Oleksii Oleksenko
@oleksii-o.bsky.social
Senior Researcher at Azure. Work on microachitectural security, fuzzing, and TEEs.
Proudly #Ukrainian
Proudly #Ukrainian
🚨After a year-long embargo, our S&P paper is finally out!
📄Paper: aka.ms/enter-exit-l...
🔒AMD Advisory: aka.ms/AAwztqx
📝Summary: We develop the first tool to test security boundaries for uarch leaks -with no prior knowledge of CPU internals. It discovered Transient Scheduler Attack (TSA)... [1/2]
📄Paper: aka.ms/enter-exit-l...
🔒AMD Advisory: aka.ms/AAwztqx
📝Summary: We develop the first tool to test security boundaries for uarch leaks -with no prior knowledge of CPU internals. It discovered Transient Scheduler Attack (TSA)... [1/2]
July 15, 2025 at 12:32 PM
🚨After a year-long embargo, our S&P paper is finally out!
📄Paper: aka.ms/enter-exit-l...
🔒AMD Advisory: aka.ms/AAwztqx
📝Summary: We develop the first tool to test security boundaries for uarch leaks -with no prior knowledge of CPU internals. It discovered Transient Scheduler Attack (TSA)... [1/2]
📄Paper: aka.ms/enter-exit-l...
🔒AMD Advisory: aka.ms/AAwztqx
📝Summary: We develop the first tool to test security boundaries for uarch leaks -with no prior knowledge of CPU internals. It discovered Transient Scheduler Attack (TSA)... [1/2]
Reposted by Oleksii Oleksenko
Prompt Injection is a top risk for use of LLMs, where untrusted data can cause a system to misbehave or leak data. We're hard at work on deterministic solutions to prevent or bound the risk, and just published a paper on our innovative information flow control approach: arxiv.org/pdf/2505.23643
June 5, 2025 at 8:34 PM
Prompt Injection is a top risk for use of LLMs, where untrusted data can cause a system to misbehave or leak data. We're hard at work on deterministic solutions to prevent or bound the risk, and just published a paper on our innovative information flow control approach: arxiv.org/pdf/2505.23643
Reposted by Oleksii Oleksenko
When the smoke coming out of the Vatican is black and white checkerboard:
a man dancing in front of a banner that says reetlight festo entertainment system
ALT: a man dancing in front of a banner that says reetlight festo entertainment system
media.tenor.com
May 7, 2025 at 6:58 PM
When the smoke coming out of the Vatican is black and white checkerboard:
Reposted by Oleksii Oleksenko
so which conclave are they running, SGX or TrustZone?
May 7, 2025 at 7:21 PM
so which conclave are they running, SGX or TrustZone?
A powerful picture by the Economist. Somebody needs to have a serious talk with those white grandpas in the US.
Source: www.economist.com/interactive/...
Source: www.economist.com/interactive/...
April 17, 2025 at 9:05 AM
A powerful picture by the Economist. Somebody needs to have a serious talk with those white grandpas in the US.
Source: www.economist.com/interactive/...
Source: www.economist.com/interactive/...
Russian negotiations 101: Always break your promises, but in a way that you can still claim you haven't *technically* broken your promises.
(screenshot from today's Economist briefings)
(screenshot from today's Economist briefings)
March 19, 2025 at 9:48 AM
Russian negotiations 101: Always break your promises, but in a way that you can still claim you haven't *technically* broken your promises.
(screenshot from today's Economist briefings)
(screenshot from today's Economist briefings)
Reposted by Oleksii Oleksenko
taking my page tables for a walk
March 1, 2025 at 9:11 PM
taking my page tables for a walk
I'm so proud of Zelensky right now. Someone standing up to the bully is a breath of fresh air after months of ignorant BS. And what comes next is scary. Genuinely scary
February 28, 2025 at 7:01 PM
I'm so proud of Zelensky right now. Someone standing up to the bully is a breath of fresh air after months of ignorant BS. And what comes next is scary. Genuinely scary
Ukrainian journalists published the final draft of the UA-US mineral agreement. It's looking considerably less infuriating now, although still no commitment to security guarantees www.eurointegration.com.ua/eng/articles...
