• أر
  • 中文
  • EN
  • FR
  • PT
  • РУ
  • ES

You are here

  • "What's the harm in giving up my Twitter password?", you might say, "all someone can do is see my direct messages and post a tweet from me, right?"Think again. The reality today is that social media services are used for far more than just posting updates or photos of cats. They also act as "identity providers" allowing us to easily login to other sites and services. We've all seen the "Login with Twitter" or "Continue with Facebook" buttons on various sites. Or for Google or LinkedIn. These offer a tremendous convenience. You can rapidly sign into sites without having to remember yet-...
    Date published 21 February 2017
  • A number of seminal papers appeared towards the end of the 20th century calling for more attention to be paid to the human in the security loop. For example, Anne Adams and Angela Sasse’s “Users are not the Enemy” and Mark Ackerman and Lorrie Cranor’s "Privacy critics: UI components to safeguard users' privacy." The research field of Usable Security was thereby launched, and quickly garnered interest amongst academics and in industry. Almost two decades later this field has achieved independent status with a number of conferences and workshops being dedicated to this research field. USEC is a...
    Date published 17 February 2017
  • Today at the RSA Conference 2017 in San Francisco, our Chief Internet Technology Officer Olaf Kolkman will be speaking as part of a panel on:Internet of Insecurity: Can Industry Solve It or Is Regulation Required?The abstract of the session is:The rise of IoT has brought forth a new generation of devices and services representing significant innovation, yet all too many ship insecure and are not supported over their life. They have become proxies for abuse with a capacity for causing significant harm. Can we wait for industry and stakeholders to adopt trust frameworks and seal programs or do...
    Date published 15 February 2017
  • The Network and Distributed System Security Symposium (NDSS 2017) is just around the corner (26 February - 1 March), and details of the program are quickly coming into focus. The full slate of activities includes two keynotes, two workshops, and a full program of excellent peer-reviewed academic research papers. The Monday keynote speaker, J. Alex Halderman, is a Professor of Computer Science and Engineering at the University of Michigan and Director of Michigan's Center for Computer Security and Society. In his keynote, “Recount 2016: A Security Audit of the Presidential Election”, he will...
    Date published 06 February 2017
  • I recently wrote about an agenda to mitigate the threats of insecure devices on the Internet of Things. One of the requirements expressed in that agenda is “For every product sold, there is a way that security researchers can responsibly disclose vulnerabilities found”. In this post I want to reflect on the issue of responsible disclosure from the perspective of the Collaborative Security approach, how responsible security researchers are helping to make the Internet more secure, and to explore how collaboration around disclosure helps to improve trust in the Internet.Responsible...
    Date published 02 February 2017