Anyway, I digress. Read Jenny's paper. It's illuminating. Older people are far from being digitally illiterate, and we are not serving their needs well at the moment. And we have to fix this, sooner rather than later. (5/5)
A lot of us have completely moved all asset management online. I haven't been to my bank since 2005. Yet, a lot of estate planning does not account for, or even reflect that new reality. (4/5)
There is a growing need for estate planners with digital literacy. Shockingly, this is more often than not an afterthought. With GenXers/Xennials starting to get gray, there is -- in my opinion -- a real need here. (3/5)
Grossly simplifying: key finding is that older individual don't really care about their purely digital assets (pictures, etc). They do care about digital artifacts (e.g., email, etc) that could make it harder for their heirs to manage estate transmission. (2/5)
My student Jenny Tang just presented our work at #chi26. We have been interested in post-mortem management of online accounts (1/5)
andrew.cmu.edu/user/nicolas...
Last week my student Ally Nisenoff published "Exploiting the Shared Storage API" at @acm_ccs: www.andrew.cmu.edu/user/nicolas...
3 days later, Google announced they're abandoning Shared Storage:
privacysandbox.com/news/update-...
(Correlation doesn't imply causation. Interesting, though.)
We're hosting the 7th intl' conf. on Advances in Financial Technologies (AFT'25) at Carnegie Mellon on Oct. 8-10. Join us to hear about the latest exciting developments in crypto research. Registration closes on Sept 16!
advfintech.org/aft25/attend...
(Program: advfintech.org/aft25/progra...)
This is concerning, it seems like lower fees on Ethereum are facilitating address poisoning attacks…
x.com/toxin_tagger...
That’s a wrap for me at #usesec25
Conferences should really consider reusing the tag holders, the amount of wasted plastic is staggering
“Canadian pharmacist helps run notorious deepfake porn site.”
The online crime jokes write themselves.
Ah true but I should try again today then
Poster for our paper "How Researchers De-Identify Data in Practice"
I'm presenting my USENIX paper "How Researchers De-Identify Data in Practice" at 9am this Thursday. Kudos to my co-authors Paige Pepitone, @adamaviv.bsky.social, and @mmazurek.bsky.social. Come say hi—I am on the academic job market!
Here's the paper: www.usenix.org/conference/u...
#usesec25
Taro just presented this at #usesec25, and will be manning the poster shortly. If you are around we would love to hear from you.
I’m not sure there is a more clichéed Seattle experience than having a latte at a local coffee shop with some salmon on toast while they’re blaring Soundgarden’s “Outshined.”
My student Jenny Tang (coadvised with @lujobauer.bsky.social) is making friends at SOUPS with our paper on looking at 10 years of SOUPS papers and reviewing how solid the stats were. Basically: not great, not great at all. (And that includes my own work.)
Paper: www.andrew.cmu.edu/user/nicolas...
TLDR: Address poisoning is a thing.
Paper: arxiv.org/abs/2501.16681
Real-time website: cryptotrade.cylab.cmu.edu/poisoning/
Real-time twitter bot:
x.com/toxin_tagger
(no BlueSky bot yet, sorry, soon I hope)
(7/7 end)
We simulated the lookalike address generation process across various software- and hardware-based implementations. One large attacker group appears to use GPUs for this attack! The paper also discusses some defenses. (6/7)
We discovered a few large attack entities using clustering techniques. Larger groups are vastly profitable and win against smaller attack groups. We uncovered some attack strategies, such as populations they target, success conditions, and cross-chain attacks. (5/7)
We developed a detection system and performed measurements on two years of ETH and BSC. We identified 13x the number of attack attempts reported previously—in all, 270M on-chain attacks targeting 17M victims. 6,633 incidents have caused at least 83.8M USD in losses. (4/7)
The attacker generates “lookalike” addresses that resemble the victim’s recipient’s address, engages with the victim to “poison” the transaction history, and fools the victim into sending their assets to the attacker by mistake. (3/7)
Background: Crypto wallet addresses are usually impossible to memorize. As a result, users often select addresses from their recent transaction history, which facilitates phishing-like attacks: blockchain address poisoning. (2/7)
New research alert 🚨 from my group, “Blockchain Address Poisoning” (Tsuchiya et al.), to appear at USENIX Security 2025 (arxiv.org/abs/2501.16681)! As a follow-up, we also developed a real-time detection system: cryptotrade.cylab.cmu.edu/poisoning/ and x.com/toxin_tagger (1/7)
CMU S3D’s “Tartan Federer” swept all 4 MIDST tracks, revealing privacy gaps in diffusion models.
Its loss-feature attack was the only entry to beat random guessing in the white-box multi-table test.
Details: s3d.cmu.edu/news/2025/0501-midst.html
#AIPrivacy #CMU #AI #ML!
Just because your prof didn't file an academic dishonesty report does not mean that they don't know you cheated.
Knowing you did it and proving it to the hearing board are two different thresholds.
Details: it's likely that there are some symbol mismatches between some homebrew libraries linked against old OpenGL libs and the new OpenGL shipping with Sequoia. This drove me nuts. So I'm posting this here in hopes people don't waste their time. Oh, and don't ask an LLM, they're clueless.
PSA: If you're using homebrew, and discovered that MAME crashes w/ a Bus Error upon startup after upgrading to Sequoia, 1) update mame.ini so that the line containing gl_lib points to /System/Library/Frameworks/OpenGL.framework/Libraries/libGLVMPlugin.dylib 2) launch w/ DYLD_LIBRARY_PATH="" mame
🧵 about a new paper by my amazing students and collaborators. To appear this week at SIGMETRICS. 👇
CMU researchers are using personalized models to decode how cancer behaves in individual patients, one of medicine's toughest challenges.
Through individualized data and insights, their work revealed hidden #cancer subtypes that could inform treatment and improve survival predictions.
#Research
