<?xml version="1.0" encoding="UTF-8"?>
 <rdf:RDF xmlns="http://purl.org/rss/1.0/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cc="http://web.resource.org/cc/" xmlns:syn="http://purl.org/rss/1.0/modules/syndication/" xmlns:admin="http://webns.net/mvcb/">
  <channel rdf:about="http://pinboard.in">
    <title>Pinboard (Vaguery)</title>
    <link>https://pinboard.in/u:Vaguery/public/</link>
    <description>recent bookmarks from Vaguery</description>
    <items>
      <rdf:Seq>	<rdf:li rdf:resource="https://simonbs.dev/posts/moving-from-1password-to-icloud-keychain/"/>
	<rdf:li rdf:resource="https://arxiv.org/abs/1701.08787"/>
	<rdf:li rdf:resource="https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/"/>
	<rdf:li rdf:resource="https://9to5mac.com/2021/06/29/linkedin-breach/"/>
	<rdf:li rdf:resource="https://sideways-view.com/2019/08/25/some-open-problems-in-p2p-routing/"/>
	<rdf:li rdf:resource="https://arxiv.org/abs/2010.01238"/>
	<rdf:li rdf:resource="https://medium.com/@umpox/be-careful-what-you-copy-invisibly-inserting-usernames-into-text-with-zero-width-characters-18b4e6f17b66"/>
	<rdf:li rdf:resource="https://arxiv.org/abs/2006.02932"/>
	<rdf:li rdf:resource="https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3273111"/>
	<rdf:li rdf:resource="https://arxiv.org/abs/2002.00937"/>
	<rdf:li rdf:resource="https://decentsecurity.com/routerwifi-configuration/"/>
	<rdf:li rdf:resource="https://bford.info/2019/09/23/rational/"/>
	<rdf:li rdf:resource="https://arxiv.org/abs/1803.00407"/>
	<rdf:li rdf:resource="https://arxiv.org/abs/1605.06386"/>
	<rdf:li rdf:resource="https://queue.acm.org/detail.cfm?id=3212479"/>
	<rdf:li rdf:resource="https://arxiv.org/abs/1705.06640"/>
	<rdf:li rdf:resource="https://krebsonsecurity.com/2019/03/facebook-stored-hundreds-of-millions-of-user-passwords-in-plain-text-for-years/"/>
	<rdf:li rdf:resource="https://twitter.com/alanfeuer/status/1082697402539229184?s=21"/>
	<rdf:li rdf:resource="https://shkspr.mobi/blog/2018/05/privacy-security-ethics-computer-sciences-judische-physik/"/>
	<rdf:li rdf:resource="https://arxiv.org/abs/1710.00217"/>
	<rdf:li rdf:resource="https://killcord.io/"/>
	<rdf:li rdf:resource="https://arxiv.org/abs/1710.03720"/>
	<rdf:li rdf:resource="https://blog.appcanary.com/2017/http-security-headers.html#hsts/why"/>
	<rdf:li rdf:resource="https://vimeo.com/234305186"/>
	<rdf:li rdf:resource="https://blog.plan99.net/building-account-systems-f790bf5fdbe0"/>
	<rdf:li rdf:resource="https://arxiv.org/abs/1611.02617"/>
	<rdf:li rdf:resource="https://arxiv.org/abs/1701.00881"/>
	<rdf:li rdf:resource="https://arxiv.org/abs/1610.04065"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1604.04984"/>
	<rdf:li rdf:resource="https://noncombatant.org/2016/01/28/against-security-nihilism/"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1503.05458"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1505.01631"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1210.7190"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1506.01414"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1407.5225"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1304.2612"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1410.3334"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1407.7598"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1503.00366"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1407.0803"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1401.3046"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1412.3359"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1407.2700"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1409.0924"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1411.2671"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1401.0561"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1409.0915"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1401.0102"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1302.7262"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1401.3274"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1312.6349"/>
	<rdf:li rdf:resource="http://www.troyhunt.com/2013/07/how-to-build-and-how-not-to-build.html"/>
	<rdf:li rdf:resource="https://help.github.com/articles/remove-sensitive-data"/>
	<rdf:li rdf:resource="https://www.honeybadger.io/blog/2013/06/25/stop-using-rubygemsorg-in-production"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1108.6062"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1206.6389"/>
	<rdf:li rdf:resource="https://57un.wordpress.com/2013/02/22/ultimate-guide-how-to-harden-your-ubuntu-linux/"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1212.6458"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1303.0141"/>
	<rdf:li rdf:resource="http://rubylearning.com/blog/2012/07/23/the-ongoing-vigil-of-software-security/"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1007.0636"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1006.1165"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1005.0919"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1005.0945"/>
	<rdf:li rdf:resource="http://arxiv.org/abs/1005.0967"/>
	<rdf:li rdf:resource="http://db.tidbits.com/article/11129?rss&amp;utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed%3A+tidbits_main+(TidBITS%3A+Mac+News+for+the+Rest+of+Us)"/>
	<rdf:li rdf:resource="http://github.com/guides/completely-remove-a-file-from-all-revisions"/>
	<rdf:li rdf:resource="http://www.wired.com/politics/security/news/2009/04/fleetcom?currentPage=2"/>
	<rdf:li rdf:resource="http://citizenengineer.com/"/>
	<rdf:li rdf:resource="http://blog.nkill.com/2009/04/nkill-in-pc-world.html"/>
      </rdf:Seq>
    </items>
  </channel><item rdf:about="https://simonbs.dev/posts/moving-from-1password-to-icloud-keychain/">
    <title>Moving from 1Password to iCloud Keychain</title>
    <dc:date>2021-12-15T22:32:35+00:00</dc:date>
    <link>https://simonbs.dev/posts/moving-from-1password-to-icloud-keychain/</link>
    <dc:creator>Vaguery</dc:creator><dc:subject>1password icloud security via:blturner MacOS</dc:subject>
<dc:identifier>https://pinboard.in/u:Vaguery/b:dfdcb50c5c84/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:1password"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:icloud"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:via:blturner"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:MacOS"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://arxiv.org/abs/1701.08787">
    <title>[1701.08787] Vulnerability of Clustering under Node Failure in Complex Networks</title>
    <dc:date>2021-11-04T12:51:00+00:00</dc:date>
    <link>https://arxiv.org/abs/1701.08787</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Robustness in response to unexpected events is always desirable for real-world networks. To improve the robustness of any networked system, it is important to analyze vulnerability to external perturbation such as random failures or adversarial attacks occurring to elements of the network. In this paper, we study an emerging problem in assessing the robustness of complex networks: the vulnerability of the clustering of the network to the failure of network elements. Specifically, we identify vertices whose failures will critically damage the network by degrading its clustering, evaluated through the average clustering coefficient. This problem is important because any significant change made to the clustering, resulting from element-wise failures, could degrade network performance such as the ability for information to propagate in a social network. We formulate this vulnerability analysis as an optimization problem, prove its NP-completeness and non-monotonicity, and we offer two algorithms to identify the vertices most important to clustering. Finally, we conduct comprehensive experiments in synthesized social networks generated by various well-known models as well as traces of real social networks. The empirical results over other competitive strategies show the efficacy of our proposed algorithms.
]]></description>
<dc:subject>network-theory robustness security combinatorics feature-construction to-simulate to-write-about</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:6d8a6eb2d889/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:network-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:robustness"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:combinatorics"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:feature-construction"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-simulate"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-write-about"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/">
    <title>Never a dill moment: Exploiting machine learning pickle files | Trail of Bits Blog</title>
    <dc:date>2021-10-13T14:53:30+00:00</dc:date>
    <link>https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Many machine learning (ML) models are Python pickle files under the hood, and it makes sense. The use of pickling conserves memory, enables start-and-stop model training, and makes trained models portable (and, thereby, shareable). Pickling is easy to implement, is built into Python without requiring additional dependencies, and supports serialization of custom objects. There’s little doubt about why choosing pickling for persistence is a popular practice among Python programmers and ML practitioners.

Pre-trained models are typically treated as “free” byproducts of ML since they allow the valuable intellectual property like algorithms and corpora that produced the model to remain private. This gives many people the confidence to share their models over the internet, particularly for reusable computer vision and natural language processing classifiers. Websites like PyTorch Hub facilitate model sharing, and some libraries even provide APIs to download models from GitHub repositories automatically.

Here, we discuss the underhanded antics that can occur simply from loading an untrusted pickle file or ML model. In the process, we introduce a new tool, Fickling, that can help you reverse engineer, test, and even create malicious pickle files. If you are an ML practitioner, you’ll learn about the security risks inherent in standard ML practices. If you are a security engineer, you’ll learn about a new tool that can help you construct and forensically examine pickle files. Either way, by the end of this article, pickling will hopefully leave a sour taste in your mouth.

]]></description>
<dc:subject>marshaling software-development security via:arthegall python virtual-machines machine-learning rather-interesting</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:3fdca0bc0fd2/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:marshaling"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:software-development"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:via:arthegall"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:python"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:virtual-machines"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:machine-learning"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://9to5mac.com/2021/06/29/linkedin-breach/">
    <title>LinkedIn breach reportedly exposes data of 92% of users - 9to5Mac</title>
    <dc:date>2021-06-30T13:21:17+00:00</dc:date>
    <link>https://9to5mac.com/2021/06/29/linkedin-breach/</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Update: PrivacyShark appears to have been the first to report this, and has now obtained a statement from LinkedIn, below.

A second massive LinkedIn breach reportedly exposes the data of 700M users, which is more than 92% of the total 756M users. The database is for sale on the dark web, with records including phone numbers, physical addresses, geolocation data, and inferred salaries.

The hacker who obtained the data has posted a sample of 1M records, and checks confirm that the data is both genuine and up-to-date …

]]></description>
<dc:subject>security social-networks le-sigh</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:77aede1e9e7c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:social-networks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:le-sigh"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://sideways-view.com/2019/08/25/some-open-problems-in-p2p-routing/">
    <title>Some open problems in P2P routing – The sideways view</title>
    <dc:date>2021-06-28T23:32:07+00:00</dc:date>
    <link>https://sideways-view.com/2019/08/25/some-open-problems-in-p2p-routing/</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[We’ll start with a graph G, where people know how to talk to their neighbors and each vertex has degree poly(n). For simplicity, I’ll assume that G is random to make life easy, but I think results for random graphs could probably be extended to any graph with low conductance.

