Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud, by Mehmet Sinan Inci, Berk Gulmezoglu, Gorka Irazoqui, Thomas Eisenbarth, and Berk Sunar. “[W]e present a full-fledged attack that exploits subtle leakages to recover RSA decryption keys from a co-located instance.”
BADA55 Crypto, “the BADA55 Research Team has discovered that none of the standard Brainpool curves below 512 bits were generated by the standard Brainpool curve-generation procedure.” (PDF)
How Distributed Systems Respond to Degraded Hardware, by Dan Luu.
Two Different Flavors of Type Theory, Danny Gratzer compares formal and computational type theory.
libwaive is a tiny library that provides waive(), a function that allows a process to waive its right to perform certain actions. It is inspired by Theo de Raadt’s tame() system call.
Field Experience With Annex K – Bounds Checking Interfaces, as terrible as you’d expect.
What are Optotypes?, Eye Charts in Focus.
Monochrome Chess, designed by Andrew Looney. “It violates ages-old convention, and will confound and befuddle on-lookers.”
Nihilistic Password Security Questions, by Soheil Rezayazdi.
Spoofing Fitness Trackers, brave new world.