-
Recent Posts
Recent Comments
Arkadiusz Robiński on HTTP Parameter Pollution. So h… c3ret on HTTP Parameter Pollution. So h… Archives
Categories
Meta
Category Archives: General
Anubis – Managing a growing, distributed infrastructure for Binary Analysis [Part II]
In part I of this blog post, I summarized how and why the Anubis system has grown into a not only virtually, but also physically distributed analysis service. In part II, I will explain how we tackled the problem of … Continue reading
EXPOSURE: A new service from iSecLab goes online
Last month, in this post, we announced an upcoming service called EXPOSURE which detects domain names that are involved in malicious activities. We perform passive DNS analysis. After a period of testing, finally, we started the beta version of the service. … Continue reading
Apple Sued Over Applications Giving Information to Advertisers
According to this Bloomberg article, a law suit was filed against Apple for allowing applications to give personally identifiable information to advertisement networks without the users’ consent. First off, IANL. However, I feel that my recent work regarding iPhone and … Continue reading
Posted in Binary Analysis, General, Privacy
Leave a comment
BADGERS 2011 Call for Papers
In April, I am co-chairing a new workshop called BADGERS (Building Analysis Datasets and Gathering Experience Returns for Security) with Thorsten. The BADGERS workshop is intended to encourage the development of large scale security-related data collection and analysis initiatives. It will … Continue reading
Posted in Call For Papers, General
Leave a comment
OWASP BeNeLux 2010
I just got back from Holland where I was invited to participate in the annual OWASP BeNeLux conference with a talk on Clickjacking. For the second year, the OWASP chapters of Holland, Belgium and Luxembourg co-organized an event with the … Continue reading
LEET 11 and Eurosec 11 workshops
I am involved in two interesting workshops next year: LEET and Eurosec. Both events are being partially-organized by iSecLab members. I am chairing Eurosec and Chris is chairing LEET. Both workshops usually have interesting programs and I would encourage the submission … Continue reading
Posted in Call For Papers, General
Leave a comment
Detecting Privacy Leaks in iPhone Applications
In the upcoming NDSS 2011 conference in San Diego, one of the papers our team will be presenting is Manuel‘s work on detecting privacy leaks in iPhone applications. The sales of smartphones have exploded recently — especially because of mobile phone … Continue reading
Posted in Binary Analysis, General, Privacy
Leave a comment
Digital Signatures and the Austrian Experiment: Our Story
Last year in May, a technical report we published online on the security analysis of the so-called “Citizen Card” in Austria received some press coverage. I noticed that some sites (e.g., the Wikipedia entry for the Citizen Card and a site … Continue reading
Posted in General, Privacy, Systems Security
Leave a comment
FORWARD and SysSec: Attempting to “predict” the future
A couple of weeks ago, I had a déjà vu effect after reading an article that stated that regulators were blaming a computer algorithm for a stock market ‘flash crash’. About a year ago, last November, we were busy creating … Continue reading
Posted in General, Systems Security
Leave a comment
Short RAID 2010 Report: A New Threat for Social Networks?
It has been over a month since I returned from the RAID conference in Canada. This year, RAID was organized in Ottawa, the capital. I tend to think that Ottawa was declared “the capital” for its location rather that its … Continue reading
Posted in Conferences, General, Web Security
Tagged privacy, social networks, web security
Leave a comment