5 cool new security research breakthroughs

[InfoSec News <alerts () infosecnews org>]

http://www.networkworld.com/article/2466795/security0/5-cool-new-security-research-breakthroughs.html

By Bob Brown
NetworkWorld
Aug 19, 2014

University and vendor researchers are congregating in San Diego this week 
at USENIX Security ’14 to share the latest findings in security and 
privacy, and here are 5 that jumped out to me as being particularly 
interesting.

*On the Feasibility of Large-Scale Infections of iOS Devices

Georgia Tech researchers acknowledge that large-scale iOS device 
infections have been few and far between, but they claim weaknesses in the 
iTunes syncing process, device provisioning process and file storage could 
leave iPhones, iPads and other Apple products vulnerable to attack via 
botnets. The bad guys could get to the iOS devices via a compromised 
computer, they say, to install attacker-signed apps and swipe personal 
info. The researchers came to their conclusion after examining DNS queries 
within known botnets.

*XRay: Enhancing the Web’s Transparency with Differential Correlation

Columbia University researchers introduce XRay, a tool designed to give 
web users more insight into which of their personal data is being used to 
target them with ads. The researchers will present at USENIX a prototype 
of XRay, which has already been posted online as an open source system for 
others to explore. Initially, the system can be used to explain targeting 
in Gmail ads, Amazon recommendations and YouTube video suggestions.“Today 
we have a problem: the web is not transparent. We see XRay as an important 
first step in exposing how websites are using your personal data,” says 
Assistant Professor of Computer Science Roxana Geambasu.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/