Alex Rebert Profile
Alex Rebert

@ayper

Followers
528
Following
430
Media
5
Statuses
117

Security @ Google. Previously co-founder of @ForAllSecure. Opinions here are my own. @[email protected]

Pittsburgh
Joined August 2008
Don't wanna be here? Send us removal request.
@ayper
Alex Rebert
4 months
We're joining forces with industry & academia to call for memory safety standardization: It's a recognition that memory unsafety is no longer a niche technical problem but a societal one, impacting everything from national security to personal privacy.
2
16
62
@ayper
Alex Rebert
6 months
RT @GoogleVRP: 🛡️Want to help make the open source world safer and earn up to $45k 💰? . We've revamped our Patch Rewards Program, extending….
0
28
0
@ayper
Alex Rebert
7 months
RT @GoogleVRP: Celebrating 15 years of password hacking 💻 🔑, Swiss Army knives (and sometimes even chainsaws or swords) included! 😲 . Disco….
0
31
0
@ayper
Alex Rebert
8 months
RT @kinu: Bounds-checking in C++: so people ask if the .3% overhead is real. It's not just a benchmark result, we got this through our Goog….
0
14
0
@ayper
Alex Rebert
8 months
The best part? It's incredibly cost-effective, with an average performance overhead of just 0.30%. So there's really no reason not to do it if you're running C++ code :).
1
2
26
@ayper
Alex Rebert
8 months
This improves spatial memory safety across Google's services, including performance-critical components of Search, Gmail, Drive, YouTube, and Maps. We've already seen it disrupt a red team exercise, reduce segfaults by 30%, and improve code correctness.
2
5
41
@ayper
Alex Rebert
8 months
Excited to share our latest post on memory safety! We're tackling spatial safety in our massive C++ codebase by hardening libc++ *by default*. It adds bounds checks to things like std::vector, preventing a fair bit of out-of-bounds vulnerabilities:
2
51
250
@ayper
Alex Rebert
9 months
RT @we1x: The dedication and hard work has payed off: "for hundreds of complex web applications that are built on Google’s hardened and saf….
0
6
0
@ayper
Alex Rebert
9 months
RT @durumcrustulum: Percentage of codebase that's memory-safe 📈, memory-safety vulns 📉, .EVEN IF YOU KEEP ADDING LINES OF C 🤯.
0
3
0
@ayper
Alex Rebert
9 months
Excited to share Google's memory safety strategy! We're working to build safer software by migrating to memory-safe languages like Rust as well as hardening our existing C++: We'll be sharing more details in upcoming posts.
3
72
238
@ayper
Alex Rebert
9 months
Google CVR is doing incredible vulnerability research.
@amlweems
Anthony Weems
9 months
Learn how Google CVR could have potentially exfiltrated Gemini 1.0 Pro before launch last year. We describe the vulnz, the fix, and tips for bughunters. Also, shout-out to @epereiralopez for teaming up to adapt this work to another cloud provider.
0
0
5
@ayper
Alex Rebert
10 months
RT @tylerni7: Released a blog about our @theori_io AIxCC experience! @tjbecker_ and I were hoping to have more inf….
0
20
0
@ayper
Alex Rebert
10 months
The drop in Android's memory safety vulnerabilities is astonishing. It's counterintuitive, but prioritizing memory-safe languages in new code quickly reduces memory-safety risks. Once we turn off the tap of new vulnerabilities, they start decreasing exponentially.
@jeffvanderstoep
Jeff Vander Stoep
10 months
I’m super excited about this blogpost. The approach is so counterintuitive, and yet the results are so much better than anything else that we’ve tried for memory safety. We finally understand why.
2
3
36
@ayper
Alex Rebert
10 months
RT @amlweems: Excited to share this blog post about server-side memory corruption that my team exploited in production. Shout-out to @scan….
0
40
0
@ayper
Alex Rebert
1 year
RT @royalhansen: "just as our efforts to eliminate XSS attacks through tooling showed, removing large classes of exploits both directly ben….
0
3
0
@ayper
Alex Rebert
1 year
RT @royalhansen: Today I spoke on the importance of Secure by Design on behalf of @Google alongside @CISAgov @FDD @VenableLLP & more. We al….
0
19
0
@ayper
Alex Rebert
1 year
RT @GoogleVRP: Ever struggle with C++ buffer issues? Spatial Safety is one of the main root causes for in-the-wild exploits! Read more abou….
0
34
0
@ayper
Alex Rebert
2 years
RT @caseyjohnellis: this is a big one… if you have opinions on this, make sure that they are heard 👀. Fact Sheet: Office of the National Cy….
0
16
0
@ayper
Alex Rebert
2 years
RT @perribus: I’m excited to announce the AI Cyber Challenge, a major, two-year @DARPA competition challenging the best and the brightest i….
0
82
0
@ayper
Alex Rebert
2 years
RT @argvee: Announced at the #BlackHat keynote: @Google, @OpenAI, @Anthropic, and @Microsoft will collaborate with @DARPA for its AI Cyber….
0
10
0