Podcasts about these xd

Distinguished social psychologist Geert Hofstede observed the “dominance of technology over culture is an illusion. The software of the machines may be globalized, but the software of the minds that use them is not.”  The role of culture in the thought process is so prevalent, yet unstated, that many cultural beliefs and biases are accepted as truths.  These cultural beliefs and biases are commonly infused into behavioral norms identifying behaviors that can be observed.  While historically,these observations have taken place in the physical realm, this talk discusses the findings of cultural markers in the cyber realm. Dr. Sample presents and discusses recent interdisciplinary, evidence-based research using culture-based models of various cyber actors (attackers, defenders and victims)to explain observations in cybersecurity behaviors. These studies were performed over the past several years using public data found in the Zone-H archives. The mining of the Zone-H archives with over 10 million records of raw data allowed for research into behaviors, choices and reasons. By using Hofstede’s cultural framework to define culture along with some basic inferential statistics, specific digital identifiers were associated with cultural dimensions, allowing for more accurate modeling of cyber actors based on cultural values.  The results supported Nisbett’s observation that people “think the way they do because of the nature of the societies they live in”. The  discussion centers on the six dimensions of culture, the values associated with each dimension and examples of those values in cyber space. The six cultural dimensions measure views on values of self-determination, collectivism, aggression,nurturing, uncertain outcomes, holism, instant gratification, and levels of societal openness.  The behavioral traits that associate with the cultural values are behavioral traits that are consistent with cyber behaviors.

The global impact resulting from the distribution of doctored digital photographs has reached an epidemic proportion. These digitally altered photos are distributed through social media, news outlets, traditional web resources and are making their way into the mainstream media. The impact of these photos can dramatically change the way people think, act, react, believe and can ultimately cause harm. At the simplest level they represent visual fraud. During this presentation, I will convey real examples along with the resulting impacts that have already occurred. Most importantly, I will demonstrate a new methodology rooted in the dark art of steganography that can actively identify these fraudulent photos and even trace their origins back to their creators.

In the last few years breaches at organizations like Yahoo!, Dropbox, Lastpass, AshleyMadison and Adult FriendFinder have exposed billions of user passwords to offline brute-force attacks. Password hashing algorithms are a critical last line of defense against an offline attacker who has stolen password hash values from an authentication server. An attacker who has stolen a user's password hash value can attempt to crack each user's password offline by comparing the hashes of likely password guesses with the stolen hash value. Because the attacker can check each guess offline it is no longer possible to lockout the adversary after several incorrect guesses. The attacker is limited only by the cost of computing the hash function. Offline attacks are increasingly commonplace and dangerous due to weak password selection and improved cracking hardware such as a GPU, Field Programmable Gate Array (FPGA) or an Application Specific Integrated Circuit (ASIC). A secure password hashing algorithm should have the properties that (1) it can be computed quickly (e.g., at most one second) on a personal computer, (2) it is prohibitively expensive for an attacker to compute the function millions or billions of times to crack the user's password even if the attacker uses customized hardware. The first property ensures that the password hashing algorithm does not introduce an intolerably long delay for the user during authentication, and the second property ensures that an offline attacker will fail to crack most user passwords. Memory hard functions (MHFs), functions whose computation require a large amount of memory, are a promising cryptographic primitive to enable the design of a password hashing algorithm achieving both goals. The talk will introduce and motivate the notion of memory hard functions and survey recent advances in the theory of MHFs. These results include (1) an attack on the Argon2i MHF, winner of the password hashing competition, which could reduce an amortized costs for a password attacker, (2) security lower bound for SCRYPT MHF and (3) construction of the first provably secure data-independent memory hard function.

Which song will Smith listen to next? Which restaurant will Alice go to tomorrow? Which product will John click next? These applications have in common the prediction of user trajectories that are in a constant state of flux but subject to hidden constraints (e.g. geographical location, the links of a website). What users are doing now may be unrelated to what they will be doing in an hour from now. In this talk I introduce the difficulties associated with predicting user trajectories, more specifically how the concepts of non-stationary, transiency, and time-heterogeneity make this task challenging. Mindful of these difficulties I introduce Tribeflow, a general method that can perform next product recommendation, next song recommendation, next location prediction, and general arbitrary-length user trajectory prediction without domain-specific knowledge. Extensive simulations on large and small datasets show TribeFlow to be more accurate and up to 413x faster than top state-of-the-art competitors.

Location-based social networks (LBSNs) feature location-based friend discovery services attracting hundreds of millions of active users world-wide. While leading LBSN providers claim the well-protection of their users’ location privacy, in this talk we show for the first time through real world attacks that these claims do not hold after summarizing the existing practices from the industry. In our identified attacks, a malicious individual with the capability of no more than a regular LBSN user can easily break most LBSNs by manipulating location information fed to LBSN client apps and running them as location oracles. I will further talk about the development of an automated user location tracking system based on the proposed attack and its test on leading LBSNs including Wechat, Skout, and Momo. Real-world experiments on 30 volunteers and the defense approaches will also be discussed. These findings serve as a critical security reminder of the current LBSNs pertaining to a vast number of users.

