This action will delete this post on this instance and on all federated instances, and it cannot be undone. Are you certain you want to delete this post?
This action will delete this post on this instance and on all federated instances, and it cannot be undone. Are you certain you want to delete this post?
This action will block this actor and hide all of their past and future posts. Are you certain you want to block this actor?
This action will block this object. Are you certain you want to block this object?
Are you sure you want to delete the OAuth client [Client Name]? This action cannot be undone and will revoke all access tokens for this client.
Are you sure you want to revoke the OAuth token [Token ID]? This action cannot be undone and will immediately revoke access for this token.
A surprising (for me) opinion I heard at #usesec23 Usenix Security 2023; You can claim CVEs in your fuzzer paper so long as you found them during your research in developing the concerned fuzzer. In particular, there is no expectation of reproducibility of such CVEs specifically using the fuzzer in the paper. I note that CVEs are still considered a sort of real world touchstone for fuzzers by many reviewers. I wonder what the consensus of the community is about this.
Fuzzing is the primary tool for identifying vulnerabilities in applications. With a plethora of fuzzers available today, each boasting its unique exploration strategy, how do you determine which one aligns with your application? Especially considering that fuzzing is computationally expensive, making the right choice is crucial.
In our paper presented at Usenix Security 2023 (#usenix2023 #usenix), featured in Thursday's Track 6, we delve into this challenge. We demonstrate how mutation analysis, traditionally regarded as the gold standard for test suite evaluation, can be effectively applied to assess fuzzers. Moreover, we provide insights on mitigating the computational demands of mutation analysis through the smart evaluation of mutants. https://rahul.gopinath.org/publications/2023/04/26/systematic/
We ( @ccanonne@mastodon.xyz and I) are organizing the High School Fellowship 2023 from School of Computer Science, University of Sydney. Saturday was our first welcome event, attended by 50 high school students of high caliber and their parents.
Looking forward to the rest of the semester #usyd
Halp! My 6 year old is learning geometric shapes, and wants to know how to construct a _Left Angle Triangle_.
I want to setup a server where I can review and discuss software engineering and cybersecurity papers and tools with like minded folks. I am looking at https://bookwyrm.social as a potential candidate. Is there something like this already available?
The third issue of the 48th volume of Software Engineering Notes (SEN) is out.
https://dl.acm.org/toc/sigsoft/2023/48/3
This issue keeps posting on our established columns, like Peter Neumann’s Risks to the Public, Alex Groce’s Passages, and Bob Schaefer’s Academic Freedom and International Students, along with additional contributions.
SEN is edited by Jacopo Soldani
I feel like I am missing something very basic in Mac Ventura. Why am I unable to sort my files alphabetically? I have tried every option there is as suggested by google and stackoverflow answers, and I certainly am not using groups. #macos #userhostile

The fediverse observer (https://fediverse.observer/map) is a map of all fediverse instances in the world.

I really wish #Zotero, and several other programs will just let me type in #markdown, and not automatically format the text. I do not want the particular changes in font and color with auto-formating that these programs provide, and I am really happy with plaintext and unadorned markdown. To make matters worse, when I copy these formatted text elsewhere, the original markdown is completely stripped.
How to create the nastiest test inputs ever: My ten-minute #NeverWorkInTheory talk on automated software testing is now available at https://www.youtube.com/watch?v=GCy8bYJ_G0I