personal random research

autumn is here

Finally arrived back in Vienna last Thursday. Pittsburgh turned out to be a neat city and I had a good time there. In Australia I ran into Richard Stallman and had some great discussions on free software. Amir showed me around Sydney – thank you so much! before I ended up in Byron Bay. Below […]

fitm research security

Technical Report: Friend-in-the-Middle (FITM) Attacks

Abstract. In the ongoing arms race between spammers and the multi-million dollar anti-spam industry, the number of unsolicited e-mail messages (better known as “spam”) and phishing has increased heavily in the last decade. In this paper, we show that our novel friend-in-the-middle attack on social networking sites (SNSs) can be used to harvest social data […]

research security

Who On Earth Is ”Mr. Cypher“: Automated Friend Injection Attacks on Social Networking Sites

Abstract. Within this paper we present our novel friend injection attack which exploits the fact that the great majority of social networking sites fail to protect the communication between its users and their services. In a practical evaluation, on the basis of public wireless access points, we furthermore demonstrate the feasibility of our attack. The […]