-
Recent Posts
Recent Comments
- OWASP Top 10 for ASP.net Core - Cross-Site Scripting (XSS) - Dot Net Core Tutorials on Bypassing Chrome’s Anti-XSS filter
- Set X-XSS-Protection in ASP.net Core - Dot Net Core Tutorials on Bypassing Chrome’s Anti-XSS filter
- ProspectiveStudent on Why you should apply to Stony Brook if you want to pursue a PhD in computer security and privacy
- Ikram on Why you should apply to Stony Brook if you want to pursue a PhD in computer security and privacy
- I-wear-an-anonymous-badge-at-CCS on Poor reasons to reject a computer security paper, Part 1
Archives
Categories
Meta
Author Archives: nikifor
Why you should apply to Stony Brook if you want to pursue a PhD in computer security and privacy
I remember it as if it was yesterday. I was entering the second year of my MS degree in Computer Science, when I realized that I wanted to pursue a PhD in Security outside of Greece. Where should I apply? … Continue reading
Posted in Miscellanea
2 Comments
Poor reasons to reject a computer security paper, Part 2
I was surprised with the popularity of Part 1 of my series “Poor reasons to reject a computer security paper”. I am interpreting this as a sign that I may be on to something. If you haven’t read Part 1, please do … Continue reading
Posted in Poor Reasons
Leave a comment
Poor reasons to reject a computer security paper, Part 1
In 2016, at the time when I am writing this (July), I have been a PC member for seven different security conferences including two of the top ones, CCS and USENIX Security, and I have reviewed upwards of 80 papers. … Continue reading
Posted in Poor Reasons
1 Comment
ShapeShifter: The emperor’s new web security technology
Disclaimer: Everything that I say in this blog post about ShapeSecurity and their ShapeShifter product, is based on their YouTube video, their description of their product on their pages, and an article on PandoDaily. As such, the product may be … Continue reading
Posted in Breaking stuff
6 Comments
Detecting Ghostery
I discovered Ghostery in the summer of 2012, when I was researching web-tracking and specifically web-tracking done through web fingerprinting. Ghostery is a really cool browser extension which helped me identify the domains that popular web fingerprinters used to deliver … Continue reading
Posted in Breaking stuff
19 Comments
You are what you include: Large-scale evaluation of Remote JavaScript inclusions
Today, I am back to Belgium, after spending one week in the US. I was in Raleigh, NC, to attend the 19th ACM conference on Computer and Communication Security and to present our paper titled You Are What You Include: … Continue reading
Posted in Paper summaries
2 Comments
Breaking McAfee’s Social Protection
On my usual daily visit of Slashdot, I read that McAfee introduced a new application called “McAfee Social Protection” for Facebook. In a nutshell, you install their plugin, allow their application to control quite a bit of your Facebook and … Continue reading
Posted in Breaking stuff
8 Comments
Google AdChoices…
They say a picture is worth a thousand words. How about, two pictures? So, the important points of the above text are: “It’s our goal to make these ads as relevant and useful as possible for you. Google doesn’t create … Continue reading
Posted in Miscellanea
3 Comments
To Google Chrome: Relax less…
I’ve been recently reading Michal Zalewski’s “The Tangled Web”, a book which tries to map the whole security landscape around browsers and Web applications in about 300 pages… it does a pretty good job 🙂 Now, in Chapter 9, he … Continue reading
Posted in Breaking stuff
1 Comment
El cheapo hosting, le open redirect…
Did you know that if you use a popular cheap web hosting product and you haven’t changed the default error pages of your sites, you are most likely hosting an open redirect? If not, read on 🙂 Suppose for a … Continue reading
Posted in Breaking stuff
Leave a comment