Ghost trace on the wire? Using key evidence for informed decisions

Modern smartphone messaging apps now use end-to-end encryption to provide authenticity, integrity and confidentiality. Consequently, the preferred strategy for wiretapping such apps is to insert a ghost user by compromising the platform's public key infrastructure. The use of warning messages alone is not a good defence against a ghost user attack since users change smartphones, and therefore keys, regularly, leading to a multitude of warning messages which are overwhelmingly false positives. Consequently, these false positives discourage users from viewing warning messages as evidence of a ghost user attack. To address this problem, we propose collecting evidence from a variety of sources, including direct communication between smartphones over local networks and CONIKS, to reduce the number of false positives and increase confidence in key validity. When there is enough confidence to suggest a ghost user attack has taken place, we can then supply the user with evidence to help them make a more informed decision

Replacing home visits with telephone calls to support parents implementing a sleep management intervention : findings from a pilot study and implications for future research

Background - Resource constraints may inhibit the provision of appropriate interventions for children with neurodisabilities presenting with behavioural sleep problems. Telephone calls (TC), as opposed to home visits (HV), may be a more resource efficient means of supporting these families. Objective - To conduct a preliminary investigation exploring the feasibility and acceptability of replacing HV with TC to support parents implementing sleep management strategies and to gather evidence to inform the design and methods of a full trial. Methods - Parents referred to a sleep management intervention routinely delivered by a community paediatric team were alternately allocated to receive implementation support via HV (n = 7) or TC (n = 8). Activity logs recorded the frequency, duration and mode of support. Parents and practitioners were interviewed about their experiences of receiving/delivering the intervention. Results - Intervention drop-out was low, the frequency, number of contacts and intervention duration appeared comparable. Parents allocated TC received less contact time. Parents valued implementation support irrespective of delivery mode and practitioners reported that despite initial reservations, implementation support via TC appeared to work well. Conclusions - TC appears an acceptable and convenient mode of delivering sleep support, valued by both parents and practitioners. We recommend a full-scale trial to investigate effectiveness

1000 days of UDP amplification DDoS attacks

Distributed Denial of Service (DDoS) attacks employing reflected UDP amplification are regularly used to disrupt networks and systems. The amplification allows one rented server to generate significant volumes of data, while the reflection hides the identity of the attacker. Consequently this is an attractive, low risk, strategy for criminals bent on vandalism and extortion. To measure the uptake of this strategy we analyse the results of running a network of honeypot UDP reflectors (median size 65 nodes) from July 2014 onwards. We explore the life cycle of attacks that use our reflectors, from the scanning phase used to detect our honeypot machines, through to their use in attacks. We see a median of 1450 malicious scanners per day across all UDP protocols, and have recorded details of 5.18 million subsequent attacks involving in excess of 3.31 trillion packets. Using a capture-recapture statistical technique, we estimate that our reflectors can see between 85.1% and 96.6% of UDP reflection attacks over our measurement period.We are extremely grateful to the organisations and individuals who have hosted Hopscotch nodes, and in particular the ShadowServer Foundation and Digital Ocean Inc. Daniel R. Thomas is supported by a grant from ThreatSTOP Inc. Richard Clayton is supported by the Department of Homeland Security (DHS) Science and Technology Directorate, Cyber Security Division (DHSS\&T/CSD) Broad Agency Announcement 11.02, the Government of Australia and SPAWAR Systems Center Pacific [contract number N66001-13-C-0131]; and the EPSRC [grant number EP/M020320/1]. Alastair R. Beresford is partly supported by the EPSRC [grant number EP/M020320/1]. The opinions, findings, and conclusions or recommendations expressed are those of the authors and do not necessarily reflect those of any of the funders

Security metrics for the Android ecosystem

© 2015 ACM. The security of Android depends on the timely delivery of updates to fix critical vulnerabilities. In this paper we map the complex network of players in the Android ecosystem who must collaborate to provide updates, and determine that inaction by some manufacturers and network operators means many handsets are vulnerable to critical vulnerabil- ities. We define the FUM security metric to rank the per- formance of device manufacturers and network operators, based on their provision of updates and exposure to critical vulnerabilities. Using a corpus of 20 400 devices we show that there is significant variability in the timely delivery of security updates across different device manufacturers and network operators. This provides a comparison point for purchasers and regulators to determine which device man- ufacturers and network operators provide security updates and which do not. We find that on average 87.7% of An- droid devices are exposed to at least one of 11 known critical vulnerabilities and, across the ecosystem as a whole, assign a FUM security score of 2.87 out of 10. In our data, Nexus devices do considerably better than average with a score of 5.17; and LG is the best manufacturer with a score of 3.97

Incentivising software updates

Internet of Things devices will need software updates to fix the security vulnerabilities that are found after they are sold. Even when using development practices that make producing updates easy, there is still a cost to doing so. Hence, incentives to provide updates are required. This incentive can only be provided by monitoring the relative performance of different companies at supplying software updates to their customers

CAGE

Peer Reviewedhttp://deepblue.lib.umich.edu/bitstream/2027.42/28986/1/0000013.pd

Effect of galactose metabolising and non-metabolising strains of Streptococcus thermophilus as a starter culture adjunct on the properties of Cheddar cheese made with low or high pH at whey drainage

Cheddar cheese was made using control culture (Lactococcus lactis subsp. lactis), or with control culture plus a galactose-metabolising (Gal+) or galactose-non-metabolising (Gal-) Streptococcus thermophilus adjunct; for each culture type, the pH at whey drainage was either low (pH 6.15) or high (pH 6.45). Sc. thermophilus affected the levels of residual lactose and galactose, and the volatile compound profile and sensory properties of the mature cheese (270 d) to an extent dependent on the drain pH and phenotype (Gal+ or Gal-). For all culture systems, reducing drain pH resulted in lower levels of moisture and lactic acid, a higher concentration of free amino acids, and higher firmness. The results indicate that Sc. thermophilus may be used to diversify the sensory properties of Cheddar cheese, for example from a fruity buttery odour and creamy flavour to a more acid taste, rancid odour, and a sweaty cheese flavour at high drain pH

Service user involvement in giving mental health students feedback on placement: a participatory action research study

Background Although the drive to engage service users in service delivery, research and education has mainstream acceptance, it is not easy to achieve meaningful involvement. The contribution that could potentially be made by users whilst accessing services is often overlooked. Objectives and Participants This study involved stakeholders (mentors, service users and a lecturer) working together to design, evaluate and refine a system enabling students to seek feedback from service users. The feedback concerned mental health students’ interpersonal skills and occurred whilst on practice placement. This research aimed to explore the experiences of those concerned when nine students attempted to learn from rather than about service users. Design A 2-year study, encompassing five cycles of participatory action research (PAR). Setting A small island community in the British Isles, adopting UK standards for pre-registration nurse education. Methods Data came from interviews with service users and mentors and a series of reflective group discussions with students who volunteered to try out the feedback mechanism. The deliberations of the PAR stakeholder group informed the research cycles and added to the data, which were subject to thematic analysis. Findings Findings indicated that service users volunteering to give feedback had unanimously positive experiences. Students’ experience lay on a continuum: those with a stronger sense of self were more willing and able to ask for feedback than less confident students. Cultural adjustment to the role change needed was challenging, requiring self-awareness and courage. Over time, all students achieved deep learning and, for some, learning appeared transformative. Conclusion Although contextual, the study concluded that the feedback initiative encouraged the development of more equitable relationships, in which mental health nurses respected the expertise of service users. This potentially benefits student development, recovery-orientated practice, service users and HEIs searching for meaningful ways to involve service users in learning and formative assessment