[ISN] 5 cool new security research breakthroughs

http://www.networkworld.com/article/2466795/security0/5-cool-new-security-research-breakthroughs.html By Bob Brown NetworkWorld Aug 19, 2014 University and vendor researchers are congregating in San Diego this week at USENIX Security ’14 to share the latest findings in security and privacy, and here are 5 that jumped out to me as being particularly interesting. *On the Feasibility of Large-Scale Infections of iOS Devices Georgia Tech researchers acknowledge that large-scale iOS device infections have been few and far between, but they claim weaknesses in the iTunes syncing process, device provisioning process and file storage could leave iPhones, iPads and other Apple products vulnerable to attack via botnets. The bad guys could get to the iOS devices via a compromised computer, they say, to install attacker-signed apps and swipe personal info. The researchers came to their conclusion after examining DNS queries within known botnets. *XRay: Enhancing the Web’s Transparency with Differential Correlation Columbia University researchers introduce XRay, a tool designed to give web users more insight into which of their personal data is being used to target them with ads. The researchers will present at USENIX a prototype of XRay, which has already been posted online as an open source system for others to explore. Initially, the system can be used to explain targeting in Gmail ads, Amazon recommendations and YouTube video suggestions.“Today we have a problem: the web is not transparent. We see XRay as an important first step in exposing how websites are using your personal data,” says Assistant Professor of Computer Science Roxana Geambasu. […]