Archives – All Entries
- Second edition
- Wordpress 2.5 cookie integrity protection vulnerability
- Stealing Phorm Cookies
- New Banking Code shifts more liability to customers
- Adding webwise.net into the CNI
- The Phorm “Webwise” System
- A false accusation of “hacking”
- Award Winners #2
- Securing Network Location Awareness with Authenticated DHCP
- Security Economics and the EU
- The two faces of Privila
- Chip & PIN terminals vulnerable to simple attacks
- Inane security questions
- Computer Misuse in Scotland
- Justice, in one case at least
- Opting out
- Financial Ombudsman losing it?
- www.e-victims.org
- Relay attacks on card payment: vulnerabilities and defences
- Hacking tool guidance finally appears
- How effective is the wisdom of crowds as a security mechanism?
- Fatal wine waiters
- Index on Censorship: Shifting Borders
- Covert channel vulnerabilities in anonymity systems
- Privacy Enhancing Technologies Symposium (PETS 2008)
- A conspicuous contribution !
- Hackers get busted
- Theme is back
- A cryptographic hash function reading guide
- Action Replay Justice
- Wordpress cookie authentication vulnerability
- Government security failure
- Happy Birthday ORG!
- Google as a password cracker
- Government ignores Personal Medical Security
- Government ignores Personal Internet Security
- Upgrade and new theme
- Phishing take-down paper wins ‘Best Paper Award’ at APWG eCrime Researcher’s Summit
- Counters, Freshness, and Implementation
- Time to forget?
- Notes on FPGA DRM (part 1)
- Web content labelling
- Keep your keypads close
- NHS Computer Project Failing
- Embassy email accounts breached by unencrypted passwords
- Analysis of the Storm Javascript exploits
- Mapping the Privila network
- The dinosaurs of five years ago
- The interns of Privila
- Econometrics of wickedness
- Phishing website removal — comparing banks
- Latest on security economics
- Phishing and the gaining of “clue”
- Poor advice from SiteAdvisor
- House of Lords Inquiry: Personal Internet Security
- Chip-and-PIN relay attack paper wins “Best Student Paper” at USENIX Security 2007
- USENIX WOOT07, Exploiting Concurrency Vulnerabilities in System Call Wrappers, and the Evil Genius
- Electoral Commission releases e-voting and e-counting reports
- Economics of Tor performance
- The role of software engineering in electronic elections
- Digital signatures hit the road
- Recent talks: Chip & PIN, traffic analysis, and voting
- “No confidence” in eVoting pilots
- Hacking tools are legal for a little longer
- Phishing, students, and cheating at the lottery
- Should there be a Best Practice for censorship?
- Sampled Traffic Analysis by Internet-Exchange-Level Adversaries
- Distance bounding against smartcard relay attacks
- Results of global Internet filtering survey
- How quickly are phishing websites taken down?
- Follow the money, stupid
- Extreme online risks
- Debug mode = hacking tool?
- There aren’t that many serious spammers any more
- TK Maxx and banking regulation
- Devote your day to democracy
- What is the unit of amplification for DoS?
- e-Government Framework is Rather Broken
- How (not) to write an abstract
- Identity theft without identification infrastructure
- Passports and biometric certificates (I)
- (In)security at the University of Birmingham
- SOCA: we just want your money?
- Financial Ombudsman on Chip & PIN infallibility
- Chip & PIN relay attacks
- Human Rights and Biophysics (strange similarities)
- Chip & PIN terminal playing Tetris
- Health database optout - latest news
- 23rd Chaos Communication Congress
- Health privacy … breaking news …
- Developments on health privacy…
- Kids’ databases
- A backwards way of dealing with image spam
- The ATM Protection Racket
- Traffic Data Retention and Forensic Imaging
- Shishir wins BCS best student award
- Seals, physical security, and usability
- Opting out of the NHS Database
- Yet another insecure banking system
- How to hack your GP’s computer system
- Mainstreaming eCrime
- New website on NHS IT problems
- Kish’s “totally secure” system is insecure
- Boom! Headshot!
- Closing in on suspicious transactions
- Random isn’t always useful
- Which services should remain offline?
- How many Security Officers? (reloaded)
- PerSec 2007 deadline: 24 September
- A Study on The Value of Location Privacy
- The real hustle on BBC3: watch it!
- Hot or Not: Revealing Hidden Services by their Clock Skew
- After ID Cards…
- With a single bound it was free!
- RIP
- Protocol design is hard — Flaws in ScatterChat
- Anonymous data that isn’t
- “Identity fraud” again
- Security Theater at the Grand Coulee Dam
- Stolen mobiles story
- Health IT Report
- Growing epidemic of card cloning
- Powers, Powers, and yet more Powers …
- New card security problem?
- Downtime
- Protecting software distribution with a cryptographic build process
- Security Economics
- Chip and PIN again
- Permissive action links for individual bullets
- Ignoring the “Great Firewall of China”
- Oracle attack on Wordpress
- Censoring science
- Anatomy of an XSS exploit
- Chip and skim 2
- Just which gadget are you recruiting?
- The Rising Tide: DDoS by Defective Designs and Defaults
- TR-666: A pact with the Devil
- How to use a chip card whose PIN you don’t know
- XSS vulnerabilities fixed in Wordpress 2.0.3
- ATMs and Disclosure Laws
- What’s a security problem?
- Watching them watching me
- WEIS 2006
- Cambridge Security Seminars
- Workshop on Privacy in the Electronic Society (WPES 2006)
- The mythical tamper-proof PIN pad?
- Persec 2006 and Naccache on tapping mobile phones
- Why so many CCTVs in UK? (again)
- The Internet and Elections: the 2006 Presidential Election in Belarus
- Covert conflict in social networks
- D-Link settles!
- Browser storage of passwords: a risk or opportunity?
- When firmware attacks! (DDoS by D-Link)
- AV-net – a new solution to the Dining Cryptographers Problem
- Award winners
- Fraud or feature?
- Cat with computer virus
- Chip and skim
- Banks don’t help fight phishing
- Video eavesdropping demo at CeBIT 2006
- BBC article on new Chinese TLDs
- New Chinese TLDs
- Chinese website registration
- Towards a market price for insecurity
- Why so many CCTVs in UK?
- Complexities in criminalising denial of service attacks
- Forensics and terrorism
- EarthLink has just 31 challenge-response CAPTCHAs
- Security research may become a crime in the UK
- Mysterious and Menacing