Users are asked to generate, memorize, and keep secret a growing number of passwords as they join new password-protected sites over time. Since at least 1997 [6], this trend has been recognized as both a nuisance and a security risk.
Post
Replies:
9
Boosts:
2
https://web.archive.org/web/20061010161657/https://www.cs.princeton.edu/~jhalderm/papers/www2005.pdf
First, they require technical changes on the part of every site that uses them for authentication, something even Microsoft has lacked the clout to achieve on a widespread scale.
so basically i found my new favorite person about an hour ago
Second, users have been cautious about
placing so much trust and privacy-sensitive information under the control of a centralized system.
Many users (including those who should know better) fail to take adequate steps to protect their passwords. Often the cause is not a failure to understand that strong passwords are important, but rather frustration with the difficulty of doing the right thing. In our study we attempted to make
strong password management more convenient. Whereas previous schemes were lacking in either transportability for mobile users or security against brute force attacks, our design achieves a balance of the two by using password strengthening techniques. Our implementation, Password
Multiplier, is available on the web. We encourage novices and experts alike to try it.
One of Necula’s breakthrough achievements in formulating the notion of proof-carrying code was to axiomatize the system very concretely and at a very low level – that of individual machine instructions and memory locations. But we will argue that his specification is actually too abstract!
pissed off that this guy got an nsf young investigator award even if he's literally the most deserving ever cause that should be me
A program is just a sequence of integers (p0 , p1 , ..., pn−1) (that code for instructions and data) to be loaded at a start address start.
We have described how to specify the safety theorem that an untrusted program must satisfy. But how is such a theorem to be proved? Program verification is a difficult business, and we must take care not to get stuck in a quagmire. The solution is for the producer of the program to generate the code in a controlled way, by using special compilers.
SPECIAL COMPILERS
https://www.usenix.org/legacy/publications/library/proceedings/osdi96/kimbrel.html
All four algorithms signicantly outperform demand fetching, even when advance knowledge of the access sequence is used to make optimal replacement decisions in conjunction with demand fetching.
hell yeah macrokernel hypothesis was already found to be correct in 1996
The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of any supporting
organization or the U.S. Government.
omfg. this is the first paper listed on his site
A Highly Parallel Chess Program
