Download on the App Store Open In Castro
Podcast artwork

04/15/22: When Memory Guards are Crooked and Become Speculating Snitches with Andrea Mambretti

Boston Computation Club

April 15, 2022

55 minutes

Andrea Mambretti is a system security researcher at IBM Research Europe, Zurich Laboratory.  He received his Ph.D. from Northeastern University, in the SecLab under the supervision of Engin Kirda.  Since 2011, he's participated in several CTF competitions (Ictf, Ructf, Defcon and others) with both the TowerOfHanoi and Shellphish teams.  (Audience members will surely fall into two partitions: those who are more impressed by Andrea's PhD, and those who are more impressed by his membership in Shellphish 😉).  Today, Andrea joined us to discuss some of his security research into ROP attacks, specifically attacks that exploit timing-based side-channels caused by speculative execution.  This research builds on the academic legacy of attacks like Spectre, but formalizes the relevant threat models and explores the full space of relevant attack varieties.  The talk was fun, technical, and exciting.  We concluded with a question-and-answer/discussion section, mostly centered on (a) attack realizability against differing architectures, and (b) mitigations/defenses.  This was a great talk, and we hope you enjoy it post-hoc!

Or Listen Elsewhere

Listen On Apple Podcasts
Listen In Pocket Casts
Listen In Overcast
Subscribe to RSS