Artificial Intelligence and life in 2030

Artificial Intelligence and Life in 2030 Stanford University, 2016 Strictly speaking, this isn’t a research paper, it’s a report from the Stanford University One hundred year study of Artificial Intelligence, “a long-term investigation of the field of Artificial Intelligence (AI) and its influences on people, their communities, and society.” A 100 year study is hard … Continue reading Artificial Intelligence and life in 2030

The Honey Badger of BFT protocols

The Honey Badger of BFT Protocols Miller et al. CCS 2016 The surprising success of cryptocurrencies (blockchains) has led to a surge of interest in deploying large scale, highly robust, Byzantine fault tolerant (BFT) protocols for mission critical applications, such as financial transactions. In a ‘traditional’ distributed system consensus algorithm setting we assume a relatively … Continue reading The Honey Badger of BFT protocols

Twice the bits, twice the trouble: vulnerabilities induced by migrating to 64-bit platforms

Twice the bits, twice the trouble: vulnerabilities induced by migrating to 64-bit platforms Wressnegger et al. CCS 2016 64-bit is not exactly new anymore, but many codebases which started out as 32-bit have been ported to 64-bit. In this study, Wressnegger et al. reveal how a codebase originally written for 32-bit, and which is perfectly … Continue reading Twice the bits, twice the trouble: vulnerabilities induced by migrating to 64-bit platforms

Generic attacks on secure outsourced databases

Generic Attacks on Secure Outsourced Databases Kellaris et al. CCS 2016 Here’s a really interesting paper that helps to set some boundaries around what we can expect from encrypted databases in the cloud. Independently of the details of any one system (or encryption scheme), the authors look at what data it is possible to recover … Continue reading Generic attacks on secure outsourced databases

Acing the IOC game: toward automatic discovery and analysis of open-source cyber threat intelligence

Acing the IOC game: toward automatic discovery and analysis of open-source cyber threat intelligence Liao et al. CCS 2016 Last week we looked at a number of newly reported attack mechanisms covering a broad spectrum of areas including OAuth, manufacturing, automotive, and mobile PIN attacks. For some balance, today's paper choice looks at something to … Continue reading Acing the IOC game: toward automatic discovery and analysis of open-source cyber threat intelligence

Error handling of in-vehicle networks makes them vulnerable

Error handling of in-vehicle networks makes them vulnerable Cho & Shin, CCS 2016 In a previous edition of The Morning Paper we looked at how many production errors can be tracked back to error / exception handling. But today's paper is something special. It studies the properties of the Control Area Network (CAN) protocol used … Continue reading Error handling of in-vehicle networks makes them vulnerable