...
Chris Calabrese <cbreezy@mit.edu>: Possibly working with the Android operating system and writing/analyzing some cool exploits to take advantage of the security model and any implementation flaws in a particular version of the software.
Joe Colosimo <colosimo@>: Hardware side-channel attacks. I'm interested in looking at some basic cryptography libraries for Atmel AVR microcontrollers and potentially exploiting them through side-channel attacks. Existing papers point to these kinds of vulnerabilities as being very real and very measurable. Between measuring timing (which is usually very precise with microcontrollers) and current (which can help mitigate preventions to timing attacks through spinlooping), data should be extractable from the controller. This has applications in embedded devices that have secret keys inside them.