New Documents on NSA’s Cryptanalysis Capabilities | Bruce Schneier

Bruce Schneier; New Documents on NSA’s Crypanalysis Capabilities; In His Blog; 2014-12-28.

Original Sources

Privacy awareness about information leakage: Who knows what about me? | Malandrino, Petta, Scarano, Serra, Spinelli, Krishnamurthy

Delfina Malandrino, Andrea Petta, Vittorio Scarano, Luigi Serra, Raffaele Spinelli, Balachander Krishnamurthy; Privacy awareness about information leakage: Who knows what about me?; In Proceedings of the 12th ACM Workshop on Privacy in the Electronic Society (WPES). ACM, 2013. paywall.


  • NoTrace for Firefox; yet another blocker.
  • Cross Platform Component Object Model (XPCOM)
  • Pagestats for Firefox v1.5, Scot L. DeDeo, 2006-05
    files: xpi, ppt, sample: config, sites.txt
  • False Positives (FP), False Negatives (FN)



  • PrivacyChoice
  • RefControl
  • Taco
  • TrackMeNot


  • //


  • Selenium
  • MemBench


The task of protecting users’ privacy is made more difficult by their attitudes towards information disclosure without full awareness and the economics of the tracking and advertising industry. Even after numerous press reports and widespread disclosure of leakages on the Web and on popular Online Social Networks, many users appear not be fully aware of the fact that their information may be collected, aggregated and linked with ambient information for a variety of purposes. Past attempts at alleviating this problem have addressed individual aspects of the user’s data collection. In this paper we move towards a comprehensive and efficient client-side tool that maximizes users’ awareness of the extent of their information leakage. We show that such a customizable tool can help users to make informed decisions on controlling their privacy footprint.


AdReveal: improving transparency into online targeted advertising | Liu, Sheth, Weinsberg, Chandrashekar, Govindan

Bin Liu, Anmol Sheth, Udi Weinsberg, Jaideep Chandrashekar, Ramesh Govindan; AdReveal: improving transparency into online targeted advertising; In Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks; ACM; 2013; page 12 (7 pages); notes & Q+A.



  • Adnostic
  • Privad
  • ObliviAd
  • RePriv


To address the pressing need to provide transparency into the online targeted advertising ecosystem, we present AdReveal, a practical measurement and analysis framework, that provides a first look at the prevalence of different ad targeting mechanisms. We design and implement a browser based tool that provides detailed measurements of online display ads, and develop analysis techniques to characterize the contextual, behavioral and re-marketing based targeting mechanisms used by advertisers. Our analysis is based on a large dataset consisting of measurements from 103K webpages and 139K display ads. Our results show that advertisers frequently target users based on their online interests; almost half of the ad categories employ behavioral targeting. Ads related to Insurance, Real Estate and Travel and Tourism make extensive use of behavioral targeting. Furthermore, up to 65% of ad categories received by users are behaviorally targeted. Finally, our analysis of re-marketing shows that it is adopted by a wide range of websites and the most commonly targeted re-marketing based ads are from the Travel and Tourism and Shopping categories.

Attack of the one-letter programming languages | InfoWorld

Attack of the one-letter programming languages; ; In InfoWorld; 2014-11-24.


  • B, historical
  • C
  • C++
  • D
  • F (Fortran 77)
  • F#
  • G, ambiguous
    • a physical design language, for cutting tools
    • G96
  • J, IBM-only, something like APL.
  • K
  • MUMPS, historical.
    • M
    • Massachusetts General Hospital Utility Multi-Programming System
  • P-code, Pascal
  • P
  • R

Selling Off Privacy at Auction | Olejnik, Tran, Castelluccia

Lukasz Olejnik, Minh-Dung Tran, Claude Castelluccia; Selling Off Privacy at Auction. In Proceedings of the Network and Distributed Systems Symposium (NDSS); 2014-02-23; 15 pages; landing, slides.


Real-Time Bidding (RTB) and Cookie Matching (CM) are transforming the advertising landscape to an extremely dynamic market and make targeted advertising considerably permissive. The emergence of these technologies allows companies to exchange user data as a product and therefore raises important concerns from privacy perspectives. In this paper, we perform a privacy analysis of CM and RTB and quantify the leakage of users’ browsing histories due to these mechanisms. We study this problem on a corpus of users’ Web histories, and show that using these technologies, certain companies can significantly improve their tracking and profiling capabilities. We detect 41 companies serving ads via RTB and over 125 using Cookie Matching. We show that 91% of users in our dataset were affected by CM and in certain cases, 27% of users’ histories could be leaked to 3rd-party companies through RTB.

