About Heartbleed, Memory Safety, CRASH/SAFE, HardBount/Watchdog, miTLS, and Everything Else

April 13, 2014

Heartbleed exploits a memory safety violation. One can break up such violations in many ways: spatial vs. temporal violations, control flow hijacking vs. no control data-only attacks, and for data-only attacks data corruption vs. data leaks. Heartbleed is a confidential data leak caused by a spatial memory violation (an out of bounds read). Here is a breakdown of memory safety violations and how Heartbleed fits in the rest of the picture:

Read the rest of this entry »

Community vs. Corporation and Corrupt Politicians

February 9, 2014

Moving to Paris

July 24, 2013

It’s official (for a while now, but the blog is constantly neglected): we’re moving to Paris on the 1st of October! After a strenuous academic job search in Europe that started last October, things are finally settled: I accepted a researcher position at INRIA Paris-Rocquencourt. The position is called  “chargé de recherche (CR)” in French, is permanent, and seems to offer perfect job security (French civil servant position). And given that this is INRIA, the competition was fierce, and also painful, since some of the competitors are good friends, who are, as US people might put it, at least as awesome as I am.

The INRIA team I’ll be joining focuses on security (security protocols and web security in particular). And to make things even better, the team is located at Place d’Italie in the center of Paris. We already got a short-term lease for an apartment that’s close to Place d’Italie for the first 2 months, but getting a long term lease in Paris afterwards is going to be a big challenge. Beate’s French skills will help a lot, and I hope to start learning French really soon now (at the moment I only know a tiny bit of culinary French).

Anyway, starting on Friday we’re going on a big adventure trip to many cool US national parks (Zion, Grand Canyon, Bryce, Grand Teton, Yellowstone, and Glacier) and taking the last chance to enjoy the wonderful nature here. Our stay in the US was awesome, but we are also very happy to return to our many cool friends and family in Europe. So long, and thanks for all the fish!

Pască Tanti Vali (traditional Romanian cheesecake)

March 31, 2013

This is actually 3 recipes in one, hopefully it’s not too complicated.


Read the rest of this entry »


March 31, 2013


  • 6 egg yolks
  • 6 spoons of sugar
  • 400g lady fingers
  • 400g Mascarpone cheese
  • 500g whipped cream
  • 2 small bags of vanilla sugar (2 x 7-9g)
  • some cacao
  • amaretto liquor
  • 10 little cups of espresso (or decaf espresso, or instant espresso) mixed with 4 tea spoons of sugar


  • a high rectangular plastic/glass tray


  • Make the coffee, add the 4 tea spoons of sugar and let it cool down.
  • Stir the yolks with the sugar in a large container until the sugar melts, then add the cheese little by little.
  • Whip the cream in a separate container. Keep 1/3 of it for decorating and incorporate the remaining 2/3 little by little into the cream.
  • Pass the ends of the lady fingers quickly through the coffee, then put into the tray. Once you’re done with a complete layer of lady fingers pour half of the cream, then lay another layer of lady fingers rotated by 90 degrees (perpendicular wrt the first layer). Then put the other half of the cream and at the end the 1/3 of the whipped cream.
  • Put in the fridge for a couple of hours.
  • Before serving, put cacao on top through a small sieve.

Wealth Inequality in America

March 5, 2013

I wonder how Europe compares to all this …

CFP: FCS’13 Workshop on Foundations of Computer Security

February 25, 2013

My first PC membership 🙂

!                                                         !
!			FCS 2013                          !
!       Workshop on Foundations of Computer Security      !
!     Tulane University, New Orleans, Louisiana, USA      !
!                     June 29, 2013                       !
!   http://prosecco.inria.fr/personal/bblanche/fcs13/     !
!                                                         !
!          Affiliated with LICS 2013 and CSF 2013         !
!                                                         !

Important dates

Submission:			April 10, 2013
Notification of acceptance: 	April 30, 2013
Final papers: 			May 31, 2013

Invited speaker: Boris Koepf, IMDEA, Spain
 Read the rest of this entry »