tag:blogger.com,1999:blog-86559437424097287312011-07-08T09:47:25.064-07:00Security Reading GroupAdriennehttp://www.blogger.com/profile/02239287504359672100noreply@blogger.comBlogger51100tag:blogger.com,1999:blog-8655943742409728731.post-80899405727129671722009-10-13T12:22:00.001-07:002009-10-19T12:26:46.766-07:00Multiple Password Interference in Text Passwords and Click-Based Graphical PasswordsSonia Chiasson et al, Carleton University. Presented by Adrian Mettler.<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/8655943742409728731-8089940572712967172?l=berkeley-security.blogspot.com' alt='' /></div>Adriennehttp://www.blogger.com/profile/02239287504359672100noreply@blogger.com40tag:blogger.com,1999:blog-8655943742409728731.post-64498340443689882232009-10-06T13:13:00.000-07:002009-10-19T13:14:26.401-07:00Ripley: Automatically Securing Web 2.0 Applications Through Replicated ExecutionK.Vikram, Abhishek Prateek, and Ben Livshits. Presented by Joel Weinberger. The paper presents a system, Ripley, which allows for the automatic replicated execution of a client-side program. In modern web applications and AJAX frameworks, more and more computation is pushed to the client in order to reduce the amount of communication between the client and server. However, as computation is pushed to the client, malicious users can abuse this to violate the integrity of data on the server. Ripley automatically extracts client computation so it can be replicated on the server and verified.<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/8655943742409728731-6449834044368988223?l=berkeley-security.blogspot.com' alt='' /></div>Adriennehttp://www.blogger.com/profile/02239287504359672100noreply@blogger.com0tag:blogger.com,1999:blog-8655943742409728731.post-10438774852885956022009-09-29T12:24:00.000-07:002009-10-19T12:25:29.098-07:00Static Enforcement of Web Application Integrity Through Strong TypingWil Robertson and Giovanni Vigna of UCSB. Presented by Matthew Finifter.<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/8655943742409728731-1043877485288595602?l=berkeley-security.blogspot.com' alt='' /></div>Adriennehttp://www.blogger.com/profile/02239287504359672100noreply@blogger.com0tag:blogger.com,1999:blog-8655943742409728731.post-43557727020362140922009-09-22T13:14:00.000-07:002009-10-19T13:15:22.164-07:00S.773, the cybersecurity bill in the SenatePresented by Ari Rabkin.<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/8655943742409728731-4355772702036214092?l=berkeley-security.blogspot.com' alt='' /></div>Adriennehttp://www.blogger.com/profile/02239287504359672100noreply@blogger.com0tag:blogger.com,1999:blog-8655943742409728731.post-88014915254569986942009-09-08T12:25:00.000-07:002009-10-19T13:03:40.334-07:00Crying Wolf: An Empirical Study of SSL Warning EffectivenessJoshua Sunshine, Serge Egelman, Hazim Almuhimedi, Neha Atri, and Lorrie Faith Cranor, Carnegie Mellon University. Presented by Erika Chin.<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/8655943742409728731-8801491525456998694?l=berkeley-security.blogspot.com' alt='' /></div>Adriennehttp://www.blogger.com/profile/02239287504359672100noreply@blogger.com0