Andrew Patrick

Here are some upcoming events that you might be interested in.

• Presenter: Privacy & Information Security Congress 2011, November 28-29, 2011, Ottawa. I will be presenting about privacy and location-based services.
• Attending: Financial Cryptography and Data Security 2012. February 27 – March 2, 2012, Bonaire.
  Financial Cryptography and Data Security is a major international forum for research, advanced development, education, exploration, and debate regarding information assurance, with a specific focus on commercial contexts. The conference covers all aspects of securing transactions and systems. Original works focusing on both fundamental and applied real-world deployments on all aspects surrounding commerce security are solicited.
• Program Committee: Workshop on Usable Security. March 2, 2012. Part of Financial Cryptography and Data Security 2012, Bonaire.
• Of Interest: Workshop on Ethics in Computer Security Research. March 2, 2012. Part of Financial Cryptography and Data Security 2012, Bonaire.
• Program Committee: Symposium on Usable Privacy and Security (SOUPS 2012). July 11-13, 2012, Washington, DC. This symposium will bring together an interdisciplinary group of researchers and practitioners in human computer interaction, security, and privacy. The program features technical papers, workshops and tutorials, a poster session, panels and invited talks, and discussion sessions.

Planning for the 2011 Financial Cryptography and Data Security conference (commonly known as FC) is coming along nicely.

There is a great collection of accepted papers covering a variety of interesting topics, including: exposure of personal data, privacy risks of location-based services, private information retrieval, e-Banking, botnets, web security, Internet voting, EMV credit cards, password recovery, RFID, and many more…

There will also be workshops on: ethics in computer security research, authentication and authorization on the web, and real-life cryptographic protocols

FC11 will be held in St. Lucia at the Bay Gardens Beach Resort from Feb. 28 to March 4, 2011. Hotel rooms are only being held until Dec. 15, 2010 Dec. 30, 2010 so book your room now.

St. Lucia has two airports and travel arrangements can be easily made from all over the world.

See you in February!

photo by laihiu

David Barrera will be speaking on Usability and Security  of Android, Google’s Open Source Smartphone System

Date: Tuesday November 16, 2010
Time: 6:00pm
Place: TheCodeFactory, 246 Queen St., Ottawa
See http://www.capchi.org/events

The adoption of Android-based smartphones is growing at a rapid pace (nearly 200,000 activations per day) which has placed Google among the top smartphone system vendors worldwide. Despite Android’s open source nature, there are a number of security and usability issues that have yet to be addressed. This talk will cover issues related to security prompts and notices on the device, permission granting, smudge attacks and application security. We will discuss how these issues affect other platforms as well, including Apple iOS, Blackberry, and Symbian.

David Barrera is a 1st year Ph.D. student in Computer Science at Carleton University under the direction of Paul Van Oorschot. His research interests include smartphone and mobile OS security, data visualization, network security and IPv6.

TRUST2011 is scheduled for June and the Call for Papers is out. I am on the program committee for the socio-economic strand and papers are due February 15, 2011.

TRUST 2011 is an international conference on the technical and soci-economic aspects of trustworthy infrastructures. It provides an excellent interdisciplinary forum for researchers, practitioners, and decision makers to explore new ideas and discuss experiences in building, designing, using and understanding trustworthy computing systems.

The Call for Papers for SOUPS 2011 is now out. It is my pleasure to be on the program committee again.

The symposium will bring together an interdisciplinary group of researchers and practitioners in human computer interaction, security, and privacy. The program will feature technical papers, a poster session, panels and invited talks, discussion sessions, and in-depth sessions (workshops and tutorials). This year SOUPS will be held in Pittsburgh, PA.

Papers are due March 11, 2011.

Ottawa people involved in human-computer might be interested in this…

Do you have a cool idea to mash up some data about Ottawa? Well, the city is running an apps development contest, and the main judging criteria are right up our alley: usefulness, inventiveness, usability, and accessibility.

via CapCHI » Apps4Ottawa: Build a cool app for your city.

The 2nd Workshop on Ethics in Computer Security Research is calling for papers. The workshop will take place March 4, 2011 on the beautiful island of St. Lucia as part of the Financial Cryptography and Data Security conference.

I attended the workshop last year and it was very interesting. Papers are due October 15, 2010.

This workshop solicits submissions describing or suggesting ethical and responsible conduct in computer security research. While we focus on setting standards and sharing prior experiences and experiments in computer security research, successful or not, we tap into research behavior in network security, computer security, applied cryptography, privacy, anonymity, and security economics.

Today I am launching NetSafetyGuide.com, an ad-supported site offering practical, up-to-date news and tips about Internet safety and security.

I believe that there is very little down-to-earth, practical information available for individuals and small businesses who want to stay secure on the Internet, but don’t know how to do it. My intention with this site is to provide current, direct advice and news that people will find useful.

Drop by and check it out.

As part of the Financial Cryptography and Data Security Conference to be held in January 21010 in Tenerife, there will be a workshop on ethics in computer security research. This is an important topic since conducting ecologically valid research is often at odds with adhering to ethical principles. In particular, security research can sometimes involve having people taking risks, with their systems and personal information, and/or involve the use of deception, where people may not be informed of the true purpose of a study. This should be an interesting workshop.

WECSR 2010 CFP

Computer security often leads to discovering interesting new problems and challenges. The challenge still remains to follow a path acceptable for Institutional Review Boards at academic institutions, as well as compatible with ethical guidelines for professional societies or government institutions. However, no exact guidelines exist for computer security research yet. This workshop will bring together computer security researchers, practitioners, policy makers, and legal experts.

A must-see attraction for ultra-geeks visiting Silicon Valley is the Computer History Museum.

Two notable reactions: it is amazing how much computing technology has changed in such a short time; and it was amazing (and perhaps sad) how many of these old computers I have used.

This is one museum where your kids would be bored silly, but old geeks will be happy.

Computer History Museum