- See Also
- Gwern
-
Links
- “The Strange Journey of John Lennon’s Stolen Patek Philippe Watch: For Decades, Yoko Ono Thought That the Birthday Gift Was in Her Dakota Apartment. But It Had Been Removed and Sold—And Now Awaits a Court Ruling in Geneva”, Fielden 2024
- “Designing a Dashboard for Transparency and Control of Conversational AI”, Chen et al 2024
- “He West Coast’s Fanciest Stolen Bikes Are Getting Trafficked by One Mastermind in Jalisco, Mexico: ‘We Have People Stealing All over the World.’ A Digital Sleuth Named Bryan Hance Has Spent the past Four Years Obsessively Uncovering a Bicycle-Theft Pipeline of Astonishing Scale”, Solomon 2024
- “AI Sandbagging: Language Models Can Strategically Underperform on Evaluations”, Weij et al 2024
- “The Instruction Hierarchy: Training LLMs to Prioritize Privileged Instructions”, Wallace et al 2024
- “Foundational Challenges in Assuring Alignment and Safety of Large Language Models”, Anwar et al 2024
- “Vulnerability Detection With Code Language Models: How Far Are We?”, Ding et al 2024
- “The NSA Warns That US Adversaries Free to Mine Private Data May Have an AI Edge: Gilbert Herrera, Who Leads Research at the National Security Agency, Says Large Language Models Are Incredibly Useful—And a Bit of a Headache—For America’s Intelligence Machine”, Knight 2024
- “Exploiting Novel GPT-4 APIs”, Pelrine et al 2023
- “Did I Get Sam Altman Fired from OpenAI?: Nathan’s Red-Teaming Experience, Noticing How the Board Was Not Aware of GPT-4 Jailbreaks & Had Not Even Tried GPT-4 prior to Its Early Release”, Labenz 2023
- “Did I Get Sam Altman Fired from OpenAI? § GPT-4-Base”, Labenz 2023
- “Summon a Demon and Bind It: A Grounded Theory of LLM Red Teaming in the Wild”, Inie et al 2023
- “Tensor Trust: Interpretable Prompt Injection Attacks from an Online Game”, Toyer et al 2023
- “InCharacter: Evaluating Personality Fidelity in Role-Playing Agents through Psychological Interviews”, Wang et al 2023
- “Beyond Memorization: Violating Privacy Via Inference With Large Language Models”, Staab et al 2023
- “Demystifying RCE Vulnerabilities in LLM-Integrated Apps”, Liu et al 2023
- “Devising and Detecting Phishing: Large Language Models vs. Smaller Human Models”, Heiding et al 2023
- “How Correlated Are You?”, Downey 2023
- “The Ghost Trilemma”, Mukherjee et al 2023
- “An Empirical Study & Evaluation of Modern CAPTCHAs”, Searles et al 2023
- “PIGEON: Predicting Image Geolocations”, Haas et al 2023
- “Artificial Artificial Artificial Intelligence: Crowd Workers Widely Use Large Language Models for Text Production Tasks”, Veselovsky et al 2023
- “Putting out the Hardware Dumpster Fire”, Fiedler et al 2023
- “Generalizable Synthetic Image Detection via Language-Guided Contrastive Learning”, Wu et al 2023
- “Large Language Models Can Be Used To Effectively Scale Spear Phishing Campaigns”, Hazell 2023
- “Dark Web Pedophile Site Users' Cybersecurity Concerns: A Lifespan and Survival Analysis”, Chopin & Décary-Hétu 2023
- “How Secure Is Code Generated by ChatGPT?”, Khoury et al 2023
- “Generative AI: Impact on Email Cyber-Attacks”, DarkTrace 2023
- “Protecting Society from AI Misuse: When Are Restrictions on Capabilities Warranted?”, Anderljung & Hazell 2023
- “ThermoSecure: Investigating the Effectiveness of AI-Driven Thermal Attacks on Commonly Used Computer Keyboards”, Alotaibi et al 2023
- “Not What You’ve Signed up For: Compromising Real-World LLM-Integrated Applications With Indirect Prompt Injection”, Greshake et al 2023
- “Facial Misrecognition Systems: Simple Weight Manipulations Force DNNs to Err Only on Specific Persons”, Zehavi & Shamir 2023
- “EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers”, Mahdad et al 2022
- “Fill in the Blank: Context-Aware Automated Text Input Generation for Mobile GUI Testing”, Liu et al 2022
- “Familial Concentration of Crime in a Digital Era: Criminal Behavior among Family Members of Cyber Offenders”, Weijer & Moneva 2022
- “Do Users Write More Insecure Code With AI Assistants?”, Perry et al 2022
- “Rickrolling the Artist: Injecting Invisible Backdoors into Text-Guided Image Generation Models”, Struppek et al 2022
- “BTD: Decompiling X86 Deep Neural Network Executables”, Liu et al 2022
- “Uber Apparently Hacked by Teen, Employees Thought It Was a Joke: ‘I Think IT Would Appreciate Less Memes While They Handle the Breach’”, Porter 2022
- “Scammers Created an AI Hologram of Me to Scam Unsuspecting Projects”, Hillmann 2022
- “Adversarial Attacks on Image Generation With Made-Up Words”, Millière 2022
- “SATAn: Air-Gap Exfiltration Attack via Radio Signals From SATA Cables”, Guri 2022
