POPULARITY
Welcome back to PING, at the start of 2025. In this episode, Gautam Akiwate, (now with Apple, but at the time of recording with Stanford University) talks about the 2021 Advanced Network Research Prize winning paper, co-authored with Stefan Savage, Geoffrey Voelker and Kimberly Claffy which was titled "Risky BIZness: Risks Derived from Registrar Name Management". The paper explores a situation which emerged inside the supply chain behind DNS name delegation, in the use of an IETF protocol called Extensible Provisioning Protocol or EPP. EPP is implemented in XML over the SOAP mechanism, and is how registry-registrar communications take place, on behalf of a given domain name holder (the delegate) to record which DNS nameservers have the authority to publish the delegated zone. The problem doesn't lie in the DNS itself, but in the operational practices which emerged in some registrars, to remove dangling dependencies in the systems when domain names were de-registered. In effect they used an EPP feature to rename the dependency, so they could move on with selling the domain name to somebody else. The problem is that feature created valid names, which could themselves then be purchased. For some number of DNS consumers, those new valid nameservers would then be permitted to serve the domain, and enable attacks on the integrity of the DNS and the web. Gautam and his co-authors explored a very interesting quirk of the back end systems and in the process helped improve the security of the DNS and identified weaknesses in a long-standing "daily dump" process to provide audit and historical data.
Stefan Savage, esteemed professor of Computer Science and Engineering gives the lowdown on: - His unique approach to teaching (no tests or papers!) - Groundbreaking research into cybersecurity (including re-assembling a 737 in the lab) - His upcoming November 12 presentation entitled "Modern Automotive Vulnerabilities: The Science Behind the Fast and the Furious" - What he sees on the horizon Transcript (w/ Timestamps): https://www.rev.com/transcript-editor/shared/4E9oxOdOfF2WWmvsdn32TzdbNyB5diBMA7wUxpwdmGBQLJ3DRhFcKGAIE3GMjjBvpcNKoOtAZbUdT4aQmbHVB9xnrq4?loadFrom=SharedLink
Professor Mindy Rhindress is a valued faculty member and Mentor-in-Residence at Queens College's Program in Data Analytics and Applied Social Research. She is also one of her program's highly-successful alumni, with a very successful corporate career that culminated in a senior executive at the major marketing research firm Abt Associates. It often surprises Data Analytics students that our program is decades-old, with a long history of training students to apply quantitative social science to public and private sector enterprise problems. Check out this gem we found! https://youtu.be/RN3kpCPShjE By the way, that's MacArthur award-winning computer scientist Stefan Savage, who worked as a lab assistant back in the day! In our inaugural episode of The QC Pod, we ask Professor Rhindress what it was like to study analytics back in the 1990s. She talks about how QC students were trained to evangelize the idea that enterprises should give all their knowledge workers a computer of their own, and should teach people to use them! We talk about the resistance to computers back in the 1990s, how a male-dominated executive culture thought it too emasculating to type up your own work, and how people like Prof. Rhindress were able to capitalize on their understandings of what techs did to better work with them as a business executive. Queens College's Master's Program in Data Analytics and Applied Social Research continues that tradition today by training students in today's cutting-edge data analytics and applied social science. It is an outstanding program with a great placement record (at a fraction of the cost of our private school competitors). Applications are free for Queens College students.
