Yesterday I mentioned a paper from the upcoming USENIX 2007 conference. Here are a few more, selected more or less based on title and abstract. It would seem that XSS is top of mind right now.

Discoverer: Automatic Protocol Reverse Engineering from Network Traces

Application-level protocol specifications are useful for many security applications, including intrusion prevention and detection that performs deep packet inspection and traffic normalization, and penetration testing that generates network inputs to an application to uncover potential vulnerabilities. However, current practice in deriving protocol specifications is mostly manual.

In this paper, we present Discoverer, a tool for automatically reverse engineering the protocol message formats of an application from its network trace. A key property of Discoverer is that it operates in a protocol-independent fashion by inferring protocol idioms commonly seen in message formats of many application-level protocols.

We evaluated the efficacy of Discoverer over one text protocol (HTTP) and two binary protocols (RPC and CIFS/SMB) by comparing our inferred formats with true formats obtained from Ethereal [5]. For all three protocols, more than 90% of our inferred formats correspond to exactly one true format; one true format is reflected in five inferred formats on average; our inferred formats cover over 95% of messages, which belong to 30-40% of true formats observed in the trace.

SpyProxy: Execution-based Detection of Malicious Web Content

This paper explores the use of execution-based Web content analysis to protect users from Internet-borne malware. Many anti-malware tools use signatures to identify malware infections on a user’s PC. In contrast, our approach is to render and observe active Web content in a disposable virtual machine before it reaches the user’s browser, identifying and blocking pages whose behavior is suspicious. Execution-based analysis can defend against undiscovered threats and zero-day attacks. However, our approach faces challenges, such as achieving good interactive performance, and limitations, such as defending against malicious Web content that contains non-determinism. To evaluate the potential for our execution-based technique, we designed, implemented, and measured a new proxy-based anti-malware tool called SpyProxy.

SpyProxy intercepts and evaluates Web content in transit from Web servers to the browser. We present the architecture and design of our SpyProxy prototype, focusing in particular on the optimizations we developed to make on-the-fly execution-based analysis practical.

We demonstrate that with careful attention to... [ Read More (0.4k in body) ]

Has he peaked?

New York magazine offers a profile. Note that the VC quoted in the article believes that subscription is the future of music. Also:

"We passed the high-water mark for iPod profitability about six months ago. I don’t see it going anywhere but down. All of which is why the iPhone is so important for Apple.”

A competitor quips that the iPhone suffers from "the houseboat problem."

For a good recent story about a houseboat, check out Aboard the Sarabande; If Wanderlust Strikes, Their House Goes, Too, from the June 3 edition of the New York Times.

Steve Jobs in a Box

The title of this article is "In the Year 2030, the Young Hotshot at My Office Tries to Walk Me Through "Centaur," Apple's New Mind-Orb-based Operating System."

It's sort of like a Shouts & Murmurs ...

ME: For some reason, I can't get this report orb to beam.

HOTSHOT: Well, go ahead and materialize the topaz orb first. That should launch your facefield preferences.

ME: OK, here goes ... Wait, remind me, how do I get to the topaz orb? Sorry, I knew how to do this just a second ago—I imagine a shape, right?

HOTSHOT: Kind of. Defocus your eyes and visualize a beam of light illuminating a rhombus. That will materialize the topaz orb.

ME: Hmm ... It's still not working.

HOTSHOT: OK, let's back up a step. Which wormhole did you do your push-up in?

McSweeney's Internet Tendency

This project was motivated by two things: my almost complete inability to get out of bed in the morning, and my fondness for recording data from routine activities and making graphs with that data.

The length of the sleep cycle varies for each person, and averages about 90 minutes. I wanted to try to measure the length of mine, without having to wake up and check a clock. I also wanted to get an idea of how much I naturally move around during the night, and what patterns I might find therein.

To investigate this, I outfitted myself with sensors that would help me determine how my position changes over the course of a night's sleep. I used three accelerometers as tilt sensors, placed on three different places on my body: my forehead, my forearm, and my upper leg.

Anita Lillie's Sleep Tracker

This probably makes for a poor quality (read: weak) captcha, but it's a neat idea.

reCaptcha seeks to block spam while handling the challenge of digitally scanning old books and making them available in Web search engines.

When character recognition software fails to decipher a word scanned in a book — when the page is yellowed or the letters are smudged, for example — reCaptcha makes it part of a captcha. After the mystery word has been verified by several people, it is fed back into the digital copy of the book.

(Description from NYT article)

reCAPTCHA: Stop Spam, Read Books

Twenty years ago, who could have guessed that the most widely deployed application of computational linguistics and computational learning theory would be fending off nuisance e-mail?

... If we can't have less spam, we really need better spam.

How Many Ways Can You Spell V1@gra?

Houston ...

Russian and NASA engineers worked into the evening yesterday to figure out why two computer systems essential to the operation of the international space station crashed, and the agency began making contingency plans that include potentially abandoning the $100 billion facility if they should fail.

Computers on Space Station Crash; NASA Weighs Options

Existing low-latency anonymity networks are vulnerable to traffic analysis, so location diversity of nodes is essential to defend against attacks.

Previous work has shown that simply ensuring geographical diversity of nodes does not resist, and in some cases exacerbates, the risk of traffic analysis by ISPs. Ensuring high autonomous-system (AS) diversity can resist this weakness. However, ISPs commonly connect to many other ISPs in a single location, known as an Internet eXchange (IX).

This paper shows that IXes are a single point where traffic analysis can be performed. We examine to what extent this is true, through a case study of Tor nodes in the UK.

Also, some IXes sample packets flowing through them for performance analysis reasons, and this data could be exploited to de-anonymize traffic. We then develop and evaluate Bayesian traffic analysis techniques capable of processing this sampled data.

Sampled Traffic Analysis by Internet-Exchange-Level Adversaries

Adobe Photoshop was, for a time, the killer app for the Macintosh. During the mid-nineties, publishing and graphic design had supplanted consumers as the most important market to target, at least in the eyes of former Apple CEOs Gil Amelio and Michael Spindler. Consumer Macs languished as Apple poured resources into multi-processor Macs and ill-conceived operating system replacements for the Mac OS. Even after Apple emerged from its crisis of the mid '90s, Photoshop is still immensely popular and has even been adopted as a verb for retouching or modifying images much to the consternation of Adobe.

How Adobe's Photoshop Was Born

Gadgets for Africa: Solving everyday problems with African ingenuity

AfriGadget