Nicholas Boucher is a PhD student in computer science studying under Professor Ross Anderson at the Cambridge Computer Laboratory. He is also one of the authors of Trojan Source Attacks, a paper (and CVE, and vulnerability class) which highlighted supply-chain vulnerabilities in open-source software (among other things) due to code that is different than it looks. This is one of the most creative hacks we saw in 2021 and we were thrilled to have Nicholas tell us about it. The presentation was great, as was the discussion, where we got into the difficulties of the disclosure process, the complexities of peer review (in tandem with ethical vulnerability disclosure), and future problems (π€πππ§Άare emojis kosher??). We hope you enjoy!