The full text of the “Minerals Deal”, agreed by Ukraine and the United States
European Pravda publishes the final text of the “Minerals Deal,” an intergovernmental arrangement that Ukraine and the United States are set to sign this week...
www.eurointegration.com.ua
February 26, 2025 at 1:27 PM
Ukrainian journalists published the final draft of the UA-US mineral agreement. It's looking considerably less infuriating now, although still no commitment to security guarantees www.eurointegration.com.ua/eng/articles...
Reposted by Oleksii Oleksenko
One thing I really miss about tech Twitter in the heyday of 2010-2020 is people sharing links to interesting blogposts (usually from people just writing down what they learned or what tech they were exploring).
Those blog posts must still be somewhere there, but increasingly hard to find.
Those blog posts must still be somewhere there, but increasingly hard to find.
February 15, 2025 at 1:12 PM
One thing I really miss about tech Twitter in the heyday of 2010-2020 is people sharing links to interesting blogposts (usually from people just writing down what they learned or what tech they were exploring).
Those blog posts must still be somewhere there, but increasingly hard to find.
Those blog posts must still be somewhere there, but increasingly hard to find.
Recently found out that the Spotify Discover Weekly playlist can be connected to the Android clock and used as a morning alarm.
Literally life-changing
Literally life-changing
February 15, 2025 at 10:46 AM
Recently found out that the Spotify Discover Weekly playlist can be connected to the Android clock and used as a morning alarm.
Literally life-changing
Literally life-changing
Reposted by Oleksii Oleksenko
now that DeepSeek has completed AI, we hope that Silicon Valley will turn its attention to the next best thing: investing in rural history museums
January 27, 2025 at 3:44 PM
now that DeepSeek has completed AI, we hope that Silicon Valley will turn its attention to the next best thing: investing in rural history museums
Reposted by Oleksii Oleksenko
Learn about the risks of hallucination, jailbreaks and prompt injection and current mitigations in our ACM Queue paper:
The Price of Intelligence - ACM Queue
queue.acm.org
January 23, 2025 at 7:26 PM
Learn about the risks of hallucination, jailbreaks and prompt injection and current mitigations in our ACM Queue paper:
Really cool and deep reverse engineering of speculative leaks in microcode
Nicholas Mosier, Hamed Nemati, John C. Mitchell, Caroline Trippel
Analyzing and Exploiting Branch Mispredictions in Microcode
https://arxiv.org/abs/2501.12890
Analyzing and Exploiting Branch Mispredictions in Microcode
https://arxiv.org/abs/2501.12890
January 23, 2025 at 2:49 PM
Really cool and deep reverse engineering of speculative leaks in microcode
Reposted by Oleksii Oleksenko
If Trump is removing all environmental regulation, how about we undo the "memory safe languages" mandate? I mean, how is mandating "memory safe languages" compatible with freedom of speech anyhow?
Enough policing of speech! Raw pointers for raw milk, our youth needs to be hardened by strcpy.
Enough policing of speech! Raw pointers for raw milk, our youth needs to be hardened by strcpy.
January 22, 2025 at 8:32 AM
If Trump is removing all environmental regulation, how about we undo the "memory safe languages" mandate? I mean, how is mandating "memory safe languages" compatible with freedom of speech anyhow?
Enough policing of speech! Raw pointers for raw milk, our youth needs to be hardened by strcpy.
Enough policing of speech! Raw pointers for raw milk, our youth needs to be hardened by strcpy.
Complete peace in Europe coming up in less than 20 hours from now. True story, guaranteed result
January 20, 2025 at 10:59 PM
Complete peace in Europe coming up in less than 20 hours from now. True story, guaranteed result