IEEE Symposium on Security and Privacy

This page collects links to media coverage of papers in the 2010 IEEE Symposium on Security and Privacy.

US Cybersecurity Research Event
Federal Agencies Woo Security Researchers, Technology Review (Erica Naone), 20 May 2010.
Healthcare Data Hemorrhages: Inadvertent Disclosure and HITECH (Short Talk)
M. Eric Johnson (Dartmouth College)
P2P networks a treasure trove of leaked health care data, study finds, ComputerWorld, 17 May 2010.
ConScript: Specifying and Enforcing Fine-Grained Security Policies for JavaScript in the Browser
Leo Meyerovich (University of California, Berkeley), Benjamin Livshits (Microsoft Research)
Protecting Websites from Shared Code, Technology Review (Erica Naone), 20 May 2010.
Experimental Security Analysis of a Modern Automobile
Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, Tadayoshi Kohno (University of Washington), Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage (University of California, San Diego)

Hakkerit iskivät auton tietojärjestelmiin, Keskisuomalainen, 21 May 2010.

Carros estão vulneraveis a ataques de hackers, Technologica, 17 May 2010.

Hack attacks mounted on car control systems, BBC News, 17 May 2010.

Researchers Hijack a Car's Brakes and Engines, Technology Review, 14 May 2010.

Cars' Computer Systems Called at Risk to Hackers, The New York Times (John Markoff), 13 May 2010.

Hacking a car, cnet (Elinor Mills), 14 May 2010.

Modern cars vulnerable to malicious hacks, NewScientist (Jim Giles), 14 May 2010.

Researchers Hijack a Car's Brakes and Engines, Technology Review (Erica Naone), 14 May 2010.

Boffins warn on car computer security risk, The Register (John Leyden), 14 May 2010.

Tamper Evident Microprocessors
Adam Waksman, Simha Sethumadhavan (Columbia University)
'Tamper evident' CPU warns of malicious backdoors, The Register (Dan Goodin), 12 May 2010.
A Practical Attack to De-Anonymize Social Network Users
Gilbert Wondracek (Vienna University of Technology), Thorsten Holz (Vienna University of Technology), Engin Kirda (Institute Eurecom), Christopher Kruegel (University of California, Santa Barbara)
History of social network use reveals your identity, NewScientist (Jim Giles), 18 May 2010.

De-Anonymizing Social Network Users, Schneier on Security, 8 March 2010.

Browserhistory hijack + social networks = lost anonymity, Ars Technica, 24 February 2010.

Attack Unmasks User Behind The Browser, DarkReading, 23 February 2010.

Indiscrete web browsers assist de-anonymisation, H-Online, 1 February 2010.

HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity
Zhi Wang, Xuxian Jiang (North Carolina State University)
Boffins propose 'guaranteed' hypervisor security, IT News, 15 May 2010.

Researchers to Cure Blue Pill Virtualization Attacks, PCWorld, 7 May 2010.

Researchers Lock Down The Hypervisor, Dark Reading, 29 April 2010.

New Research Offers Security For Virtualization, Cloud Computing, Physorg, 27 April 2010.

Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow
Shuo Chen (Microsoft Research), Rui Wang (Indiana University Bloomington), XiaoFeng Wang (Indiana University Bloomington), Kehuan Zhang (Indiana University Bloomington)
Your health, tax, and search data siphoned: Software-as-a-service springs SSL leak, The Register, 23 March 2010.

Researchers sound alarm on Web app "side channel" data leaks, Network World, 25 March 2010.

SaaS Apps May Leak Data Even When Encrypted, Study Says, DarkReading, 26 March 2010

Chip and PIN is Broken
Steven J. Murdoch, Saar Drimer, Ross Anderson, Mike Bond (University of Cambridge)
Cambridge researchers show Chip and PIN system vulnerable to fraud,, 11 February 2010.

'Flaw' in chip and PIN 'means thieves can use cards without needing security code', Daily Mail, 12 February 2010.

Chip and pin card readers fundamentally flawed, Telegraph, 11 February 2010.

How the Cambridge chip and PIN attack works, ZDNet UK, 11 February 2010.

BBA issues new anti-fraud advice, Banking Times, 15 February 2010.

If you know of other articles that should be linked here, e-mail them to David Evans (