Users are asked to generate, memorize, and keep secret a growing number of passwords as they join new password-protected sites over time. Since at least 1997 [6], this trend has been recognized as both a nuisance and a security risk.
Post
Replies:
25
Boosts:
2
https://web.archive.org/web/20061010161657/https://www.cs.princeton.edu/~jhalderm/papers/www2005.pdf
First, they require technical changes on the part of every site that uses them for authentication, something even Microsoft has lacked the clout to achieve on a widespread scale.
so basically i found my new favorite person about an hour ago
Second, users have been cautious about
placing so much trust and privacy-sensitive information under the control of a centralized system.
Many users (including those who should know better) fail to take adequate steps to protect their passwords. Often the cause is not a failure to understand that strong passwords are important, but rather frustration with the difficulty of doing the right thing. In our study we attempted to make
strong password management more convenient. Whereas previous schemes were lacking in either transportability for mobile users or security against brute force attacks, our design achieves a balance of the two by using password strengthening techniques. Our implementation, Password
Multiplier, is available on the web. We encourage novices and experts alike to try it.
One of Necula’s breakthrough achievements in formulating the notion of proof-carrying code was to axiomatize the system very concretely and at a very low level – that of individual machine instructions and memory locations. But we will argue that his specification is actually too abstract!
pissed off that this guy got an nsf young investigator award even if he's literally the most deserving ever cause that should be me
A program is just a sequence of integers (p0 , p1 , ..., pn−1) (that code for instructions and data) to be loaded at a start address start.
We have described how to specify the safety theorem that an untrusted program must satisfy. But how is such a theorem to be proved? Program verification is a difficult business, and we must take care not to get stuck in a quagmire. The solution is for the producer of the program to generate the code in a controlled way, by using special compilers.
SPECIAL COMPILERS
https://www.usenix.org/legacy/publications/library/proceedings/osdi96/kimbrel.html
All four algorithms signicantly outperform demand fetching, even when advance knowledge of the access sequence is used to make optimal replacement decisions in conjunction with demand fetching.
hell yeah macrokernel hypothesis was already found to be correct in 1996
The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of any supporting
organization or the U.S. Government.
omfg. this is the first paper listed on his site
A Highly Parallel Chess Program
i assume he is no longer available to contact https://www.cs.princeton.edu/~felten/index.html i might try to email him though
mega meme material lmao https://citp.princeton.edu/people/steven-kelts
He also received a grant from Google to apply findings from this program in corporate settings, looking specifically at the uses and misuses of utilitarian logic by engineers on Agile teams (incl. Scrum, Kanban, MLOps, etc.).
maybe i message the IT lead and ask him if they're hiring https://citp.princeton.edu/people/patrick-richichi
OMG I FUCKING HATE THIS GUY LMAO https://citp.princeton.edu/people/josh-aas
AI Ethics Lead and Member of Technical Staff, Open AI
Microsoft Visiting Professor
HOLY SHIT THEY GOT RUHA BENJAMIN https://citp.princeton.edu/people/ruha-benjamin
yet another person from an org i despise
bruh they got brian kernighan
this guy rocks https://citp.princeton.edu/people/arvind-narayanan
https://citp.princeton.edu/programs/emerging-scholars-program closed for this year already
i do not have the quals but i absolutely have the [genitalia] to apply for this regardless https://citp.princeton.edu/programs/citp-non-resident-technology-fellows-program
Security and Privacy Reading Group
CITP's Security & Privacy Reading Group is an informal chat for students, postdocs, and fellows to read recent conference papers in technical privacy and security topics.
This reading group is on hiatus.
linking them this fedi thread
i knew this was gonna be pro-slop when it said "evidence-based effect on labor". evidence-based is such a strong signal lmao
@hipsterelectron "a key challenge is understanding how these systems currently shape workers’ pay, opportunities, and ability to contest decisions"
How about we replace "these systems" with "top-down management decisions"
