Billy Lau - Google | LinkedIn (2025)

Activity

• The FDA approves Pfizer drugs that have inadequate safety and efficacy data, and then the regulators that make these decisions are paid handsomely by…

  

  The FDA approves Pfizer drugs that have inadequate safety and efficacy data, and then the regulators that make these decisions are paid handsomely by…

  Liked by Billy Lau

• Any real reform of NIH will make a lot of scientists cry-- the mediocre ones who thrive in the current system.Already many have taken a "sky is…

  

  Any real reform of NIH will make a lot of scientists cry-- the mediocre ones who thrive in the current system.Already many have taken a "sky is…

  Liked by Billy Lau

• Trump bans Gain of Function research, good!

  

  Trump bans Gain of Function research, good!

  Liked by Billy Lau

Join now to see all activity

• 

  ATCL

  Trinity College of London

• Mimesis Aegis: A Mimicry Privacy Shield–A System’s Approach to Data Privacy on Public Cloud

  The 23rd USENIX Security Symposium (Security) August 22, 2014

  Other authors

  • 
  • 
  • 
  • 

  See publication

• On the Feasibility of Large-Scale Infections of iOS Devices

  The 23rd USENIX Security Symposium (Security) August 22, 2014

  Other authors

  • 
  • 
  • 

  See publication

• Exploiting Unpatched iOS Vulnerabilities for Fun and Profit

  BlackHat USA 2014 August 7, 2014

  Other authors

  • 

  See publication

• Mactans: Injecting Malware Into iOS Devices via Malicious Chargers

  Black Hat USA 2013 Jul 2013

  Apple iOS devices are considered by many to be more secure than other mobile offerings. In evaluating this belief, we investigated the extent to which security threats were considered when performing everyday activities such as charging a device. The results were alarming: despite the plethora of defense mechanisms in iOS, we successfully injected arbitrary software into current-generation Apple devices running the latest operating system (OS) software. All users are affected, as our approach…

  Apple iOS devices are considered by many to be more secure than other mobile offerings. In evaluating this belief, we investigated the extent to which security threats were considered when performing everyday activities such as charging a device. The results were alarming: despite the plethora of defense mechanisms in iOS, we successfully injected arbitrary software into current-generation Apple devices running the latest operating system (OS) software. All users are affected, as our approach requires neither a jailbroken device nor user interaction.

  In this presentation, we demonstrate how an iOS device can be compromised within one minute of being plugged into a malicious charger. We first examine Apple’s existing security mechanisms to protect against arbitrary software installation, then describe how USB capabilities can be leveraged to bypass these defense mechanisms. To ensure persistence of the resulting infection, we show how an attacker can hide their software in the same way Apple hides its own built-in applications.

  To demonstrate practical application of these vulnerabilities, we built a proof of concept malicious charger, called Mactans, using a BeagleBoard. This hardware was selected to demonstrate the ease with which innocent-looking, malicious USB chargers can be constructed. While Mactans was built with limited amount of time and a small budget, we also briefly consider what more motivated, well-funded adversaries could accomplish. Finally, we recommend ways in which users can protect themselves and suggest security features Apple could implement to make the attacks we describe substantially more difficult to pull off.

  Other authors

  • 
  • 

  See publication

• Accessing Trusted Web Sites from Low- Integrity Systems Without End-Host Snooping.

  IEEE Oct 2011

  The weakest link in secure web site access is often the end-host. Any malicious software installed there, or a runtime browser compromise, can lead to theft of critical information which is stored locally. Today's state-of-the-art in host-based intrusion detection and prevention systems has not succeeded in eradicating this problem. In this paper, we introduce an orthogonal solution: a system that guarantees the confidentiality of sensitive documents produced during web transactions, even on a…

  The weakest link in secure web site access is often the end-host. Any malicious software installed there, or a runtime browser compromise, can lead to theft of critical information which is stored locally. Today's state-of-the-art in host-based intrusion detection and prevention systems has not succeeded in eradicating this problem. In this paper, we introduce an orthogonal solution: a system that guarantees the confidentiality of sensitive documents produced during web transactions, even on a compromised browser or operating system. Compared to other solutions that utilizes virtual machines, our approach does not require user to run multiple guests and switch between them. Rather, to get the guarantees, users can switch the mode of operation of its current system to custom-defined compartments when necessary. Documents created in specific compartment will only be accessible within that compartment and can only flow between the authorized sites stated in the corresponding compartment policy. The system only requires a trusted hyper visor within which the user's low-integrity OS runs as a guest. We describe the architecture of the system, a prototype implementation, and the modifications to the hyper visor to make transitions into and out of secure compartment(s) fast enough for interactive use.

  Other authors

  • 
  • 

  See publication

• Protecting Confidential Data on Personal Computers with Storage Capsules.