- “Private Eye: On the Limits of Textual Screen Peeking via Eyeglass Reflections in Video Conferencing”, Long et al 2022
- “Apple and Meta Gave User Data to Hackers Who Used Forged Legal Requests: Hackers Compromised the Emails of Law Enforcement Agencies; Data Was Used to Enable Harassment, May Aid Financial Fraud”, Turton 2022
- “Hackers Gaining Power of Subpoena Via Fake ‘Emergency Data Requests’”, Krebs 2022
- “Pop Quiz! Can a Large Language Model Help With Reverse Engineering?”, Pearce et al 2022
- “Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on X86”, Wang et al 2022d
- “Privacy and Information Avoidance: An Experiment on Data-Sharing Preferences”, Svirsky 2022
- “High Tech Crime, High Intellectual Crime? Comparing the Intellectual Capabilities of Cybercriminals, Traditional Criminals and Non-Criminals”, Schiks et al 2022
- “A Deep Dive into an NSO Zero-Click IMessage Exploit: Remote Code Execution”, Beer & Groß 2021
- “Glowworm Attack: Optical TEMPEST Sound Recovery via a Device’s Power Indicator LED”, Nassi et al 2021
- “EvilModel: Hiding Malware Inside of Neural Network Models”, Wang et al 2021
- “The Mongolian Meta”, kommu & dylandank 2021
- “Intrinsic Propensity for Vulnerability in Computers? Arbitrary Code Execution in the Universal Turing Machine”, Johnson 2021
- “AIR-FI: Generating Covert Wi-Fi Signals from Air-Gapped Computers”, Guri 2020
- “I Know What You Bought At Chipotle for $9.81 by Solving A Linear Inverse Problem”, Fleder & Shah 2020
- “A C/C++ Code Vulnerability Dataset With Code Changes and CVE Summaries”, Fan et al 2020
- “The Relevance of Classic Fuzz Testing: Have We Solved This One?”, Miller et al 2020
- “Lamphone: Real-Time Passive Sound Recovery from Light Bulb Vibrations”, Nassi et al 2020
- “Revisiting RowHammer: An Experimental Analysis of Modern DRAM Devices and Mitigation Techniques”, Kim et al 2020
- “IJON: Exploring Deep State Spaces via Fuzzing”, Aschermann et al 2020
- “Psychic Paper”, Siguza 2020
- “What Does Your Gaze Reveal About You? On the Privacy Implications of Eye Tracking”, Kröger et al 2020
- “Listen to Your Key: Towards Acoustics-Based Physical Key Inference”, Ramesh et al 2020
- “Getting Over It Developer Reacts to 1 Minute 24 Second Speedrun”, Foddy/a 2020 {#foddy/a-2020-Section}
- “The Voluntariness of Voluntary Consent: Consent Searches and the Psychology of Compliance”, Sommers & Bohns 2019
- “Hearing Your Touch: A New Acoustic Side Channel on Smartphones”, Shumailov et al 2019
- “Spectre Is Here to Stay: An Analysis of Side-Channels and Speculative Execution”, Mcilroy et al 2019
- “V-Fuzz: Vulnerability-Oriented Evolutionary Fuzzing”, Li et al 2019
- “Privacy Implications of Accelerometer Data: a Review of Possible Inferences”, Kröger et al 2019
- “ExSpectre: Hiding Malware in Speculative Execution”, Wampler 2019
- “Best Practices: Formal Proofs, the Fine Print and Side Effects”, Murray & Oorschot 2018
- “SonarSnoop: Active Acoustic Side-Channel Attacks”, Cheng et al 2018
- “Chaff Bugs: Deterring Attackers by Making Software Buggier”, Hu et al 2018
- “Bad Romance: To Cash in on Kindle Unlimited, a Cabal of Authors Gamed Amazon’s Algorithm”, Jeong 2018
- “Kindle Unlimited Book Stuffing Scam Earns Millions and Amazon Isn’t Stopping It: Book Stuffer Chance Carter Is Gone. But Readers Are Still Paying for Books That Are 90% Filler.”, Zetlin 2018
- “Security, Moore’s Law, and the Anomaly of Cheap Complexity”, Flake 2018
- “Understanding the Behavior of Hackers While Performing Attack Tasks in a Professional Setting and in a Public Challenge”, Ceccato et al 2018
- “Learning to Evade Static PE Machine Learning Malware Models via Reinforcement Learning”, Anderson et al 2018
- “Deep Reinforcement Fuzzing”, Böttinger et al 2018
- “Weird Machines, Exploitability, and Provable Unexploitability”, Dullien 2017
- “The Future of Ad Blocking: An Analytical Framework and New Techniques”, Storey et al 2017
- “Hyper-Realistic Face Masks: a New Challenge in Person Identification”, Sanders et al 2017
- “Join Me on a Market for Anonymity”, Moser & Böhme 2016
- “The Search for the Perfect Door”, Ollam 2016
- “When Coding Style Survives Compilation: De-Anonymizing Programmers from Executable Binaries”, Caliskan et al 2015
- “Microsoft Sheds Reputation As an Easy Mark for Hackers”, Wingfield 2015
- “Antikernel: A Decentralized Secure Hardware-Software Operating System Architecture”, Zonenberg 2015
- “What Are Weird Machines?”, Bratus 2015
- “Bloom Filter Applications in Network Security: A State-Of-The-Art Survey”, Geravand & Ahmadi 2013
- “The Page-Fault Weird Machine: Lessons in Instruction-Less Computation”, Bangert 2013
- “Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on Fon-Iks”, White et al 2011
