|
|
|
|
|
|
by m000
1241 days ago
|
|
|
I would argue that the industry may stumble upon a security-related issue first. But stumbling, and being aware of something is not research. Anecdotally, I vividly remember industry people showing up in academic conferences, bragging how they knew everything about bit-flips already. They didn't. They just happened to know to be aware of the phenomenon, and smart enough to understand that it should have security implications of some kind. But that's not research. |
|
|
As for the bitflips example, are you talking about Rowhammer? That and the CPU side channel issues are the kind of area academia really tends to do great work on.
Where I find academia incredibly disappointing is in areas like covert channels - there's a fucking paper mill in Israel that keeps shitting out implausible "covert channel" research.
Also stuff like memory corruption techniques - academia seems to spend a lot of its time reinventing shit that has been done to death in industry or even has papers in Phrack.