IEEE Symposium on Security and Privacy (Oakland) '26

What a great time at the IEEE Symposium on Security and Privacy (informally called Oakland) in San Francisco. With about 700 attendees, Oakland now seems the smallest of the top four security conferences. It was great to meet many friends and make new ones during the three days of the main conference. The smaller size compared to the other conferences made it possible to find each other and to have longer conversations.

This year, Philipp presented his work on TÄMU, where we emulate trusted Android apps (TAs) at the Global Platform API layer, providing the first rehosting environment for these sensitive applications along with an extensive fuzzing platform that found 17 0-days in frequently used TAs. Despite being in the second to last session of the conference, the audience was very engaging and interacted with us at the poster. The feedback was generally positive and we hope that our platform will be used for future research.

Oakland ran in four tracks giving authors 10 minutes to present their work followed by a poster-based Q&A where the audience could interact with the 6-8 authors in that session. This was the second year I saw this format and must admit that I begin to like it. While it is a bit awkward to not ask questions directly after the talk, having the opportunity to more deeply and meaningfully interact with the authors afterwards is a great compromise. The only downside I see is that 8 presentations are too many for a session. In an ideal world, I would prefer 90min sessions with 5 authors that get 15min each for their presentation followed by a 15min Q&A session. But these are minor details to optimize for in later iterations of the conference.

Apart from many research discussions and catching up with friends, I also enjoyed taking part in the chairs meeting where we discussed how to improve future conferences and especially how to handle the growth in our community. Especially our review process is bursting at its seems given the large influx of people, the lack of onsite PC meetings to share and develop community standards, the increasing time pressure across all aspects of the review process. We're aware of the challenges and working on them. It's not going to be an easy fix but I trust that we'll find a solution.

Overall it was an amazing but short time and the conference was IMO a success. Looking forward to the next iteration of "Oakland" in Canada next year!

Random ramblings of a security nerd

Other articles

TÄMU: Emulating Trusted Applications

Oakland'17, the IEEE Symposium on Security and Privacy

Oakland from a system security perspective

Other articles

links

social