Sebastian Osterlund

PhD student, VUSec (VU University)

About speaker

His interests include memory safety, operating systems defenses, and Fuzzing. Previously he has worked on kMVX, a comprehensive kernel defense against information leaks using multi-variant execution, and more recently has worked on finding software bugs through directed fuzzing.

June 17
15:00 — 16:00
First Track
English
Speculative execution bugs in modern CPUs popped up out of nowhere, but the worst of the nightmare seems to be mitigated. We destroy these mitigations by taking a skeptical look at their assumptions, and reveal that unprivileged userspace applications can steal data by simply ignoring security boundaries — after all, what do address spaces and privilege levels mean to Intel’s CPU pipeline?