It Is Time to Standardize Principles and Practices for Software Memory Safety
Memory-safety standardization is an essential step to promoting universal strong memory safety in government and industry, and to ensure access to more secure software for all.
Advertisement
Questioning the Criteria for Evaluating Non-Cryptographic Hash Functions
There seems to be a gap in how cryptographic and non-cryptographic hash functions are designed.
It simply is not appropriate to write code that will be connected to the Internet in an unsafe language such as C.
How Software Bugs led to ‘One of the Greatest Miscarriages of Justice’ in British History
Bad coding and bad testing characterize the software that led to wrongful convictions, financial ruin, and four suicides.
Strengthening Security Throughout the ML/AI Lifecycle
Automation, audits, and access control are some of the ways to enhance security in ML systems.
Zero-Trust Security in Software Development
The zero-trust security model is a proactive approach to overcoming potential threats and enhancing application security.
It’s Another Attack on the U.S. Capitol
Using the same password for business and personal accounts is a common but risky practice that creates vulnerabilities.
Aides or staffers registered official email addresses and passwords on vulnerable third-party sites, putting those credentials at risk.
The EU AI Act and the Wager on Trustworthy AI
The EU AI Act serves as a reminder for developers to always prioritize the well being of individuals and society as a whole.
Computing with Time: Microarchitectural Weird Machines
Demonstrating the practicallity of μWMs by creating a microarchitecture-sensitive logic bomb.
Technical Perspective: How Exploits Impact Computer Science Theory
The term “weird machines” reflects the shift in the understanding of exploitability’s root cause.
Detecting/Explaining Industrial Hacks
XAI provides clear descriptions of Industrial Control System anomalies in accessible terms.
Cybersecurity vendors are using AI-enabled products to keep a leg up on hackers and "threat actors" who have also added AI to their arsenals.
Notice and Choice Cannot Stand Alone
If bolstered by appropriate laws, standards, and easy-to-use interfaces, the notice and choice concept could be a useful tool in our future privacy toolbox.
Belt and Braces: When Federated Learning Meets Differential Privacy
An overview of differential privacy-enabled federated learning with a focus on utility optimization techniques.
Confidential Computing or Cryptographic Computing?
Trade-offs between secure computation via cryptography and hardware enclaves.
The Gift That Keeps on Giving to Apple and Google
Technical arguments for keeping or upending the current Apple and Google mobile app store systems.
‘Cheat Engines’ and Copyright in Video Games in the EU
The Court of Justice of the EU finds it permissible to observe, study, and test a program to reveal the ideas and principles underlying its operation and reproduce the results of its execution.
Strengthening Security with Attack Surface Management
The ASM approach is built upon a network infrastructure graph developed by engineers for investigative purposes.
Pitfalls in Machine Learning for Computer Security
Generic pitfalls related to machine learning affect all security domains and can affect the entire machine learning workflow, weakening assumptions, conclusions, and lessons learned.
Technical Perspective: Machine Learning in Computer Security is Difficult to Fix
The study points out some common issues hindering the design of ML models for computer security and how to overcome them.
Human-Centered Cybersecurity Revisited: From Enemies to Partners
It is time to reconsider how we deal with the human factor in cybersecurity.
LLMs represent an emerging battleground for misuse and abuse that aims to sway public opinion and mislead the masses.
ACM encourages its members to take a direct hand in shaping the future of the association. There are more ways than ever to get involved.
Get InvolvedBy opening CACM to the world, we hope to increase engagement among the broader computer science community and encourage non-members to discover the rich resources ACM has to offer.
Learn More
