Thanks for the question!

As long as caches have existed, very similar styles of side channels have been demonstrated since the late 90s. A lot of the terminology we use (flush+reload, flush+flush…) are attack techniques that have been already demonstrated on CPU caches, and these demonstrations are at least a decade old.

Flush+Reload: https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/yarom

Flush+Flush: https://gruss.cc/files/flushflush.pdf

Invalidate+Compare (GPU caches, 2024): https://www.usenix.org/conference/usenixsecurity24/presentation/zhang-zhenkai

My colleague, Hannes, found similar styles of attacks existed with the Linux DNS cache too: https://hannesweissteiner.com/pdfs/dmt.pdf (also published at NDSS 26!)

The one really big difference between the page-cache side channel and other side channels is the “monitor” primitive. There are methods that the OS provides which directly report the presence of a page in cache. These are syscalls like mincore (mitigated in 2019), preadv2 + rwf_nowait (unmitigated), and cachestat (mitigated in 2025).

With these syscalls, we don’t even have to rely on timing information (is page access fast -> cached; is it slow -> not cached). These syscalls really set the page-cache side channel apart because you can nondestructively figure out whether a page is in cache.

The page-cache side channel was first explored in 2019. It was explored on Linux but also on Windows by my advisor et al.: https://gruss.cc/files/pagecacheattacks.pdf

Hope this answers your question :D

Thanks for cross-posting and tagging me!

I haven’t seen anyone here mention Psyllium husk. I bought 450 capsules on Amazon (ew I know) and it’s been a game changer for me. Seriously. I take two a day and that’s been enough for me to be comfortable throughout the day, especially while traveling.

https://www.amazon.de/Organic-psyllium-capsules-serving-cultivation/dp/B0D3F62D9M

If the reports are somewhat technical (written with Latex for example), check out sioyek: https://sioyek.info/. It’s a PDF reader mainly for academic use.

Sioyek has made reading and reviewing papers SO much easier and it’s really, really convenient… once you get the hang of it. It takes a bit of time to get used to all the things, but it’s worth it. I also review students’ theses with it. Highlighting colors and adding comments is super easy (select text, h+g (green highlight), type comment).

If you have want to export your notes and comments, you will need this script though: https://github.com/ahrm/sioyek/blob/main/scripts/embedded_annotations.py

Also there in Passin’ Me By by The Pharcyde (1992)

When I try or make some sort of attempt, I simp
Damn, I wish I wasn’t such a wimp

https://www.oglaf.com/feeds/rss/

Yes, this would essentially be a detecting mechanism for local instances. However, a network trained on all available federated data could still yield favorable results. You may just end up not needing IP Addresses and emails. Just upvotes / downvotes across a set of existing comments would even help.

The important point is figuring out all possible data you can extract and feed it to a “ML” black box. The black box can deal with things by itself.

My bachelor’s thesis was about comment amplifying/deamplifying on reddit using Graph Neural Networks (PyTorch-Geometric).

Essentially: there used to be commenters who would constantly agree / disagree with a particular sentiment, and these would be used to amplify / deamplify opinions, respectively. Using a set of metrics [1], I fed it into a Graph Neural Network (GNN) and it produced reasonably well results back in the day. Since Pytorch-Geomteric has been out, there’s been numerous advancements to GNN research as a whole, and I suspect it would be significantly more developed now.

Since upvotes are known to the instance administrator (for brevity, not getting into the fediverse aspect of this), and since their email addresses are known too, I believe that these two pieces of information can be accounted for in order to detect patterns. This would lead to much better results.

In the beginning, such a solution needs to look for patterns first and these patterns need to be flagged as true (bots) or false (users) by the instance administrator - maybe 200 manual flaggings. Afterwards, the GNN could possibly decide to act based on confidence of previous pattern matching.

This may be an interesting bachelor’s / master’s thesis (or a side project in general) for anyone looking for one. Of course, there’s a lot of nuances I’ve missed. Plus, I haven’t kept up with GNNs in a very long time, so that should be accounted for too.

Edit: perhaps IP addresses could be used too? That’s one way reddit would detect vote manipulation.

[1] account age, comment time, comment time difference with parent comment, sentiment agreement/disgareement with parent commenters, number of child comments after an hour, post karma, comment karma, number of comments, number of subreddits participated in, number of posts, and more I can’t remember.

Ah, maybe the whole context wasn’t added here, but I tried to download an XPI file for a different program that uses Firefox under the hood (called Zotero). I wanted to download the file to install it manually for the other program.

Firefox naturally thought that the XPI file was meant for itself and tried to install it. The XPI file was never intended for Firefox.

Edited to add: probably a pretty obscure thing that I noticed, but it’s still bizarre.