keynote was given by Allison Nixon, Chief Research Officer of Unit221B, on “Fraudsters Taught Us that Identity is Broken”. Allison started by showing the Mitchell and Webb clip. In a world where even Jack Dorsey … Continue reading FC 2020
There has been a lot of ‘fog of war’ regarding the alleged implantation of Trojan hardware into Supermicro servers at manufacturing time. Other analyses have cast doubt on the story. But do all the pieces pass the sniff test? In brief, the allegation is that an implant was added at manufacturing time, attached to the … Continue reading Making sense of the Supermicro motherboard attack
Back in March I gave an invited talk to the Cambridge University Ethics in Mathematics Society on the Crypto Wars. They have just put the video online here. We spent much of the 1990s pushing back against attempts by the intelligence agencies to seize control of cryptography. From the Clipper Chip through the regulation of … Continue reading History of the Crypto Wars in Britain