Talks
2026
No Time To Leak: Exposing Timer-Free Cache-State Leaks on ARM CPUs
uASC
Leuven, Belgium, February 3, 2026
Cascading Spy Sheets: The Privacy & Security Implications of CSS in Emails
FOSDEM
Brussels, Belgium, January 31, 2026
How Secure Are Commercial RISC-V CPUs?
FOSDEM
Brussels, Belgium, January 31, 2026
2025
No Clock, No Problem: Discovering Timer-Free Cache-State Side Channels
MIC-SEC
Paris, France, December 4, 2025
When Timers Fail: Discovering Hidden Cache State Leaks on ARM CPUs
hardwear.io NL
Amsterdam, Netherlands, November 20, 2025
CPU Security Myths: Busted, Roasted, and Repeated Anyway
Qualcomm Innovation Fellowship
Virtual, June 3, 2025
Invisible Ink: Privacy Risks of CSS in Browsers and Emails
Black Hat Asia
Singapore, April 3, 2025
Beauty at a Cost: Privacy Implications of CSS on the Web and in Emails
RuhrSec
Bochum, Germany, February 21, 2025
2024
From Rowhammer to GhostWrite: Advanced Exploitation and Discovery of Hardware Bugs
hardwear.io NL
Amsterdam, Netherlands, October 25, 2024
Arbitrary Data Manipulation and Leakage with CPU Zero-Day Bugs on RISC-V
Black Hat USA
Las Vegas, USA, August 7, 2024
Leaky Processors: When the Laws of Nature Reveal Secrets
Forschung in Natur- und Ingenieurwissenschaften
Saarland University, July 15, 2024
2023
(In)visible Bugs - From Transient Execution to Architectural CPU Vulnerabilities
AsianHOST
Tianjin, China, December 15, 2023
A Security RISC? The State of Microarchitectural Attacks on RISC-V
Black Hat Europe
London, United Kingdom, December 7, 2023
Rowhammer Revisited: From Exploration to Exploitation and Mitigation
m0leCon
Torino, Italy, December 2, 2023
Beyond the Noise: Automated Discovery of Microarchitectural Security Leaks
CISPA Summer School
Saarbruecken, Germany, August 23, 2023
CPU Fuzzing: Automatic Discovery of Microarchitectural Attacks
RuhrSec
Bochum, Germany, May 11-12, 2023
Sichere die digitale Zukunft! - Smart Home und Passwortsicherheit
Otto-Hahn-Gymnasium
Saarbruecken, Germany, March 1, 2023
Transient Execution Attacks
Moritz Lipp, Michael Schwarz,
Daniel Gruss
IT-Defense
Mainz, Germany, February 9, 2023
2022
Bug-Free Software but Insecure Systems?
Airbus & CISPA Day
Saarbrücken, Germany, November 30, 2022
(M)Wait For It: Bridging the Gap Between Microarchitectural and Architectural Side Channels
Black Hat MEA
Riyadh, Saudi Arabia, November 17, 2022
CPU Fuzzing: Automatic Discovery of Microarchitectural Attacks
Daniel Weber,
Moritz Lipp
Black Hat MEA
Riyadh, Saudi Arabia, November 16, 2022
Browser-based CPU Fingerprinting
Black Hat MEA
Riyadh, Saudi Arabia, November 15, 2022
From Random Timings to Data Leakage
Mathematics Preparatory Course UdS
Saarbrücken, Germany, October 13, 2022
Sicherheit von Prozessoren
Tag der offenen Tür | Universität des Saarlandes
Saarbruecken, Germany, May 21, 2022
CPU Fuzzing for Discovering Hardware-caused Information Leakage
hardwear.io
Virtual, January 11, 2022
2021
Learning Security through Gamified Challenges
Best-Practice E-Learning an der UdS
Virtual, November 17, 2021
Unsichere Systeme trotz fehlerfreier Software? Wie Hardware die Sicherheit von Software untergräbt
Regionaltagung des Senior Experten Service
IHK Saarland, October 21, 2021
Seitenkanal-Angriffe: Wie Seiteneffekte Geheimnisse Verraten
CISPA Roadshow
Virtual Event, September 18, 2021
Pubquiz rund um Informatik und Cybersicherheit
