Category Archives: Research

I haven’t posted anything research-related in a while because I’ve been on a project that I’m not supposed to talk about till it’s done, and it’s not done yet. I can say, though, that it’s about ways to get around … Continue reading →

When I talk to people who aren’t security researchers about history sniffing, they want to know whether they should worry about it, and I say no: the only thing you can do to protect yourself is use the latest version … Continue reading →

Readers of this blog will probably already know that, up till the middle of last year, it was possible to “sniff” browsing history by clever tricks involving CSS, JavaScript, and the venerable tradition of drawing hyperlinks to already-visited URLs in … Continue reading →

Today I had the fortune to attend a group discussion ambitiously entitled “Future of Internet Security” at Mozilla. What this was mostly about was, given that a recent incident has severely shaken everyone’s confidence in the PKIX (PDF, say sorry) … Continue reading →

On Tuesday night I attended a talk at Stanford entitled “Four Ideas for a Better Internet.” Four groups of Harvard and Stanford Law students, having just completed a special seminar entitled “Difficult Problems in Cyberspace,” each presented a proposed improvement … Continue reading →

I’m attending the 2010 ACM Conference on Computer and Communications Security (in Chicago this year), from yesterday (I’m skipping the workshops on Monday and Friday). Was a little to tired to write up what I thought of yesterday’s talks yesterday, … Continue reading →