  USENIX Security Aug 2009

  Protecting confidential information is a major concern for organizations and individuals alike, who stand to suffer huge losses if private data falls into the wrong hands. One of the primary threats to confidentiality is malicious software on personal computers, which is estimated to already reside on 100 to 150 million machines. Current security controls, such as firewalls, anti-virus software, and intrusion detection systems, are inadequate at preventing malware infection. This paper…

  Protecting confidential information is a major concern for organizations and individuals alike, who stand to suffer huge losses if private data falls into the wrong hands. One of the primary threats to confidentiality is malicious software on personal computers, which is estimated to already reside on 100 to 150 million machines. Current security controls, such as firewalls, anti-virus software, and intrusion detection systems, are inadequate at preventing malware infection. This paper introduces Storages Capsules, a new approach for protecting confidential files on a personal computer. Storage Capsules are encrypted file containers that allow a compromised machine to securely view and edit sensitive files without malware being able to steal confidential data. The system achieves this goal by taking a checkpoint of the current system state and disabling device output before allowing access a Storage Capsule. Writes to the Storage Capsule are then sent to a trusted module. When the user is done editing files in the Storage Capsule, the system is restored to its original state and device output resumes normally. Finally, the trusted module declassifies the Storage Capsule by re-encrypting its contents, and exports it for storage in a low-integrity environment. This
  work presents the design, implementation, and evaluation of Storage Capsules, with a focus on exploring covert channels.

  Other authors

  • 
  • 
  • 

  See publication

• Systems and methods of safeguarding user information while interacting with online service providers

  Issued May 23, 2017 US US-9659189-B2

  The disclosed technology includes techniques for improving data privacy in mobile communications over public cloud services. According to certain implementations, a novel conceptual layer may be interposed between the “application” layer and the “user” layer. In some implementations, the conceptual layer may be at least partially embodied by a transparent window or pane overlaid on top of existing app graphical user interfaces to: (1) intercept plaintext user input before transforming the input…

  The disclosed technology includes techniques for improving data privacy in mobile communications over public cloud services. According to certain implementations, a novel conceptual layer may be interposed between the “application” layer and the “user” layer. In some implementations, the conceptual layer may be at least partially embodied by a transparent window or pane overlaid on top of existing app graphical user interfaces to: (1) intercept plaintext user input before transforming the input and feeding it to an underlying app; and (2) reverse transform output data from the app before displaying the plaintext data to the user. Accordingly, the conceptual layer may serve as a protective layer while preserving the original application workflow and look-and-feel.

  Other inventors

  • 
  • 
  • 

  See patent

• Uraniborg

  Dec 2018 - Present

  Uraniborg is envisioned to be a public observatory/repository that collects and hosts information about preinstalled apps. Users can use tools in this repository to get a "snapshot" on the state of installed devices. When used on a new device prior to or skipping accounts set-up, the state of preinstalled packages on the device can be obtained.

  See project

• English

  Native or bilingual proficiency

• Malay

  Native or bilingual proficiency

• Foochow

  Native or bilingual proficiency

• Mandarin

  Limited working proficiency

• Cantonese

  Limited working proficiency

• Looking for strong Software Engineers to join our team in Google DeepMind working on next-generation privacy and security infrastructure for ML…

  

  Looking for strong Software Engineers to join our team in Google DeepMind working on next-generation privacy and security infrastructure for ML…

  Liked by Billy Lau

• What new rules at Meta mean for censorshipSadly Linkedin is still terrible

  

  What new rules at Meta mean for censorshipSadly Linkedin is still terrible

  Liked by Billy Lau

• Malaysia has truly changed after its political atmosphere filtered to a cleaner air! Excellent rice cooked, l chose buttered chicken，it is called as…

  

  Malaysia has truly changed after its political atmosphere filtered to a cleaner air! Excellent rice cooked, l chose buttered chicken，it is called as…

  Liked by Billy Lau

• The WH0 should not be permitted to continuously fail upward, while insisting on expanding their powers (and profits). Thank you Vinay Prasad 🙏🏼

  

  The WH0 should not be permitted to continuously fail upward, while insisting on expanding their powers (and profits). Thank you Vinay Prasad 🙏🏼

  Liked by Billy Lau

• Another CA fails the turing test, issuing a MITM certificate. This highlights ongoing issues with underperforming CAs. I’ve shared my thoughts on the…

  

  Another CA fails the turing test, issuing a MITM certificate. This highlights ongoing issues with underperforming CAs. I’ve shared my thoughts on the…

  Liked by Billy Lau

• My father John Borders and grandfather were both automotive designers at Ford. A lot has changed, but I hope to carry on their legacy designing…

  

  My father John Borders and grandfather were both automotive designers at Ford. A lot has changed, but I hope to carry on their legacy designing…

  Liked by Billy Lau

• Earlier this week was my 10th Google anniversary. I’ve been having various emotions leading up to it, especially thinking about the humble beginnings…

  

  Earlier this week was my 10th Google anniversary. I’ve been having various emotions leading up to it, especially thinking about the humble beginnings…

  Liked by Billy Lau