- “Exploration of FPGA Interconnect for the Design of Unconventional Antennas”, Tavaragiri et al 2011
- “Exploitation and State Machines: Programming the ‘Weird Machine’ Revisited”, Flake 2011
- “Digital Image Forensics: a Booklet for Beginners”, Redi et al 2010
- “Feasibility and Real-World Implications of Web Browser History Detection”, Janc & Olejnik 2010
- “Mining Writeprints from Anonymous E-Mails for Forensic Investigation”, Iqbal 2010
- “De-Anonymizing Social Networks”, Narayanan & Shmatikov 2009
- “The Tactical Amulet Extraction Bot: Predicting and Controlling NetHack's Randomness”
- “Why I’m Not an Entropist”, Syverson 2009
- “Orangutans, Resistance and the Zoo”, Hribal 2008
- “A Case Study of Preferential Bestiality”, Earls & Lalumière 2007
- “Exposing Private Information by Timing Web Applications”, Bortz 2007
- “How To Break Anonymity of the Netflix Prize Dataset”, Narayanan & Shmatikov 2006
- “Oral History of Butler Lampson § WWW”, Lampson & Kay 2006 (page 36)
- “Remote Physical Device Fingerprinting”, Kohno 2005
- “Toward a Broader View of Security Protocols”, Blaze 2004
- “Privacy, Economics, and Price Discrimination on the Internet”, Odlyzko 2003
- “30 Years Later: Lessons from the Multics Security Evaluation”, Karger & Schell 2002
- “Timing Attacks on Web Privacy”, Felten & Schneider 2000
- “An Evolved Circuit, Intrinsic in Silicon, Entwined With Physics”, Thompson 1997
- “An Empirical Study of the Reliability of UNIX Utilities”, Miller et al 1990
- “FRACTRAN: A Simple Universal Programming Language for Arithmetic”, Conway 1987
- “Secrets of the Little Blue Box: A Story so Incredible It May Even Make You Feel Sorry for the Phone Company”, Rosenbaum 1971
- “A Small Lathe Built in a Japanese Prison Camp”, Bradley 1949
- “Scunthorpe”, Sandberg 2024
- “StarCraft: Remastered—Emulating a Buffer Overflow for Fun and Profit”
- “Stargate Physics 101”
- “Gyrophone: Recognizing Speech From Gyroscope Signals”, Michalevsky 2024
- “An Informal Review of CTF Abuse”
- “Pulling JPEGs out of Thin Air”
- “Trusted Third Parties Are Security Holes”, Szabo 2024
- “Control-Flow Bending: On the Effectiveness of Control-Flow Integrity”
- “Why I Attack”, Carlini 2024
- “Furiosa’s Cat Feeder: The Trick Is to Be Smarter Than the Animal With a Brain the Size of a Walnut”
- “Inside the NSA’s Secret Efforts to Hunt and Hack System Administrators”
- “An Open Letter to Netflix from the Authors of the De-Anonymization Paper”
- “Security Mindset: Lessons from 20+ Years of Software Security Failures Relevant to AGI Alignment”
- “Language Models Model Us”
- “Appendix F: Personal Observations on the Reliability of the Shuttle”
- “Microsoft Refused to Fix Flaw Years Before SolarWinds Hack”
- “AI Will Increase the Quantity—And Quality—Of Phishing Scams”
- “How Mario 64 Was Solved Using Parallel Universes—Super Mario 64 Tool-Assisted Speedrun Explained”
- “Cryptoleaks: How BND and CIA Deceived Everyone: Research by ZDF, Washington Post and SRF Shows How the BND and CIA Secretly Spy on States—And Concealed Gross Human Rights Violations.”
- “Sufficiently Advanced Testing”
- Sort By Magic
- Wikipedia
- Miscellaneous
- Link Bibliography
See Also
Gwern
“Research Ideas”, Gwern 2017
“On Seeing Through and Unseeing: The Hacker Mindset”, Gwern 2012
Links
“The Strange Journey of John Lennon’s Stolen Patek Philippe Watch: For Decades, Yoko Ono Thought That the Birthday Gift Was in Her Dakota Apartment. But It Had Been Removed and Sold—And Now Awaits a Court Ruling in Geneva”, Fielden 2024
“Designing a Dashboard for Transparency and Control of Conversational AI”, Chen et al 2024
Designing a Dashboard for Transparency and Control of Conversational AI
“He West Coast’s Fanciest Stolen Bikes Are Getting Trafficked by One Mastermind in Jalisco, Mexico: ‘We Have People Stealing All over the World.’ A Digital Sleuth Named Bryan Hance Has Spent the past Four Years Obsessively Uncovering a Bicycle-Theft Pipeline of Astonishing Scale”, Solomon 2024
“AI Sandbagging: Language Models Can Strategically Underperform on Evaluations”, Weij et al 2024
AI Sandbagging: Language Models can Strategically Underperform on Evaluations
“The Instruction Hierarchy: Training LLMs to Prioritize Privileged Instructions”, Wallace et al 2024
The Instruction Hierarchy: Training LLMs to Prioritize Privileged Instructions
“Foundational Challenges in Assuring Alignment and Safety of Large Language Models”, Anwar et al 2024
Foundational Challenges in Assuring Alignment and Safety of Large Language Models
“Vulnerability Detection With Code Language Models: How Far Are We?”, Ding et al 2024
Vulnerability Detection with Code Language Models: How Far Are We?