Ariana is a PhD student at UC San Diego, where she works with the Sysnet, CryptoSec, and CNS groups at UCSD, as well as the Center for Evidence-based Security Research (CESR). She is advised by Geoff Voelker and Stefan Savage. As an undergrad, she started her academic journey in a security lab as an coder. She soon realized that the world of security would be an enthralling space that has repercussions for everyone that uses a computer today, and after doing some coding, she then moved more into a research-oriented role. She discovered that one of security's problems revolved around users and how users interact with our various security mechanisms; and what good are our security mechanisms if they fail to protect people? She then decided to dive into the intersection of usable security and empirical analysis, or how we can use environmental studies to determine user behavior, where is it going wrong, and how we can fix it. This is the philosophy that drives her research Series: "UCTV Prime" [Science] [Show ID: 33422]
Ariana is a PhD student at UC San Diego, where she works with the Sysnet, CryptoSec, and CNS groups at UCSD, as well as the Center for Evidence-based Security Research (CESR). She is advised by Geoff Voelker and Stefan Savage. As an undergrad, she started her academic journey in a security lab as an coder. She soon realized that the world of security would be an enthralling space that has repercussions for everyone that uses a computer today, and after doing some coding, she then moved more into a research-oriented role. She discovered that one of security's problems revolved around users and how users interact with our various security mechanisms; and what good are our security mechanisms if they fail to protect people? She then decided to dive into the intersection of usable security and empirical analysis, or how we can use environmental studies to determine user behavior, where is it going wrong, and how we can fix it. This is the philosophy that drives her research Series: "UCTV Prime" [Science] [Show ID: 33422]
Ariana is a PhD student at UC San Diego, where she works with the Sysnet, CryptoSec, and CNS groups at UCSD, as well as the Center for Evidence-based Security Research (CESR). She is advised by Geoff Voelker and Stefan Savage. As an undergrad, she started her academic journey in a security lab as an coder. She soon realized that the world of security would be an enthralling space that has repercussions for everyone that uses a computer today, and after doing some coding, she then moved more into a research-oriented role. She discovered that one of security's problems revolved around users and how users interact with our various security mechanisms; and what good are our security mechanisms if they fail to protect people? She then decided to dive into the intersection of usable security and empirical analysis, or how we can use environmental studies to determine user behavior, where is it going wrong, and how we can fix it. This is the philosophy that drives her research Series: "UCTV Prime" [Science] [Show ID: 33422]
Ariana is a PhD student at UC San Diego, where she works with the Sysnet, CryptoSec, and CNS groups at UCSD, as well as the Center for Evidence-based Security Research (CESR). She is advised by Geoff Voelker and Stefan Savage. As an undergrad, she started her academic journey in a security lab as an coder. She soon realized that the world of security would be an enthralling space that has repercussions for everyone that uses a computer today, and after doing some coding, she then moved more into a research-oriented role. She discovered that one of security's problems revolved around users and how users interact with our various security mechanisms; and what good are our security mechanisms if they fail to protect people? She then decided to dive into the intersection of usable security and empirical analysis, or how we can use environmental studies to determine user behavior, where is it going wrong, and how we can fix it. This is the philosophy that drives her research Series: "UCTV Prime" [Science] [Show ID: 33422]
Prof. Stefan Savage generated controversy and debate over public policy after demonstrating the vulnerability of modern automobiles to attack from hackers who can take advantage of internal as well as external digital components and systems in today’s cars. Series: "Computer Science Channel" [Public Affairs] [Science] [Show ID: 31921]
Prof. Stefan Savage generated controversy and debate over public policy after demonstrating the vulnerability of modern automobiles to attack from hackers who can take advantage of internal as well as external digital components and systems in today’s cars. Series: "Computer Science Channel" [Public Affairs] [Science] [Show ID: 31921]
UC San Diego Computer Science and Engineering (CSE) Department Chair Rajesh Gupta, an expert in cyber-physical systems, kicks off a conversation with two cyber security experts from the computer-science faculty in UC San Diego’s Jacobs School of Engineering: Prof. Stefan Savage, and Prof. Hovav Shacham. Savage and colleagues generated controversy and debate over public policy after they demonstrated the vulnerability of modern automobiles to attack from hackers who can take advantage of internal as well as external digital components and systems in today’s cars. Most recently, Prof. Shacham uncovered security vulnerabilities involving the full-body backscatter, X-ray scanners deployed at entrances to airports, train stations and other public places. Series: "Computing Primetime" [Science] [Show ID: 28620]
UC San Diego Computer Science and Engineering (CSE) Department Chair Rajesh Gupta, an expert in cyber-physical systems, kicks off a conversation with two cyber security experts from the computer-science faculty in UC San Diego’s Jacobs School of Engineering: Prof. Stefan Savage, and Prof. Hovav Shacham. Savage and colleagues generated controversy and debate over public policy after they demonstrated the vulnerability of modern automobiles to attack from hackers who can take advantage of internal as well as external digital components and systems in today’s cars. Most recently, Prof. Shacham uncovered security vulnerabilities involving the full-body backscatter, X-ray scanners deployed at entrances to airports, train stations and other public places. Series: "Computing Primetime" [Science] [Show ID: 28620]