Mathias Payer

@[email protected]
1.3K Followers
276 Following
369 Posts
Securitatis inquisitor and professor at EPFL leading the HexHive 🐝 group, focusing on system/software security (he/him).
Homepagehttps://nebelwelt.net
Grouphttps://hexhive.epfl.ch
Mathias PayerMar 17

While I'm a bug fan of second factor authentication for high risk environments, it also comes at a cost due to additional friction.

Can someone explain to me while the EU for the Horizon portal had to create a new dedicated 2FA app that maximises friction? I log into this portal once every 1.5 years. This means I'll likely have to go through the 2FA recovery process every single time.

Mathias PayerMar 13

What's the state of digital sovereignty for our academic landscape?

Inspired by a similar post looking at digital sovereignty of municipalities, I explored what messaging infrastructure universities rely on. Sadly, many have switched to hyper scalars but few large universities keep running their own email infrastructure. Germany, Austria, France does not look too bad and lead by example.

[Note that the assessment is based on a simple MX records comparison against a list of known scalars, I don't yet check SPF records or guesstimate the SMTP software/version, this may be done in a future version.]

Check out the interactive map: https://nebelwelt.net/gannimo/unimx/

Mathias PayerFeb 28

It was my honor to give a keynote at the FUZZING workshop at #NDSSSymposium today. Under the title From "What The Fuzz?" to "All The Fuzz!", I discussed how fuzzing evolved over time from its origins as random mutation testing over the greybox revolution to fuzzing niches. The key takeaways are that fuzzing matured as a field, coverage-guided feedback was key to its success, and the future is customizing fuzzing to niches where the next breakthroughs will be contextual and semantic.

The slides are available at https://nebelwelt.net/files/26FUZZING-presentation.pdf

Happy to hear any feedback!

Mathias PayerFeb 27

It was a pleasure to present Sysphuzz at #NDSSSymposium this year. Our key intuition is that focusing in under-fuzzed areas allows us to discover new bugs even in extensively fuzzed code. We applied this intuition to the Linux kernel by boosting basic blocks that were rarely hit even after years of fuzzing.

The blog post is at: https://nebelwelt.net/blog/2026/0226-sysyphuzz.html

Mathias PayerJan 25
What is this weird endorsement thing on arXiv? Is this a new requirement to just dump all papers to arXiv?
Mathias PayerJan 16
Who had "someone exploits HotCRP to download CCS submissions" on their 2026 bingo card?
Mathias PayerJan 9
Excited to welcome Harm Griffioen for a visit to the #HexHive group. Let's see what's hiding in network traffic!
https://harmgriffioen.github.io/
Mathias PayerJan 1
Great to see that ACM is the third of four professional societies in security to embrace open access (thanks Usenix and ISOC for always being open access). Compared to the other two, they now just need to move away from charging exorbitant fees to their authors 🤡🤡🤡
Mathias PayerDec 29
Missed our #39c3 talk on an Android Beanpod exploit chain to compromise RedMi 11S phones? Check out the blog post https://nebelwelt.net/blog/2025/1227-fiasco.html with a short summary, some further links, and a reference to the video.
Credit goes to Philipp and @0ddc0de
Mathias PayerDec 20

Oh, I received an email that I need to download something from the @EPFL SAP/Sesame system.
1. Let me start the VPN
2. Let me enter username/password
3. Oh, first time second factor
4. Open website
5. Does not work in Firefox at the moment because Microsoft Entra has an issue with stock Firefox on Linux
6. Open a Chrome window
7. Enter username
8. Enter password
9. Enter the second second factor
10. Say yes to "stay signed in" (which it never remembers and always asks, none of the three options do anything).
11. Get informed that the PDF is not yet available.

This concept of online service and central identity management is great...