Digitaltag
Virtual Event, June 18, 2021
Enter Sandbox
Claudio Canella,
Mario Werner, Michael Schwarz
Black Hat Asia
Virtual Event, May 6-7, 2021
BibTeX Citation
@misc{thomas2026notime,
title={No Time To Leak: Exposing Timer-Free Cache-State Leaks on ARM CPUs},
howpublished={uASC},
author={Fabian Thomas},
year={2026}
}BibTeX Citation
@misc{trampert2025spysheets,
title={Cascading Spy Sheets: The Privacy & Security Implications of CSS in Emails},
howpublished={FOSDEM},
author={Leon Trampert and Daniel Weber and Michael Schwarz},
year={2026}
}BibTeX Citation
@misc{thomas2026secure,
title={How Secure Are Commercial RISC-V CPUs?},
howpublished={FOSDEM},
author={Lukas Gerlach and Fabian Thomas},
year={2026}
}BibTeX Citation
@misc{thomas2025noclock,
title={No Clock, No Problem: Discovering Timer-Free Cache-State Side Channels},
howpublished={MIC-SEC},
author={Fabian Thomas},
year={2025}
}BibTeX Citation
@misc{thomas2025timers,
title={When Timers Fail: Discovering Hidden Cache State Leaks on ARM CPUs},
howpublished={hardwear.io NL},
author={Fabian Thomas},
year={2025}
}BibTeX Citation
@misc{schwarz2025cpu,
title={CPU Security Myths: Busted, Roasted, and Repeated Anyway},
howpublished={Qualcomm Innovation Fellowship},
author={Michael Schwarz},
year={2025}
}BibTeX Citation
@misc{trampert2025invisible,
title={Invisible Ink: Privacy Risks of CSS in Browsers and Emails},
howpublished={Black Hat Asia},
author={Leon Trampert and Daniel Weber},
year={2025}
}BibTeX Citation
@misc{trampert2025beauty,
title={Beauty at a Cost: Privacy Implications of CSS on the Web and in Emails},
howpublished={RuhrSec},
author={Leon Trampert and Daniel Weber},
year={2025}
}BibTeX Citation
@misc{schwarz2024wie,
title={Wie man unsichere Webseiten erkennt und sich schützt},
howpublished={Saar-Security},
author={Michael Schwarz},
year={2024}
}BibTeX Citation
@misc{thomas2024advanced,
title={From Rowhammer to GhostWrite: Advanced Exploitation and Discovery of Hardware Bugs},
howpublished={hardwear.io NL},
author={Fabian Thomas},
year={2024}
}BibTeX Citation
@misc{thomas2024arbitrary,
title={Arbitrary Data Manipulation and Leakage with CPU Zero-Day Bugs on RISC-V},
howpublished={Black Hat USA},
author={Fabian Thomas and Lorenz Hetterich},
year={2024}
}BibTeX Citation
@misc{schwarz2024leaky,
title={Leaky Processors: When the Laws of Nature Reveal Secrets},
howpublished={Forschung in Natur- und Ingenieurwissenschaften},
author={Michael Schwarz},
year={2024}
}BibTeX Citation
@misc{schwarz2023visible,
title={(In)visible Bugs - From Transient Execution to Architectural CPU Vulnerabilities},
howpublished={AsianHOST},
author={Michael Schwarz},
year={2023}
}BibTeX Citation
@misc{schwarz2023great,
title={With Great Power Comes Great Potential},
howpublished={Tsinghua University},
author={Michael Schwarz},
year={2023}
}BibTeX Citation
@misc{gerlach2023security,
title={A Security RISC? The State of Microarchitectural Attacks on RISC-V},
howpublished={Black Hat Europe},
author={Lukas Gerlach and Daniel Weber and Michael Schwarz},
year={2023}
}BibTeX Citation
@misc{gerlach2023rowhammer,
title={Rowhammer Revisited: From Exploration to Exploitation and Mitigation},
howpublished={m0leCon},
author={Lukas Gerlach and Daniel Weber},
year={2023}
}BibTeX Citation
@misc{schwarz2023keine,
title={Keine Frage des ob, sondern des wann...},
