Tech Talk: Rust, its FFI, and PAM

abstract: Jesse has been using Rust to write a PAM module. He will tell us about what he has learned about working with Rust, and about getting Rust’s lifetime-checking to mesh with external C functions. bio: Jesse Hallett is a research engineer at Galois. He has extensive experience in web and high-level programming; but has […]

Read More

The “FREAK” TLS/SSL flaw, and related thoughts

“Formal verification methods…should be considered the prime choice for verification of complex and mission-critical software ecosystems.” New vulnerabilities in the software infrastructure we all depend on for privacy are discovered frequently. Thus it was not surprising when an INRIA, MSR, and IMDEA team announced discovery of a significant TLS/SSL vulnerability. The surprise in this announcement was […]

Read More

On the promises of technology for elections: Joe Kiniry speaks at the Voting and Elections Summit

Earlier this month, the Ninth Annual Voting and Elections Summit examined the most critical and persistent issues surrounding U.S. elections and voter participation. Joe Kiniry, Galois’ election systems expert, gave a talk on the promises of technology to increase the transparency and trustworthiness of elections. Dr. Kiniry discussed the trade-offs that election officials face when […]

Read More

Computing on private and secure data: An article for the IEEE

Dr. David Archer, our cryptography research lead, and Prof. Kurt Rolloff of the New Jersey Institute of Technology recently wrote an article for the IEEE Security and Privacy magazine on the topic of computing on sensitive, encrypted data without decrypting it. The new, groundbreaking process of computing on encrypted data has major implications for businesses that would […]

Read More

60 Minutes features DARPA, highlights Galois R&D work

Galois helped demonstrate security vulnerabilities in modern automobiles and small UAVs as part of a “60 Minutes” profile of DARPA. We also demonstrated our secure UAV autopilot technology as an alternative to the currently available software systems that are prone to remote takeovers and other security vulnerabilities. Watch the quadcopter demo here: http://www.cbsnews.com/videos/creating-drones-that-cant-be-hacked/ The world’s […]

Read More

Galois releases FreeRTOS port for Xen on ARM systems

We’re pleased to announce the open source release of FreeRTOS for Xen on ARM systems. This release is part of our research efforts in mobile security, cyber-physical systems, and security. The FreeRTOS port is one of our most recent projects in the Xen community, which include the Haskell Lightweight Virtual Machine (HalVM) and our MAC-enhanced […]

Read More

Tech Talk: Overcoming Problems when Applying Machine Learning to Cybersecurity

abstract: The statistical and algorithmic methods of artificial intelligence have led to impressive breakthroughs that have significantly empowered the domains of finance, marketing, imaging, biology and many others. At the same time, cybersecurity has continued to be a field with more and more advantage going to attackers yet minimal lasting contributions are made from the […]

Read More