Title: Paving a Road to Hell with Good Side-Channels.
Abstract: At Usenix Security 2019, the former Chief Security Officer for
Facebook, Alex Stamos, begged security researchers to start working on "actual
bad stuff" that happens to real people as opposed to esoteric "side channel
attacks", which leak information through unexpected side-channels of expected
behavior. This talk will serve as my rejoinder to his call, focusing on the real damage
that can be caused from the information leaked by side-channels, not only from
criminal actors but also from your favorite (apparently legitimate) service providers.
I will cover three of our recently published side-channel attacks on
(1) the location of your phone (CNS 2019),
(2) your web browser (WOOT 2019), and
(3) your device's page cache (CCS 2019).
I will also cover the root causes of side-channels, unsuccessful
paradigms for mitigating them, and what hope there may be for the future.
Bio: Ari Trachtenberg is a Professor of Electrical and Computer Engineering
at Boston University, where he also hold affiliated appointments in CS, CISE, and RISCS.
He received his PhD (2000) and MS (1996) in CS from UIUC and his SB (1994) from MIT.
His research interests include cybersecurity (side-channels, privacy),
networking (cryptocurrencies, security, localization), and algorithms (data synchronization,
rateless coding, feedback).