Categories
personal random research security

Social Snapshots and Gephi

We will present a new tool to extract the complete account information from social networks, like Facebook, at this years’ ACSAC. More information on the social snapshot project are also available here:  Social Snapshots: Digital Forensics for Online Social Networks Currently, I am looking for ways to visualize extracted data from Facebook. Gephi is a […]

Categories
research security

Dropbox Security: Dark Clouds on the Horizon at USENIX’11

Back in March 2010 we started an investigation into online file storage services and Dropbox in particular. Sebastian and Manuel started to disassemble the Dropbox binary and in essence created an alternative client by patching its crypto libraries. In the months that followed we found a number of security flaws with Dropbox. In November 2010 […]

Categories
research security

Who On Earth Is ”Mr. Cypher“: Automated Friend Injection Attacks on Social Networking Sites

Abstract. Within this paper we present our novel friend injection attack which exploits the fact that the great majority of social networking sites fail to protect the communication between its users and their services. In a practical evaluation, on the basis of public wireless access points, we furthermore demonstrate the feasibility of our attack. The […]