- Medical Device Insecurity --- A Prescription For Disaster
2017-06-17 · Posted by: Justin Cappos · Categories: Upccinate · Comments
This past week I spent time in Finland working with medical device experts. I talked to vendors, hospital IT personnel, and security experts which helped me learn a lot...
- Atoms of Confusion: Tracking the Tiny Causes of Programmer Misunderstanding
2017-06-05 · Posted by: Dan Gopstein · Categories: Atoms of Confusion · Comments
Atoms of Confusion is a project designed to understand the root causes of programmers’ misunderstanding of source code. It is anchored in the idea that empirical software engineering research...
- Rubber Meets the Road: Classroom Lessons Learned from Seattle
2017-05-29 · Posted by: Lois Anne DeLong · Categories: Seattle · Comments
When Seattle first debuted in 2009, it brought to life several exciting ideas. For starters, it demonstrated the potential of cloud technology that could securely run on donated devices. It also gave educators..
- Google Summer of Code -- Python Dependency Resolution
2017-05-22 · Posted by: Justin Cappos · Categories: TUF · Comments
This summer we are giving back to the Python community. I am excited to be working with Donald Stufft to mentor Pradyun Gedam, while he works on dependency resolution for pip...
- TUFening UP Conex
2017-05-15 · Posted by: Justin Cappos · Categories: TUF · Comments
I spent this week with Hannes Mehnert figuring out how best to secure Conex, a TUF-like system for the OCaml community. We spent quite a bit of time pouring over the Conex proposal...
- Demonstrated defense: Uptane takes a test drive
2017-05-08 · Posted by: Lois Anne DeLong · Categories: Uptane · Comments
While the Uptane group continues to invite white hat hackers to “break our system” before malicious parties attempt to do so for real, several of the developers..
- All in One Day’s Work: Fourth Sensibility Testbed Hackathon
2017-05-01 · Posted by: Yanyan Zhuang · Categories: Sensibility · Comments
For four years, the Sensibility Testbed project has thrown down a gauntlet to students——in less than one day, use the platform to design and test a new sensor...
- Notes from DockerCon 2017
2017-04-24 · Posted by: Justin Cappos · Categories: TUF, in-toto, and lind · Comments
This week several members of the lab went to DockerCon 2017 to learn about some of the exciting new things happening in the Docker eco-system. We also gave a talk on TUF...
- Coming Attractions. PPH and CrashSimulator at the Expo, April 21
2017-04-17 · Posted by: Lois Anne DeLong · Categories: PolyPasswordHasher and CrashSimulator · Comments
The Research Expo at the NYU Tandon School of Engineering is a showcase where students and faculty alike can share their current research activities with the greater academic...
- Where the Rubber Meets the Road. Lessons learned from NetCheck
2017-04-10 · Posted by: Justin Cappos · Categories: NetCheck · Comments
In 2014, Eleni Gessiou, Yanyan Zhuang, Justin Cappos, and four of their students introduced a new diagnostic tool called...
- Driving Forward. How a Big Idea Begins its Journey Towards Marketplace Acceptance
2017-04-04 · Posted by: Lois Anne DeLong · Categories: Uptane · Comments
So, you’ve come up with a really cool idea, discussed it with some knowledgeable people in order to frame that idea for a specific market, and written a program that is now attracting attention...
- SHAttered: Not All It's Cracked Up to Be
2017-03-27 · Posted by: Lois Anne DeLong · Categories: Informational · Comments
NYU graduate student Santiago Torres-Arias has a one-word message for those who might be shaken up by Google’s February 23 announcement of "the first practical technique" for attacking systems based on SHA-1, and that word is "relax."
- Why Does Our Lab Need A Blog?
2017-03-20 · Posted by: Justin Cappos · Categories: Informational · Comments
Ideas do not always come in conference paper-sized chunks. Sometimes they are too small to fill a paper. Other times they find themselves cut loose from a paper that did not have enough pages to discuss everything. And, in...