Mastodawn

More interposer fun, this time with DDR5 memory. Breaking TDX, SGX, SEV and even Nvidia TEEs. Checkout our work at https://tee.fail

Daniel Genkin Sep 30, 2025

Want to know what happens when commercial TEEs meet improvised DRAM memory interposers? SGX mayhem including attestation key extraction. Please DO try that at home 😉. Check out our work at https://wiretap.fail

Daniel Genkin Jan 28, 2025

Have an Apple device from the last few years? We have a new side channel attack for you. Checkout our work at https://predictors.fail

Joint work with Jason Kim, Jalen Chuang and Yuval Yarom (@YuvalYarom). Could not have asked for a better team!

SLAP and FLOP

The SLAP and FLOP Address and Value Prediction Attacks

Daniel Genkin Mar 21, 2024

Ever wondered what happens when side-channel resistant code meets a fancy prefetcher? Checkout our paper breaking constant time crypto on Apple CPUs.

https://gofetch.fail

Joint work with Boru Chen, @yingchenwang96, @PradyumnaShome, Chris Fletcher, @dkohlbre, @ricpacca

GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers

A new microarchitectural side-channel attack exploiting data memory-dependent prefetchers in Apple silicons.

Daniel Genkin Feb 1, 2024

V4N4D1S Jan 31, 2024

Oh no.

Daniel Genkin Nov 16, 2023

Microarchitectural unboxing: check out our new demo for breaking two factor authentication using iLeakage. Yes you heard it, speculative execution attacks on Apple’s M3 Macs and latest Safari that defeat Facebook’s 2FA over SMS.

https://ileakage.com

iLeakage

Daniel Genkin Nov 8, 2023

Ben Sandofsky Nov 7, 2023

Because these billboards are just monitors rotated 90 degrees, they’re invisible to polarized sunglasses. It’s like a real-life ad blocker!

Daniel Genkin Oct 29, 2023

Too everyone trying to figure out why videos on https://ileakage.com/ were not showing, after Youtube, onedrive stopped working too. Now hosted on github. Lets hope this works. Thanks @dangoodin for trying to help.

iLeakage

Daniel Genkin Oct 28, 2023

Dan Goodin Oct 27, 2023

Google has removed a video posted by academic researchers demonstrating how a newly discovered side channel in Apple's A- and M-series CPUs can be used to steal a password.

I thought for sure the removal was a mistake, but a Google representative told me the video was removed for violating a term of service barring "demonstrating how to use computers or information technology to steal credentials, compromise personal data, or cause serious harm to others."

The video, demonstrating important research by @genkin, @YuvalYarom , @themadstephan and jason kim, is here:

https://onedrive.live.com/?authkey=%21AMTjzIS6XfV1jzg&id=8208800C17D803E6%211176&cid=8208800C17D803E6&parId=root&parQt=sharedby&o=OneUp

Just to underscore how arbitrary and patently asinine Google's ToS enforcement is here, two additional videos the researchers posted demonstrating the same side channel remain available.

I wonder how researchers from #projectzero feel about this. Is there any chance any of them can intervene?

OneDrive

Daniel Genkin Oct 26, 2023

For those wondering if Apple’s iOS/iPadOS 17.1 and macOS 14.1 released yesterday protect against https://ileakage.com/? We took a look for you, the answer is no. Devices are still vulnerable.