Being "always on" is being always off, to something.
Selected Papers from USENIX 2007
Topic: Technology
10:06 pm EDT, Jun 18, 2007
Yesterday I mentioned a paper from the upcoming USENIX 2007 conference. Here are a few more, selected more or less based on title and abstract. It would seem that XSS is top of mind right now.
Application-level protocol specifications are useful for many security applications, including intrusion prevention and detection that performs deep packet inspection and traffic normalization, and penetration testing that generates network inputs to an application to uncover potential vulnerabilities. However, current practice in deriving protocol specifications is mostly manual.
In this paper, we present Discoverer, a tool for automatically reverse engineering the protocol message formats of an application from its network trace. A key property of Discoverer is that it operates in a protocol-independent fashion by inferring protocol idioms commonly seen in message formats of many application-level protocols.
We evaluated the efficacy of Discoverer over one text protocol (HTTP) and two binary protocols (RPC and CIFS/SMB) by comparing our inferred formats with true formats obtained from Ethereal [5]. For all three protocols, more than 90% of our inferred formats correspond to exactly one true format; one true format is reflected in five inferred formats on average; our inferred formats cover over 95% of messages, which belong to 30-40% of true formats observed in the trace.
This paper explores the use of execution-based Web content analysis to protect users from Internet-borne malware. Many anti-malware tools use signatures to identify malware infections on a user’s PC. In contrast, our approach is to render and observe active Web content in a disposable virtual machine before it reaches the user’s browser, identifying and blocking pages whose behavior is suspicious. Execution-based analysis can defend against undiscovered threats and zero-day attacks. However, our approach faces challenges, such as achieving good interactive performance, and limitations, such as defending against malicious Web content that contains non-determinism. To evaluate the potential for our execution-based technique, we designed, implemented, and measured a new proxy-based anti-malware tool called SpyProxy.
SpyProxy intercepts and evaluates Web content in transit from Web servers to the browser. We present the architecture and design of our SpyProxy prototype, focusing in particular on the optimizations we developed to make on-the-fly execution-based analysis practical.
We demonstrate that with careful attention to... [ Read More (0.4k in body) ]
“A masterly portrait of a truly virtuous and dedicated man”—The New Yorker
“Why isn’t this book famous…Very few novels in English, or literary productions of any kind, have come anywhere near its level for human wisdom or as a work of art.”—C.P. Snow
“Serious, beautiful and affecting, what makes Stoner so impressive is the contained intensity the author and character share.”—Irving Howe, New Republic
“a quiet but resonant achievement”—The Times Literary Supplement
“Stoner by John Williams, contains what is no doubt my favorite literary romance of all time. William Stoner is well into his 40s, and mired in an unhappy marriage, when he meets Katherine, another shy professor of literature. The affair that ensues is described with a beauty so fierce that it takes my breath away each time I read it. The chapters devoted to this romance are both terribly sexy and profoundly wise.”—The Christian Science Monitor
New York magazine offers a profile. Note that the VC quoted in the article believes that subscription is the future of music. Also:
"We passed the high-water mark for iPod profitability about six months ago. I don’t see it going anywhere but down. All of which is why the iPhone is so important for Apple.”
A competitor quips that the iPhone suffers from "the houseboat problem."
The General’s Report | Annals of National Security
Topic: War on Terrorism
6:24 am EDT, Jun 18, 2007
“Here I am,” Taguba recalled Rumsfeld saying, “just a Secretary of Defense, and we have not seen a copy of your report. I have not seen the photographs, and I have to testify to Congress tomorrow and talk about this.” As Rumsfeld spoke, Taguba said, “He’s looking at me. It was a statement.”
At best, Taguba said, “Rumsfeld was in denial.” Taguba had submitted more than a dozen copies of his report through several channels at the Pentagon and to the Central Command headquarters, in Tampa, Florida, which ran the war in Iraq. By the time he walked into Rumsfeld’s conference room, he had spent weeks briefing senior military leaders on the report, but he received no indication that any of them, with the exception of General Schoomaker, had actually read it. (Schoomaker later sent Taguba a note praising his honesty and leadership.) When Taguba urged one lieutenant general to look at the photographs, he rebuffed him, saying, “I don’t want to get involved by looking, because what do you do with that information, once you know what they show?”
