HotSec aims to bring together researchers across computer security disciplines to discuss the state of the art, with emphasis on future directions and emerging areas.
HotSec is not your traditional security workshop! The day will consist of sessions of lightning talks on emerging work and positions in security, followed by discussion among attendees. Lightning talks are 5 MINUTES in duration—time limit strictly enforced with a gong! The format provides a way for lots of individuals to share ideas with others in a quick and more informal way, which will inspire breakout discussion for the remainder of the day.
Some of the most successful HotSec lightning talks take and defend a strong position. This instigates real discussion, and we encourage you to do so!
Need some ideas? Here are talks from last year that were successful or ideas we'd like to hear about:
Web privacy: academics love it but businesses don't.
Security: conference paper review is insecure.
Speculative execution/side channel attacks: the next wave.
Securing votes: voting machines aren't the problem, social media is.
Why social networks dropped the ball on content moderation.
Making the most out of potentially untrustworthy hardware.
Securing IoT: are our homes too smart for their own good?
Are cryptographic backdoors really that bad?
AI is a fad, not a solution in cybersecurity.
Adversarial ML: circumventing your AI protection schemes.
Native apps vs web apps: which is more secure?
Security education: too many jobs, not enough experts, and not taught early enough.
What problems does blockchain actually solve?
Are multiple codebases inherently more secure than one codebase?
Why the price of a bug bounty indicates the security of the product (or not).
Why security for binary programs matters in a web-based world.
True or false: the number of disclosed security bugs in a product indicates the security of the product
Security keys are great but no one uses them