“The NSA Warns That US Adversaries Free to Mine Private Data May Have an AI Edge: Gilbert Herrera, Who Leads Research at the National Security Agency, Says Large Language Models Are Incredibly Useful—And a Bit of a Headache—For America’s Intelligence Machine”, Knight 2024
“Exploiting Novel GPT-4 APIs”, Pelrine et al 2023
“Did I Get Sam Altman Fired from OpenAI?: Nathan’s Red-Teaming Experience, Noticing How the Board Was Not Aware of GPT-4 Jailbreaks & Had Not Even Tried GPT-4 prior to Its Early Release”, Labenz 2023
“Did I Get Sam Altman Fired from OpenAI? § GPT-4-Base”, Labenz 2023
“Summon a Demon and Bind It: A Grounded Theory of LLM Red Teaming in the Wild”, Inie et al 2023
Summon a Demon and Bind it: A Grounded Theory of LLM Red Teaming in the Wild
“Tensor Trust: Interpretable Prompt Injection Attacks from an Online Game”, Toyer et al 2023
Tensor Trust: Interpretable Prompt Injection Attacks from an Online Game
“InCharacter: Evaluating Personality Fidelity in Role-Playing Agents through Psychological Interviews”, Wang et al 2023
InCharacter: Evaluating Personality Fidelity in Role-Playing Agents through Psychological Interviews
“Beyond Memorization: Violating Privacy Via Inference With Large Language Models”, Staab et al 2023
Beyond Memorization: Violating Privacy Via Inference with Large Language Models
“Demystifying RCE Vulnerabilities in LLM-Integrated Apps”, Liu et al 2023
“Devising and Detecting Phishing: Large Language Models vs. Smaller Human Models”, Heiding et al 2023
Devising and Detecting Phishing: Large Language Models vs. Smaller Human Models
“How Correlated Are You?”, Downey 2023
“The Ghost Trilemma”, Mukherjee et al 2023
“An Empirical Study & Evaluation of Modern CAPTCHAs”, Searles et al 2023
“PIGEON: Predicting Image Geolocations”, Haas et al 2023
“Artificial Artificial Artificial Intelligence: Crowd Workers Widely Use Large Language Models for Text Production Tasks”, Veselovsky et al 2023
“Putting out the Hardware Dumpster Fire”, Fiedler et al 2023
“Generalizable Synthetic Image Detection via Language-Guided Contrastive Learning”, Wu et al 2023
Generalizable Synthetic Image Detection via Language-guided Contrastive Learning
“Large Language Models Can Be Used To Effectively Scale Spear Phishing Campaigns”, Hazell 2023
Large Language Models Can Be Used To Effectively Scale Spear Phishing Campaigns
“Dark Web Pedophile Site Users' Cybersecurity Concerns: A Lifespan and Survival Analysis”, Chopin & Décary-Hétu 2023
Dark web pedophile site users' cybersecurity concerns: A lifespan and survival analysis:
View PDF:
“How Secure Is Code Generated by ChatGPT?”, Khoury et al 2023
“Generative AI: Impact on Email Cyber-Attacks”, DarkTrace 2023
Generative AI: Impact on Email Cyber-Attacks:
View PDF:
“Protecting Society from AI Misuse: When Are Restrictions on Capabilities Warranted?”, Anderljung & Hazell 2023
Protecting Society from AI Misuse: When are Restrictions on Capabilities Warranted?
“ThermoSecure: Investigating the Effectiveness of AI-Driven Thermal Attacks on Commonly Used Computer Keyboards”, Alotaibi et al 2023
“Not What You’ve Signed up For: Compromising Real-World LLM-Integrated Applications With Indirect Prompt Injection”, Greshake et al 2023
“Facial Misrecognition Systems: Simple Weight Manipulations Force DNNs to Err Only on Specific Persons”, Zehavi & Shamir 2023
“EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers”, Mahdad et al 2022
EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers
“Fill in the Blank: Context-Aware Automated Text Input Generation for Mobile GUI Testing”, Liu et al 2022
Fill in the Blank: Context-aware Automated Text Input Generation for Mobile GUI Testing
“Familial Concentration of Crime in a Digital Era: Criminal Behavior among Family Members of Cyber Offenders”, Weijer & Moneva 2022
“Do Users Write More Insecure Code With AI Assistants?”, Perry et al 2022
“Rickrolling the Artist: Injecting Invisible Backdoors into Text-Guided Image Generation Models”, Struppek et al 2022
Rickrolling the Artist: Injecting Invisible Backdoors into Text-Guided Image Generation Models
“BTD: Decompiling X86 Deep Neural Network Executables”, Liu et al 2022
“Uber Apparently Hacked by Teen, Employees Thought It Was a Joke: ‘I Think IT Would Appreciate Less Memes While They Handle the Breach’”, Porter 2022
“Scammers Created an AI Hologram of Me to Scam Unsuspecting Projects”, Hillmann 2022
Scammers Created an AI Hologram of Me to Scam Unsuspecting Projects
“Adversarial Attacks on Image Generation With Made-Up Words”, Millière 2022
“SATAn: Air-Gap Exfiltration Attack via Radio Signals From SATA Cables”, Guri 2022
SATAn: Air-Gap Exfiltration Attack via Radio Signals From SATA Cables
“Private Eye: On the Limits of Textual Screen Peeking via Eyeglass Reflections in Video Conferencing”, Long et al 2022
Private Eye: On the Limits of Textual Screen Peeking via Eyeglass Reflections in Video Conferencing
“Apple and Meta Gave User Data to Hackers Who Used Forged Legal Requests: Hackers Compromised the Emails of Law Enforcement Agencies; Data Was Used to Enable Harassment, May Aid Financial Fraud”, Turton 2022
“Hackers Gaining Power of Subpoena Via Fake ‘Emergency Data Requests’”, Krebs 2022
Hackers Gaining Power of Subpoena Via Fake ‘Emergency Data Requests’
“Pop Quiz! Can a Large Language Model Help With Reverse Engineering?”, Pearce et al 2022
Pop Quiz! Can a Large Language Model Help With Reverse Engineering?
“Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on X86”, Wang et al 2022d
Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86
“Privacy and Information Avoidance: An Experiment on Data-Sharing Preferences”, Svirsky 2022
Privacy and Information Avoidance: An Experiment on Data-Sharing Preferences
“High Tech Crime, High Intellectual Crime? Comparing the Intellectual Capabilities of Cybercriminals, Traditional Criminals and Non-Criminals”, Schiks et al 2022
“A Deep Dive into an NSO Zero-Click IMessage Exploit: Remote Code Execution”, Beer & Groß 2021
A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution
“Glowworm Attack: Optical TEMPEST Sound Recovery via a Device’s Power Indicator LED”, Nassi et al 2021
Glowworm Attack: Optical TEMPEST Sound Recovery via a Device’s Power Indicator LED
“EvilModel: Hiding Malware Inside of Neural Network Models”, Wang et al 2021
“The Mongolian Meta”, kommu & dylandank 2021
“Intrinsic Propensity for Vulnerability in Computers? Arbitrary Code Execution in the Universal Turing Machine”, Johnson 2021
“AIR-FI: Generating Covert Wi-Fi Signals from Air-Gapped Computers”, Guri 2020
AIR-FI: Generating Covert Wi-Fi Signals from Air-Gapped Computers
“I Know What You Bought At Chipotle for $9.81 by Solving A Linear Inverse Problem”, Fleder & Shah 2020
I Know What You Bought At Chipotle for $9.81 by Solving A Linear Inverse Problem
“A C/C++ Code Vulnerability Dataset With Code Changes and CVE Summaries”, Fan et al 2020
A C/C++ Code Vulnerability Dataset with Code Changes and CVE Summaries
“The Relevance of Classic Fuzz Testing: Have We Solved This One?”, Miller et al 2020
The Relevance of Classic Fuzz Testing: Have We Solved This One?
“Lamphone: Real-Time Passive Sound Recovery from Light Bulb Vibrations”, Nassi et al 2020
Lamphone: Real-Time Passive Sound Recovery from Light Bulb Vibrations
“Revisiting RowHammer: An Experimental Analysis of Modern DRAM Devices and Mitigation Techniques”, Kim et al 2020
Revisiting RowHammer: An Experimental Analysis of Modern DRAM Devices and Mitigation Techniques
“IJON: Exploring Deep State Spaces via Fuzzing”, Aschermann et al 2020
“Psychic Paper”, Siguza 2020
“What Does Your Gaze Reveal About You? On the Privacy Implications of Eye Tracking”, Kröger et al 2020
What Does Your Gaze Reveal About You? On the Privacy Implications of Eye Tracking
“Listen to Your Key: Towards Acoustics-Based Physical Key Inference”, Ramesh et al 2020
Listen to Your Key: Towards Acoustics-based Physical Key Inference
“Getting Over It Developer Reacts to 1 Minute 24 Second Speedrun”, Foddy/a 2020 {#foddy/a-2020-Section}
Getting Over It Developer Reacts to 1 Minute 24 Second Speedrun
“The Voluntariness of Voluntary Consent: Consent Searches and the Psychology of Compliance”, Sommers & Bohns 2019
The Voluntariness of Voluntary Consent: Consent Searches and the Psychology of Compliance
“Hearing Your Touch: A New Acoustic Side Channel on Smartphones”, Shumailov et al 2019
Hearing your touch: A new acoustic side channel on smartphones
“Spectre Is Here to Stay: An Analysis of Side-Channels and Speculative Execution”, Mcilroy et al 2019
Spectre is here to stay: An analysis of side-channels and speculative execution
“V-Fuzz: Vulnerability-Oriented Evolutionary Fuzzing”, Li et al 2019
“Privacy Implications of Accelerometer Data: a Review of Possible Inferences”, Kröger et al 2019
Privacy implications of accelerometer data: a review of possible inferences
“ExSpectre: Hiding Malware in Speculative Execution”, Wampler 2019
“Best Practices: Formal Proofs, the Fine Print and Side Effects”, Murray & Oorschot 2018
Best Practices: Formal Proofs, the Fine Print and Side Effects
“SonarSnoop: Active Acoustic Side-Channel Attacks”, Cheng et al 2018
“Chaff Bugs: Deterring Attackers by Making Software Buggier”, Hu et al 2018
“Bad Romance: To Cash in on Kindle Unlimited, a Cabal of Authors Gamed Amazon’s Algorithm”, Jeong 2018
Bad romance: To cash in on Kindle Unlimited, a cabal of authors gamed Amazon’s algorithm
“Kindle Unlimited Book Stuffing Scam Earns Millions and Amazon Isn’t Stopping It: Book Stuffer Chance Carter Is Gone. But Readers Are Still Paying for Books That Are 90% Filler.”, Zetlin 2018
“Security, Moore’s Law, and the Anomaly of Cheap Complexity”, Flake 2018
“Understanding the Behavior of Hackers While Performing Attack Tasks in a Professional Setting and in a Public Challenge”, Ceccato et al 2018
“Learning to Evade Static PE Machine Learning Malware Models via Reinforcement Learning”, Anderson et al 2018
Learning to Evade Static PE Machine Learning Malware Models via Reinforcement Learning
“Deep Reinforcement Fuzzing”, Böttinger et al 2018
“Weird Machines, Exploitability, and Provable Unexploitability”, Dullien 2017
Weird machines, exploitability, and provable unexploitability
“The Future of Ad Blocking: An Analytical Framework and New Techniques”, Storey et al 2017
The Future of Ad Blocking: An Analytical Framework and New Techniques
“Hyper-Realistic Face Masks: a New Challenge in Person Identification”, Sanders et al 2017
Hyper-realistic face masks: a new challenge in person identification
“Join Me on a Market for Anonymity”, Moser & Böhme 2016
“The Search for the Perfect Door”, Ollam 2016
