[SC-L] Silver Bullet 97 + SearchSecurity Heartbleed
hi sc-l, Heartbleed? Who cares? We do. Real lessons here http://bit.ly/1lBKDsE Silver Bullet 97. Programming languages actually matter. http://www.cigital.com/silver-bullet/show-097/ Read. Listen. Share. React. We want your feedback. gem ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___
[SC-L] Ruxcon 2014 Call For Papers
Ruxcon 2014 Call For Presentations Melbourne, Australia, October 11th-12th http://www.ruxcon.org.au The Ruxcon team is pleased to announce the Call For Presentations for Ruxcon 2014. This year the conference will take place over the weekend of the 11th and 12th of October at the CQ Function Centre, Melbourne, Australia. .[x]. About Ruxcon .[x]. Ruxcon brings together the individual talents of the best and brightest security folk in the region, through live presentations, activities, and demonstrations. The con is held over two days in a relaxed atmosphere, allowing delegates to enjoy themselves whilst networking within the community and expanding their knowledge. Live presentations and activities will cover a full range of defensive and offensive security topics, varying from previously unpublished research to required reading for the security community. .[x]. Important Dates .[x]. May 1st - Call For Presentations Open September 30th - Call For Presentations Close October 6-7 - Ruxcon/Breakpoint Training October 8-9 - Breakpoint Conference October 11-12 - Ruxcon Conference .[x]. Topic Scope .[x]. o Topics of interest include, but are not limited to: o Mobile Device Security o Virtualization, Hypervisor, and Cloud Security o Malware Analysis o Reverse Engineering o Exploitation Techniques o Rootkit Development o Code Analysis o Forensics and Anti-Forensics o Embedded Device Security o Web Application Security o Network Traffic Analysis o Wireless Network Security o Cryptography and Cryptanalysis o Social Engineering o Law Enforcement Activities o Telecommunications Security (SS7, 3G/4G, GSM, VOIP, etc) .[x]. Submission Guidelines .[x]. In order for us to process your submission we require the following information: 1. Presentation title 2. Detailed summary of your presentation material 3. Name/Nickname 4. Mobile phone number 5. Brief personal biography 6. Description of any demonstrations involved in the presentation 7. Information on where the presentation material has or will be presented before Ruxcon * As a general guideline, Ruxcon presentations are between 45 and 60 minutes, including question time. If you have any enquiries about submissions, or would like to make a submission, please send an email to presentati...@ruxcon.org.au .[x]. Contact .[x]. o Email: submissi...@ruxcon.org.au o Twitter: @ruxcon ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___
[SC-L] CFP: Mobile Security Technologies (MoST) 2014 - Call for Participation - May 17
http://mostconf.org/2014/cfp.html Mobile Security Technologies (MoST) 2014 Saturday May 17, 2014 co-located with The 34th IEEE Symposium on Security and Privacy (IEEE SP 2014) an event of The IEEE Computer Society's Security and Privacy Workshops (SPW 2014) Mobile Security Technologies (MoST) brings together researchers, practitioners, policy makers, and hardware and software developers of mobile systems to explore the latest understanding and advances in the security and privacy for mobile devices, applications, and systems. Topics We are seeking both short position papers (2-4 pages) and longer papers (a maximum of 10 pages). The scope of MoST 2014 includes, but is not limited to, security and privacy specifically for mobile devices and services related to: Device hardware Operating systems Middleware Mobile web Secure and efficient communication Secure application development tools and practices Privacy Vulnerabilities and remediation techniques Usable security Identity and access control Risks in putting trust in the device vs. in the network/cloud Special applications, such as medical monitoring and records Mobile advertisement Secure applications and application markets Economic impact of security and privacy technologies Paper Submission Instructions All accepted papers will be published online in the workshop proceedings. Organizing Committee Hao Chen, University of California, Davis Larry Koved, IBM Research Program Chair Kapil Singh, IBM Research Program Committee Kevin Butler (University of Oregon) Hao Chen (University of California, Davis) William Enck (North Carolina State University) Adrienne Porter Felt (Google) Rajarshi Gupta (Qualcomm Research Silicon Valley) Markus Jakobsson (Qualcomm Research Silicon Valley) Jaeyeon Jung (Microsoft Research) Larry Koved (IBM Research) Zhichun Li (NEC Research Labs) Long Lu (Stony Brook University) Adrian Ludwig (Google) David Wagner (University of California, Berkeley) ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___
Re: [SC-L] WEB 2.0 SECURITY AND PRIVACY 2014 WORKSHOP CALL FOR PAPERS - Call for Participation - May 18
