On the Feasibility of Fine-Grained TLS Security Configurations in Web Browsers Based on the Requested Domain Name

Most modern web browsers today sacrifice optimal TLS security for backward compatibility. They apply coarse-grained TLS configurations that support (by default) legacy versions of the protocol that have known design weaknesses, and weak ciphersuites that provide fewer security guarantees (e.g. non Forward Secrecy), and silently fall back to them if the server selects to. This introduces various risks including downgrade attacks such as the POODLE attack [15] that exploits the browsers silent fallback mechanism to downgrade the protocol version in order to exploit the legacy version flaws. To achieve a better balance between security and backward compatibility, we propose a mechanism for fine-grained TLS configurations in web browsers based on the sensitivity of the domain name in the HTTPS request using a whitelisting technique. That is, the browser enforces optimal TLS configurations for connections going to sensitive domains while enforcing default configurations for the rest of the connections. We demonstrate the feasibility of our proposal by implementing a proof-of-concept as a Firefox browser extension. We envision this mechanism as a built-in security feature in web browsers, e.g. a button similar to the \quotes{Bookmark} button in Firefox browsers and as a standardised HTTP header, to augment browsers security

ULAS J234311.93-005034.0: A gravitational lens system selected from UKIDSS and SDSS

We report the discovery of a new gravitational lens system. This object, ULAS J234311.93-005034.0, is the first to be selected by using the new UKIRT Infrared Deep Sky Survey (UKIDSS), together with the Sloan Digital Sky Survey (SDSS). The ULAS J234311.93-005034.0 system contains a quasar at redshift 0.788 which is doubly imaged, with separation 1.4". The two quasar images have the same redshift and similar, though not identical, spectra. The lensing galaxy is detected by subtracting point-spread functions from R-band images taken with the Keck telescope. The lensing galaxy can also be detected by subtracting the spectra of the A and B images, since more of the galaxy light is likely to be present in the latter. No redshift is determined from the galaxy, although the shape of its spectrum suggests a redshift of about 0.3. The object's lens status is secure, due to the identification of two objects with the same redshift together with a lensing galaxy. Our imaging suggests that the lens is found in a cluster environment, in which candidate arc-like structures, that require confirmation, are visible in the vicinity. Further discoveries of lenses from the UKIDSS survey are likely as part of this programme, due to the depth of UKIDSS and its generally good seeing conditions.Comment: Accepted by MNRA

Metric half-span model support system

A model support system used to support a model in a wind tunnel test section is described. The model comprises a metric, or measured, half-span supported by a nonmetric, or nonmeasured half-span which is connected to a sting support. Moments and forces acting on the metric half-span are measured without interference from the support system during a wind tunnel test

Characterizing droplet combustion of pure and multi-component liquid fuels in a microgravity environment

The importance of understanding the effects of fuel composition, length scales, and other parameters on the combustion of liquid fuels has motivated the examination of simple flames which have easily characterized flow fields and hence, the potential of being modeled accurately. One such flame for liquid fuel combustion is the spherically symmetric droplet flame which can be achieved in an environment with sufficiently low gravity (i.e., low buoyancy). To examine fundamental characteristics of spherically symmetric droplet combustion, a drop tower facility has been employed to provide a microgravity environment to study droplet combustion. This paper gives a brief review of results obtained over the past three years under NASA sponsorship (grant NAG3-987)

Computer program to determine pressure distributions and forces on blunt bodies of revolution

Program was written to include integration of surface pressure in order to obtain axial-force, normal-force, and pitching-moment coefficients. Program was written in CDC FORTRAN for the CDC-6600 computer system