Research Projects You Should Know About 56
Anonymous Coward writes "Here is a look at 10 current IT and network research projects, from active cookies to faster wireless LANs to the latest anti-phishing schemes, that could be making their way out of labs and into companies and homes soon." Still no virtual sandwich I see.
Huh. (Score:5, Funny)
They didn't censor that out... (Score:2)
Re:sharing Wi-fi? (Score:5, Interesting)
Re:sharing Wi-fi? (Score:1)
Sirius Cybernetics Corporation Marketing Division
It is not entirely clear why the SCC has not yet collapsed, since nothing they produce ever works properly or performs to expectations. When a person asks for a drink from the Nutrimatic Drink Dispenser, the dispenser probes the customer's taste sensors and pleasure receptors of the brain. Despite its sophisticated artificial intelligence, it always dispenses the same drink: a concoction that tastes "almost, but not quite, entirely unlike tea"
Re:Human Beings that Live in Computers? (Score:1)
in fact even my mother wont venture into the basement to even talk to me nevermind take my picture.
Here's a cool one (Score:5, Funny)
I RTFA and I don't believe this is anything new; it is essentially a software based SLA with your neighbors. Frankly, I have been doing this with neighbors for a while now, albeit I do know them well.
Re:Here's a cool one (Score:2, Interesting)
Re:Here's a cool one (Score:2, Funny)
I may as well.
After all, they've been sharing theirs with me for months now---thanks to AirSnort and them thinking a good password is their dog's name follwed by a "1".
Re:Here's a cool one (Score:2)
Isn't there another more secure way of doing WPA, involving a separate server to issue keys? I have an unmodified WRT54G (v3) and a 400MHz P3 linux box collecting dust. How can I put them to use to make my wireless connection more secure? I started looking into dd-wrt and I'm interested though I need to read more about it. Ideally I'd like to be able to offer any random
Re:Here's a cool one (Score:1)
btw: disabling SSID broadcast is rather useless. while connected, your beacons contain the unencrypted (E)SSID anyway.
Already done... (Score:5, Funny)
Interesting idea, but not original:
Active cookies? (Score:5, Funny)
Re:Active cookies? (Score:5, Informative)
http://www.ravenwhite.com/files/activecookies--28_ Apr_06.pdf [ravenwhite.com]
From what I've gathered, basically, they seek to stop the threat of DNS poisoning and passive-snooping man-in-the-middle impersonation of a users' session by tagging cookies in the client's browser with an IP address rather than a domain name, then redirecting users from the DNS-resolved websites to that same IP (only to send their cookies), and ensuring (on the machine pointed to by that IP) that the IP address of the connection which was sent the redirection and the IP address that is now sending back the cookie to match up.
This does seem like quite a bit of work to go through to stop what are probably relatively uncommon attacks though.
Re:Active cookies? (Score:4, Insightful)
Re:Active cookies? (Score:3, Insightful)
they seek to stop the threat of DNS poisoning and passive-snooping man-in-the-middle impersonation of a users' session by tagging cookies in the client's browser with an IP address rather than a domain name, then redirecting users from the DNS-resolved websites to that same IP (only to send their cookies), and ensuring (on the machine pointed to by that IP) that the IP address of the connection which was sent the redirection and the IP address that is now sending back the cookie to match up.
OK, so as I
Toss Active Cookies (Score:3, Insightful)
I wrote about this [matasano.com] after reading the white paper. I don't think this is a particularly useful idea.
The key "insight" of the paper is that if you associate cookies with IP addresses, and not domain names, attackers can't spoof DNS to steal cookies. So a server and client have a facsimile of a "trusted channel"; if the server can recover a proper IP-tagged cookie, it knows it's talking to a client and not a man-in-the-middle.
Apart from the fact that this whole scheme is aimed at a relatively exotic exp
Attention Givers (Score:3, Interesting)
There is somthing kinda funny about that.
Quite a few business people pay top dollar to resorts that pay that much attention to datails about them.
Maybe the spammers could quit looking for pennies & devolop software that uses their skills for people who actually want it.
Re:Attention Givers (Score:1)
The problem is not that spammers are innately evil bastards, the problem is that their line of work is so profitable. As long as the money is there to be made, we will suffer through the spam.
Politicks (Score:4, Funny)
Re:Politicks (Score:1)
Re:Politicks (Score:1)
you can always tell the people: "candidate A would have been the winner".
our little friends that live in our big computers told us that. and everyone is happy.
community. identity. stability.
