Categories
research security

Who On Earth Is ”Mr. Cypher“: Automated Friend Injection Attacks on Social Networking Sites

Abstract. Within this paper we present our novel friend injection attack which exploits the fact that the great majority of social networking sites fail to protect the communication between its users and their services. In a practical evaluation, on the basis of public wireless access points, we furthermore demonstrate the feasibility of our attack. The […]

Categories
research security tor

Tor HTTP usage and Information Leakage

Abstract- This paper analyzes the web browsing behaviour of Tor users. By collecting HTTP requests we show which websites are of interest to Tor users and we determined an upper bound on how vulnerable Tor users are to sophisticated de-anonymization attacks: up to 78 % of the Tor users do not use Tor as suggested […]

Categories
random research security

Facebook: A security and privacy nightmare?

Apparently Facebook decided to open-up profiles to the public yet a little further in future, read more at this blog entry. So whilst a plethora of security research highlights how broken this service really is, Facebook keeps on exposing more private information to third-parties on a sneaky opt-out basis. Want to catch up how broken […]