What a great time at the NDSS Symposium in San Diego. While it is always about
meeting friends, catching up on projects, discussing new and exciting research
and looking for potential collaborations, the HexHive lab also had the pleasure
to present a total of four research papers at this conference …
The C++ language combines a massive potential for raw power with the massive
risk of type and memory safety violations. The developer is inherently
responsible for securing all executed code and to guarantee type safety and
memory safety. We are particularly focused on type safety. In C++, developers
can cast …
JavaScript engines face a dilemma: on one end, they need to be extremely
efficient as they are processing millions of lines of JavaScript code,
dynamically translating complex programs into efficient code. On the other end,
the code may be controlled by an attacker that is trying to exploit bugs in …
Sanitizers serve as the primary bug detection Oracle during automated testing.
They "crash" the program gracefully and tell the fuzzer when and where a bug was
triggered. The most well-known sanitizer is ASan or AddressSanitizer which adds
redzones around memory objects to detect whenever an access is out-of-bounds.
MSan or …
Hypervisors power not just the cloud but are becoming a commodity in mobile
phones and desktops as well. They separate virtual machines from each
other, enabling strong isolation and security guarantees. In cloud environments,
hypervisors separate non-trusting virtual machines and an attacker may try to
compromise and gain access to …
Another year, another CCC. It's been a long road from Berlin to Leipzig and
Hamburg. Each year, I repeat the ritual of going to the "Kongress", the most
amazing hacker get together in the world. The Kongress is special, hackers of
all denominations meet, engage, hack, and enjoy a few …
2024 was an active year for the HexHive research group, marked by tireless
efforts to enhance the security of various complex systems. A key trend
throughout the year was the continued evolution of fuzzing research. Notably, we
observed a gradual shift away from general-purpose fuzzing as a primary research
focus …
Niklaus Wirth, known for his work on programming languages and systems, died on January 1st, 2024 (ETH Zurich).
Wirth was known for his work on programming languages and systems with a keen focus on simplicity and functionality for which he was awarded the 1984 Turing Award.
His most well-known language …