by Seth Schoen
The most common way of using SSL/TLS encryption relies on a public-key infrastructure that puts near-absolute trust in a large number of entities around the world, any one of which could accidentally or deliberately empower anyone in between us and our communication partners to impersonate any site or service and spy on all of our communications. We've seen that these certificate authorities can make mistakes. CA mistakes, or collaboration with attackers, can expose us to undetectable man-in-the-middle attacks, so we need new mechanisms to meaningfully double-check that they're doing the right thing.
I will discuss a whitepaper and research collaboration that are exploring the available sources of information that could help address this problem.
by Paul Fenwick
Want to find out what your friends were doing on the weekend? Curious which parties you aren't getting invited to? Wish you could contact that interesting person you met at a 3,000 person event, but you only got their first name? Want to know what your potential new employee really does in their spare time? Or do you just like data, and lots of it?
In this talk we'll learn some simple tricks with open source tools that can help you access a wealth of information from the largest collection of social data ever created. We will also examine techniques and practices to help control what data you expose to the techniques presented.
1st–4th June 2010