]]></description>
<dc:subject>networks rather-interesting optimization robustness security coding-theory to-write-about to-simulate</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:2585ab25b32d/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:networks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:optimization"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:robustness"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:coding-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-write-about"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-simulate"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://arxiv.org/abs/2010.01238">
    <title>[2010.01238] A Deep Genetic Programming based Methodology for Art Media Classification Robust to Adversarial Perturbations</title>
    <dc:date>2021-06-27T12:08:53+00:00</dc:date>
    <link>https://arxiv.org/abs/2010.01238</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Art Media Classification problem is a current research area that has attracted attention due to the complex extraction and analysis of features of high-value art pieces. The perception of the attributes can not be subjective, as humans sometimes follow a biased interpretation of artworks while ensuring automated observation's trustworthiness. Machine Learning has outperformed many areas through its learning process of artificial feature extraction from images instead of designing handcrafted feature detectors. However, a major concern related to its reliability has brought attention because, with small perturbations made intentionally in the input image (adversarial attack), its prediction can be completely changed. In this manner, we foresee two ways of approaching the situation: (1) solve the problem of adversarial attacks in current neural networks methodologies, or (2) propose a different approach that can challenge deep learning without the effects of adversarial attacks. The first one has not been solved yet, and adversarial attacks have become even more complex to defend. Therefore, this work presents a Deep Genetic Programming method, called Brain Programming, that competes with deep learning and studies the transferability of adversarial attacks using two artworks databases made by art experts. The results show that the Brain Programming method preserves its performance in comparison with AlexNet, making it robust to these perturbations and competing to the performance of Deep Learning.
]]></description>
<dc:subject>genetic-programming image-processing rather-interesting deep-learning adversarial-methods security to-write-about consider:representation</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:48fb04d3d3e7/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:genetic-programming"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:image-processing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:deep-learning"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:adversarial-methods"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-write-about"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:consider:representation"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://medium.com/@umpox/be-careful-what-you-copy-invisibly-inserting-usernames-into-text-with-zero-width-characters-18b4e6f17b66">
    <title>Be careful what you copy: Invisibly inserting usernames into text with Zero-Width Characters | by Tom Ross | Medium</title>
    <dc:date>2021-01-14T12:44:45+00:00</dc:date>
    <link>https://medium.com/@umpox/be-careful-what-you-copy-invisibly-inserting-usernames-into-text-with-zero-width-characters-18b4e6f17b66</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Zero-width characters are invisible, ‘non-printing’ characters that are not displayed by the majority of applications. F​or exam​ple, I’ve ins​erted 10 ze​ro-width spa​ces in​to thi​s sentence, c​an you tel​​l? (Hint: paste the sentence into Diff Checker to see the locations of the characters!). These characters can be used to ‘fingerprint’ text for certain users.
]]></description>
<dc:subject>steganography security tracking web-design rather-interesting privacy citation-networks</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:aa9678787660/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:steganography"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:tracking"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:web-design"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:citation-networks"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://arxiv.org/abs/2006.02932">
    <title>[2006.02932] Vulnerability Analysis of 2500 Docker Hub Images</title>
    <dc:date>2020-11-21T13:13:31+00:00</dc:date>
    <link>https://arxiv.org/abs/2006.02932</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[The use of container technology has skyrocketed during the last few years, with Docker as the leading container platform. Docker's online repository for publicly available container images, called Docker Hub, hosts over 3.5 million images at the time of writing, making it the world's largest community of container images. We perform an extensive vulnerability analysis of 2500 Docker images. It is of particular interest to perform this type of analysis because the vulnerability landscape is a rapidly changing category, the vulnerability scanners are constantly developed and updated, new vulnerabilities are discovered, and the volume of images on Docker Hub is increasing every day. Our main findings reveal that (1) the number of newly introduced vulnerabilities on Docker Hub is rapidly increasing; (2) certified images are the most vulnerable; (3) official images are the least vulnerable; (4) there is no correlation between the number of vulnerabilities and image features (i.e., number of pulls, number of stars, and days since the last update); (5) the most severe vulnerabilities originate from two of the most popular scripting languages, JavaScript and Python; and (6) Python 2.x packages and jackson-databind packages contain the highest number of severe vulnerabilities. We perceive our study as the most extensive vulnerability analysis published in the open literature in the last couple of years.
]]></description>
<dc:subject>software-development-is-not-programming security containerization deployment rather-interesting to-remember</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:03e911379cb8/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:software-development-is-not-programming"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:containerization"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:deployment"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-remember"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3273111">
    <title>Common-Knowledge Attacks on Democracy by Henry Farrell, Bruce Schneier :: SSRN</title>
    <dc:date>2020-06-14T12:40:21+00:00</dc:date>
    <link>https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3273111</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Existing approaches to cybersecurity emphasize either international state-to-state logics (such as deterrence theory) or the integrity of individual information systems. Neither provides a good understanding of new “soft cyber” attacks that involve the manipulation of expectations and common understandings. We argue that scaling up computer security arguments to the level of the state, so that the entire polity is treated as an information system with associated attack surfaces and threat models, provides the best immediate way to understand these attacks and how to mitigate them. We demonstrate systematic differences between how autocracies and democracies work as information systems, because they rely on different mixes of common and contested political knowledge. Stable autocracies will have common knowledge over who is in charge and their associated ideological or policy goals, but will generate contested knowledge over who the various political actors in society are, and how they might form coalitions and gain public support, so as to make it more difficult for coalitions to displace the regime. Stable democracies will have contested knowledge over who is in charge, but common knowledge over who the political actors are, and how they may form coalitions and gain public support. These differences are associated with notably different attack surfaces and threat models. Specifically, democracies are vulnerable to measures that “flood” public debate and disrupt shared decentralized understandings of actors and coalitions, in ways that autocracies are not.

]]></description>
<dc:subject>political-science democracy security mechanism-design to-read</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:f422baeebf72/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:political-science"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:democracy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:mechanism-design"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-read"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://arxiv.org/abs/2002.00937">
    <title>[2002.00937] Radioactive data: tracing through training</title>
    <dc:date>2020-05-02T15:03:53+00:00</dc:date>
    <link>https://arxiv.org/abs/2002.00937</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[We want to detect whether a particular image dataset has been used to train a model. We propose a new technique, \emph{radioactive data}, that makes imperceptible changes to this dataset such that any model trained on it will bear an identifiable mark. The mark is robust to strong variations such as different architectures or optimization methods. Given a trained model, our technique detects the use of radioactive data and provides a level of confidence (p-value). Our experiments on large-scale benchmarks (Imagenet), using standard architectures (Resnet-18, VGG-16, Densenet-121) and training procedures, show that we can detect usage of radioactive data with high confidence (p<10^-4) even when only 1% of the data used to trained our model is radioactive. Our method is robust to data augmentation and the stochasticity of deep network optimization. As a result, it offers a much higher signal-to-noise ratio than data poisoning and backdoor methods.
]]></description>
<dc:subject>machine-learning data-analysis rather-interesting security looking-to-see metaheuristics privacy algorithms to-write-about to-simulate consider:parallels-for-other-metaheuristics</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:5c006b02c3bb/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:machine-learning"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:data-analysis"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:looking-to-see"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:metaheuristics"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-write-about"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-simulate"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:consider:parallels-for-other-metaheuristics"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://decentsecurity.com/routerwifi-configuration/">
    <title>Router/WiFi configuration — Decent Security</title>
    <dc:date>2020-05-02T13:10:03+00:00</dc:date>
    <link>https://decentsecurity.com/routerwifi-configuration/</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[This article is a list of best practices for home router and WiFi security. 
[Page last reviewed 2019-04-13]

]]></description>
<dc:subject>security hardware devops home-computing to-do to-learn privacy routers</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:b7d30fb5587f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:hardware"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:devops"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:home-computing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-do"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-learn"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:routers"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://bford.info/2019/09/23/rational/">
    <title>Rationality is Self-Defeating in Permissionless Systems – Bryan Ford's Home Page</title>
    <dc:date>2020-05-02T12:25:16+00:00</dc:date>
    <link>https://bford.info/2019/09/23/rational/</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[As a quick summary of the argument we will expand below, suppose a permissionless system like Bitcoin is secure against rational attacks, but has some weakness against irrational Byzantine attacks in which the attacker would lose money. Because the system is open, permissionless, and exists within a larger ecosystem, a rational attacker can find ways to “bet against” Bitcoin’s security in other financially-connected systems (e.g., Ethereum), making a profit outside of Bitcoin on this attack against Bitcoin. An attack that appears irrational in the context of Bitcoin may be perfectly rational in the context of the larger ecosystem.

For this reason, an open permissionless system designed to be secure only against rational adversaries is actually just insecure, unless it remains secure even when the “rational” participants become fully Byzantine. Given this, one might as well have designed the permissionless system in a Byzantine model in the first place. The rationality assumption offers no actual benefit, but merely can make an insecure system appear secure under flawed analysis.

]]></description>
<dc:subject>game-theory rather-interesting consider:open-search consider:genetic-programming consider:parsimony to-write-about to-simulate consider:occam-ain't-it security good-analogies</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:cb654a6b3b9c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:game-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:consider:open-search"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:consider:genetic-programming"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:consider:parsimony"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-write-about"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-simulate"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:consider:occam-ain't-it"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:good-analogies"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://arxiv.org/abs/1803.00407">
    <title>[1803.00407] Yedrouj-Net: An efficient CNN for spatial steganalysis</title>
    <dc:date>2019-11-23T14:40:10+00:00</dc:date>
    <link>https://arxiv.org/abs/1803.00407</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[For about 10 years, detecting the presence of a secret message hidden in an image was performed with an Ensemble Classifier trained with Rich features. In recent years, studies such as Xu et al. have indicated that well-designed convolutional Neural Networks (CNN) can achieve comparable performance to the two-step machine learning approaches. 
In this paper, we propose a CNN that outperforms the state-ofthe-art in terms of error probability. The proposition is in the continuity of what has been recently proposed and it is a clever fusion of important bricks used in various papers. Among the essential parts of the CNN, one can cite the use of a pre-processing filterbank and a Truncation activation function, five convolutional layers with a Batch Normalization associated with a Scale Layer, as well as the use of a sufficiently sized fully connected section. An augmented database has also been used to improve the training of the CNN. 
Our CNN was experimentally evaluated against S-UNIWARD and WOW embedding algorithms and its performances were compared with those of three other methods: an Ensemble Classifier plus a Rich Model, and two other CNN steganalyzers.
]]></description>
<dc:subject>stenography security neural-networks image-processing cryptography pattern-discovery rather-interesting consider:looking-to-see</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:ef923682ec29/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:stenography"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:neural-networks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:image-processing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:cryptography"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:pattern-discovery"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:consider:looking-to-see"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://arxiv.org/abs/1605.06386">
    <title>[1605.06386] $k$-core percolation on complex networks: Comparing random, localized and targeted attacks</title>
    <dc:date>2019-11-03T11:43:20+00:00</dc:date>
    <link>https://arxiv.org/abs/1605.06386</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[The type of malicious attack inflicting on networks greatly influences their stability under ordinary percolation in which a node fails when it becomes disconnected from the giant component. Here we study its generalization, k-core percolation, in which a node fails when it loses connection to a threshold k number of neighbors. We study and compare analytically and by numerical simulations of k-core percolation the stability of networks under random attacks (RA), localized attacks (LA) and targeted attacks (TA), respectively. By mapping a network under LA or TA into an equivalent network under RA, we find that in both single and interdependent networks, TA exerts the greatest damage to the core structure of a network. We also find that for Erdős-Rényi (ER) networks, LA and RA exert equal damage to the core structure whereas for scale-free (SF) networks, LA exerts much more damage than RA does to the core structure.
]]></description>
<dc:subject>network-theory robustness mechanism-design small-world social-networks security dynamics planning to-simulate to-write-about feature-construction looking-to-see consider:online-learning</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:5d8811072edf/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:network-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:robustness"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:mechanism-design"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:small-world"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:social-networks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:dynamics"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:planning"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-simulate"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-write-about"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:feature-construction"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:looking-to-see"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:consider:online-learning"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://queue.acm.org/detail.cfm?id=3212479">
    <title>C Is Not a Low-level Language - ACM Queue</title>
    <dc:date>2019-09-21T22:45:52+00:00</dc:date>
    <link>https://queue.acm.org/detail.cfm?id=3212479</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[In the wake of the recent Meltdown and Spectre vulnerabilities, it's worth spending some time looking at root causes. Both of these vulnerabilities involved processors speculatively executing instructions past some kind of access check and allowing the attacker to observe the results via a side channel. The features that led to these vulnerabilities, along with several others, were added to let C programmers continue to believe they were programming in a low-level language, when this hasn't been the case for decades.

