Large Charge Four-Dimensional Non-Extremal N=2 Black Holes with R^2-Terms

We consider N=2 supergravity in four dimensions with small R^2 curvature corrections. We construct large charge non-extremal black hole solutions in all space, with either a supersymmetric or a non-supersymmetric extremal limit, and analyze their thermodynamic properties. This generalizes some of the extremal solutions presented in [arXiv:0902.0831]. The indexed entropy of the non-extremal extension of the supersymmetric black hole, has the form of the extremal entropy, with the charges replaced by a function of the charges, the moduli at infinity and the non-extremality parameter. This is the same behavior as in the case without R^2-terms.Comment: 13 pages. v2: stripped down to letter format, based on the background given in [arXiv:0902.0831]. v3: up to date with CQG versio

PerfWeb: How to Violate Web Privacy with Hardware Performance Events

The browser history reveals highly sensitive information about users, such as financial status, health conditions, or political views. Private browsing modes and anonymity networks are consequently important tools to preserve the privacy not only of regular users but in particular of whistleblowers and dissidents. Yet, in this work we show how a malicious application can infer opened websites from Google Chrome in Incognito mode and from Tor Browser by exploiting hardware performance events (HPEs). In particular, we analyze the browsers' microarchitectural footprint with the help of advanced Machine Learning techniques: k-th Nearest Neighbors, Decision Trees, Support Vector Machines, and in contrast to previous literature also Convolutional Neural Networks. We profile 40 different websites, 30 of the top Alexa sites and 10 whistleblowing portals, on two machines featuring an Intel and an ARM processor. By monitoring retired instructions, cache accesses, and bus cycles for at most 5 seconds, we manage to classify the selected websites with a success rate of up to 86.3%. The results show that hardware performance events can clearly undermine the privacy of web users. We therefore propose mitigation strategies that impede our attacks and still allow legitimate use of HPEs

Industrial experiences with resource management under software randomization in ARINC653 avionics environments

Injecting randomization in different layers of the computing platform has been shown beneficial for security, resilience to software bugs and timing analysis. In this paper, with focus on the latter, we show our experience regarding memory and timing resource management when software randomization techniques are applied to one of the most stringent industrial environments, ARINC653-based avionics. We describe the challenges in this task, we propose a set of solutions and present the results obtained for two commercial avionics applications, executed on COTS hardware and RTOS.The work leading to these results has been funded by the European Community’s Seventh Framework Programme (FP7/2007-2013) un- der the PROXIMA Project (grant agreement 611085). Moreover, it has been partially supported by the Spanish Ministry of Science and Innovation under grant TIN2015-65316-P and the HiPEAC Network of Excellence.Peer ReviewedPostprint (published version