howpublished={Cyber Security Tag},
author={Michael Schwarz},
year={2023}
}BibTeX Citation
@misc{schwarz2023unsichere,
title={Unsichere Webseiten Erkennen},
howpublished={CISPA <3 IGB},
author={Michael Schwarz},
year={2023}
}BibTeX Citation
@misc{schwarz2023beyond,
title={Beyond the Noise: Automated Discovery of Microarchitectural Security Leaks},
howpublished={CISPA Summer School},
author={Michael Schwarz},
year={2023}
}BibTeX Citation
@misc{weber2023cpu,
title={CPU Fuzzing: Automatic Discovery of Microarchitectural Attacks},
howpublished={RuhrSec},
author={Daniel Weber and Michael Schwarz},
year={2023}
}BibTeX Citation
@misc{schwarz2023sichere,
title={Sichere die digitale Zukunft! - Smart Home und Passwortsicherheit},
howpublished={Otto-Hahn-Gymnasium},
author={Michael Schwarz},
year={2023}
}BibTeX Citation
@misc{lipp2023transient,
title={Transient Execution Attacks},
howpublished={IT-Defense},
author={Moritz Lipp and Michael Schwarz and Daniel Gruss},
year={2023}
}BibTeX Citation
@misc{schwarz2022bug,
title={Bug-Free Software but Insecure Systems?},
howpublished={Airbus \& CISPA Day},
author={Michael Schwarz},
year={2022}
}BibTeX Citation
@misc{zhang2022m,
title={(M)Wait For It: Bridging the Gap Between Microarchitectural and Architectural Side Channels},
howpublished={Black Hat MEA},
author={Ruiyi Zhang and Daniel Weber},
year={2022}
}BibTeX Citation
@misc{schwarz2022automated,
title={Automated CPU-vulnerability Discovery},
howpublished={EC Visit CISPA},
author={Michael Schwarz},
year={2022}
}BibTeX Citation
@misc{weber2022cpu,
title={CPU Fuzzing: Automatic Discovery of Microarchitectural Attacks},
howpublished={Black Hat MEA},
author={Daniel Weber and Moritz Lipp},
year={2022}
}BibTeX Citation
@misc{trampert2022browser,
title={Browser-based CPU Fingerprinting},
howpublished={Black Hat MEA},
author={Leon Trampert},
year={2022}
}BibTeX Citation
@misc{schwarz2022random,
title={From Random Timings to Data Leakage},
howpublished={Mathematics Preparatory Course UdS},
author={Michael Schwarz},
year={2022}
}BibTeX Citation
@misc{schwarz2022sicherheit,
title={Sicherheit von Prozessoren},
howpublished={Tag der offenen Tür | Universität des Saarlandes},
author={Michael Schwarz},
year={2022}
}BibTeX Citation
@misc{schwarz2022cpu,
title={CPU Fuzzing for Discovering Hardware-caused Information Leakage},
howpublished={hardwear.io},
author={Michael Schwarz},
year={2022}
}BibTeX Citation
@misc{schwarz2021learning,
title={Learning Security through Gamified Challenges},
howpublished={Best-Practice E-Learning an der UdS},
author={Michael Schwarz},
year={2021}
}BibTeX Citation
@misc{schwarz2021unsichere,
title={Unsichere Systeme trotz fehlerfreier Software? Wie Hardware die Sicherheit von Software untergräbt},
howpublished={Regionaltagung des Senior Experten Service},
author={Michael Schwarz},
year={2021}
}BibTeX Citation
@misc{schwarz2021seitenkanal,
title={Seitenkanal-Angriffe: Wie Seiteneffekte Geheimnisse Verraten},
howpublished={CISPA Roadshow},
author={Michael Schwarz},
year={2021}
}BibTeX Citation
@misc{schwarz2021pubquiz,
title={Pubquiz rund um Informatik und Cybersicherheit},
howpublished={Digitaltag},
author={Michael Schwarz},
year={2021}
}BibTeX Citation
@misc{canella2021enter,
title={Enter Sandbox},
howpublished={Black Hat Asia},
author={Claudio Canella and Mario Werner and Michael Schwarz},
year={2021}
}