Processor vendors are not alone in this. Those of us working on C/C++ compilers have also participated.

]]></description>
<dc:subject>programming-language philosophy-of-engineering rather-good define-your-terms security simulation hardware the-cultural-construction-of-abstractions</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:5b1176980b3a/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:programming-language"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:philosophy-of-engineering"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-good"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:define-your-terms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:simulation"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:hardware"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:the-cultural-construction-of-abstractions"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://arxiv.org/abs/1705.06640">
    <title>[1705.06640] DeepXplore: Automated Whitebox Testing of Deep Learning Systems</title>
    <dc:date>2019-04-24T14:10:41+00:00</dc:date>
    <link>https://arxiv.org/abs/1705.06640</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Deep learning (DL) systems are increasingly deployed in safety- and security-critical domains including self-driving cars and malware detection, where the correctness and predictability of a system's behavior for corner case inputs are of great importance. Existing DL testing depends heavily on manually labeled data and therefore often fails to expose erroneous behaviors for rare inputs. 
We design, implement, and evaluate DeepXplore, the first whitebox framework for systematically testing real-world DL systems. First, we introduce neuron coverage for systematically measuring the parts of a DL system exercised by test inputs. Next, we leverage multiple DL systems with similar functionality as cross-referencing oracles to avoid manual checking. Finally, we demonstrate how finding inputs for DL systems that both trigger many differential behaviors and achieve high neuron coverage can be represented as a joint optimization problem and solved efficiently using gradient-based search techniques. 
DeepXplore efficiently finds thousands of incorrect corner case behaviors (e.g., self-driving cars crashing into guard rails and malware masquerading as benign software) in state-of-the-art DL models with thousands of neurons trained on five popular datasets including ImageNet and Udacity self-driving challenge data. For all tested DL models, on average, DeepXplore generated one test input demonstrating incorrect behavior within one second while running only on a commodity laptop. We further show that the test inputs generated by DeepXplore can also be used to retrain the corresponding DL model to improve the model's accuracy by up to 3%.
]]></description>
<dc:subject>fuzz-testing stress-testing machine-learning neural-networks rather-interesting knobs-to-11 security software-engineering trustable-models to-write-about</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:c04d7d30b78b/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:fuzz-testing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:stress-testing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:machine-learning"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:neural-networks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:knobs-to-11"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:software-engineering"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:trustable-models"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-write-about"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://krebsonsecurity.com/2019/03/facebook-stored-hundreds-of-millions-of-user-passwords-in-plain-text-for-years/">
    <title>Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years — Krebs on Security</title>
    <dc:date>2019-03-24T11:44:15+00:00</dc:date>
    <link>https://krebsonsecurity.com/2019/03/facebook-stored-hundreds-of-millions-of-user-passwords-in-plain-text-for-years/</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[My Facebook insider said access logs showed some 2,000 engineers or developers made approximately nine million internal queries for data elements that contained plain text user passwords.

]]></description>
<dc:subject>security facepalm Facebook incompetence-is-at-this-degree-become-malice startup-culture-must-die</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:e37d6d301289/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:facepalm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:Facebook"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:incompetence-is-at-this-degree-become-malice"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:startup-culture-must-die"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://twitter.com/alanfeuer/status/1082697402539229184?s=21">
    <title>Alan Feuer on Twitter: &quot;In February 2010, an undercover FBI agent met with the target of a sensitive investigation: Christian Rodriguez, an IT specialist who had recently developed a remarkable product: an encrypted communication network for the Mexican d</title>
    <dc:date>2019-01-09T12:53:43+00:00</dc:date>
    <link>https://twitter.com/alanfeuer/status/1082697402539229184?s=21</link>
    <dc:creator>Vaguery</dc:creator><dc:subject>crime-thriller truth-and-fiction security news also-wow</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:dbd2a1b92d9f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:crime-thriller"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:truth-and-fiction"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:news"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:also-wow"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://shkspr.mobi/blog/2018/05/privacy-security-ethics-computer-sciences-judische-physik/">
    <title>Privacy, Security, &amp; Ethics – Computer Science’s “Jüdische Physik” – Terence Eden's Blog</title>
    <dc:date>2018-10-26T11:50:39+00:00</dc:date>
    <link>https://shkspr.mobi/blog/2018/05/privacy-security-ethics-computer-sciences-judische-physik/</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[I'm going to tell you an anecdote which is a gross oversimplification, and is an unfair comparison.
In the early part of the twenty-first century, many people working in the fledgeling Internet industry started making noise about privacy, security, and ethics. The mainstream technologists called them fearmongers, idealists, and anti-business. Their ideas were unwelcome and they were thrown out of both the cathedral and the bazaar.
Many retreated to academia, some stayed and tried to cultivate a sense of responsibility in the industry, a few started lobbying governments around the world. By the time trust in the existing structures had begun to collapse, there were too few privacy-focused employees left to reverse the damage.
By expelling the boring and pessimistic doomsayers, the Internet behemoths had sowed the seeds of their own destruction.
]]></description>
<dc:subject>security professionalism online-culture privacy startup-culture-must-die cultural-assumptions</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:6099df5374a9/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:professionalism"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:online-culture"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:startup-culture-must-die"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:cultural-assumptions"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://arxiv.org/abs/1710.00217">
    <title>[1710.00217] A Framework for Inferring Combination Lock Codes using Smartwatches</title>
    <dc:date>2018-07-04T11:34:48+00:00</dc:date>
    <link>https://arxiv.org/abs/1710.00217</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Wrist-wearables such as smartwatches and fitness bands are equipped with a variety of high-precision sensors that enable collection of rich contextual information related to the wearer and his/her surroundings and support a variety of novel context- and activity-based applications. The presence of such a diverse set of on-board sensors, however, also expose an additional attack surface which, if not adequately protected, could be potentially exploited to leak private user information. In this paper, we comprehensively investigate the feasibility of a new vulnerability that attempts to take advantage of a wrist-wearable's seemingly innocuous and poorly regulated motion sensors to infer a user's input on mechanical devices typically used to secure physical access, for example, combination locks. In this direction, we outline two motion-based inference frameworks: i) a deterministic attack framework that attempts to infer a lock's unlock combination from the wrist motion (specifically, angular displacement) data obtained from a wrist-wearable's gyroscope sensor, and ii) a probabilistic attack framework that extends the output of the deterministic framework to produce a ranked list of likely unlock combinations. Further, we conduct a thorough empirical evaluation of the proposed frameworks by employing unlocking-related motion data collected from human subject participants in a variety of controlled and realistic settings. Evaluation results from these experiments demonstrate that motion data from wrist-wearables can be effectively employed as an information side-channel to significantly reduce the unlock combination search-space of commonly-found combination locks, thus compromising the physical security provided by these locks.]]></description>
<dc:subject>security inference to-write-about inverse-problems rather-interesting nudge-targets feature-extraction</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:c3336bd6a2a9/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:inference"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-write-about"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:inverse-problems"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:feature-extraction"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://killcord.io/">
    <title>killcord</title>
    <dc:date>2018-04-25T18:03:41+00:00</dc:date>
    <link>https://killcord.io/</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Killcord is a tool used to build resilient deadman's switches for releasing encrypted payloads. In its default configuration, killcord leverages ethereum and ipfs for censorship resistance. The killcord project owner hides a secret key from the world by checking in to the killcord smart contract on ethereum. If the owner stops checking in after a period of time, the killcord is triggered and the secret key that decrypts an encrypted payload is published.

]]></description>
<dc:subject>for-a-project privacy security software</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:419506a4b585/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:for-a-project"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:software"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://arxiv.org/abs/1710.03720">
    <title>[1710.03720] Practical Integer Overflow Prevention</title>
    <dc:date>2018-02-06T00:34:02+00:00</dc:date>
    <link>https://arxiv.org/abs/1710.03720</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Integer overflows in commodity software are a main source for software bugs, which can result in exploitable memory corruption vulnerabilities and may eventually contribute to powerful software based exploits, i.e., code reuse attacks (CRAs). 
In this paper, we present IntGuard , a tool that can repair integer overflows with high-quality source code repairs. Specifically, given the source code of a program, IntGuard first discovers the location of an integer overflow error by using static source code analysis and satisfiability modulo theories (SMT) solving. IntGuard then generates integer multi-precision code repairs based on modular manipulation of SMT constraints as well as an extensible set of customizable code repair patterns. 
We have implemented and evaluated IntGuard with 2052 C programs (approx. 1 Mil. LOC) available in the currently largest open- source test suite for C/C++ programs and with a benchmark containing large and complex programs. The evaluation results show that IntGuard can precisely (i.e., no false positives are accidentally repaired), with low computational and runtime overhead repair programs with very small binary and source code blow-up. In a controlled experiment, we show that IntGuard is more time-effective and achieves a higher repair success rate than manually generated code repairs.
]]></description>
<dc:subject>software-engineering testing security rather-interesting nudge-targets consider:stress-testing</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:d2a5d9bfb087/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:software-engineering"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:testing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:consider:stress-testing"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://blog.appcanary.com/2017/http-security-headers.html#hsts/why">
    <title>Appcanary - Everything you need to know about HTTP security headers</title>
    <dc:date>2017-10-02T11:41:13+00:00</dc:date>
    <link>https://blog.appcanary.com/2017/http-security-headers.html#hsts/why</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[This article explains what secure headers are and how to implement these headers in Rails, Django, Express.js, Go, Nginx, Apache and Varnish.

Please note that some headers may be best configured in on your HTTP servers, while others should be set on the application layer. Use your own discretion here. You can test how well you’re doing with Mozilla’s Observatory.

