Our paper Pin It! Improving Android Network Security At Runtime (by Damjan Buhov, Markus Huber, Georg Merzdovnik and Edgar Weippl) has been accepted at the A-rated conference IFIP Networking 2016.
We had a great time at Financial Crypto and Ross Anderson’s group maintains a nice blog that also covered the conference. Read the comments to our paper.
Today a new attack against TLS was published, DROWN.
In essence, it allows attackers to decrypt strong TLS connections using TLS 1.2 and other versions, if the deprecated protocol SSLv2 is supported by the server. Previous work by SBA Research has shown that this is a particular problem for email servers.
The kick-off meeting of the Management Committee (MC) for the new COST Action CA15217 “Resilient communication services protecting end-user applications from disaster-based failures (RECODIS)” is taking place on March 1, 2016 in the COST Association premises in Brussels, Belgium.
Austria is among the 22 European countries that have already signed the Memorandum of Understanding for RECODIS. FFG, the COST National Coordinator for Austria, has nominated Artemios G. Voyiatzis and Peter Kieseberg as MC member and substitute member.
SBA Research is looking forward to contributing in the field of pre-competitive research in “Resilient communication services protecting end-user applications from disaster-based failures” during the next four years, together with all the participants in WG1 “Large-scale natural disasters”, WG2 “Technology-related disasters”, and WG4 “Malicious human activities”.
The next MC meeting will be held in Halmstad, Sweden, co-located with the RNDM 2016 conference.
For more information can be found here.
Edgar gave an interview for Ö1 on cookies and privacy (orf.at and Ö1)
SBA Research will be present at the Software Engineering (SE) conference this week in Vienna.
Martin Schmiedecker will talk today about SBA Research and on the panel on technology transfer, hosted at SE FIT. You can find the detailed program of SE’2016 here.
Edgar Weippl gave the opening keynote on Empirical Research and Research Ethics in Information Security at ICISSP 2016.
Artemios G. Voyiatzis gave an invited talk on “Security Challenges in Disruption- and Delay-Tolerant Networks (DTN)” at the University of Passau, Germany on Thursday, 18.02.2016, 14:00-15:00.
Abstract: Delay-Tolerant Networks were originally proposed to cope with the enormous delays involved in deep-space communications. The architecture proved to fit many Internet of Things (IoT) application scenarios as well. We discuss example applications and associated design challenges. Then, we move to the network security and privacy challenges due to the lack of end-to-end connectivity and timely access to infrastructure. Finally, we present a privacy-preserving routing protocol for DTN and discuss its performance.
More information can be found here.