2011 Apr 29, 3:54
That’s What She Said: Double Entendre Identification
Chlo´e Kiddon and Yuriy Brun
Computer Science & Engineering
University of Washington
Seattle WA 98195-2350
2010 Oct 28, 7:49 2010 May 6, 7:43
Covers case studies of insecure usage of HTML5 cross-document messaging and web storage.
2010 May 4, 10:49 2010 Apr 29, 11:51
Stats from the State of Web Development 2010 web survey including: "Few respondents use any form of Internet Explorer for their day to day web use, but IE8 is the number one browser developers test
their sites in. Google Chrome has jumped dramatically as the browser of choice for developers, to rank 3rd, at 17% just behind Safari at 20%."
2010 Apr 20, 9:34 2010 Mar 8, 1:50
Paper suggests history stealing to find what popular social networking site groups a visitor to your web site belongs to and stats on how easy it is to then uniquely identify the visitor on the
popular social networking site.
2010 Feb 27, 10:06
A web browser add-on security research paper that describes the Google Chrome security model. "We propose a new browser extension system that improves security by using least privilege, privilege
and strong isolation. Our system limits the misdeeds an attacker can perform through an extension vulnerability.
Our design has been adopted as the Google Chrome extension system."
2009 Nov 27, 6:10
"What follows is a brief description of the method we have developed for encoding arbitrary shellcode as English text. This English shellcode is completely self-contained, i.e., it does not require
an external loader, and executes as valid IA32 code."
2009 Aug 25, 7:10
Research paper modelling zombie infection. "The key difference between the models presented here and other models of infectious disease is that the dead can come back to life." Also, love the
references section with "Snyder, Zack (director), 2004 Dawn of the Dead" next to things like "Bainov, D.D. & Simeonov, P.S. Impulsive Differential Equations: Asymptotic Properties of the
Solutions. World Scientific, Singapore (1995)."
2009 Aug 24, 9:52
Notes on how bin diff'ing tools work and thoughts on defeating them. "We call the threat "1-day exploits". Just few minutes after the release of patches, binary diffing technique can be used to
identify the vulnerabilities that the security patches are remedying."
2009 Aug 14, 6:20
"This paper presents efficient off-line anonymous e-cash schemes where a user can withdraw a wallet containing coins each of which she can spend unlinkably."
2009 Jul 29, 3:18