banner
vanhoefm.bsky.social
Mathy Vanhoef
@vanhoefm.bsky.social
760 followers 350 following 39 posts
Prof. @KU_Leuven | Research in Network & Software Security | Known for WPA2 KRACK attack, Dragonblood, and FragAttacks | Open to consultancy | Ex-Postdoc NYU
Posts Media Videos Starter Packs
Reposted by Mathy Vanhoef
mjg59.eicar-test-file.zip
Matthew Garrett @mjg59.eicar-test-file.zip · 14d
I have been learning more about PDFs than I really wanted to for maybe the absolutely most funny reason possible - letting agency forgery: mjg59.dreamwidth.org/73317.html
6 34 130
Reposted by Mathy Vanhoef
lauriewired.bsky.social
LaurieWired @lauriewired.bsky.social · Aug 19
The West has a blindspot when it comes to alternative CPU designs.



We’re so entrenched in the usual x86, ARM, RISC-V world, that most people have no idea what’s happening over in China.



LoongArch is a fully independent ISA that’s sorta MIPS…sorta RISC-V…and sorta x87!
1 11 43
vanhoefm.bsky.social
Mathy Vanhoef @vanhoefm.bsky.social · Aug 13
At USENIX Security? Then check out:

Studying the Use of CVEs in Academia, won distinguished paper award www.usenix.org/conference/u...

Discovering and Exploiting Vulnerable Tunnelling Hosts, won most innovative research Pwnie @ DEFCON www.usenix.org/conference/u...

Big thanks to all co-authors!!
6 14
Reposted by Mathy Vanhoef
nadim.computer
Nadim Kobeissi @nadim.computer · Aug 6
I'm thrilled to announce that after months of intensive work, the complete materials for my Applied Cryptography course at the American University of Beirut are now finished: both Part 1 (Provable Security) and Part 2 (Real-World Cryptography)!
4 9 29
vanhoefm.bsky.social
Mathy Vanhoef @vanhoefm.bsky.social · Aug 2
Good luck :)
1 2
Reposted by Mathy Vanhoef
dangaristo.bsky.social
Dan Garisto @dangaristo.bsky.social · Jul 31
Breaking: NSF is suspending roughly 300 grants with UCLA, following a DOJ finding on Tuesday that the university violated Title VI by "creating a hostile educational environment for Jewish and Israeli students."
22 220 360
vanhoefm.bsky.social
Mathy Vanhoef @vanhoefm.bsky.social · Jul 12
Our research on open tunneling servers got nominated for the Most Innovative Research award :)

The work will be presented by Angelos Beitis at Black Hat and also at USENIX Security

Brief summary and code: github.com/vanhoefm/tun...
Paper: papers.mathyvanhoef.com/usenix2025-t...
6 6
vanhoefm.bsky.social
Mathy Vanhoef @vanhoefm.bsky.social · Jul 12
Disclosure timeline is on X/twitter: reported in 2012, but no real response because it was considered theoretical. They weren't given access to a train's test track facility, so impossible to confirm ethically in practice. Devices now considered end of life. Replacement is maybe here in 2027..
3 17
Reposted by Mathy Vanhoef
anitramwaju.malauren.be
Martin Laurent @anitramwaju.malauren.be · Jul 12
Also in Poland. It was used by Russia in 2023 to stop about 20 trains.
Suspicious Train Disruptions in Poland: Is Russia Pulling the Levers? | RAILTARGET
Over the past weekend, Poland experienced an unusual series of train stoppages that have raised serious national security concerns.
www.railtarget.eu
5 14
vanhoefm.bsky.social
Mathy Vanhoef @vanhoefm.bsky.social · Jul 12
Yikes. Turns out you can send a plaintext radio signal to cause any train in the USA to do an emergency break. The original 'security' was just a checksum, no encryption or authentication. Reporting this took them 12 years (!) because the vendor dismissed it initially www.cisa.gov/news-events/...
End-of-Train and Head-of-Train Remote Linking Protocol | CISA
www.cisa.gov
11 65 190
Reposted by Mathy Vanhoef
davidpicard.bsky.social
David Picard @davidpicard.bsky.social · Jun 6
Reminder that the MSCA postdoctoral program exists. If you have a PhD and want to work in a European lab, you have until September to apply. Just contact them now.

ec.europa.eu/info/funding...
ec.europa.eu
24 30
Reposted by Mathy Vanhoef
3kkenekkepen.bsky.social
3kkenekkepen @3kkenekkepen.bsky.social · Jul 7
Finally got round to listen to this marvel of an episode on BSSID vulnerabilities.
Very informative and quite shocking. Give it a listen.
PP027: How Wi-Fi Positioning Systems Enable Mass Surveillance | Packet Pushers
In today's Packet Protector podcast we explore the rich and terrifying potential of using Wi-Fi-based Positioning Systems for mass surveillance with researchers from the University of Maryland. We dis...
packetpushers.net
2 3 5
vanhoefm.bsky.social
Mathy Vanhoef @vanhoefm.bsky.social · Jul 7
I somehow missed this paper. Creative work of the authors, thanks for sharing!
1
vanhoefm.bsky.social
Mathy Vanhoef @vanhoefm.bsky.social · Jul 3
Senate GOP budget bill has little-noticed provision that could hurt your Wi-Fi arstechnica.com/tech-policy/... ==> Possibly no 6GHz for Wi-Fi 7
Senate GOP budget bill has little-noticed provision that could hurt your Wi-Fi
Cruz bill could take 6 GHz spectrum away from Wi-Fi, give it to mobile carriers.
arstechnica.com
1
vanhoefm.bsky.social
Mathy Vanhoef @vanhoefm.bsky.social · Jun 10
Reminder to apply to be part of the artifact evaluation committee of NDSS'26! And share with your colleagues :) We'll likely close this form around the end of next week.
vanhoefm.bsky.social
Mathy Vanhoef @vanhoefm.bsky.social · May 25
All papers should publish their code. Help realize this by becoming an artifact reviewer at NDSS'26, apply here: docs.google.com/forms/d/e/1F...

