My #Fandango team at #FSE2025 / #ISSTA2025: Alexi Turcotte, Marius Smytzek, me, Pepe Zamudio, and Laura Plein. What is #Fandango? Watch this space on Thursday for our big 1.0 release announcement and/or attend Pepe‘s presentation on Friday 16:00!

Well, the proposal has nothing to do with lasers "a priori" but I'm sure some cool laser-related research would fit. A 100W laser is a great place to start, right? 🔦🔦🔦

And a blog entry by Gary Marcus on this topic: https://garymarcus.substack.com/p/a-knockout-blow-for-llms #ai #towersofhanoi #llm #lrm

@spaf congratulations to this well deserved promotion. Let's see what kind of mischief is next ;)

The slides for my OffensiveCon talk "Finding and Exploiting 20-year-old bugs in Web Browsers" https://docs.google.com/presentation/d/1pAosPlKUw4uI5lfg7FVheTZAtI5mUy8iDeE4znprV34/edit?usp=sharing

Last week, @epfl hosted LakeCTF, a major academic capture-the-flag competition with amazing challenges. Congrats to @polygl0ts for the flawless organization! I especially enjoyed the retro-challenges on real devices, especially hacking old basic interpreters! 👾👾👾 https://actu.epfl.ch/news/zer0rocketwrecks-has-won-lakectf-switzerland-s-top/

So many amazing papers at #IEEESSP Oakland'25 this year. Congratulations to all authors on your accepted papers and an amazing program overall.

This year, we had one paper "SoK: Challenges and Paths Toward Memory Safety for eBPF" where Kaiming Huang explores challenges in protecting the Linux kernel against bugs in the eBPF verifier. As it turns out, securing even a simple language is challenging and we need to carefully consider how optimizations are implemented. Check out the full paper for details: https://nebelwelt.net/files/25Oakland.pdf

Sadly, I could not make it to San Francisco this year. Luckily my alternative program to go hike with the kids was not too bad either!

Today I received my first spear phishing attempt with a great context and reasonable request. 🤩🤩🤩 Does that mean I'm important now?

These two selfies are less than 24hrs and less than 50km apart from each other. One of the reasons why I love #EPFL and Switzerland

@cryxli merci! einen Gruss in die Region um Bern!

The universe is sending a very clear signal that I should stay TF out of France. Flight cancelled after 3hr delay and we ended up driving all night because no flights or trains were available the next three days. Thanks #easyjet

@cshentrup a smart car is not necessarily a self driving car. I'm OK with self driving cars but don't want them to be continuously connected to the internet and broadcasting my location.

@twomikecharlie

Bugs in the hypervisor is a reference to EL3XIR that I introduced with a Gandalf meme
Vulnerable communication APIs is a reference to GlobalConfusion (Global and Confusion)
Forgetting rollback is a reference to Spill the TeA (teapot)
Unsafe allocators... is a reference to books = heap and fire shit is burning
The bread for libraries is a reference to the Elven bread (lemba/scram). In the talk they made sense and hint back at the storyline ;)

The #THcon organizers suggested that I take a hotel in the city center and commute to the conference. In spite of bad past experiences in every major city in France, I took their advice and learned why Toulouse does not have a problem with transport strikes: they got rid of the conductors!

What great fun to speak at #THCON2025 in Toulouse and present some of the #HexHive research on Android (in-)security. Find me if you want to nerd out about fuzzing, system mitigations, and any insecure components.

In Switzerland we take our security and our pocket knives seriously. That's why you can buy pocket knives right before boarding at Geneva airport. 🗡️🛫

What a great time at the #NDSS Symposium in beautiful San Diego. While it is always about meeting friends, catching up on projects, discussing new and exciting research and looking for potential collaborations, the #HexHive lab also had the pleasure to present a total of four research papers at this conference --- and we received two distinguished paper awards!

Check out the blog post with a discussion of the papers and some key takeaways at: https://nebelwelt.net/blog/2025/0227-ndss.html

@lavados between 6:00 and 6:30 at the waterfront?

Some life lessons from an amazing researcher after an extensive career across several topics in systems and architecture: family and friendships first, it's about the people; in research follow your passion and pick the important problems! https://dl.acm.org/doi/10.1145/3637905

I'm on my way to San Diego for Internet Society's yearly Symposium on Networked and Distributed Systems. If you're around, reach out and ping me if you want to go for a run along the beach in the morning! 🏃 #NDSS25