BlindSide allows attackers to “hack blind” in the Spectre era. That
is, given a simple buffer overflow in the kernel and no additional
info leak vulnerability, BlindSide can mount BROP-style attacks in the
speculative execution domain to repeatedly probe and derandomize the
kernel address space, craft arbitrary memory read gadgets, and enable
Raccoon is a timing vulnerability in the TLS specification, related
to Diffie-Hellman key exchanges.
A Time Leap Challenge for SAT-Solving,
by Johannes K. Fichte, Markus Hecher, and Stefan Szeider.
“We compare the impact of hardware advancement and algorithm
advancement for SAT-solving over the last two decades. In particular,
we compare 20-year-old SAT-solvers on new computer hardware with modern
SAT-solvers on 20-year-old hardware.”
Entangelement Wedge Reconstruction and the Information Paradox,
by Geoffrey Penington.
AVIF has landed, a new image format derived from the keyframes of AV1 video.
Hacking Ethernet out of Fibre Channel cards, by Ben Cox.
FVWM 3, the successor to fvwm2.