You'll review artifacts of accepted papers. We especially encourage junior/senior PhD students & PostDocs to help. Distinguished reviews will get awards!
Self-nomination for the Artifact Evaluation Committee of NDSS 2026
We are looking for members of the Artifact Evaluation Committee (AEC) of NDSS 2026. The Network and Distributed System Security symposium adopts an Artifact Evaluation (AE) process allowing authors t...
docs.google.com
4 1
Reposted by Mathy Vanhoef
vanhoefm.bsky.social
Mathy Vanhoef @vanhoefm.bsky.social · May 25
All papers should publish their code. Help realize this by becoming an artifact reviewer at NDSS'26, apply here: docs.google.com/forms/d/e/1F...

You'll review artifacts of accepted papers. We especially encourage junior/senior PhD students & PostDocs to help. Distinguished reviews will get awards!
Self-nomination for the Artifact Evaluation Committee of NDSS 2026
We are looking for members of the Artifact Evaluation Committee (AEC) of NDSS 2026. The Network and Distributed System Security symposium adopts an Artifact Evaluation (AE) process allowing authors t...
docs.google.com
10 12
vanhoefm.bsky.social
Mathy Vanhoef @vanhoefm.bsky.social · Jun 6
I saw that too.. good luck with the submission!
1
Reposted by Mathy Vanhoef
thorbenson.bsky.social
Thor Benson @thorbenson.bsky.social · Jun 4
Lee Jae-myung, the South Korean politician who climbed the fence of the parliament to get inside and vote against martial law, has been elected president. Pretty cooool
Lee Jae-myung going beast mode
210 4.3K 25K
vanhoefm.bsky.social
Mathy Vanhoef @vanhoefm.bsky.social · Jun 1
The Wi-Fi Alliance test plan is something I haven't seen myself... it's indeed annoying to get familiar with the big picture. Though I would say that the Dragonfly RFC can be ignored, the full description is in the IEEE 802.11 standard, and 802.11 contains updates to the side-channel leaks etc.
2
vanhoefm.bsky.social
Mathy Vanhoef @vanhoefm.bsky.social · May 27
So the WPA3 document is basically "support these features of the 802.11 standard, and some minor extensions in that document, and then you can call yourself WPA3" + some best practices
1 4
vanhoefm.bsky.social
Mathy Vanhoef @vanhoefm.bsky.social · May 27
A lot of 'WPA3' is a marketing and test suite on top of the 802.11 standard. I don't think the 2024 release of 802.11 made any substantial changes to SAE. Instead, the 2024 release incorporated other amendments like 802.11ax and 802.11ay into a single document.
1 4
vanhoefm.bsky.social
Mathy Vanhoef @vanhoefm.bsky.social · May 27
The GET program makes standards available after 6 months. But you're unlucky with timing: last month the 2024 edition of 802.11 was released. This means the 2020 version is no longer accessible under GET, and you need to wait 6 months for the 2024 edition under GET access. Yeah, I know...
1 1 8
vanhoefm.bsky.social
Mathy Vanhoef @vanhoefm.bsky.social · May 27
Core of WPA3 is Simultaneous Authentication of Equals (SAE), defined in IEEE 802.11, the 2024 version of that document will be available for free in around 6 months... The WPA3 'spec' on top of IEEE is public
1
vanhoefm.bsky.social
Mathy Vanhoef @vanhoefm.bsky.social · May 25
All papers should publish their code. Help realize this by becoming an artifact reviewer at NDSS'26, apply here: docs.google.com/forms/d/e/1F...

You'll review artifacts of accepted papers. We especially encourage junior/senior PhD students & PostDocs to help. Distinguished reviews will get awards!
Self-nomination for the Artifact Evaluation Committee of NDSS 2026
We are looking for members of the Artifact Evaluation Committee (AEC) of NDSS 2026. The Network and Distributed System Security symposium adopts an Artifact Evaluation (AE) process allowing authors t...
docs.google.com
10 12
Reposted by Mathy Vanhoef
kaspernollet.bsky.social
Kasper Nollet @kaspernollet.bsky.social · May 13
Calling researchers: EU #grantconsultancy 🚨

Have you worked with private grant consultants for EU research funding (Horizon, EIC, etc.)—Have you had positive or negative experiences?
📩 Share your story: [email protected] / [email protected] (@thordeyaert.bsky.social)
🔁 RT appreciated!
5 7