Back again

Moved to yet another flat and upgraded my Internet connection. Back again

photo credit: GustavoG

No Comments / Nov 05.09 / personal, random / by markus

I went to visit the UCSB Seclab …

… and all I got were these lousy pictures.

No Comments / Sep 03.09 / Research, personal, random, security / by markus

PASSAT-09 in Vancouver

Just arrived yesterday in Vancouver. The PASSAT-09 conference is quite nice so far and I gave my presentation today (”con mucha mierda” – Javier). I’m still tired from the trip and will hopefully post some pictures from Canada soon.
Update: The conference was great and I met some interesting people, below are some snapshots from my Vancouver sightseeing.

No Comments / Aug 29.09 / ASE, PASSAT-09, Research, security, thesis / by markus

HAR09 – It was super awesome

No Comments / Aug 17.09 / Research, har09, random, security / by markus

HAR09 – some more pictures

No Comments / Aug 14.09 / Research, har09, random, security / by markus

HAR09 – A first glimpse

We arrived yesterday evening at HAR09 and were impressed; around 1300 people had shown up already.

Below are some pictures I took until now:

No Comments / Aug 13.09 / har09, personal, random, security / by markus

Getting ready for HAR09

I will be going to the HAR09 soon tomorrow; we were lucky to have ordered our tickets soon enough. I plan to post some pictures and a small entry.

No Comments / Jul 26.09 / personal, security / by markus

Towards Automating Social Engineering Using Social Networking Sites (Preprint)

I made the preprint version of my publication on “Towards Automating Social Engineering Using Social Networking Sites” available online. You can fetch the pdf from here: http://asebot.nysos.net. As I said before I will present this work at this year’s PASSAT in Vancouver.

Abstract—A growing number of people use social networking sites to foster social relationships among each other. While the advantages of the provided services are obvious, drawbacks on a users’ privacy and arising implications are often neglected. In this paper we introduce a novel attack called automated social engineering which illustrates how social networking sites can be used for social engineering. Our approach takes classical social engineering one step further by automating tasks which formerly were very time-intensive. In order to evaluate our proposed attack cycle and our prototypical implementation (ASE bot), we conducted two experiments. Within the first experiment we examine the information gathering capabilities of our bot. The second evaluation of our prototype performs a Turing test. The promising results of the evaluation highlight the possibility to efficiently and effectively perform social engineering attacks by applying automated social engineering bots.

No Comments / Jul 06.09 / ASE, Research, security, thesis / by markus

Politics on Facebook: The Iranian Election June 2009

The election results of the Iranian election from yesterday are causing major concerns among voters and controversy. Also have a look at this article (in German): http://www.zeit.de/online/2009/25/iran-wahl-ergebnis. It is interesting that there is a lot of discussion on Facebook about this topic.

Below are some screenshots of polical messages I saw on Facebook today:

It seems Facebook is blocked in China, Persia & Co. for a reason. I wish the Iraniens good luck and hope Facebook somewhat helps them.

2 Comments / Jun 13.09 / election, iran, personal, politics, random / by markus

Automated Social Engineering Bot – PASSAT 2009

I got a paper on my Automated Social Engineering Bot accepted at the PASSAT 2009 conference. I’ll post the camery-ready version soon.

No Comments / Jun 13.09 / ASE, random, security, thesis / by markus