]]></description>
<dc:subject>web-design security to-understand to-do devops software-development-is-not-programming</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:8f56d14d3012/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:web-design"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-understand"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-do"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:devops"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:software-development-is-not-programming"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://vimeo.com/234305186">
    <title>Foreplay keynote - Aral Balkan on Vimeo</title>
    <dc:date>2017-09-25T12:04:44+00:00</dc:date>
    <link>https://vimeo.com/234305186</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Foreplay keynote - Aral Balkan]]></description>
<dc:subject>security corporatism openness public-policy video keynote</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:a1822ee229f1/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:corporatism"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:openness"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:public-policy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:video"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:keynote"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://blog.plan99.net/building-account-systems-f790bf5fdbe0">
    <title>Building account systems – Mike’s blog</title>
    <dc:date>2017-08-05T11:28:05+00:00</dc:date>
    <link>https://blog.plan99.net/building-account-systems-f790bf5fdbe0</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Troy Hunt recently published a blog post titled “Authentication guidance for the modern era”. It has a big pile of solid advice on what password rules your website should use, with references to formal government recommendations — always useful for convincing colleagues or a boss.
One of the projects I worked on during my time at Google was their unified account system (specifically, anti-hijacking). Login systems are a part of most websites, so reading Troy’s article inspired me to put together some advice for building them.]]></description>
<dc:subject>software-development-is-not-programming best-practices authentication to-read to-learn security reference</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:b7f227abcf11/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:software-development-is-not-programming"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:best-practices"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:authentication"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-read"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-learn"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:reference"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://arxiv.org/abs/1611.02617">
    <title>[1611.02617] Color-avoiding percolation</title>
    <dc:date>2017-05-20T10:31:03+00:00</dc:date>
    <link>https://arxiv.org/abs/1611.02617</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Many real world networks have groups of similar nodes which are vulnerable to the same failure or adversary. Nodes can be colored in such a way that colors encode the shared vulnerabilities. Using multiple paths to avoid these vulnerabilities can greatly improve network robustness. Color-avoiding percolation provides a theoretical framework for analyzing this scenario, focusing on the maximal set of nodes which can be connected via multiple color-avoiding paths. In this paper we extend the basic theory of color-avoiding percolation that was published in [Krause et. al., Phys. Rev. X 6 (2016) 041022]. We explicitly account for the fact that the same particular link can be part of different paths avoiding different colors. This fact was previously accounted for with a heuristic approximation. We compare this approximation with a new, more exact theory and show that the new theory is substantially more accurate for many avoided colors. Further, we formulate our new theory with differentiated node functions, as senders/receivers or as transmitters. In both functions, nodes can be explicitly trusted or avoided. With only one avoided color we obtain standard percolation. With one by one avoiding additional colors, we can understand the critical behavior of color avoiding percolation. For heterogeneous color frequencies, we find that the colors with the largest frequencies control the critical threshold and exponent. Colors of small frequencies have only a minor influence on color avoiding connectivity, thus allowing for approximations.
]]></description>
<dc:subject>security graph-theory network-theory robustness algorithms nudge-targets consider:higher-order-features</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:31d0d91c84ca/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:graph-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:network-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:robustness"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:consider:higher-order-features"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://arxiv.org/abs/1701.00881">
    <title>[1701.00881] Supervisory Control of Discrete-event Systems under Attacks</title>
    <dc:date>2017-03-05T13:04:15+00:00</dc:date>
    <link>https://arxiv.org/abs/1701.00881</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[We consider a supervisory control problem for discrete-event systems, in which an attacker corrupts the symbols that are observed by the supervisor. We show that existence of a supervisor enforcing a specification language, in the presence of attacks, is completely characterized by controllability (in the usual sense) and observability of the specification (in a new appropriately defined sense). The new notion of observability takes into account the attacker's ability to alter the symbols received by the attacker. For attacks that correspond to arbitrary insertions/removals of symbols, the new notion of observability can be tested by checking the usual notion of observability for a set of discrete-event systems with appropriately redefined observation maps. Focusing on attacks that replace and/or remove symbols from the output strings, we construct observers that are robust against attacks and lead to an automaton representation of the supervisor. We also develop a test for observability under such replacement-removal attacks by using the so-called product automata.
]]></description>
<dc:subject>security discrete-event-systems rather-interesting control-theory engineering-design robustness simulation to-write-about</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:7f088708c1aa/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:discrete-event-systems"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:control-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:engineering-design"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:robustness"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:simulation"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-write-about"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://arxiv.org/abs/1610.04065">
    <title>[1610.04065] An arbiter PUF secured by remote random reconfigurations of an FPGA</title>
    <dc:date>2016-10-31T11:09:23+00:00</dc:date>
    <link>https://arxiv.org/abs/1610.04065</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[We present a practical and highly secure method for the authentication of chips based on a new concept for implementing strong Physical Unclonable Function (PUF) on field programmable gate arrays (FPGA). Its qualitatively novel feature is a remote reconfiguration in which the delay stages of the PUF are arranged to a random pattern within a subset of the FPGA's gates. Before the reconfiguration is performed during authentication the PUF simply does not exist. Hence even if an attacker has the chip under control previously she can gain no useful information about the PUF. This feature, together with a strict renunciation of any error correction and challenge selection criteria that depend on individual properties of the PUF that goes into the field make our strong PUF construction immune to all machine learning attacks presented in the literature. More sophisticated attacks on our strong-PUF construction will be difficult, because they require the attacker to learn or directly measure the properties of the complete FPGA. A fully functional reference implementation for a secure "chip biometrics" is presented. We remotely configure ten 64-stage arbiter PUFs out of 1428 lookup tables within a time of 25 seconds and then receive one "fingerprint" from each PUF within 1 msec.
]]></description>
<dc:subject>probability-theory security engineering-design rather-interesting to-understand to-write-about nudge-targets consider:looking-to-see consider:robustness</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:4226290d427d/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:probability-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:engineering-design"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-understand"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-write-about"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:consider:looking-to-see"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:consider:robustness"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1604.04984">
    <title>[1604.04984] Prediction-error of Prediction Error (PPE)-based Reversible Data Hiding</title>
    <dc:date>2016-05-13T23:39:49+00:00</dc:date>
    <link>http://arxiv.org/abs/1604.04984</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[This paper presents a novel reversible data hiding (RDH) algorithm for gray-scaled images, in which the prediction-error of prediction error (PPE) of a pixel is used to carry the secret data. In the proposed method, the pixels to be embedded are firstly predicted with their neighboring pixels to obtain the corresponding prediction errors (PEs). Then, by exploiting the PEs of the neighboring pixels, the prediction of the PEs of the pixels can be determined. And, a sorting technique based on the local complexity of a pixel is used to collect the PPEs to generate an ordered PPE sequence so that, smaller PPEs will be processed first for data embedding. By reversibly shifting the PPE histogram (PPEH) with optimized parameters, the pixels corresponding to the altered PPEH bins can be finally modified to carry the secret data. Experimental results have implied that the proposed method can benefit from the prediction procedure of the PEs, sorting technique as well as parameters selection, and therefore outperform some state-of-the-art works in terms of payload-distortion performance when applied to different images.
]]></description>
<dc:subject>steganography security algorithms nudge-targets consider:looking-to-see</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:dd3c43338239/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:steganography"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:consider:looking-to-see"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://noncombatant.org/2016/01/28/against-security-nihilism/">
    <title>Against Security Nihilism</title>
    <dc:date>2016-02-25T23:25:16+00:00</dc:date>
    <link>https://noncombatant.org/2016/01/28/against-security-nihilism/</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[There’s a lot of security nihilism in the technology community, and in the culture generally. Many people believe that ”defense is impossible”, that ”security is a losing battle”, that nothing can be done, that we should stop trying and divert resources spent on security to other worthy things like features and performance. There is even nihilism in the security community itself — although, I suspect, moreso from the offensive side.