“When Coding Style Survives Compilation: De-Anonymizing Programmers from Executable Binaries”, Caliskan et al 2015
When Coding Style Survives Compilation: De-anonymizing Programmers from Executable Binaries
“Microsoft Sheds Reputation As an Easy Mark for Hackers”, Wingfield 2015
“Antikernel: A Decentralized Secure Hardware-Software Operating System Architecture”, Zonenberg 2015
Antikernel: A decentralized secure hardware-software operating system architecture
“What Are Weird Machines?”, Bratus 2015
“Bloom Filter Applications in Network Security: A State-Of-The-Art Survey”, Geravand & Ahmadi 2013
Bloom filter applications in network security: A state-of-the-art survey
“The Page-Fault Weird Machine: Lessons in Instruction-Less Computation”, Bangert 2013
The Page-Fault Weird Machine: Lessons in Instruction-less Computation:
“Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on Fon-Iks”, White et al 2011
Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on Fon-iks
“Exploration of FPGA Interconnect for the Design of Unconventional Antennas”, Tavaragiri et al 2011
Exploration of FPGA interconnect for the design of unconventional antennas
“Exploitation and State Machines: Programming the ‘Weird Machine’ Revisited”, Flake 2011
Exploitation and State Machines: Programming the ‘Weird Machine’ Revisited:
View PDF:
“Digital Image Forensics: a Booklet for Beginners”, Redi et al 2010
“Feasibility and Real-World Implications of Web Browser History Detection”, Janc & Olejnik 2010
Feasibility and Real-World Implications of Web Browser History Detection:
“Mining Writeprints from Anonymous E-Mails for Forensic Investigation”, Iqbal 2010
Mining writeprints from anonymous e-mails for forensic investigation:
“De-Anonymizing Social Networks”, Narayanan & Shmatikov 2009
“The Tactical Amulet Extraction Bot: Predicting and Controlling NetHack's Randomness”
The Tactical Amulet Extraction Bot: Predicting and controlling NetHack's randomness
“Why I’m Not an Entropist”, Syverson 2009
“Orangutans, Resistance and the Zoo”, Hribal 2008
“A Case Study of Preferential Bestiality”, Earls & Lalumière 2007
“Exposing Private Information by Timing Web Applications”, Bortz 2007
“How To Break Anonymity of the Netflix Prize Dataset”, Narayanan & Shmatikov 2006
“Oral History of Butler Lampson § WWW”, Lampson & Kay 2006 (page 36)
“Remote Physical Device Fingerprinting”, Kohno 2005
“Toward a Broader View of Security Protocols”, Blaze 2004
“Privacy, Economics, and Price Discrimination on the Internet”, Odlyzko 2003
Privacy, Economics, and Price Discrimination on the Internet:
“30 Years Later: Lessons from the Multics Security Evaluation”, Karger & Schell 2002
30 years later: lessons from the Multics security evaluation
“Timing Attacks on Web Privacy”, Felten & Schneider 2000
“An Evolved Circuit, Intrinsic in Silicon, Entwined With Physics”, Thompson 1997
An evolved circuit, intrinsic in silicon, entwined with physics
“An Empirical Study of the Reliability of UNIX Utilities”, Miller et al 1990
“FRACTRAN: A Simple Universal Programming Language for Arithmetic”, Conway 1987
FRACTRAN: A Simple Universal Programming Language for Arithmetic
“Secrets of the Little Blue Box: A Story so Incredible It May Even Make You Feel Sorry for the Phone Company”, Rosenbaum 1971
“A Small Lathe Built in a Japanese Prison Camp”, Bradley 1949
“Scunthorpe”, Sandberg 2024
“StarCraft: Remastered—Emulating a Buffer Overflow for Fun and Profit”
StarCraft: Remastered—Emulating a buffer overflow for fun and profit:
“Stargate Physics 101”
“Gyrophone: Recognizing Speech From Gyroscope Signals”, Michalevsky 2024
“An Informal Review of CTF Abuse”
“Pulling JPEGs out of Thin Air”
“Trusted Third Parties Are Security Holes”, Szabo 2024
“Control-Flow Bending: On the Effectiveness of Control-Flow Integrity”
Control-Flow Bending: On the Effectiveness of Control-Flow Integrity:
“Why I Attack”, Carlini 2024
“Furiosa’s Cat Feeder: The Trick Is to Be Smarter Than the Animal With a Brain the Size of a Walnut”
Furiosa’s Cat Feeder: The trick is to be smarter than the animal with a brain the size of a walnut:
View External Link:
“Inside the NSA’s Secret Efforts to Hunt and Hack System Administrators”
Inside the NSA’s Secret Efforts to Hunt and Hack System Administrators
“An Open Letter to Netflix from the Authors of the De-Anonymization Paper”
An open letter to Netflix from the authors of the de-anonymization paper:
“Security Mindset: Lessons from 20+ Years of Software Security Failures Relevant to AGI Alignment”
Security Mindset: Lessons from 20+ years of Software Security Failures Relevant to AGI Alignment:
View External Link:
“Language Models Model Us”
“Appendix F: Personal Observations on the Reliability of the Shuttle”
Appendix F: Personal Observations on the Reliability of the Shuttle
“Microsoft Refused to Fix Flaw Years Before SolarWinds Hack”
“AI Will Increase the Quantity—And Quality—Of Phishing Scams”
“How Mario 64 Was Solved Using Parallel Universes—Super Mario 64 Tool-Assisted Speedrun Explained”
How Mario 64 was solved using parallel universes—Super Mario 64 Tool-Assisted Speedrun Explained:
“Cryptoleaks: How BND and CIA Deceived Everyone: Research by ZDF, Washington Post and SRF Shows How the BND and CIA Secretly Spy on States—And Concealed Gross Human Rights Violations.”