Computer hardware and software that perform real-world functions such as flight control, telecommunications switching, and network routing form a class of systems called embedded systems. These embedded systems have challenges that differ from general purpose computing. The security challenges of embedded systems have become a topic of concern in critical infrastructure such as SmartGrid. This presentation will discuss the embedded systems security challenges and a possible solution, Trusted Computing. Trusted Computing provides a tight coupling of hardware and software for security which can provide significant security enhancements over software only solutions and is highly applicable to embedded systems.

The rapid growth of communication environments such as the Internet has spurred the development of a wide range of systems and applications based on peer-to-peer ideologies. As these applications continue to evolve, there is an increasing effort towards improving their overall performance. This effort has led to the incorporation of measurement-based adaptivity mechanisms and network awareness into peer-to-peer applications, which can greatly increase peer-to-peer performance and dependability. Unfortunately, these mechanisms are often vulnerable to attack, making the entire solution less suitable for real-world deployment. In this work, we study how to create robust systems components for adaptivity, network awareness, and responding to identified threats. These components can form the basis for creating efficient, high-performance, and resilient peer-to-peer systems.

Information security professionals increasingly need to be familiar with developments in cyberlaw to ensure they comport their actions with the contours of the law. Unfortunately, with technology changing far faster than the statutes, judges are increasingly being called upon to fill in the interstices. In this interactive session, facts from actual cases will be presented in a “You Be the Judge” format to highlight important developments in recent cases and identify key trends in the case law. What is the legal efficacy of a click-through consent banner and how does this impact information security professionals? What constitutes an “interception” and what types of interceptions are legal and illegal? What law dictates whether an employer can or cannot inspect its employee’s personal e-mail messages? Do individuals have to divulge their encryption keys requested to do so by border guards or law enforcement agents? Are there jurisdictional borders in cyberspace? Who has jurisdiction and how does the law apply in virtual worlds? How do extradition laws apply to cybercrimes? These and many other questions will be answered in this interactive seminar.

Throughout history men have raised leaders for themselves and ascribed to them divine qualities. These supermen or imperial men then move to create a super race. This can be demonstrated throughout history and it is nearly always at the expense of the other people groups but particularly the Jewish people. This message covers world history and biblical history to delineate truth from propaganda and hope from fear. Although not specifically a serious, this message should be considered in the light of last week�"s message “Cross and Curtain”.

Throughout history men have raised leaders for themselves and ascribed to them divine qualities. These supermen or imperial men then move to create a super race. This can be demonstrated throughout history and it is nearly always at the expense of the other people groups but particularly the Jewish people. This message covers world history and biblical history to delineate truth from propaganda and hope from fear. Although not specifically a serious, this message should be considered in the light of last week�"s message “Cross and Curtain”.

Throughout history men have raised leaders for themselves and ascribed to them divine qualities. These supermen or imperial men then move to create a super race. This can be demonstrated throughout history and it is nearly always at the expense of the other people groups but particularly the Jewish people. This message covers world history and biblical history to delineate truth from propaganda and hope from fear. Although not specifically a serious, this message should be considered in the light of last week�"s message “Cross and Curtain”.

Throughout history men have raised leaders for themselves and ascribed to them divine qualities. These supermen or imperial men then move to create a super race. This can be demonstrated throughout history and it is nearly always at the expense of the other people groups but particularly the Jewish people. This message covers world history and biblical history to delineate truth from propaganda and hope from fear. Although not specifically a serious, this message should be considered in the light of last week�"s message “Cross and Curtain”.

Throughout history men have raised leaders for themselves and ascribed to them divine qualities. These supermen or imperial men then move to create a super race. This can be demonstrated throughout history and it is nearly always at the expense of the other people groups but particularly the Jewish people. This message covers world history and biblical history to delineate truth from propaganda and hope from fear. Although not specifically a serious, this message should be considered in the light of last week�"s message “Cross and Curtain”.

The falling cost and wide availability of electronic devices have led to their widespread use by individuals, corporations, and governments. These devices, such as computers, cell phones, digital cameras, and printers, all contain various sensors which generate data that are stored or transmitted to another device. One example of this is a security system containing a network of video cameras, temperature sensors, alarms, computers, and other devices. In such a network, it is important to be able to trust the data from each of these sensors. Forensic techniques can be used to uniquely identify each device using the data it produces. This is different from simply securing the data being sent across the network because we are also authenticating the sensor that is creating the data. Forensic characterization of a device allows identification of the type of device, make, model, configuration, and other characteristics based solely on observation of the data that the device produces. These characteristics that uniquely identify a device are called device signatures. As an example, the noise characteristics in a digital image can be used as a signature of the camera that produced it. Similarly, the ‘‘noise’’ characteristics of a print engine can be used as a signature of the printer that generated a document. This talk will present current research and techniques for forensic characterization of printers and image capture devices such as digital cameras and scanners.