]]></description>
<dc:subject>security software-development-is-not-programming links-are-amazing nudge-targets to-understand</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:b214e0dbd1a8/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:software-development-is-not-programming"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:links-are-amazing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-understand"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1503.05458">
    <title>[1503.05458] Deception by Design: Evidence-Based Signaling Games for Network Defense</title>
    <dc:date>2015-09-24T10:43:59+00:00</dc:date>
    <link>http://arxiv.org/abs/1503.05458</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Deception plays a critical role in the financial industry, online markets, national defense, and countless other areas. Understanding and harnessing deception - especially in cyberspace - is both crucial and difficult. Recent work in this area has used game theory to study the roles of incentives and rational behavior. Building upon this work, we employ a game-theoretic model for the purpose of mechanism design. Specifically, we study a defensive use of deception: implementation of honeypots for network defense. How does the design problem change when an adversary develops the ability to detect honeypots? We analyze two models: cheap-talk games and an augmented version of those games that we call cheap-talk games with evidence, in which the receiver can detect deception with some probability. Our first contribution is this new model for deceptive interactions. We show that the model includes traditional signaling games and complete information games as special cases. We also demonstrate numerically that deception detection sometimes eliminate pure-strategy equilibria. Finally, we present the surprising result that the utility of a deceptive defender can sometimes increase when an adversary develops the ability to detect deception. These results apply concretely to network defense. They are also general enough for the large and critical body of strategic interactions that involve deception.
]]></description>
<dc:subject>security mechanism-design game-theory algorithms nudge-targets</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:91e84e055dda/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:mechanism-design"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:game-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1505.01631">
    <title>[1505.01631] Data Fusion of Objects Using Techniques Such as Laser Scanning, Structured Light and Photogrammetry for Cultural Heritage Applications</title>
    <dc:date>2015-09-20T13:02:19+00:00</dc:date>
    <link>http://arxiv.org/abs/1505.01631</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[In this paper we present a semi-automatic 2D-3D local registration pipeline capable of coloring 3D models obtained from 3D scanners by using uncalibrated images. The proposed pipeline exploits the Structure from Motion (SfM) technique in order to reconstruct a sparse representation of the 3D object and obtain the camera parameters from image feature matches. We then coarsely register the reconstructed 3D model to the scanned one through the Scale Iterative Closest Point (SICP) algorithm. SICP provides the global scale, rotation and translation parameters, using minimal manual user intervention. In the final processing stage, a local registration refinement algorithm optimizes the color projection of the aligned photos on the 3D object removing the blurring/ghosting artefacts introduced due to small inaccuracies during the registration. The proposed pipeline is capable of handling real world cases with a range of characteristics from objects with low level geometric features to complex ones.
]]></description>
<dc:subject>data-fusion digitization material-culture museology rather-interesting image-processing identification security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:9e54c1aee832/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:data-fusion"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:digitization"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:material-culture"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:museology"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:image-processing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:identification"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1210.7190">
    <title>[1210.7190] Subspace Fuzzy Vault</title>
    <dc:date>2015-09-10T11:12:53+00:00</dc:date>
    <link>http://arxiv.org/abs/1210.7190</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Fuzzy vault is a scheme providing secure authentication based on fuzzy matching of sets. A major application is the use of biometric features for authentication, whereby unencrypted storage of these features is not an option because of security concerns. While there is still ongoing research around the practical implementation of such schemes, we propose and analyze here an alternative construction based on subspace codes. This offers some advantages in terms of security, as an eventual discovery of the key does not provide an obvious access to the features. Crucial for an efficient implementation are the computational complexity and the choice of good code parameters. The parameters depend on the particular application, e.g. the biometric feature to be stored and the rate one wants to allow for false acceptance. The developed theory is closely linked to constructions of subspace codes studied in the area of random network coding.
]]></description>
<dc:subject>information-theory biometrics security fuzzy rather-interesting algorithms nudge-targets performance-measure</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:ee6dcaca4f59/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:information-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:biometrics"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:fuzzy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:performance-measure"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1506.01414">
    <title>[1506.01414] Network investigation methodology for BitTorrent Sync: A Peer-to-Peer based file synchronisation service</title>
    <dc:date>2015-08-24T10:54:04+00:00</dc:date>
    <link>http://arxiv.org/abs/1506.01414</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[High availability is no longer just a business continuity concern. Users are increasingly dependant on devices that consume and produce data in ever increasing volumes. A popular solution is to have a central repository which each device accesses after centrally managed authentication. This model of use is facilitated by cloud based file synchronisation services such as Dropbox, OneDrive, Google Drive and Apple iCloud. Cloud architecture allows the provisioning of storage space with "always-on" access. Recent concerns over unauthorised access to third party systems and large scale exposure of private data have made an alternative solution desirable. These events have caused users to assess their own security practices and the level of trust placed in third party storage services. One option is BitTorrent Sync, a cloudless synchronisation utility provides data availability and redundancy. This utility replicates files stored in shares to remote peers with access controlled by keys and permissions. While lacking the economies brought about by scale, complete control over data access has made this a popular solution. The ability to replicate data without oversight introduces risk of abuse by users as well as difficulties for forensic investigators. This paper suggests a methodology for investigation and analysis of the protocol to assist in the control of data flow across security perimeters.
]]></description>
<dc:subject>security bittorrent software algorithms rather-interesting distributed-processing social-networks infrastructure privacy</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:ea56f9081973/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:bittorrent"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:software"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:distributed-processing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:social-networks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:infrastructure"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:privacy"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1407.5225">
    <title>[1407.5225] The Rise of Social Bots</title>
    <dc:date>2015-07-05T11:54:25+00:00</dc:date>
    <link>http://arxiv.org/abs/1407.5225</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[The Turing test aimed to recognize the behavior of a human from that of a computer algorithm. Such challenge is more relevant than ever in today's social media context, where limited attention and technology constrain the expressive power of humans, while incentives abound to develop software agents mimicking humans. These social bots interact, often unnoticed, with real people in social media ecosystems, but their abundance is uncertain. While many bots are benign, one can design harmful bots with the goals of persuading, smearing, or deceiving. Here we discuss the characteristics of modern, sophisticated social bots, and how their presence can endanger online ecosystems and our society. We then review current efforts to detect social bots on Twitter. Features related to content, network, sentiment, and temporal patterns of activity are imitated by bots but at the same time can help discriminate synthetic behaviors from human ones, yielding signatures of engineered social tampering.
]]></description>
<dc:subject>social-networks social-engineering propaganda security public-policy bots rather-interesting</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:5352dc0d7d07/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:social-networks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:social-engineering"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:propaganda"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:public-policy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:bots"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1304.2612">
    <title>[1304.2612] A chaotic image encryption scheme owning temp-value feedback</title>
    <dc:date>2015-03-15T21:47:08+00:00</dc:date>
    <link>http://arxiv.org/abs/1304.2612</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[This paper presents a novel efficient chaotic image encryption scheme, in which the temp-value feedback mechanism is introduced to the permutation and diffusion procedures. Firstly, a simple trick is played to map the plain-image pixels to the initial condition of the Logistic map. Then, a pseudorandom number sequence (PRNS) is obtained from iterating the map. The permutation procedure is carried out by a permutation sequence which is generated by comparing the PRNS and its sorted version. The diffusion procedure is composed of two reversely executed rounds. During each round, the current plain-image pixel and the last cipher-image pixel are used to produce the current cipher-image pixel with the help of the Logistic map and a pseudorandom number generated by the Chen system. To enhance the efficiency, only expanded XOR operation and modulo 256 addition are employed during diffusion. Experimental results show that the new scheme owns a large key space and can resist the differential attack. It is also efficient.
]]></description>
<dc:subject>image-processing compression algorithms security nudge-targets</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:9913e203001c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:image-processing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:compression"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1410.3334">
    <title>[1410.3334] DISARM: A Social Distributed Agent Reputation Model based on Defeasible Logic</title>
    <dc:date>2015-03-15T12:40:20+00:00</dc:date>
    <link>http://arxiv.org/abs/1410.3334</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Intelligent Agents act in open and thus risky environments, hence making the appropriate decision about who to trust in order to interact with, could be a challenging process. As intelligent agents are gradually enriched with Semantic Web technology, acting on behalf of their users with limited or no human intervention, their ability to perform assigned tasks is scrutinized. Hence, trust and reputation models, based on interaction trust or witness reputation, have been proposed, yet they often presuppose the use of a centralized authority. Although such mechanisms are more popular, they are usually faced with skepticism, since users may question the trustworthiness and the robustness of a central authority. Distributed models, on the other hand, are more complex but they provide personalized estimations based on each agent's interests and preferences. To this end, this article proposes DISARM, a novel distributed reputation model. DISARM deals MASs as social networks, enabling agents to establish and maintain relationships, limiting the disadvantages of the common distributed approaches. Additionally, it is based on defeasible logic, modeling the way intelligent agents, like humans, draw reasonable conclusions from incomplete and possibly conflicting (thus inconclusive) information. Finally, we provide an evaluation that illustrates the usability of the proposed model.]]></description>
<dc:subject>agent-based reputation security collective-intelligence rather-interesting algorithms infrastructure trustability social-networks</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:c817effe04b8/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:agent-based"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:reputation"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:collective-intelligence"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:infrastructure"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:trustability"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:social-networks"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1407.7598">
    <title>[1407.7598] Double Counting in $2^t$-ary RSA Precomputation Reveals the Secret Exponent</title>
    <dc:date>2015-03-10T10:59:26+00:00</dc:date>
    <link>http://arxiv.org/abs/1407.7598</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[A new fault attack, double counting attack (DCA), on the precomputation of 2t-ary modular exponentiation for a classical RSA digital signature (i.e., RSA without the Chinese remainder theorem) is proposed. The 2t-ary method is the most popular and widely used algorithm to speed up the RSA signature process. Developers can realize the fastest signature process by choosing optimum t. For example, t=6 is optimum for a 1536-bit classical RSA implementation. The 2t-ary method requires precomputation to generate small exponentials of message. Conventional fault attack research has paid little attention to precomputation, even though precomputation could be a target of a fault attack. The proposed DCA induces faults in precomputation by using instruction skip technique, which is equivalent to replacing an instruction with a no operation in assembly language. This paper also presents a useful "position checker" tool to determine the position of the 2t-ary coefficients of the secret exponent from signatures based on faulted precomputations. The DCA is demonstrated to be an effective attack method for some widely used parameters. DCA can reconstruct an entire secret exponent using the position checker with 63(=26−1) faulted signatures in a short time for a 1536-bit RSA implementation using the 26-ary method. The DCA process can be accelerated for a small public exponent (e.g., 65537). The the best of our knowledge, the proposed DCA is the first fault attack against classical RSA precomputation.]]></description>
<dc:subject>cryptography security algorithms stress-testing nudge-targets consider:stress-testing</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:f95e73ab7943/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:cryptography"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:stress-testing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:consider:stress-testing"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1503.00366">
    <title>[1503.00366] A New Chaos-Based Cryptosystem for Secure Transmitted Images</title>
    <dc:date>2015-03-08T10:47:38+00:00</dc:date>
    <link>http://arxiv.org/abs/1503.00366</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[This paper presents a novel and robust chaos-based cryptosystem for secure transmitted images and four other versions. In the proposed block encryption/decryption algorithm, a 2D chaotic map is used to shuffle the image pixel positions. Then, substitution (confusion) and permutation (diffusion) operations on every block, with multiple rounds, are combined using two perturbed chaotic PWLCM maps. The perturbing orbit technique improves the statistical properties of encrypted images. The obtained error propagation in various standard cipher block modes demonstrates that the proposed cryptosystem is suitable to transmit cipher data over a corrupted digital channel. Finally, to quantify the security level of the proposed cryptosystem, many tests are performed and experimental results show that the suggested cryptosystem has a high security level.
]]></description>
<dc:subject>security cryptography algorithms performance-measure obfuscation nudge-targets</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:e40b4c0c63c6/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:cryptography"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:performance-measure"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:obfuscation"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1407.0803">
    <title>[1407.0803] Acoustic Fingerprinting Revisited: Generate Stable Device ID Stealthy with Inaudible Sound</title>
    <dc:date>2015-03-05T11:03:34+00:00</dc:date>
    <link>http://arxiv.org/abs/1407.0803</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[The popularity of mobile device has made people's lives more convenient, but threatened people's privacy at the same time. As end users are becoming more and more concerned on the protection of their private information, it is even harder to track a specific user using conventional technologies. For example, cookies might be cleared by users regularly. Apple has stopped apps accessing UDIDs, and Android phones use some special permission to protect IMEI code. To address this challenge, some recent studies have worked on tracing smart phones using the hardware features resulted from the imperfect manufacturing process. These works have demonstrated that different devices can be differentiated to each other. However, it still has a long way to go in order to replace cookie and be deployed in real world scenarios, especially in terms of properties like uniqueness, robustness, etc. In this paper, we presented a novel method to generate stable and unique device ID stealthy for smartphones by exploiting the frequency response of the speaker. With carefully selected audio frequencies and special sound wave patterns, we can reduce the impacts of non-linear effects and noises, and keep our feature extraction process un-noticeable to users. The extracted feature is not only very stable for a given smart phone speaker, but also unique to that phone. The feature contains rich information that is equivalent to around 40 bits of entropy, which is enough to identify billions of different smart phones of the same model. We have built a prototype to evaluate our method, and the results show that the generated device ID can be used as a replacement of cookie.
]]></description>
<dc:subject>security signal-processing rather-interesting privacy nudge-targets inverse-problems game-theory</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:ff3117b80b81/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:signal-processing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:inverse-problems"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:game-theory"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1401.3046">
    <title>[1401.3046] Investigating Cellular Automata Based Network Intrusion Detection System For Fixed Networks (NIDWCA)</title>
    <dc:date>2015-01-11T13:32:30+00:00</dc:date>
    <link>http://arxiv.org/abs/1401.3046</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Network Intrusion Detection Systems (NIDS) are computer systems which monitor a network with the aim of discerning malicious from benign activity on that network. With the recent growth of the Internet such security limitations are becoming more and more pressing. Most of the current network intrusion detection systems relay on labeled training data. An Unsupervised CA based anomaly detection technique that was trained with unlabelled data is capable of detecting previously unseen attacks. This new approach, based on the Cellular Automata classifier (CAC) with Genetic Algorithms (GA), is used to classify program behavior as normal or intrusive. Parameters and evolution process for CAC with GA are discussed in detail. This implementation considers both temporal and spatial information of network connections in encoding the network connection information into rules in NIDS. Preliminary experiments with KDD Cup data set show that the CAC classifier with Genetic Algorithms can effectively detect intrusive attacks and achieve a low false positive rate. Training a NIDWCA (Network Intrusion Detection with Cellular Automata) classifier takes significantly shorter time than any other conventional techniques.
]]></description>