We analyze three new consumer electronic gadgets in order to gauge the privacy and security trends in mass-market UbiComp devices.
Our study of the Slingbox Pro uncovers a new information leakage vector for encrypted streaming multimedia. By exploiting properties of variable bitrate encoding schemes, we show that a passive adversary can determine with high probability the movie that a user is watching via her Slingbox, even when the Slingbox uses encryption. We experimentally evaluated our method against a database of over 100 hours of network traces for 26 distinct movies.
Despite an opportunity to provide significantly more location privacy than existing devices, like RFIDs, we find that an attacker can trivially exploit the Nike iPod Sport Kit's design to track users; we demonstrate this with a GoogleMaps-based distributed surveillance system. We also uncover security issues with the way Microsoft Zunes manage their social relationships.
We show how these products' designers could have significantly raised the bar against some of our attacks. We also use some of our attacks to motivate fundamental security and privacy challenges for future UbiComp devices.
The title of this article is "In the Year 2030, the Young Hotshot at My Office Tries to Walk Me Through "Centaur," Apple's New Mind-Orb-based Operating System."
It's sort of like a Shouts & Murmurs ...
ME: For some reason, I can't get this report orb to beam.
HOTSHOT: Well, go ahead and materialize the topaz orb first. That should launch your facefield preferences.
ME: OK, here goes ... Wait, remind me, how do I get to the topaz orb? Sorry, I knew how to do this just a second ago—I imagine a shape, right?
HOTSHOT: Kind of. Defocus your eyes and visualize a beam of light illuminating a rhombus. That will materialize the topaz orb.
ME: Hmm ... It's still not working.
HOTSHOT: OK, let's back up a step. Which wormhole did you do your push-up in?
Automated reverse engineering of nonlinear dynamical systems
Topic: Science
6:55 pm EDT, Jun 16, 2007
Complex nonlinear dynamics arise in many fields of science and engineering, but uncovering the underlying differential equations directly from observations poses a challenging task.
The ability to symbolically model complex networked systems is key to understanding them, an open problem in many disciplines. Here we introduce for the first time a method that can automatically generate symbolic equations for a nonlinear coupled dynamical system directly from time series data. This method is applicable to any system that can be described using sets of ordinary nonlinear differential equations, and assumes that the (possibly noisy) time series of all variables are observable.
Previous automated symbolic modeling approaches of coupled physical systems produced linear models or required a nonlinear model to be provided manually. The advance presented here is made possible by allowing the method to model each (possibly coupled) variable separately, intelligently perturbing and destabilizing the system to extract its less observable characteristics, and automatically simplifying the equations during modeling.
We demonstrate this method on four simulated and two real systems spanning mechanics, ecology, and systems biology. Unlike numerical models, symbolic models have explanatory value, suggesting that automated "reverse engineering" approaches for model-free symbolic nonlinear system identification may play an increasing role in our ability to understand progressively more complex systems in the future.
Going Balloon: An Interview with Forro in the Dark
Topic: Arts
5:37 pm EDT, Jun 16, 2007
Forro in the Dark is a band that brings not just the heat of Brazil to crowded, pulsing nightclubs — it brings the heart.
A group of five Brazilians and one American put their rhythmic spin on forró, a style of music and dance from the northeast of Brazil that is full of passion, joy, heartache, and love.
Forro in the Dark have been sneaking up the radar, as their latest album, Bonfires of São João, has been making waves from coast to coast.
Featuring such impressive guest vocalists as David Byrne, Bebel Gilberto, and Miho Hatori, FIT Dark have become an underground sensation with people in the know.
The hippest Manhattanites know that Nublu is where it’s at, and every Wednesday, FIT Dark can be heard making people sweat, sway, and groove until the sun rises.