Interesting, thanks for the pointer!

Client isolation is supposed to prevent two clients on the same SSID to attack each other. We can bypass client isolation. Attacks are independent of the used crypto settings :)

“Using WPA3 or client certificates or GCMP or <other crypto> doesn’t prevent our attacks”. When writing the paper, reviewers often asked “does it work against WPA3/MFP” and the answer is yes

New AirSnitch attack breaks Wi-Fi encryption in homes, offices, and enterprises That guest network you set up for your neighbors may not be as secure as you think.

Excellent article on the work by @dangoodin.bsky.social: arstechnica.com/security/202...

I'd say we bypass Wi-Fi encryption, in the sense that we can bypass client isolation. We don't break Wi-Fi authentication or encryption. Crypto is often bypassed instead of broken. And we bypass it ;)

We found that Wi-Fi client isolation can often be bypassed. This allows an attacker who can connect to a network, either as a malicious insider or by connecting to a co-located open network, to attack others.

NDSS'26 paper: www.ndss-symposium.org/wp-content/u...
GitHub: github.com/vanhoefm/air...

In addition to being absolutely brilliant, amazing & charming in her own right, we all know she was raised by a single dad w/4 siblings and that he came to the US bc of persecution bc of his participation in the ‘89 Tiananmen democracy uprising, right?

this is one of the most amazing papers I have ever read

eprint.iacr.org/2026/058.pdf

The NDSS Symposium 2026 program is live. With 265 accepted papers and 8 workshops, the quality of security research this year is staggering. It is a testament to the community's dedication to keeping the digital world safe. www.ndss-symposium.org/ndss2026/pro... 1/4

The US government is considering punishing American scientists who worked with Chinese researchers *years ago, retroactively*.

I've found AI tools to be quite useful too look for related work. And apparently so do others, searching Google Scholar for "utm_source=chatgpt.com" gives 13,900+ hits ;) scholar.google.com/scholar?star...

One-day data block introduced on Russian SIM cards being brought back into country — Novaya Gazeta Europe The Russian authorities have begun blocking mobile phones being brought back into the country from abroad for 24 hours in an attempt to undermine Ukrainian drone strikes, the Ministry of Digital Devel...

Russia is blocking mobile phones being brought back into the country from abroad for 24 hours, in an attempt to mitigate drone attacks. Seems like this can probably be bypassed using relay "worm hole" attacks, though it adds some complexity.

novayagazeta.eu/articles/202...

ICANN Announces First Cohort of Grant Program Recipients Following an extensive applicant review period, ICANN has announced some of the projects that will receive funding in the ICANN Grant Program’s first cycle.

woo! $10 MM USD in grants from ICANN... amazing. And great grantees here! "ICANN Announces First Cohort of Grant Program Recipients" www.icann.org/en/announcem...

(Self-)Nomination for the USENIX Security '26 Artifact Evaluation Committee (AEC) For the seventh year, USENIX Security allows the evaluation of artifacts that support a paper: software, hardware, evaluation data and documentation, raw measurement data, raw survey results, mechaniz...

Last chance to (self-) nominate for USENIX Security'26 Artifact Evaluation Committee!
You should expect a low load of ~1 artifact for functionality/reproducibility assessments per cycle (max 3 for the whole year).

Please support Open Science and fill the form by Oct 17: forms.gle/WoYRX4govNY1... 🚀

I have been learning more about PDFs than I really wanted to for maybe the absolutely most funny reason possible - letting agency forgery: mjg59.dreamwidth.org/73317.html

The West has a blindspot when it comes to alternative CPU designs.



We’re so entrenched in the usual x86, ARM, RISC-V world, that most people have no idea what’s happening over in China.



LoongArch is a fully independent ISA that’s sorta MIPS…sorta RISC-V…and sorta x87!

At USENIX Security? Then check out:

Studying the Use of CVEs in Academia, won distinguished paper award www.usenix.org/conference/u...

Discovering and Exploiting Vulnerable Tunnelling Hosts, won most innovative research Pwnie @ DEFCON www.usenix.org/conference/u...

Big thanks to all co-authors!!

I'm thrilled to announce that after months of intensive work, the complete materials for my Applied Cryptography course at the American University of Beirut are now finished: both Part 1 (Provable Security) and Part 2 (Real-World Cryptography)!

Good luck :)

Breaking: NSF is suspending roughly 300 grants with UCLA, following a DOJ finding on Tuesday that the university violated Title VI by "creating a hostile educational environment for Jewish and Israeli students."

Our research on open tunneling servers got nominated for the Most Innovative Research award :)

The work will be presented by Angelos Beitis at Black Hat and also at USENIX Security

Brief summary and code: github.com/vanhoefm/tun...
Paper: papers.mathyvanhoef.com/usenix2025-t...

Disclosure timeline is on X/twitter: reported in 2012, but no real response because it was considered theoretical. They weren't given access to a train's test track facility, so impossible to confirm ethically in practice. Devices now considered end of life. Replacement is maybe here in 2027..

Suspicious Train Disruptions in Poland: Is Russia Pulling the Levers? | RAILTARGET Over the past weekend, Poland experienced an unusual series of train stoppages that have raised serious national security concerns.

Also in Poland. It was used by Russia in 2023 to stop about 20 trains.

Yikes. Turns out you can send a plaintext radio signal to cause any train in the USA to do an emergency break. The original 'security' was just a checksum, no encryption or authentication. Reporting this took them 12 years (!) because the vendor dismissed it initially www.cisa.gov/news-events/...

Reminder that the MSCA postdoctoral program exists. If you have a PhD and want to work in a European lab, you have until September to apply. Just contact them now.

ec.europa.eu/info/funding...

I somehow missed this paper. Creative work of the authors, thanks for sharing!

Senate GOP budget bill has little-noticed provision that could hurt your Wi-Fi Cruz bill could take 6 GHz spectrum away from Wi-Fi, give it to mobile carriers.

Senate GOP budget bill has little-noticed provision that could hurt your Wi-Fi arstechnica.com/tech-policy/... ==> Possibly no 6GHz for Wi-Fi 7

Reminder to apply to be part of the artifact evaluation committee of NDSS'26! And share with your colleagues :) We'll likely close this form around the end of next week.

Self-nomination for the Artifact Evaluation Committee of NDSS 2026 We are looking for members of the Artifact Evaluation Committee (AEC) of NDSS 2026. The Network and Distributed System Security symposium adopts an Artifact Evaluation (AE) process allowing authors t...

All papers should publish their code. Help realize this by becoming an artifact reviewer at NDSS'26, apply here: docs.google.com/forms/d/e/1F...

You'll review artifacts of accepted papers. We especially encourage junior/senior PhD students & PostDocs to help. Distinguished reviews will get awards!