CCS 2007 Day 2
Wednesday, October 31st 2007
Here's another chapter in the groundbreaking epic saga that is CCS 2007. Here's what happened the first day, and here are today's highlights:
- There are a bunch of extremely clever DNS hacks out there in the wild right now, ranging from phishing and pharming to circumventing firewalls via Flash ads. Really clever, but incredibly creepy. If you don't know about DNS rebinding attacks, go read about them now please.
- Some dashed clever chaps at MIT have come up with a really neat proof-carrying identity scheme that allows you to pass around arbitrary credential-based authentication protocols - this is really cool stuff, but will suffer the same unfortunate (?) fate as PKI if there's no way to describe interactive/online authentications.
- The per-capita GDP of players in World of Warcraft is significantly higher than the per-capita GDP of some small countries. Not talking about the worth of the players in "real life" here... the market value of the virtual goods accumulated by the players is more than the real goods created by the people of one of the small failed African states.
- If you go to a security conference, and you attend an academic presentation, and the presenter says any more about RBAC than "and of course our protocol supports RBAC" then you should probably lay down quickly, so you don't bash your head on a table or something when you fall asleep.
Tags: CCS 2007 october 31th conference security research