“Sufficiently Advanced Testing”
Sort By Magic
Annotations sorted by machine learning into inferred 'tags'. This provides an alternative way to browse: instead of by date order, one can browse in topic order. The 'sorted' list has been automatically clustered into multiple sections & auto-labeled for easier browsing.
Beginning with the newest annotation, it uses the embedding of each annotation to attempt to create a list of nearest-neighbor annotations, creating a progression of topics. For more details, see the link.
cybercrime
gpt-security
backdoors-integration
fuzzing
Wikipedia
Miscellaneous
-
/doc/cs/security/2023-fiedler-figure1-usingthecomputersonasystemonchiptoattackeachother.png: -
/doc/cs/security/2012-02-12-arvindnarayanan-iswritingstylesufficienttodeanonymizematerialonline.html: -
/doc/ai/2003-11-07-clayshirky-thesemanticwebsyllogismandworldview.html -
/doc/cs/security/2001-12-02-treginaldgibbons-isyoursonacomputerhacker.html: -
/doc/cs/security/lobel-frogandtoadtogether-thebox-crop.jpg: -
http://itre.cis.upenn.edu/~myl/languagelog/archives/003289.html: -
http://www.ranum.com/security/computer_security/editorials/dumb/: -
https://awesomekling.substack.com/p/fuzzing-ladybird-with-tools-from -
https://binarly.io/posts/The_Far_Reaching_Consequences_of_LogoFAIL/: -
https://blog.trailofbits.com/2023/02/14/curl-audit-fuzzing-libcurl-command-line-interface/: -
https://cacm.acm.org/magazines/2023/6/273222-the-silent-revolution-of-sat/fulltext: -
https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/ -
https://dropbox.tech/machine-learning/prompt-injection-with-control-characters-openai-chatgpt-llm -
https://engineering.atspotify.com/2013/06/creative-usernames/ -
https://erights.medium.com/norm-hardys-place-in-history-cecf191df641 -
https://flak.tedunangst.com/post/a-brief-history-of-one-line-fixes: -
https://flak.tedunangst.com/post/rethinking-openbsd-security: -
https://medium.com/tenable-techblog/g-3po-a-protocol-droid-for-ghidra-4b46fa72f1ff -
https://micahflee.com/2023/04/capturing-the-flag-with-gpt-4/ -
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34718: -
https://official-kircheis.tumblr.com/post/682013772643254272/jadagul-prokopetz-repost-this-image: -
https://openai.com/index/openai-appoints-retired-us-army-general/ -
https://pluralistic.net/2024/02/05/cyber-dunning-kruger/#swiss-cheese-security -
https://promptarmor.substack.com/p/data-exfiltration-from-writercom -
https://research.checkpoint.com/2023/opwnai-cybercriminals-starting-to-use-chatgpt/: -
https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/: -
https://securelist.com/satellite-turla-apt-command-and-control-in-the-sky/72081/ -
https://security.googleblog.com/2023/08/ai-powered-fuzzing-breaking-bug-hunting.html -
https://semiengineering.com/uneven-circuit-aging-becoming-a-bigger-problem/ -
https://simonwillison.net/2023/Apr/14/worst-that-can-happen/ -
https://simonwillison.net/2023/Oct/14/multi-modal-prompt-injection/ -
https://taskandpurpose.com/culture/realistic-aerial-combat-movie-patlabor-2/ -
https://tedium.co/2023/07/19/tamper-evident-jar-safety-button-history/ -
https://thezvi.substack.com/p/jailbreaking-the-chatgpt-on-release -
https://tracebit.com/blog/2024/02/finding-aws-account-id-of-any-s3-bucket/ -
https://verse.systems/blog/post/2024-03-09-using-llms-to-generate-fuzz-generators/ -
https://www.astralcodexten.com/p/perhaps-it-is-a-bad-thing-that-the -
https://www.brightball.com/articles/waste-spammers-time-to-reduce-their-return-on-investment -
https://www.cerias.purdue.edu/site/blog/post/reflecting_on_the_internet_worm_at_35/ -
https://www.chargebackstop.com/blog/card-networks-exploitation -
https://www.da.vidbuchanan.co.uk/blog/exploiting-acropalypse.html -
https://www.gq.com/story/worlds-greatest-jailbreak-artist-redoine-faid: -
https://www.ietf.org/archive/id/draft-farrell-tenyearsafter-00.html -
https://www.juliansanchez.com/2009/12/08/the-redactors-dilemma/ -
https://www.lesswrong.com/posts/KSroBnxCHodGmPPJ8/jailbreaking-gpt-4-s-code-interpreter -
https://www.lesswrong.com/posts/pNcFYZnPdXyL2RfgA/using-gpt-eliezer-against-chatgpt-jailbreaking -
https://www.lesswrong.com/posts/ukTLGe5CQq9w8FMne/inducing-unprompted-misalignment-in-llms -
