As a first year PhD student I time-stamped several papers. Rowhammer.js for instance after seeing a mailing list post from another phd student doing something similar.
This helped me as a Newcomer to get recognition for my work. It also didn't go bad for the other group because They now saw my paper and ended up with a related but different story. Flush+flush, time-stamped after a reject + wanted to build a follow up work on it.
Both papers were rejected from top tier but then accepted (rowhammer with shepherding) to DIMVA.

Thread! Thanks @reyammer for

https://twitter.com/reyammer/status/1138842113003708417

and @matthew_d_green for this eye-opening tweet:

https://twitter.com/matthew_d_green/status/1139299433894596608

. @reyammer's thread is about [1/10] double blind vs. pre-acceptance pre-prints/disclosures and problems around this. Let's discuss a second much bigger problem, a fundamental problem introduced by our review system that I never really thought about until @matthew_d_green pointed it out. [2/10]

Speculative Side-Channel Attacks is misleading terminology and usually used incorrectly. We should all avoid using it and @intel, you should avoid using it too. Not only because it is misleading, but because it hinders successful communication on mitigations.
Let me elaborate: A side-channel attack uses measurements of side effects to gather enough *meta data* (power consumption, runtime, cache state, etc) to *infer* secret information.
#meltdown #spectre #zombieload and related attacks and variants do not leak meta data. They leak the actual data.

We found several things here:
1. Flush+Reload enables highly reliable exploitation of DF bugs (change value exactly @ the right cycle) [1/4]

External Tweet loading...
If nothing shows, it may have been deleted
by @cynicalsecurity view original on Twitter

2. with F+R: first automated DF vs. DF-bug distinguisher (prev. "several days" of manual work)
3. Relation DF-bug (a value changes [2/4]