We expose a design characteristic of RTB systems to observe the prices which advertisers pay for serving ads to Web users. We leverage this feature and provide important insights into these prices by analyzing different user profiles and visiting contexts. Our study shows the variation of prices according to context information including visiting site, time and user’s physical location. We experimentally confirm that users with known history are evaluated higher than new comers, that some user profiles are more valuable than others, and that users’ intents, such as looking for a commercial product, are sold at higher prices than users’ browsing histories. In addition, we show that there is a huge gap between users’ perception of the value of their personal information and its actual value on the market. A recent study by Carrascal et al. showed that, on average, users evaluate the price of the disclosure of their presence on a Web site to EUR 7. We show that user’s browsing history elements are routinely being sold off for less than $0.0005.


Juan Pablo Carrascal, Christopher Riederer, Vijay Erramilli, Mauro Cherubini, Rodrigo de Oliveira; Your browsing behavior for a Big Mac: Economics of Personal Information Online; In Proceedings of the Conference on Human-Computer Interaction (CHI); 2011; arXiv, 2011-12-28.

How cookies can be used for global surveillance | Freedom to Tinker

; How cookies can be used for global surveillance; In Freedom to Tinker; 2014-12-18.

Original Sources

UDT – Breaking the Data Transfer Bottleneck

UDTBreaking the Data Transfer Bottleneck
Sector a file transfer program.

  • UDT v4.10, 2011-12-29.
  • Sector v2.6, 2011-04-15


  • UDP
  • C++
  • UDT is the library
  • Sector is the program


2008 -> 2011-12.


  • Presentation; At Supercomputing; 2009; X slides.
  • Poster; 1 sheet; At Supercomputing; 2008



Thoughts on Rust Cryptography | Tony Arcieri, Mozilla

Tony Arcieri (Mozilla); Thoughts on Rust Cryptography; 2014-12-19; X slides.

tl;dr => security failures wouldn’t have happened if “we” had used a “real” language instead of C.  He tried using Rust.  Others have too.  Not Shown.  LLVM introduces data-dependent branches so cache timing is introduced where it wasn’t coded.


  • libsodium
  • RbNaCl (the Ruby Cryptograpny Library)
  • Security Failures of 2014
    • Java Bleichenbacher OOB MitM (JCE)
    • Apple “Goto fail” MitM (Secure Transport)
    • GNUTLS “goto cleanup” MitM
    • OpenSSL “Heartbleed” Memory Exposure
    • TLS Triple-Handshake MITM
    • NSS “BERserk” MitM (Firefox & Chrome)
    • SSLv3 & TLS “POODLE” ciphertext recovery
    • Microsoft “Winshock” RCE (SChannel)
  • Security Failures, prior years
    • CREAM
    • LUCKY13
  • Daniel J. Bernstein; Cache-timing attacks on AES; In Some Venue; 2004-04-14.
  • Nadhem J. AlFardan, Kenneth G. Paterson; Lucky Thirteen: Breaking the TLS and DTLS Record Protocols; In Proceedings of the 2013 IEEE Symposium on Security & Privacy (SP); 15 pages.
  • Daniel Meyer, Joel Sandin; Time Trial: Racing Towards Practical Remote Timing Attacks; In Proceedings of Security & Privacy (SP); 2013 (2014-08-07).
  • Time Trial GUI, at Github
  • Rules
    • avoid dependencies on secrets
    • keep secrets and non-secrets separate
  • rust-openssl
  • OpenSSL Forks tlsunderseige
    • OpenSSL
    • BoringSSL
    • libressl
  • sodiumoxide
  • libsodium
    • repackages NaCl
    • Ed25519
    • ChaCha20
    • scrypt
    • Blake2
    • SipHash
  • rust-crypto
  • Advanced Encryption Standard New Instructions (AES-NI), from Intel.
  • TARS – Protected Memory Buffers for Rust
  • nadeko – Constant-time syntax extension for a limited subset of Rust
  • suruga – Ultra-modern (i.e. practically useless) TLS stack
  • cyclometer