An Analysis of Modern Password Manager Security and Usage on Desktop and Mobile Devices

Security experts recommend password managers to help users generate, store, and enter strong, unique passwords. Prior research confirms that managers do help users move towards these objectives, but it also identified usability and security issues that had the potential to leak user data or prevent users from making full use of their manager. In this dissertation, I set out to measure to what extent modern managers have addressed these security issues on both desktop and mobile environments. Additionally, I have interviewed individuals to understand their password management behavior. I begin my analysis by conducting the first security evaluation of the full password manager lifecycle (generation, storage, and autofill) on desktop devices, including the creation and analysis of a corpus of 147 million generated passwords. My results show that a small percentage of generated passwords are weak against both online and offline attacks, and that attacks against autofill mechanisms are still possible in modern managers. Next, I present a comparative analysis of autofill frameworks on iOS and Android. I find that these frameworks fail to properly verify webpage security and identify a new class of phishing attacks enabled by incorrect handling of autofill within WebView controls hosted in apps. Finally, I interview users of third-party password managers to understand both how and why they use their managers as they do. I find evidence that many users leverage multiple password managers to address issues with existing managers, as well as provide explanations for why password reuse continues even in the presence of a password manager. Based on these results, I conclude with recommendations addressing the attacks and usability issues identified in this work

Linear Actuator System for the NASA Docking System

The Linear Actuator System (LAS) is a major sub-system within the NASA Docking System (NDS). The NDS Block 1 will be used on the Boeing Crew Space Transportation (CST-100) system to achieve docking with the International Space Station. Critical functions in the Soft Capture aspect of docking are performed by the LAS. This paper describes the general function of the LAS, the system's key requirements and technical challenges, and the development and qualification approach for the system

Multi-Axis Independent Electromechanical Load Control for Docking System Actuation Development and Verification Using dSPACE

The development of highly complex and advanced actuation systems to meet customer demands has accelerated as the use of real-time testing technology expands into multiple markets at Moog. Systems developed for the autonomous docking of human rated spacecraft to the International Space Station (ISS), envelope multi-operational characteristics which place unique constraints on an actuation system. Real-time testing hardware has been used as a platform for incremental testing and development for the linear actuation system which controls initial capture and docking for vehicles visiting the ISS. This presentation will outline the role of dSPACE hardware as a platform for rapid control-algorithm prototyping as well as an Electromechanical Actuator (EMA) system dynamic loading simulator, both conducted at Moog to develop the safety critical Linear Actuator System (LAS) of the NASA Docking System (NDS)

CANDELS: The Cosmic Assembly Near-infrared Deep Extragalactic Legacy Survey

The Cosmic Assembly Near-infrared Deep Extragalactic Legacy Survey (CANDELS) is designed to document the first third of galactic evolution, over the approximate redshift (z) range 8--1.5. It will image >250,000 distant galaxies using three separate cameras on the Hubble Space Telescope, from the mid-ultraviolet to the near-infrared, and will find and measure Type Ia supernovae at z>1.5 to test their accuracy as standardizable candles for cosmology. Five premier multi-wavelength sky regions are selected, each with extensive ancillary data. The use of five widely separated fields mitigates cosmic variance and yields statistically robust and complete samples of galaxies down to a stellar mass of 10^9 M_\odot to z \approx 2, reaching the knee of the ultraviolet luminosity function (UVLF) of galaxies to z \approx 8. The survey covers approximately 800 arcmin^2 and is divided into two parts. The CANDELS/Deep survey (5\sigma\ point-source limit H=27.7 mag) covers \sim 125 arcmin^2 within GOODS-N and GOODS-S. The CANDELS/Wide survey includes GOODS and three additional fields (EGS, COSMOS, and UDS) and covers the full area to a 5\sigma\ point-source limit of H \gtrsim 27.0 mag. Together with the Hubble Ultra Deep Fields, the strategy creates a three-tiered "wedding cake" approach that has proven efficient for extragalactic surveys. Data from the survey are nonproprietary and are useful for a wide variety of science investigations. In this paper, we describe the basic motivations for the survey, the CANDELS team science goals and the resulting observational requirements, the field selection and geometry, and the observing design. The Hubble data processing and products are described in a companion paper.Comment: Submitted to Astrophysical Journal Supplement Series; Revised version, subsequent to referee repor

CANDELS: The Cosmic Assembly Near-infrared Deep Extragalactic Legacy Survey - The Hubble Space Telescope Observations, Imaging Data Products and Mosaics

This paper describes the Hubble Space Telescope imaging data products and data reduction procedures for the Cosmic Assembly Near-IR Deep Extragalactic Legacy Survey (CANDELS). This survey is designed to document the evolution of galaxies and black holes at $z\sim1.5-8$, and to study Type Ia SNe beyond $z>1.5$. Five premier multi-wavelength sky regions are selected, each with extensive multiwavelength observations. The primary CANDELS data consist of imaging obtained in the Wide Field Camera 3 / infrared channel (WFC3/IR) and UVIS channel, along with the Advanced Camera for Surveys (ACS). The CANDELS/Deep survey covers \sim125 square arcminutes within GOODS-N and GOODS-S, while the remainder consists of the CANDELS/Wide survey, achieving a total of \sim800 square arcminutes across GOODS and three additional fields (EGS, COSMOS, and UDS). We summarize the observational aspects of the survey as motivated by the scientific goals and present a detailed description of the data reduction procedures and products from the survey. Our data reduction methods utilize the most up to date calibration files and image combination procedures. We have paid special attention to correcting a range of instrumental effects, including CTE degradation for ACS, removal of electronic bias-striping present in ACS data after SM4, and persistence effects and other artifacts in WFC3/IR. For each field, we release mosaics for individual epochs and eventual mosaics containing data from all epochs combined, to facilitate photometric variability studies and the deepest possible photometry. A more detailed overview of the science goals and observational design of the survey are presented in a companion paper.Comment: 39 pages, 25 figure