https://www.newyorker.com/news/annals-of-inquiry/how-to-find-a-missing-person-with-dementia -
https://www.nplusonemag.com/issue-19/essays/chat-wars/:View External Link:
-
https://www.nytimes.com/2014/08/12/upshot/heres-why-stealing-cars-went-out-of-fashion.html -
https://www.reddit.com/r/ChatGPT/comments/10tevu1/new_jailbreak_proudly_unveiling_the_tried_and/ -
https://www.reddit.com/r/ChatGPT/comments/zzgm8u/to_the_folk_at_openai_browsing_this_sub/ -
https://www.reddit.com/r/GPT3/comments/10wp00c/im_not_playing_with_dan_anymore/: -
https://www.reddit.com/r/GPT3/comments/zb4msc/speaking_to_chatgpt_in_perfect_danish_while_it/: -
https://www.reddit.com/r/ProgrammerHumor/comments/145nduh/kiss/ -
https://www.reddit.com/r/slatestarcodex/comments/18illkw/amazing_story_from_dominic_cummings_blog/: -
https://www.schneier.com/blog/archives/2023/04/llms-and-phishing.html: -
https://www.schneier.com/essays/archives/2000/04/the_process_of_secur.html: -
https://www.thecut.com/article/amazon-scam-call-ftc-arrest-warrants.html -
https://www.vice.com/en/article/k7z8be/torswats-computer-generated-ai-voice-swatting -
https://www.wired.com/story/alan-filion-torswats-swatting-arrest/: -
https://www.wired.com/story/hacker-honeypot-go-secure/:View External Link:
-
https://www.wired.com/story/mirai-untold-story-three-young-hackers-web-killing-monster/:
Link Bibliography
-
https://www.newyorker.com/magazine/2024/06/24/the-strange-journey-of-john-lennons-stolen-patek-phillippe-watch: “The Strange Journey of John Lennon’s Stolen Patek Philippe Watch: For Decades, Yoko Ono Thought That the Birthday Gift Was in Her Dakota Apartment. But It Had Been Removed and Sold—And Now Awaits a Court Ruling in Geneva”, -
https://arxiv.org/abs/2406.07882: “Designing a Dashboard for Transparency and Control of Conversational AI”, -
https://arxiv.org/abs/2406.07358: “AI Sandbagging: Language Models Can Strategically Underperform on Evaluations”, -
https://arxiv.org/abs/2403.18624: “Vulnerability Detection With Code Language Models: How Far Are We?”, -
https://www.wired.com/story/fast-forward-nsa-warns-us-adversaries-private-data-ai-edge/: “The NSA Warns That US Adversaries Free to Mine Private Data May Have an AI Edge: Gilbert Herrera, Who Leads Research at the National Security Agency, Says Large Language Models Are Incredibly Useful—And a Bit of a Headache—For America’s Intelligence Machine”, -
https://cognitiverevolution.substack.com/p/did-i-get-sam-altman-fired-from-openai: “Did I Get Sam Altman Fired from OpenAI?: Nathan’s Red-Teaming Experience, Noticing How the Board Was Not Aware of GPT-4 Jailbreaks & Had Not Even Tried GPT-4 prior to Its Early Release”, -
https://arxiv.org/abs/2308.12287: “Devising and Detecting Phishing: Large Language Models vs. Smaller Human Models”, -
https://arxiv.org/abs/2305.06972: “Large Language Models Can Be Used To Effectively Scale Spear Phishing Campaigns”, -
https://arxiv.org/abs/2302.12173: “Not What You’ve Signed up For: Compromising Real-World LLM-Integrated Applications With Indirect Prompt Injection”, -
https://arxiv.org/abs/2212.04732: “Fill in the Blank: Context-Aware Automated Text Input Generation for Mobile GUI Testing”, -
https://www.binance.com/en/blog/community/scammers-created-an-ai-hologram-of-me-to-scam-unsuspecting-projects-6406050849026267209: “Scammers Created an AI Hologram of Me to Scam Unsuspecting Projects”, -
2022-wang-4.pdf: “Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on X86”, -
2021-kommu-themongoliangeoguessrmeta.pdf: “The Mongolian Meta”, -
https://www.youtube.com/watch?v=dGU5_UUalPA: “Getting Over It Developer Reacts to 1 Minute 24 Second Speedrun”{#foddy/a-2020 .link-modified-recently .link-annotated}, -
2018-ceccato.pdf: “Understanding the Behavior of Hackers While Performing Attack Tasks in a Professional Setting and in a Public Challenge”, -
https://www.cs.dartmouth.edu/~sergey/wm/: “What Are Weird Machines?”, -
2011-white.pdf: “Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on Fon-Iks”, -
https://archive.computerhistory.org/resources/text/Oral_History/Lampson_Butler/102658024.05.01.pdf#page=36: “Oral History of Butler Lampson § WWW”, -
2002-karger.pdf: “30 Years Later: Lessons from the Multics Security Evaluation”, -
1949-bradley.pdf: “A Small Lathe Built in a Japanese Prison Camp”,