http://w2spconf.com/2014/ WEB 2.0 SECURITY AND PRIVACY 2014 WORKSHOP CALL FOR PAPERS IMPORTANT DATES Workshop date: Sunday, May 18, 2014 W2SP brings together researchers, practitioners, web programmers, policy makers, and others interested in the latest understanding and advances in the security and privacy of the web, browsers, cloud, mobile and their eco-system. We have had seven years of successful W2SP workshops. This year, we will additionally invite selected papers to a special issue of the journal. W2SP is held in conjunction with the IEEE Symposium on Security and privacy, which will take place from May 18-21, 2014, at the Fairmont Hotel in San Jose, California. W2SP will continue to be open-access: all papers will be made available on the workshop website, and authors will not need to forfeit their copyright. We are seeking both short position papers (2–4 pages) and longer papers (a maximum of 10 pages). Papers must be formatted for US letter (not A4) size paper with margins of at least 3/4 inch on all sides. The text must be formatted in a two-column layout, with columns no more than 9 in. high and 3.375 in. wide. The text must be in Times font, 10-point or larger, with 12-point or larger line spacing. Authors are encouraged to use the IEEE conference proceedings templates. The scope of W2SP 2014 includes, but is not limited to: Analysis of Web, Cloud and Mobile Vulnerabilities Forensic Analysis of Web, Cloud and Mobile Systems Security Analysis of Web, Cloud and Mobile Systems Advances in Penetration Testing Advances in (SQL/code) Injection Attacks Trustworthy Cloud-based, Web and Mobile services Privacy and Reputation in Web (e.g. Social Networks), Cloud, Mobile Systems Security and Privacy as a Service Usable Security and Privacy Security and Privacy Solutions for the Web, Cloud and Mobile Identity Management, Psuedonymity and ANonymity Security/Privacy Web Services/Feeds/Mashups Provenance and Governance Security and Privacy Policy Management for the Web, Cloud and Mobile Next-Generation Web/Mobile Browser Technology Security/Privacy Extensions and Plug-ins Online Privacy and Security frameworks Advertisement and Affiliate fraud Studies on Understanding Web/Cloud/Mobile Security and Privacy Technical Solutions for Security and Privacy legislation Solutions for connecting the Business, Legal, Technical and Social aspects on Web/Cloud/Mobile Security and Privacy. Technologies merging Economics with Security/Privacy Innovative Security/Privacy Solutions for Industry Verticals Any questions should be directed to the program chair: tgrandi...@proficiencylabs.com. WORKSHOP CO-CHAIRS Larry Koved (IBM Research) Matt Fredrikson (University of Wisconsin - Madison) PROGRAM CHAIR Tyrone Grandison (Proficiency Labs) PROGRAM COMMITTEE Aaron Massey (Georgia Institute of Technology) Adrienne Porter Felt (Google) Aleecia M. McDonald (Center for Internet Society) Alex Smolen (Twitter) Alexander Polyakov (ERPScan) Amine Cherrai (Amine Cherrai Consulting) Anand Prakash (E-Billing Solutions Pvt. Ltd) Bhavani Thuraisingham (University of Texas - Dallas) Brad Malin (Vanderbilt University) Carrie Gates (CA Technologies) Christy Philip Matthew (Offcon Info Security) Dieter Gollmann (Hamburg University of Technology) Elena Ferrari (University of Insubria) Gerome Miklau (University of Massachusetts - Amherst) Hakan Hacigumus (NEC Labs) Ilya Mironov (Microsoft Research) James Kettle (Context Information Security) Kimberley Hall (Security Advisory Management Services Ltd) Michael Franz (University of California - Irvine) Michael Waidner (Technische Universitat Darmstadt) Monica Chew (Mozilla) Pierangela Samarati (University of Milan) Rafae Bhatti (Price Waterhouse Coopers) Reginaldo Silva (Ubercomp) Rose Gamble (University of Tulsa) Sabrina De Capitani di Vimercati (University of Milan) Sean Thorpe (University of Technology - Jamaica) Sid Stamm (Mozilla) Simson Garfinkel (Naval Postgraduate School) Szymon Gruszecki Varun Bhagwan (Yahoo) Vinnie Moscaritolo (Silent Circle) ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___
[SC-L] Ruxcon 2014 Call For Papers
Ruxcon 2014 Call For Presentations Melbourne, Australia, October 11th-12th http://www.ruxcon.org.au The Ruxcon team is pleased to announce the Call For Presentations for Ruxcon 2014. This year the conference will take place over the weekend of the 11th and 12th of October at the CQ Function Centre, Melbourne, Australia. .[x]. About Ruxcon .[x]. Ruxcon brings together the individual talents of the best and brightest security folk in the region, through live presentations, activities, and demonstrations. The con is held over two days in a relaxed atmosphere, allowing delegates to enjoy themselves whilst networking within the community and expanding their knowledge. Live presentations and activities will cover a full range of defensive and offensive security topics, varying from previously unpublished research to required reading for the security community. .[x]. Important Dates .[x]. May 1st - Call For Presentations Open September 30th - Call For Presentations Close October 6-7 - Ruxcon/Breakpoint Training October 8-9 - Breakpoint Conference October 11-12 - Ruxcon Conference .[x]. Topic Scope .[x]. o Topics of interest include, but are not limited to: o Mobile Device Security o Virtualization, Hypervisor, and Cloud Security o Malware Analysis o Reverse Engineering o Exploitation Techniques o Rootkit Development o Code Analysis o Forensics and Anti-Forensics o Embedded Device Security o Web Application Security o Network Traffic Analysis o Wireless Network Security o Cryptography and Cryptanalysis o Social Engineering o Law Enforcement Activities o Telecommunications Security (SS7, 3G/4G, GSM, VOIP, etc) .[x]. Submission Guidelines .[x]. In order for us to process your submission we require the following information: 1. Presentation title 2. Detailed summary of your presentation material 3. Name/Nickname 4. Mobile phone number 5. Brief personal biography 6. Description of any demonstrations involved in the presentation 7. Information on where the presentation material has or will be presented before Ruxcon * As a general guideline, Ruxcon presentations are between 45 and 60 minutes, including question time. If you have any enquiries about submissions, or would like to make a submission, please send an email to presentati...@ruxcon.org.au .[x]. Contact .[x]. o Email: submissi...@ruxcon.org.au o Twitter: @ruxcon Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___