<dc:subject>cellular-automata anomaly-detection security fuzzy algorithms machine-learning rather-odd seems-like-a-start nudge-targets</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:eac3d8ba5921/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:cellular-automata"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:anomaly-detection"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:fuzzy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:machine-learning"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-odd"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:seems-like-a-start"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1412.3359">
    <title>[1412.3359] On DDoS Attack Related Minimum Cut Problems</title>
    <dc:date>2014-12-11T12:51:41+00:00</dc:date>
    <link>http://arxiv.org/abs/1412.3359</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[In this paper, we study two important extensions of the classical minimum cut problem, called {\em Connectivity Preserving Minimum Cut (CPMC)} problem and {\em Threshold Minimum Cut (TMC)} problem, which have important applications in large-scale DDoS attacks. In CPMC problem, a minimum cut is sought to separate a of source from a destination node and meanwhile preserve the connectivity between the source and its partner node(s). The CPMC problem also has important applications in many other areas such as emergency responding, image processing, pattern recognition, and medical sciences. In TMC problem, a minimum cut is sought to isolate a target node from a threshold number of partner nodes. TMC problem is an important special case of network inhibition problem and has important applications in network security. We show that the general CPMC problem cannot be approximated within logn unless NP=P has quasi-polynomial algorithms. We also show that a special case of two group CPMC problem in planar graphs can be solved in polynomial time. The corollary of this result is that the network diversion problem in planar graphs is in P, a previously open problem. We show that the threshold minimum node cut (TMNC) problem can be approximated within ratio O(n‾‾√) and the threshold minimum edge cut problem (TMEC) can be approximated within ratio O(log2n). \emph{We also answer another long standing open problem: the hardness of the network inhibition problem and network interdiction problem. We show that both of them cannot be approximated within any constant ratio. unless NP⊈∩δ>0BPTIME(2nδ).
]]></description>
<dc:subject>graph-theory network-theory algorithms DDOS security robustness nudge-targets computational-complexity</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:5333d5f2e347/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:graph-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:network-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:DDOS"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:robustness"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:computational-complexity"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1407.2700">
    <title>[1407.2700] Offline handwritten signature identification using adaptive window positioning techniques</title>
    <dc:date>2014-11-16T13:45:29+00:00</dc:date>
    <link>http://arxiv.org/abs/1407.2700</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[The paper presents to address this challenge, we have proposed the use of Adaptive Window Positioning technique which focuses on not just the meaning of the handwritten signature but also on the individuality of the writer. This innovative technique divides the handwritten signature into 13 small windows of size nxn(13x13).This size should be large enough to contain ample information about the style of the author and small enough to ensure a good identification performance.The process was tested with a GPDS data set containing 4870 signature samples from 90 different writers by comparing the robust features of the test signature with that of the user signature using an appropriate classifier. Experimental results reveal that adaptive window positioning technique proved to be the efficient and reliable method for accurate signature feature extraction for the identification of offline handwritten signatures.The contribution of this technique can be used to detect signatures signed under emotional duress.
]]></description>
<dc:subject>handwriting OCR security classification image-analysis algorithms nudge-targets machine-learning</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:4f72852a63a6/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:handwriting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:OCR"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:classification"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:image-analysis"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:machine-learning"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1409.0924">
    <title>[1409.0924] Visual Passwords Using Automatic Lip Reading</title>
    <dc:date>2014-11-14T11:49:21+00:00</dc:date>
    <link>http://arxiv.org/abs/1409.0924</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[This paper presents a visual passwords system to increase security. The system depends mainly on recognizing the speaker using the visual speech signal alone. The proposed scheme works in two stages: setting the visual password stage and the verification stage. At the setting stage the visual passwords system request the user to utter a selected password, a video recording of the user face is captured, and processed by a special words-based VSR system which extracts a sequence of feature vectors. In the verification stage, the same procedure is executed, the features will be sent to be compared with the stored visual password. The proposed scheme has been evaluated using a video database of 20 different speakers (10 females and 10 males), and 15 more males in another video database with different experiment sets. The evaluation has proved the system feasibility, with average error rate in the range of 7.63% to 20.51% at the worst tested scenario, and therefore, has potential to be a practical approach with the support of other conventional authentication methods such as the use of usernames and passwords.
]]></description>
<dc:subject>image-processing video-processing lip-reading machine-learning password security algorithms rather-interesting nudge-targets performance-measure consider:stress-testing</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:22f63a99feae/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:image-processing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:video-processing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:lip-reading"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:machine-learning"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:password"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:performance-measure"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:consider:stress-testing"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1411.2671">
    <title>[1411.2671] Vulnerabilities of Smart Grid State Estimation against False Data Injection Attack</title>
    <dc:date>2014-11-14T11:43:02+00:00</dc:date>
    <link>http://arxiv.org/abs/1411.2671</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[In recent years, Information Security has become a notable issue in the energy sector. After the invention of The Stuxnet worm in 2010, data integrity, privacy and confidentiality has received significant importance in the real-time operation of the control centres. New methods and frameworks are being developed to protect the National Critical Infrastructures like energy sector. In the recent literatures, it has been shown that the key real-time operational tools (e.g., State Estimator) of any Energy Management System (EMS) are vulnerable to Cyber Attacks. In this chapter, one such cyber attack named False Data Injection Attack is discussed. A literature review with a case study is considered to explain the characteristics and significance of such data integrity attacks.
]]></description>
<dc:subject>security network-theory infrastructure algorithms robustness nudge-targets actual-adversaries StuxNet</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:ae8683e7c370/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:network-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:infrastructure"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:robustness"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:actual-adversaries"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:StuxNet"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1401.0561">
    <title>[1401.0561] User-Generated Free-Form Gestures for Authentication: Security and Memorability</title>
    <dc:date>2014-11-09T12:42:32+00:00</dc:date>
    <link>http://arxiv.org/abs/1401.0561</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[This paper studies the security and memorability of free-form multitouch gestures for mobile authentication. Towards this end, we collected a dataset with a generate-test-retest paradigm where participants (N=63) generated free-form gestures, repeated them, and were later retested for memory. Half of the participants decided to generate one-finger gestures, and the other half generated multi-finger gestures. Although there has been recent work on template-based gestures, there are yet no metrics to analyze security of either template or free-form gestures. For example, entropy-based metrics used for text-based passwords are not suitable for capturing the security and memorability of free-form gestures. Hence, we modify a recently proposed metric for analyzing information capacity of continuous full-body movements for this purpose. Our metric computed estimated mutual information in repeated sets of gestures. Surprisingly, one-finger gestures had higher average mutual information. Gestures with many hard angles and turns had the highest mutual information. The best-remembered gestures included signatures and simple angular shapes. We also implemented a multitouch recognizer to evaluate the practicality of free-form gestures in a real authentication system and how they perform against shoulder surfing attacks. We conclude the paper with strategies for generating secure and memorable free-form gestures, which present a robust method for mobile authentication.
]]></description>
<dc:subject>user-interface ergonomics engineering-design experiment rather-interesting security authentication-and-authorization</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:9feee7185443/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:user-interface"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:ergonomics"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:engineering-design"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:experiment"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:authentication-and-authorization"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1409.0915">
    <title>[1409.0915] An Approach for Text Steganography Based on Markov Chains</title>
    <dc:date>2014-09-06T12:53:12+00:00</dc:date>
    <link>http://arxiv.org/abs/1409.0915</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[A text steganography method based on Markov chains is introduced, together with a reference implementation. This method allows for information hiding in texts that are automatically generated following a given Markov model. Other Markov - based systems of this kind rely on big simplifications of the language model to work, which produces less natural looking and more easily detectable texts. The method described here is designed to generate texts within a good approximation of the original language model provided.
]]></description>
<dc:subject>steganography cryptography Markov-chains generative-art algorithms security performance-measure</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:018699462c53/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:steganography"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:cryptography"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:Markov-chains"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:generative-art"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:performance-measure"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1401.0102">
    <title>[1401.0102] A Danger-Based Approach to Distributed Intrusion Detection</title>
    <dc:date>2014-04-25T11:43:29+00:00</dc:date>
    <link>http://arxiv.org/abs/1401.0102</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[We propose an artificial immune model for intrusion detection in distributed systems based on a relatively recent theory in immunology called Danger theory. Based on Danger theory, immune response in natural systems is a result of sensing corruption as well as sensing unknown substances. In contrast, traditional self-nonself discrimination theory states that immune response is only initiated by sensing nonself (unknown) patterns. Danger theory solves many problems that could only be partially explained by the traditional model. Although the traditional model is simpler, such problems result in high false positive rates in immune-inspired intrusion detection systems. We believe using danger theory in a multi-agent environment that computationally emulates the behavior of natural immune systems is effective in reducing false positive rates. We first describe a simplified scenario of immune response in natural systems based on danger theory and then, convert it to a computational model as a network protocol. In our protocol, we define several immune signals and model cell signaling via message passing between agents that emulate cells. Most messages include application-specific patterns that must be meaningfully extracted from various system properties. We show how to model these messages in practice by performing a case study on the problem of detecting distributed denial-of-service attacks in wireless sensor networks. We conduct a set of systematic experiments to find a set of performance metrics that can accurately distinguish malicious patterns. The results indicate that the system can be efficiently used to detect malicious patterns with a high level of accuracy.
]]></description>
<dc:subject>artificial-immune-systems algorithms security intrusion-detection nudge-targets</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:a98408cba038/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:artificial-immune-systems"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:intrusion-detection"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1302.7262">
    <title>[1302.7262] Towards a provably resilient scheme for graph-based watermarking</title>
    <dc:date>2014-03-07T13:37:50+00:00</dc:date>
    <link>http://arxiv.org/abs/1302.7262</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Digital watermarks have been considered a promising way to fight software piracy. Graph-based watermarking schemes encode authorship/ownership data as control-flow graph of dummy code. In 2012, Chroni and Nikolopoulos developed an ingenious such scheme which was claimed to withstand attacks in the form of a single edge removal. We extend the work of those authors in various aspects. First, we give a formal characterization of the class of graphs generated by their encoding function. Then, we formulate a linear-time algorithm which recovers from ill-intentioned removals of k≤2 edges, therefore proving their claim. Furthermore, we provide a simpler decoding function and an algorithm to restore watermarks with an arbitrary number of missing edges whenever at all possible. By disclosing and improving upon the resilience of Chroni and Nikolopoulos's watermark, our results reinforce the interest in regarding it as a possible solution to numerous applications.
]]></description>
<dc:subject>graph-theory watermarking security nudge-targets algorithms robustness consider:coevolution</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:b676f24108bf/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:graph-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:watermarking"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:robustness"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:consider:coevolution"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1401.3274">
    <title>[1401.3274] Hidden Attacks on Power Grid: Optimal Attack Strategies and Mitigation</title>
    <dc:date>2014-02-22T12:40:25+00:00</dc:date>
    <link>http://arxiv.org/abs/1401.3274</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[Real time operation of the power grid and synchronism of its different elements require accurate estimation of its state variables. Errors in state estimation will lead to sub-optimal Optimal Power Flow (OPF) solutions and subsequent increase in the price of electricity in the market or, potentially overload and create line outages. This paper studies hidden data attacks on power systems by an adversary trying to manipulate state estimators. The adversary gains control of a few meters, and is able to introduce spurious measurements in them. The paper presents a polynomial time algorithm using min-cut calculations to determine the minimum number of measurements an adversary needs to manipulate in order to perform a hidden attack. Greedy techniques are presented to aid the system operator in identifying critical measurements for protection to prevent such hidden data attacks. Secure PMU placement against data attacks is also discussed and an algorithm for placing PMUs for this purpose is developed. The performances of the proposed algorithms are shown through simulations on IEEE test cases.
]]></description>
<dc:subject>network-theory security game-theory algorithms learning-by-watching nudge-targets</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:574e672cd6fa/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:network-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:game-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:learning-by-watching"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1312.6349">
    <title>[1312.6349] The Sybil Attacks and Defenses: A Survey</title>
    <dc:date>2014-01-18T13:31:37+00:00</dc:date>
    <link>http://arxiv.org/abs/1312.6349</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[In this paper we have a close look at the Sybil attack and advances in defending against it, with particular emphasis on the recent work. We identify three major veins of literature work to defend against the attack: using trusted certification, using resources testing, and using social networks. The first vein of literature considers defending against the attack using trusted certification, which is done by either centralized certification or distributed certification using cryptographic primitives that can replace the centralized certification entity. The second vein of literature considers defending against the attack by resources testing, which can by in the form of IP testing, network coordinates, recurring cost as by requiring clients to solve puzzles. The third and last vein of literature is by mitigating the attack combining social networks used as bootstrapping security and tools from random walk theory that have shown to be effective in defending against the attack under certain assumptions. Our survey and analyses of the different schemes in the three veins of literature show several shortcomings which form several interesting directions and research questions worthy of investigation.
]]></description>
<dc:subject>security networks p2p algorithms nudge-targets consider:security-applications-for-flat-networks</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:53716f18cad9/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:networks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:p2p"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:consider:security-applications-for-flat-networks"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.troyhunt.com/2013/07/how-to-build-and-how-not-to-build.html">
    <title>Troy Hunt: How to build (and how not to build) a secure “remember me” feature</title>
    <dc:date>2013-07-07T21:48:01+00:00</dc:date>
    <link>http://www.troyhunt.com/2013/07/how-to-build-and-how-not-to-build.html</link>
    <dc:creator>Vaguery</dc:creator><dc:subject>authentication software-development security tutorial</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:177f16a86bd5/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:authentication"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:software-development"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:tutorial"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://help.github.com/articles/remove-sensitive-data">
    <title>Remove sensitive data · GitHub Help</title>
    <dc:date>2013-07-04T16:14:31+00:00</dc:date>
    <link>https://help.github.com/articles/remove-sensitive-data</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[The Nuclear Option]]></description>
<dc:subject>git software-development-is-not-programming security tutorial version-control</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:3bbddc67c435/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:git"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:software-development-is-not-programming"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:tutorial"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:version-control"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.honeybadger.io/blog/2013/06/25/stop-using-rubygemsorg-in-production">
    <title>The case against using RubyGems.org in production</title>
    <dc:date>2013-06-30T12:23:30+00:00</dc:date>
    <link>https://www.honeybadger.io/blog/2013/06/25/stop-using-rubygemsorg-in-production</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[The gem did some useful things. But what it didn’t do was more interesting.

