Light Blue Touchpaper
 
Showing 1-10 of 39 records
 
Expand article

Security psychology

2008-06-30 15:32:24 by Ross Anderson in Light Blue Touchpaper
 
...security and human behaviour ; at MIT, which brings together security engineers, psychologists and others interested in topics raanging from deception through usability to fearmongering. Heres the agenda and here are the workshop papers The first session, on deception, was fascinating. It emphasised the huge range of problems, from detecting...
 
 
 
 
 
Expand article

An improved clock-skew measurement technique for revealing hidden services

The Article has images
2008-06-26 05:12:21 by Steven J. Murdoch in Light Blue Touchpaper
...Security Symposium , San Jose, CA, US, 28 July 1 August 2008
 
 
 
 
 
Expand article

Operational security failure

2008-06-17 11:29:01 by Ross Anderson in Light Blue Touchpaper
 
...information about 51 patients. In only one case were they asked to verify their identity; the attack succeeded against the other 50 patients This is an old problem. In 1996, when I was advising the BMA on clinical system safety and privacy, we trained the staff at one health authority to detect false-pretext phone calls, and they found 30 a...
 
 
 
 
 
Expand article

Slow removal of child sexual abuse image websites

2008-06-11 14:02:32 by Richard Clayton in Light Blue Touchpaper
 
On Friday last week The Guardian ran a story on an upcoming research paper by Tyler Moore and myself which will be presented at the WEIS conference later this month. We had determined that child sexual abuse image websites were removed from the Internet far slower than any other category of content we looked at, excepting illegal pharmacies...
 
 
 
 
 
Expand article

Covert channel vulnerabilities in anonymity systems wins best thesis award

2008-06-03 09:57:41 by Steven J. Murdoch in Light Blue Touchpaper
 
My PhD thesis Covert channel vulnerabilities in anonymity systems has been awarded this years best thesis prize by the ERCIM security and trust management working group. The announcement can be found on the working group homepage and Ive been invited to give a talk at their upcoming workshop, STM 08 , Trondheim, Norway, 1617 June 2008
 
 
 
 
 
Expand article

J-PAKE: From Dining Cryptographers to Jugglers

2008-05-29 20:31:05 by Feng Hao in Light Blue Touchpaper
 
...security problem: how to establish secure communication between two parties solely based on their shared password without requiring a Public Key Infrastructure (PKI The solution to the above problem is very useful in practice in fact, so useful that it spawns a lot fights over patents. Many techniques were patented, including the well-known...
 
 
 
 
 
Expand article

PED vulnerability paper receives Most Practical Paper award at Oakland

The Article has images
2008-05-21 09:56:48 by Saar Drimer in Light Blue Touchpaper
...Security and Privacy ( slides We are very pleased that we are the recipients of the new Most Practical Paper award of the conference, given to the paper most likely to immediately improve the security of current environments and systems. Thanks to everyone who supported this work
 
 
 
 
 
Expand article

Twisty little passages, all alike

2008-05-18 19:29:56 by Richard Clayton in Light Blue Touchpaper
 
...information would be available to accompany FIPRs press release and paper on the various laws that the Phorm system breaks. However, there was one final thing that wasnt dealt with by press time, and thats now been explained to me The Phorm system does some of its tracking magic by redirecting browser requests using HTTP 307 responses. When...
 
 
 
 
 
Expand article

Hardened stateless session cookies

2008-05-16 12:40:30 by Steven J. Murdoch in Light Blue Touchpaper
 
...information to create a fake cookie. Thus an attacker with read-access to the database still needs to know the users password to log in, and that isnt stored. There are some additional subtleties to resist different attacks, and those are described in the paper I hope this proposal will trigger discussion over this important problem and lead...