Galois just announced a tool to help Android developers migrate apps to Android 6, while making the best use of the new Runtime Permissions feature. The Galois tool, Fuse Analyzer: Permissions, analyzes binary Andorid APKs to find the locations where you, as a developer, need to handle permissions more carefully in Android 6. The new Runtime Permissions feature brings […]

We recently had the privilege of speaking before the San Francisco Elections Commission on open source elections technology and what counties stand to gain from open software. Below, you’ll find our answers to the questions posed by the Commission. How long do you think it will be before an open source voting system is certified […]

We’re excited to be organizing this year’s ICFP Programming Contest, the annual programming contest of the International Conference on Functional Programming (ICFP).  This year, the contest starts on Friday 7 August 2015 at 12:00 UTC and ends on Monday 10 August 2015 at 12:00 UTC. There will be a lightning division, ending on Saturday 8 […]

To commemorate the public release of the Software Analysis Workbench (SAW), it seemed fitting to blog about some recent work specifying algorithms in Cryptol and proving properties, leveraging SAW along the way. Cryptol, Galois’s domain specific language for describing cryptographic algorithms, has frequently been demonstrated over individual algorithms and toy problems. Our blog is covered […]

We are pleased to announce a public preview of the Software Analysis Workbench. The Software Analysis Workbench (SAW) provides the ability to formally verify properties of code written in C, Java, and Cryptol. It leverages automated SAT and SMT solvers to make this process as automated as possible, and provides a scripting language, called SAW […]

“Formal verification methods…should be considered the prime choice for verification of complex and mission-critical software ecosystems.” New vulnerabilities in the software infrastructure we all depend on for privacy are discovered frequently. Thus it was not surprising when an INRIA, MSR, and IMDEA team announced discovery of a significant TLS/SSL vulnerability. The surprise in this announcement was […]

Earlier this month, the Ninth Annual Voting and Elections Summit examined the most critical and persistent issues surrounding U.S. elections and voter participation. Joe Kiniry, Galois’ election systems expert, gave a talk on the promises of technology to increase the transparency and trustworthiness of elections. Dr. Kiniry discussed the trade-offs that election officials face when […]

Dr. David Archer, our cryptography research lead, and Prof. Kurt Rolloff of the New Jersey Institute of Technology recently wrote an article for the IEEE Security and Privacy magazine on the topic of computing on sensitive, encrypted data without decrypting it. The new, groundbreaking process of computing on encrypted data has major implications for businesses that would […]

Galois helped demonstrate security vulnerabilities in modern automobiles and small UAVs as part of a “60 Minutes” profile of DARPA. We also demonstrated our secure UAV autopilot technology as an alternative to the currently available software systems that are prone to remote takeovers and other security vulnerabilities. Watch the quadcopter demo below: The world’s most […]

We’re pleased to announce the open source release of FreeRTOS for Xen on ARM systems. This release is part of our research efforts in mobile security, cyber-physical systems, and security. The FreeRTOS port is one of our most recent projects in the Xen community, which include the Haskell Lightweight Virtual Machine (HalVM) and our MAC-enhanced […]