]]></description>
<dc:subject>ruby security software-development-is-not-programming library social-engineering</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:fd39b9c3a583/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:ruby"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:software-development-is-not-programming"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:library"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:social-engineering"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1108.6062">
    <title>[1108.6062] Prediction of lethal and synthetically lethal knock-outs in regulatory networks</title>
    <dc:date>2013-04-26T22:26:52+00:00</dc:date>
    <link>http://arxiv.org/abs/1108.6062</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[The complex interactions involved in regulation of a cell's function are captured by its interaction graph. More often than not, detailed knowledge about enhancing or suppressive regulatory influences and cooperative effects is lacking and merely the presence or absence of directed interactions is known. Here we investigate to which extent such reduced information allows to forecast the effect of a knock-out or a combination of knock-outs. Specifically we ask in how far the lethality of eliminating nodes may be predicted by their network centrality, such as degree and betweenness, without knowing the function of the system. The function is taken as the ability to reproduce a fixed point under a discrete Boolean dynamics. We investigate two types of stochastically generated networks: fully random networks and structures grown with a mechanism of node duplication and subsequent divergence of interactions. On all networks we find that the out-degree is a good predictor of the lethality of a single node knock-out. For knock-outs of node pairs, the fraction of successors shared between the two knocked-out nodes (out-overlap) is a good predictor of synthetic lethality. Out-degree and out-overlap are locally defined and computationally simple centrality measures that provide a predictive power close to the optimal predictor.
]]></description>
<dc:subject>systems-biology network-theory theoretical-biology bioinformatics security pharmaceutical nudge-targets algorithms prediction robustness</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:1141f057788a/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:systems-biology"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:network-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:theoretical-biology"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:bioinformatics"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:pharmaceutical"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:prediction"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:robustness"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1206.6389">
    <title>[1206.6389] Poisoning Attacks against Support Vector Machines</title>
    <dc:date>2013-04-26T22:18:37+00:00</dc:date>
    <link>http://arxiv.org/abs/1206.6389</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[We investigate a family of poisoning attacks against Support Vector Machines (SVM). Such attacks inject specially crafted training data that increases the SVM's test error. Central to the motivation for these attacks is the fact that most learning algorithms assume that their training data comes from a natural or well-behaved distribution. However, this assumption does not generally hold in security-sensitive settings. As we demonstrate, an intelligent adversary can, to some extent, predict the change of the SVM's decision function due to malicious input and use this ability to construct malicious data. The proposed attack uses a gradient ascent strategy in which the gradient is computed based on properties of the SVM's optimal solution. This method can be kernelized and enables the attack to be constructed in the input space even for non-linear kernels. We experimentally demonstrate that our gradient ascent procedure reliably identifies good local maxima of the non-convex validation error surface, which significantly increases the classifier's test error.
]]></description>
<dc:subject>machine-learning security algorithms coevolution nudge-targets awesome-a-whole-new-heuristic</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:2e9ddec276a9/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:machine-learning"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:coevolution"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:awesome-a-whole-new-heuristic"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://57un.wordpress.com/2013/02/22/ultimate-guide-how-to-harden-your-ubuntu-linux/">
    <title>Ultimate Guide How To Harden Your Ubuntu Linux | 57un</title>
    <dc:date>2013-03-31T13:08:39+00:00</dc:date>
    <link>https://57un.wordpress.com/2013/02/22/ultimate-guide-how-to-harden-your-ubuntu-linux/</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[A lot of users believe that a distro such as Ubuntu will be so much more secure than Windows, purely through virtue of obscurity. As Linux popularity continues to grow you’ll see attackers begin to take notice. Just because attackers don’t care to hack Linux desktop systems does not by any means imply they aren’t capable of it, or ready to when it seems profitable.

