Please turn on your JavaScript for this page to function normally.
Protecting the Distributed Enterprise

Shows how a distributed security strategy can cost-effectively extend the reach of enterprise-class security and remote access throughout the enterprise. Download the paper in …

Implementation of Chosen-Ciphertext Attacks against PGP and GnuPG

We recently noted that PGP and other e-mail encryption protocols are, in theory, highly vulnerable to chosen-ciphertext attacks in which the recipient of the e-mail acts as an …

Exploiting design flaws in the Win32 API for privilege escalation – Shatter Attacks – How to break Windows

Introduction This paper presents a new generation of attacks against Microsoft Windows, and possibly other message-based windowing systems. The flaws presented in this paper …

Infranet: Circumventing Web Censorship and Surveillance

An increasing number of countries and companies routinely block or monitor access to parts of the Internet. To counteract these measures, we propose Infranet, a system that …

A General and Flexible Access-Control System for the Web

We describe the design, implementation, and performance of a new system for access control on the web. To achieve greater exibility in forming access-control policies – …

Proprietary Certificates

Certificates play an essential role in public-key cryptography, and are likely to become a cornerstone of commerce-related applications. Traditional certificates, however, are …

OpenSSL Security Vulnerabilities Roundup

OpenSSL Security Advisory issued on 30 July 2002 that points to several security issues within OpenSSL. There are four remotely exploitable buffer overflows in OpenSSL. There …

Hacking the Invisible Network: Insecurities in 802.11x

Wireless local-area networks (WLANs) are becoming increasingly popular but, at the same time, they have introduced new security issues. The convenience of WLANs introduces …

Proxy-Based Security Protocols in Networked Mobile Devices

We describe a resource discovery and communication system designed for security and privacy. All objects in the system, e.g., appliances, wearable gadgets, software agents, …

Security in Plan 9

The security architecture of the Plan 9 operating system has recently been redesigned to address some technical shortcomings. This redesign provided an opportunity also to …

Five Microsoft Security Bulletins Released

Microsoft was pretty active in the past few days – they released five security bulletins dealing with the following products: SQL Server 2000, Windows Media Player, …

Trusted Paths for Browsers: An Open-Source Solution to Web Spoofing

This paper reports the results of our work to systematically defend against Web spoofing, by creating a trusted path from the browser to the user. Starting with the Mozilla …

Don't miss

Cybersecurity news