That's a blast from the past. Yes, Dan Holcomb used the term "FERNS" in his project to harvest true randomness and "ID" fingerprinting bits from uninitialized SRAM at power-up. In retrospect, it might have made more sense to use the term "PUF." Bygones. He's now out at Berkeley. The IEEE Transactions on Computers journal version of the FERNS paper goes into more detail on things like negative bias temperature instability (NBTI). And Dan's latest work on using SRAM for significantly more "ID" fingerprint bits appears at RFIDsec 2012.
The idea of using SRAM from graphics cards would be a nice twist. But SRAM isn't the only building block on the chip (note the reverse poetry)---could be other cleverness too! I look forward to reading about the work.
We were surprised to suddenly get attention to this paper, but apparently Slashdot readers are watching the security seminar at UMass Amhest.
Anyhow, we will be answering questions in this thread. So if you have any questions, post them here and Dan Holcomb will get back to you as soon as he can.
Cheers, -Kevin Fu
you don't have to sign the Google NDA
on
Google's Evil NDA
·
· Score: 1
As of a couple years ago --- Google gives you the option to not sign the NDA. But you'll be displaying a visual mark that tells employees you declined to sign the NDA, and you won't be able to talk about some subjects. It also makes the interview awkward and one looks like a jerk.
I'm surprised USENIX Security was not mentioned.
After all, it's very affordable for the
"little guys" if you are a student. And where
else can you meet security researchers
like Whitfield Diffie, one of the inventors
of public key cryptography? Several of the papers
from the symposium have already been mentioned on slashdot:
I complained to SprintPCS in February about this problem. If you'd like to hear about my saga and also run a script to test your phone for this privacy problem, see http://snafu.fooworld.org/~fubob/ hdmlprivacy.html.
Well, just for the record...the general editors of Crossroads do not see the advertisements during the editorial process. In fact, we see the spiffy ads at the same time the rest of the readers get the print issue.
Slashdot Mirror
That's a blast from the past. Yes, Dan Holcomb used the term "FERNS" in his project to harvest true randomness and "ID" fingerprinting bits from uninitialized SRAM at power-up. In retrospect, it might have made more sense to use the term "PUF." Bygones. He's now out at Berkeley. The IEEE Transactions on Computers journal version of the FERNS paper goes into more detail on things like negative bias temperature instability (NBTI). And Dan's latest work on using SRAM for significantly more "ID" fingerprint bits appears at RFIDsec 2012.
https://spqr.cs.umass.edu/publications.php?q=holcomb
The idea of using SRAM from graphics cards would be a nice twist. But SRAM isn't the only building block on the chip (note the reverse poetry)---could be other cleverness too! I look forward to reading about the work.
Oh. And one more thing. Bad Wolf.
We were surprised to suddenly get attention to this paper, but apparently Slashdot readers are watching the security seminar at UMass Amhest.
Anyhow, we will be answering questions in this thread. So if you have any questions, post them here and Dan Holcomb will get back to you as soon as he can.
Cheers,
-Kevin Fu
As of a couple years ago --- Google gives you the option to not sign the NDA. But you'll be displaying a visual mark that tells employees you declined to sign the NDA, and you won't be able to talk about some subjects. It also makes the interview awkward and one looks like a jerk.
Robert Morris et al took a look at establishing ad hoc networks in cars a few years ago: http://www.pdos.lcs.mit.edu/~rtm/papers/carnet00-a bstract.html
Avi's not the only election judge recording his experiences. So are his minions: http://cs.jhu.edu/~mgreen/election_judge.html
- Plan 9 security
- How to 0wn the Internet in your spare time
- Felten presents SDMI Research last year
The deadline for discounted registration is this Wednesday. See http://www.usenix.org/sec02/ to register.X10 technology is cool, but their ads are not. Here is another way to disable X10 ads to an arbitrary date. Just change the date as you wish. Example: http://www.x10.com/cgi-bin/search/search_index.cgi ?search=%3Cscript%3Edocument.cookie%3D%22PopUnder% 3D0%3B+expires%3D05-Aug-2038+19%3A44%3A14+GMT%3B+d omain%3D.x10.com%3B+path%3D%2F%22%3C%2Fscript%3E
Hey, IP rights are still available for those wonderful BBS games, "Brown Nosing the SysOp" and the one-and-only "Evil BobOp Robobs from Hell"
Hey Hemos, what ever happened to the tradewars gamemaster fiasco on Bob's Golden Apple? :-)
I complained to SprintPCS in February about this problem. If you'd like to hear about my saga and also run a script to test your phone for this privacy problem, see http://snafu.fooworld.org/~fubob/ hdmlprivacy.html.
Well, just for the record...the general editors
of Crossroads do not see the advertisements
during the editorial process. In fact, we see
the spiffy ads at the same time the rest of the
readers get the print issue.
-Kevin Fu