]]></description>
<dc:subject>linux security how-to Ubuntu to-read</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:1996fc6ae94e/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:how-to"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:Ubuntu"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-read"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1212.6458">
    <title>[1212.6458] Partial-indistinguishability obfuscation using braids</title>
    <dc:date>2013-03-24T21:15:20+00:00</dc:date>
    <link>http://arxiv.org/abs/1212.6458</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[A circuit obfuscator is an algorithm that translates logic circuits into functionally-equivalent similarly-sized logic circuits that are hard to understand. While ad hoc obfuscators exist, theoretical progress has mainly been limited to no-go results. In this work, we propose a new notion of circuit obfuscation, which we call partial-indistinguishability. We then prove that, in contrast to previous definitions of obfuscation, partial-indistinguishability obfuscation can be achieved by a polynomial-time algorithm. Specifically, our algorithm re-compiles the given circuit using a gate that satisfies the relations of the braid group, and then reduces to a braid normal form. A variant of our obfuscation algorithm can also be applied to quantum circuits.]]></description>
<dc:subject>combinatorics algorithms cryptography-ish inverse-inverse-problems nudge-targets rather-interesting security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:1eb87d1b54ca/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:combinatorics"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:cryptography-ish"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:inverse-inverse-problems"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:rather-interesting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1303.0141">
    <title>[1303.0141] Routing for Security in Networks with Adversarial Nodes</title>
    <dc:date>2013-03-13T11:14:07+00:00</dc:date>
    <link>http://arxiv.org/abs/1303.0141</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA[We consider the problem of secure unicast transmission between two nodes in a directed graph, where an adversary eavesdrops/jams a subset of nodes. This adversarial setting is in contrast to traditional ones where the adversary controls a subset of links. In particular, we study, in the main, the class of routing-only schemes (as opposed to those allowing coding inside the network). Routing-only schemes usually have low implementation complexity, yet a characterization of the rates achievable by such schemes was open prior to this work. We first propose an LP based solution for secure communication against eavesdropping, and show that it is information-theoretically rate-optimal among all routing-only schemes. The idea behind our design is to balance information flow in the network so that no subset of nodes observe "too much" information. Interestingly, we show that the rates achieved by our routing-only scheme are always at least as good as, and sometimes better, than those achieved by "na\"ive" network coding schemes (i.e. the rate-optimal scheme designed for the traditional scenario where the adversary controls links in a network rather than nodes.) We also demonstrate non-trivial network coding schemes that achieve rates at least as high as (and again sometimes better than) those achieved by our routing schemes, but leave open the question of characterizing the optimal rate-region of the problem under all possible coding schemes. We then extend these routing-only schemes to the adversarial node-jamming scenarios and show similar results. During the journey of our investigation, we also develop a new technique that has the potential to derive non-trivial bounds for general secure-communication schemes.]]></description>
<dc:subject>network-theory graphic-design coding algorithms nudge-targets security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:2fbfaeea869a/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:network-theory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:graphic-design"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:coding"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://rubylearning.com/blog/2012/07/23/the-ongoing-vigil-of-software-security/">
    <title>The Ongoing Vigil of Software Security</title>
    <dc:date>2012-07-23T14:24:48+00:00</dc:date>
    <link>http://rubylearning.com/blog/2012/07/23/the-ongoing-vigil-of-software-security/</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA["Some of the reasons that we keep seeing these types of exploits are that the “bad guys” are much smarter and more determined than we give them credit for, we’re much lazier and more ignorant than we take responsibility for, and security is difficult to manage properly. As we become more and more reliant upon software, it is imperative that security be taken more seriously."]]></description>
<dc:subject>software-development security advice overview</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:Vaguery/b:caae2828ed12/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:software-development"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:advice"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:overview"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1007.0636">
    <title>[1007.0636] Classification of Log-Polar-Visual Eigenfaces using Multilayer Perceptron</title>
    <dc:date>2010-08-03T12:53:22+00:00</dc:date>
    <link>http://arxiv.org/abs/1007.0636</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA["In this paper we present a simple novel approach to tackle the challenges of scaling and rotation of face images in face recognition. The proposed approach registers the training and testing visual face images by log-polar transformation, which is capable to handle complicacies introduced by scaling and rotation. Log-polar images are projected into eigenspace and finally classified using an improved multi-layer perceptron. In the experiments we have used ORL face database and Object Tracking and Classification Beyond Visible Spectrum (OTCBVS) database for visual face images. Experimental results show that the proposed approach significantly improves the recognition performances from visual to log-polar-visual face images. …"
]]></description>
<dc:subject>image-processing nudge-targets algorithms machine-learning security image-segmentation</dc:subject>
<dc:identifier>https://pinboard.in/u:Vaguery/b:7c003174ab38/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:image-processing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:machine-learning"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:image-segmentation"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1006.1165">
    <title>[1006.1165] Optimal Source-Based Filtering of Malicious Traffic</title>
    <dc:date>2010-06-16T12:46:42+00:00</dc:date>
    <link>http://arxiv.org/abs/1006.1165</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA["In this paper, we consider the problem of blocking malicious traffic on the Internet, via source-based filtering. In particular, we consider filtering via access control lists (ACLs): these are already available at the routers today but are a scarce resource because they are stored in the expensive ternary content addressable memory (TCAM). Aggregation (by filtering source prefixes instead of individual IP addresses) helps reduce the number of filters, but comes also at the cost of blocking legitimate traffic originating from the filtered prefixes. We show how to optimally choose which source prefixes to filter, for a variety of realistic attack scenarios and operators' policies. In each scenario, we design optimal, yet computationally efficient, algorithms. Using logs from Dshield.org, we evaluate the algorithms and demonstrate that they bring significant benefit in practice."
]]></description>
<dc:subject>nudge-targets security algorithms machine-learning intrusion system-administration operations-research</dc:subject>
<dc:identifier>https://pinboard.in/u:Vaguery/b:777f444cb095/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:machine-learning"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:intrusion"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:system-administration"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:operations-research"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1005.0919">
    <title>[1005.0919] Attribute Weighting with Adaptive NBTree for Reducing False Positives in Intrusion Detection</title>
    <dc:date>2010-05-09T13:33:07+00:00</dc:date>
    <link>http://arxiv.org/abs/1005.0919</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA["… Due to the tremendous growth of network-based services, intrusion detection has emerged as an important technique for network security. Recently data mining algorithms are applied on network-based traffic data and host-based program behaviors to detect intrusions or misuse patterns, but there exist some issues in current intrusion detection algorithms such as unbalanced detection rates, large numbers of false positives, and redundant attributes that will lead to the complexity of detection model and degradation of detection accuracy. The purpose of this study is to identify important input attributes for building an intrusion detection system (IDS) that is computationally efficient and effective.…"
]]></description>
<dc:subject>nudge-targets system-administration security algorithms machine-learning learning-from-data learning-by-watching statistics</dc:subject>
<dc:identifier>https://pinboard.in/u:Vaguery/b:aa96207fdeb5/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:system-administration"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:machine-learning"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:learning-from-data"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:learning-by-watching"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:statistics"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1005.0945">
    <title>[1005.0945] An Efficient Vein Pattern-based Recognition System</title>
    <dc:date>2010-05-09T12:14:43+00:00</dc:date>
    <link>http://arxiv.org/abs/1005.0945</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA["This paper presents an efficient human recognition system based on vein pattern from the palma dorsa. A new absorption based technique has been proposed to collect good quality images with the help of a low cost camera and light source. The system automatically detects the region of interest from the image and does the necessary preprocessing to extract features. A Euclidean Distance based matching technique has been used for making the decision. It has been tested on a data set of 1750 image samples collected from 341 individuals. The accuracy of the verification system is found to be 99.26% with false rejection rate (FRR) of 0.03%."
]]></description>
<dc:subject>nudge-targets image-processing biometrics machine-learning algorithms security pattern-recognition</dc:subject>
<dc:identifier>https://pinboard.in/u:Vaguery/b:387fed2722f0/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:image-processing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:biometrics"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:machine-learning"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:pattern-recognition"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arxiv.org/abs/1005.0967">
    <title>[1005.0967] Detecting Security threats in the Router using Computational Intelligence</title>
    <dc:date>2010-05-09T00:25:37+00:00</dc:date>
    <link>http://arxiv.org/abs/1005.0967</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA["…A version of the method independent of the contrast of the image is considered and is found to be useful for finding the most unusual part (and the most similar part) of the image conditioned on given image. The results can be used to scan large image databases, as for example medical databases.…"
]]></description>
<dc:subject>nudge-targets security system-administration DDOS learning-from-data adaptive-control intrusion</dc:subject>
<dc:identifier>https://pinboard.in/u:Vaguery/b:fd115c6d4a9c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:nudge-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:system-administration"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:DDOS"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:learning-from-data"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:adaptive-control"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:intrusion"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://db.tidbits.com/article/11129?rss&amp;utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed%3A+tidbits_main+(TidBITS%3A+Mac+News+for+the+Rest+of+Us)">
    <title>TidBITS Safe Computing: An Introduction to File Encryption in Mac OS X</title>
    <dc:date>2010-04-12T12:44:44+00:00</dc:date>
    <link>http://db.tidbits.com/article/11129?rss&amp;utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed%3A+tidbits_main+(TidBITS%3A+Mac+News+for+the+Rest+of+Us)</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA["This article is an excerpt from Chapter 13, "Encrypting and Securely Deleting Files," reprinted with the kind permission of Wiley. File encryption is of course just one tiny piece of the security puzzle, but it's worth knowing about if you keep confidential data on your Mac, especially if the computer is ever out of your physical control - which would include being lost or stolen."
]]></description>
<dc:subject>security sysadmin MacOS to-read</dc:subject>
<dc:identifier>https://pinboard.in/u:Vaguery/b:46a6ab85f9bf/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:sysadmin"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:MacOS"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:to-read"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://github.com/guides/completely-remove-a-file-from-all-revisions">
    <title>Completely remove a file from all revisions - Guides - GitHub</title>
    <dc:date>2010-03-04T11:56:09+00:00</dc:date>
    <link>http://github.com/guides/completely-remove-a-file-from-all-revisions</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA["Don’t you hate when you can’t remove that file full of cleartext passwords from your github account? Even if you git rm it, it still is accessible in previous versions of the tree. So, you need to rewrite the entire tree. Fortunately, this is really easy with git."
]]></description>
<dc:subject>GitHub protip project-management security how-to version-control woops</dc:subject>
<dc:identifier>https://pinboard.in/u:Vaguery/b:bffc94df932b/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:GitHub"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:protip"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:project-management"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:how-to"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:version-control"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:woops"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.wired.com/politics/security/news/2009/04/fleetcom?currentPage=2">
    <title>The Great Brazilian Sat-Hack Crackdown</title>
    <dc:date>2009-11-08T19:51:34+00:00</dc:date>
    <link>http://www.wired.com/politics/security/news/2009/04/fleetcom?currentPage=2</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA["To use the satellite, pirates typically take an ordinary ham radio transmitter, which operates in the 144- to 148-MHZ range, and add a frequency doubler cobbled from coils and a varactor diode. That lets the radio stretch into the lower end of FLTSATCOM's 292- to 317-MHz uplink range. All the gear can be bought near any truck stop for less than $500. Ads on specialized websites offer to perform the conversion for less than $100. Taught the ropes, even rough electricians can make Bolinha-ware.
"I saw it more than once in truck repair shops," says amateur radio operator Adinei Brochi (PY2ADN) "Nearly illiterate men rigged a radio in less than one minute, rolling wire on a coil.""
]]></description>
<dc:subject>satellite hacking radio security government ownership owner-builder disintermediation-targets space</dc:subject>
<dc:identifier>https://pinboard.in/u:Vaguery/b:467d53c0bf4f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:satellite"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:hacking"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:radio"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:government"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:ownership"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:owner-builder"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:disintermediation-targets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:space"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://citizenengineer.com/">
    <title>citizen engineer - HD video, comic book/zine &amp; kit</title>
    <dc:date>2009-07-24T11:56:54+00:00</dc:date>
    <link>http://citizenengineer.com/</link>
    <dc:creator>Vaguery</dc:creator><dc:subject>makers hacking telephony engineering video education tutorial hardware hack security electronics</dc:subject>
<dc:identifier>https://pinboard.in/u:Vaguery/b:bf3760f3a2f2/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:makers"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:hacking"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:telephony"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:engineering"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:video"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:education"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:tutorial"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:hardware"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:hack"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:electronics"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://blog.nkill.com/2009/04/nkill-in-pc-world.html">
    <title>NKill Blog: NKill in PC World</title>
    <dc:date>2009-06-14T13:05:27+00:00</dc:date>
    <link>http://blog.nkill.com/2009/04/nkill-in-pc-world.html</link>
    <dc:creator>Vaguery</dc:creator><description><![CDATA["One of NKill's objectives is to catalog every referenced public machine or network. Starting with all .com, .net, .org domains, www.DOMAIN, mail exchange records, nameservers, etc. and grab the version banners of the software they are running.

Nkill will be really useful for profiling a target during a security assessment because IP4 transforms are hard to perform without a database. Given an IP4 address, shitty sites like domaintools will tell you which virtual hosts are sharing the same address, that's it and they will charge you a fee for that information. They won't tell you which organisations (domains) are trusting this IP address for their mail, nameservers, etc.

With NKill, when a new vulnerability is discovered (e.g. IIS, postfix, apache, php...) we can instantly known which domains are vulnerable; you can pull that information for a whole country and we can also monitor how long it takes for people to react and patch their boxes."
]]></description>
<dc:subject>security search-engines database networks social-networks system-administration malware transparency</dc:subject>
<dc:identifier>https://pinboard.in/u:Vaguery/b:559d7f30027c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:search-engines"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:database"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:networks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:social-networks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:system-administration"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:malware"/>
	<rdf:li rdf:resource="https://pinboard.in/u:Vaguery/t:transparency"/>
</rdf:Bag></taxo:topics>
</item>
</rdf:RDF>