Academic and Industry Talks

Day 1

• everything is open source if you can reverse engineer, Low Level

  • video demonstrating reverse engineering (14 minutes)

• USENIX Enigma 2016 - Computer Security and the Internet of Things, Tadayoshi Kohno, University of Washington

  • Overview of the security and privacy risks of integrating technology into medical devices, cars, and other things (20 minutes)

• Don’t Listen To Me: Understanding and Exploring Jailbreak Prompts of Large Language Models, USENIX Security 2024, Zhiyuan Yu, Washington University in St. Louis

  • Shows how to jailbreak an LLM, with participants in a study succeeding even without much expertise (10 minutes)

Day 2

• Return Oriented Programming

  • introduction to return oriented programming (11.5 minutes)

• Building a Voting Machine Everyone Can Trust, Ben Adida, VotingWorks, USENIX Security Enigma 2025 (22 minutes)

• AI Red Teaming and Automation: Exploring Societal Risks in GenAI, Bolor-Erdene Jagdagdorj, Microsoft AI Red Team, USENIX Security Enigma 2025 (20 minutes)

Day 3

• A Conundrum of Permissions: Installing Applications on an Android Smartphone, Patrick Gage Kelley, NDSS, 2025, (29 minutes, 2:40 to 31:45)

• “It’s the Equivalent of Feeling Like You’re in Jail”: Lessons from Firsthand and Secondhand Accounts of IoT-Enabled Intimate Partner Abuse, Sophie Stephenson, University of Wisconsin—Madison

  • Discusses security and privacy difficulties faced by victim-survivors of intimate partner violence (12 minutes)

• Computer Security and Privacy for Refugees in the United States, IEEE Symposium on Security and Privacy, 2018, Lucy Simko

  • Examines security and privacy needs of refugees to the US (12 minutes)

• “Violation of my body:” Perceptions of AI-generated non-consensual (intimate) imagery, Natalie Grace Brigham, University of Washington

  • Examines views regarding non-consensual AI image generation (10 minutes)

Other Talks

Vulnerabilities

• The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 Decoders, USENIX Security 2023, Willy R. Vasquez, The University of Texas at Austin

  • Shows how a video decoder can be exploited to attack Firefox and VLC for Windows, multiple Android devices (11 minutes)

• Trojan Source: Invisible Vulnerabilities, USENIX Security 2023, Nicholas Boucher, University of Cambridge

  • Demonstrates a new type of attack that manipulates source code to hide a vulnerability (13 minutes)

Protective Technology

• Glaze: Protecting Artists from Style Mimicry by Text-to-Image Models, USENIX Security 2023, Shawn Shan, University of Chicago

  • Describes a tool that can be used to “cloak” art before an artist shares it, avoiding style mimicry by AI (12 minutes)

• ClepsydraCache — Preventing Cache Attacks with Time-Based Evictions, USENIX Security 2023, Jan Philipp Thoma, Ruhr University Bochum

  • Describe cache side-channel attacks and a technique to prevent them

Usable Security and Privacy

• Bug Hunters’ Perspectives on the Challenges and Benefits of the Bug Bounty Ecosystem, Omer Akgul, University of Maryland

  • Examines the motivation of bug hunters and the challenges they face (12 minutes)

• Usable Security — The Source Awakens, Matthew Smith, USENIX Enigma 2016 (21 minutes)

AI

• Please (Don’t) Stop the Music: Adversarial Red-Teaming of AI Music Generation Models, Jannis Kirschner, USENIX Security Enigma 2025