Self-defeating (Score:1)
Human beings that live in computers
Fighting spam zombies from outer space
The BIG 3D imaging problem is... (Score:5, Informative)
...not really bandwidth, but storage.
I've been lucky to head to a couple of optics conferences, and with the keynote presentations that has been the one surprising thing (to me as a layman) that comes up time after time.
10Gbps throughput via optics is great; in fact, with the use of optics, the amount of data that can be collected for, say, scanning living tissue, is enormous. Finding a storage mechanism large enough and fast enough to store seemingly infinite amount of information, though, have been the researchers' concern.
What did they think was a solution for this? You guessed it, optical storage.
The key to going where Google isn't... (Score:5, Interesting)
Being able to search video [vobbo.com] hosting [youtube.com] sites [google.com] for a phrase without requiring manual entry of the script (if one even exists) would be incredibly useful.
Re:The key to going where Google isn't... (Score:1)
Re:The key to going where Google isn't... (Score:2)
So, what are you saying people doing research in these fields should do?
Re:The key to going where Google isn't... (Score:1)
Knock knock... (Score:4, Insightful)
It gets easier and easier to get arrested.
Re:Knock knock... (Score:3, Informative)
10 projects, 11 pages, 55 ads (Score:5, Informative)
yuk.
truly pathetic article (Score:3, Insightful)
First, it is piles of advertising and links you have to click through to get to even the very first page.
Second, the articles are written by marketing droids, it appears. "Human beings that live in computers" is a stupid marketer code for sim city.
How pathetic a slashdot article -- slashdot for sub-intelligent children...
Active Cookies (Score:4, Interesting)
It appears that Raven White, in association with RSA Laboratories, are proposing an extension to the HTTP cookie scheme whereby a cookie could be associated with an IP address rather than a domain. This would, according to them, allow a site to store a shared secret on the client which could not be obtained by third parties via a "pharming" (DNS/browser location spoofing) attack.
I'm not going to argue about the merits of the scheme they are proposing - it appears to be relatively functional.
What I don't understand is why, if what they're proposing requires extensions to the existing behavioural specification, they don't look at a challenge-response style method of cookie acquisition. This would remove the tying of cookie "ownership" to the DNS hierarchy and permit a more robust scheme of sharing information between the client and server.
A valid anology to the current system might be:
Me: Hi, my name's Malcolm, can I have the secret documents?
You: You walked in when I asked for Malcolm - here they are.
White Raven's scheme:
Me: Hi, can I have the secret documents?
You: I recognise you from the last time I spoke to Malcolm - here they are.
Cookie auth scheme:
Me: Hi, can I have the secret documents? Here's the password we agreed on earlier.
You: I recognise that password, you must be the entity I spoke to earlier or an agent thereof. Here's the documents!
I concede that the IP based cookie distribution system is simpler - but it's not much simpler, it is still open to attacks and it is less flexible. Is there something I'm missing?
Malcolm
Re:Active Cookies (Score:2)
I can't say I'm really impressed with this "research" and the active cookies is really lame. Stare at SSH long enough, play with it and you'll discover as I have there's already a much better way to do this that doesn't care about IP's or domains. Plus it has the benefit of actually working. Today. With no mods.
If innovation isn't dead it's seriously wounded lying in the corner bleeding from both ends.
Fighting spam zombies from outer space (Score:3, Funny)
Can someone please clarify? I can only hope that they choose to face us on our home turf...but then again, spam zombies can't be hard to beat up. They're made of friggin' spam, and they move pretty slow. Furthermore, if we have to fight them FROM outer space, and they're not coming here, why are we fighting them in the first place? Isn't that more of an attack on the spam zombies? I have no beef with the spam zombies. Well, maybe some highly processed beef...
Re:All is Well (Score:2)
Re:Fighting spam zombies from outer space (Score:1)
What about the really important stuff (Score:1)
In The Beginning... (Score:2)
If I Could Mod the Post Down... (Score:1)
Hell yeah! (Score:2)
Can you do a conjunction with abbreviations?
Groundbreaking? (Score:1)
They are all missing something... (Score:1)
Where is the new and exciting stuff?
It's an ok assortment of projects (Score:1)
Another question, it isn't a society until they create artificial politicians and artificial traffic jams to artificial dissatisfying jobs with artificial undersized paychecks. Then we get to the artificial trade agreements that give those artificial jobs away to artificial third world countries and then they need to code in artificial welfare and artificial unemployment and artificial utility sh
ads (Score:2)
lame.