Work

Research

CHERI

A protection model that extends existing computer architectures with capability hardware to support memory safety and fine-grained compartmentalization for low-level programming languages.

• project page
• site about Arm’s Morello program, which produced industrial-scale systems-on-chip with multi-core 2.4 GHz processors featuring CHERI technology
• paper on Cornucopia, a system that uses CHERI features to guarantee heap temporal safety for userspace C and C++ programs
• my PhD thesis on analyzing the security properties of memory-safety mitigations built with CHERI, adapting the JavaScriptCore interpreter and baseline JIT compiler to support CHERI, introducing new algorithms for heap temporal safety, and measuring performance on the Morello board

Thunderclap

Investigation into the security of direct memory access from peripheral devices, including the development of new kinds of exploits, a hardware platform to carry them out, and techniques for mitigating them.

• website
• paper
• coverage by The Register, ZDNet, and the University of Cambridge
• security advisory by Intel

Software

goftam

transliterating input method for macOS

grayscale

grayscale display filter manager for macOS

remindful

firm but gentle reminder app for macOS

Miscellaneous

• $0x1.00