This page collects links to media coverage of papers in the 2009 IEEE
Symposium on Security and Privacy. If you know of other articles that
should be linked here, email them to David Evans (firstname.lastname@example.org
Blueprint: Robust Prevention of Cross-site Scripting
Attacks for Existing Browsers, Mike Ter Louw, V.N. Venkatakrishnan
(University of Illinois at Chicago)
Blueprint to Stop Browser Attacks, Technology Review, 14 May
De-anonymizing Social Networks
, Arvind Narayanan, Vitaly Shmatikov (University of Texas, Austin)
Social-Network Users, Technology Review, 6 May 2009.
Fingerprinting Blank Paper Using Commodity Scanners
dots between social sites reveals anonymous users, New
Scientist, 30 March 2009.
back the curtain on "anonymous" Twitterers, ars technica, 31
sites dent privacy efforts, BBC, 27 March 2009.
William Clarkson (Princeton University),
Tim Weyrich (University College London),
Ed Felten (Princeton University)
blank sheets of paper by scanning them, boingboing, 13 March
It's No Secret. Measuring the Security and Reliability of
Authentication via ‘Secret’ Questions
scanners can 'fingerprint' paper, researchers say,
NetworkWorld, 10 March 2009.
Schechter, A. J. Bernheim Brush (Microsoft Research),
Serge Egelman (Carnegie Mellon University)
Secret questions don't safeguard passwords, NetworkWorld, 19
May 2009. (Also in CIO
Magazine, 19 May 2009.)
Native Client: A Sandbox for Portable, Untrusted x86
"Secret Questions" Too Easily Answered?, Technology Review, 18
, Bennet Yee,
David Sehr, Gregory Dardyk, Brad Chen, Robert Muth, Tavis Ormandy,
Shiki Okasaka, Neha Narula,
Nicholas Fullagar (Google)
Google Chrome's Security Practices Raise Eyebrows, PC Magazine,
18 May 2009.
Pretty-Bad-Proxy: An Overlooked Adversary in Browsers' HTTPS
The Security Implications Of Google Native Client, Matasano
Security Blog, 15 May 2009.
Google plugs PC power into cloud computing, cnet News, 27 April
hopes to find community in security contest, cnet News, 26
than ActiveX: a look at Google's Native Client plugin, ars
technica, 9 December 2008.
, Shuo Chen (Microsoft Research), Ziqing Mao (Purdue
University), Yi-Min Wang, Ming Zhang (Microsoft Research)
Browsers' Trust, Technology Review, 21 May 2009.
Tempest in a Teapot: Compromising Reflections
, Michael Backes (Saarland University and Max Planck Institute for
Software Systems), Tongbo Chen (Max Planck Institute for Informatics),
Markus Duermuth (Saarland University), Hendrik P. A. Lensch (Max Planck Institute for Informatics), Martin Welk (Saarland University)
Hackers Can Steal Secrets from Reflections, Scientific
American, 27 April 2009.
Wirelessly Pickpocketing a Mifare Classic Card
D. Garcia, Peter van Rossum, Roel Verdult, Ronny Wichers Schreur
(Radboud University Nijmegen)
Smart Card Can Be Hacked, Researchers Show, Government
Technology, 20 May 2009.