Tuesday, May 26, 2009

Zombie Photos On Social Networks

Hi Folks,
today I wanna point out this interesting experiment made by University of Cambridge (UK).

For our experiment, we uploaded a test image onto 16 chosen sites {they're writing about social networks} with default permissions, then noted the URL of the uploaded image. Every site served the test image given knowledge of its URL except for Windows Lives Spaces, whose photo servers required session cookies (a refreshing congratulations to Microsoft for beating the competition in security). [..] here the results [..]

A live experiment monitor is here.
In my opinion this is a great experiment really useful for monitoring each contributor's privacy. Great work man.

Wednesday, May 20, 2009

RFID is improving

The main problem of RFID technology has been security since they came out. Making an encrypted communication between RFID and RFID's reader was too much power expensive for a single chip. RFID keeps its own power from electromagnetism spread by readers and uses it to make some easy computation. The available power is not enough to compute heavy counts , the chip may reboot before all operations ended. An important point to make this technology useful for our future it's making a safe communication between chip and reader, in such way the hypothetical attacker cannot modify the RFID data. Doing that means developing a software able to perform heavy calculus using few operations, saving power.
Kevin Fu, assistant professor at University of Massachusetts Amherst, wrote the ground to make it possible.

Today I suggest this reading

Wednesday, May 13, 2009

Breaking into Your Home

Knowing what are you doing and what have you done it's not enough, now everyone could knows how is you home.
This sentence is provocative, I know .., but unfortunately is the main direction that Internet is choosing through new technologies like "Web 2.0" and Semantic Web. I wont say that is bad, I just want point out that these technologies are dangerous for unwitting people that don't know these issues. Mybe in late 20XY people will figure out the meaning to upgrade pictures on FB or personal news on Twitter and so forth..

The house in the picture is the house of a friend of mine ... ... it's not on sale... but you know everything.

Actually , it's a great software for people who wants to buy a new home .... Maybe it's not so great for people which have just bought one.

Saturday, May 9, 2009


Some days ago "Il Resto Del Carlino" interviewed me.
"Il Resto Del Carlino" is an italian daily newspaper, which was interested on my experience on Computer Science Security. It was my first interview: awesome: Photographer, Journalist, paper and pencil, everything like old movies. The interview was pretty long and difficult, it was the first time, ever, that people didn't understand what I was saying... My technical language is very different from journalist' one. Nice Experience, amazing.Today the newspaper is out, actually I'm embarrassed but happy :D.Once again, a very nice experience.

PS: the photo on the newspaper is very bad .. I feel to look better than the picture on newspaper.

Tuesday, May 5, 2009

The Election Transparency Project

Hello Folks,
today I wanna point out this project: "Election Transparency Project".

"The 2008 June 3rd election was the first time that ballots were
scanned and published on the Internet for a Humboldt County election.
Scanning began on June 23rd and took about 5 days. A set of 3 DVDs
containing images of 30,025 voted ballots (around 8.2 GB of data)
became available on July 3rd.

"The November Presidential Election was the second time that ballots
were scanned and published by the ETP. During this process, the ETP
discovered that 197 ballots were deleted by the Diebold/Premier
software used by Humboldt County to tally the vote. This software
glitch resulted in the certification of inaccurate election results.
More information about this issue can be found in the "News" section
of this website."

"BALLOT IMAGES produced by the Humboldt County Election Transparency
project can be obtained from the Elections Department on DVD."

"These images are also available on a website hosted by the Election
Administration Research Center at UC Berkeley:"

The Ballots are publics, you can download them here.
To (re)simulate the counting phase, using this particular software, The Ballot Browser, is easy to count scanned ballots.

I totally agree with this sampled audit system. The goal of this project is to verify the machine's work by (re)counting the votes in some small cities, where results no heavy the ballot scanning procedure. The end of the experiment is pretty easy, if the results are not equals, there is a counting error in some ways.Of course we wont say that if the totals are the same there are no errors on the procedures and on the machines but if the totals are different, we are sure that something wrong happened. Until the (re)counting process is Transparent, it's easy to check if the fault is in it. No faults in the (re)counting procedure ? The fault is in the voting device.
Using this procedure "The Election Transparency Project" discovered: New Errors in County election Results that caused huge political and social consequences.