Web Vulnerability Study of Online Pharmacy Sites

Consumers are increasingly using online pharmacies, but these sites may not provide an adequate level of security with the consumers’ personal data. There is a gap in this research addressing the problems of security vulnerabilities in this industry. The objective is to identify the level of web application security vulnerabilities in online pharmacies and the common types of flaws, thus expanding on prior studies. Technical, managerial and legal recommendations on how to mitigate security issues are presented. The proposed four-step method first consists of choosing an online testing tool. The next steps involve choosing a list of 60 online pharmacy sites to test, and then running the software analysis to compile a list of flaws. Finally, an in-depth analysis is performed on the types of web application vulnerabilities. The majority of sites had serious vulnerabilities, with the majority of flaws being cross-site scripting or old versions of software that have not been updated. A method is proposed for the securing of web pharmacy sites, using a multi-phased approach of technical and managerial techniques together with a thorough understanding of national legal requirements for securing systems

Tracking Users across the Web via TLS Session Resumption

User tracking on the Internet can come in various forms, e.g., via cookies or by fingerprinting web browsers. A technique that got less attention so far is user tracking based on TLS and specifically based on the TLS session resumption mechanism. To the best of our knowledge, we are the first that investigate the applicability of TLS session resumption for user tracking. For that, we evaluated the configuration of 48 popular browsers and one million of the most popular websites. Moreover, we present a so-called prolongation attack, which allows extending the tracking period beyond the lifetime of the session resumption mechanism. To show that under the observed browser configurations tracking via TLS session resumptions is feasible, we also looked into DNS data to understand the longest consecutive tracking period for a user by a particular website. Our results indicate that with the standard setting of the session resumption lifetime in many current browsers, the average user can be tracked for up to eight days. With a session resumption lifetime of seven days, as recommended upper limit in the draft for TLS version 1.3, 65% of all users in our dataset can be tracked permanently.Comment: 11 page

Unbundling in Current Broadband and Next-Generation Ultra-Broadband Access Networks

This article overviews the methods that are currently under investigation for implementing multi-operator open-access/shared-access techniques in next-generation access ultra-broadband architectures, starting from the traditional "unbundling-of-the-local-loop" techniques implemented in legacy twisted-pair digital subscriber line access networks. A straightforward replication of these copper-based unbundling-of-the-local-loop techniques is usually not feasible on next-generation access networks, including fiber-to-the-home point-to-multipoint passive optical networks. To investigate this issue, the article first gives a concise description of traditional copper-based unbundling-of-the-local-loop solutions, then focalizes on both next-generation access hybrid fiber-copper digital subscriber line fiber-to-the-cabinet scenarios and on fiber to the home by accounting for the mix of regulatory and technological reasons driving the next-generation access migration path, focusing mostly on the European situation. © 2014 Taylor and Francis Group, LLC

Exploring ethical issues associated with using online surveys in educational research

Online surveys are increasingly used in educational research, yet little attention has focused on ethical issues associated with their use in educational settings. Here, we draw on the broader literature to discuss 5 key ethical issues in the context of educational survey research: dual teacher/researcher roles; informed consent; use of incentives; privacy, anonymity, and confidentiality; and data quality. We illustrate methods of addressing these issues with our experiences conducing online surveys in educational contexts. Moving beyond the procedural ethics approach commonly adopted in quantitative educational research, we recommend adopting a situated/process ethics approach to identify and respond to ethical issues that may arise during the conduct, analysis, and reporting of online survey research. The benefits of online surveying in comparison to traditional survey methods are highlighted, including the potential for online surveys to provide ethically defensible methods of conducting research that would not be feasible in offline education research settings

Legal and Ethical Implications of Mobile Live-Streaming Video Apps

The introduction of mobile apps such as Meerkat, Periscope, and Facebook Live has sparked enthusiasm for live-streaming video. This study explores the legal and ethical implications of mobile live-streaming video apps through a review of public-policy considerations and the computing literature as well as analyses of a mix of quantitative and qualitative user data. We identify lines of research inquiry for five policy challenges and two areas of the literature in which the impact of these apps is so far unaddressed. The detailed data gathered from these inquiries will significantly contribute to the design and development of tools, signals or affordances to address the concerns that our study identifies. We hope our work will help shape the fields of ubiquitous computing and collaborative and social computing, jurisprudence, public policy and applied ethics in the future

Predicting tissue specific cis-regulatory modules in the human genome using pairs of co-occurring motifs

<p>Abstract</p> <p>Background</p> <p>Researchers seeking to unlock the genetic basis of human physiology and diseases have been studying gene transcription regulation. The temporal and spatial patterns of gene expression are controlled by mainly non-coding elements known as cis-regulatory modules (CRMs) and epigenetic factors. CRMs modulating related genes share the regulatory signature which consists of transcription factor (TF) binding sites (TFBSs). Identifying such CRMs is a challenging problem due to the prohibitive number of sequence sets that need to be analyzed.</p> <p>Results</p> <p>We formulated the challenge as a supervised classification problem even though experimentally validated CRMs were not required. Our efforts resulted in a software system named CrmMiner. The system mines for CRMs in the vicinity of related genes. CrmMiner requires two sets of sequences: a mixed set and a control set. Sequences in the vicinity of the related genes comprise the mixed set, whereas the control set includes random genomic sequences. CrmMiner assumes that a large percentage of the mixed set is made of background sequences that do not include CRMs. The system identifies pairs of closely located motifs representing vertebrate TFBSs that are enriched in the training mixed set consisting of 50% of the gene loci. In addition, CrmMiner selects a group of the enriched pairs to represent the tissue-specific regulatory signature. The mixed and the control sets are searched for candidate sequences that include any of the selected pairs. Next, an optimal Bayesian classifier is used to distinguish candidates found in the mixed set from their control counterparts. Our study proposes 62 tissue-specific regulatory signatures and putative CRMs for different human tissues and cell types. These signatures consist of assortments of ubiquitously expressed TFs and tissue-specific TFs. Under controlled settings, CrmMiner identified known CRMs in noisy sets up to 1:25 signal-to-noise ratio. CrmMiner was 21-75% more precise than a related CRM predictor. The sensitivity of the system to locate known human heart enhancers reached up to 83%. CrmMiner precision reached 82% while mining for CRMs specific to the human CD4⁺T cells. On several data sets, the system achieved 99% specificity.</p> <p>Conclusion</p> <p>These results suggest that CrmMiner predictions are accurate and likely to be tissue-specific CRMs. We expect that the predicted tissue-specific CRMs and the regulatory signatures broaden our knowledge of gene transcription regulation.</p

Signals in the Soil: An Introduction to Wireless Underground Communications

In this chapter, wireless underground (UG) communications are introduced. A detailed overview of WUC is given. A comprehensive review of research challenges in WUC is presented. The evolution of underground wireless is also discussed. Moreover, different component of UG communications is wireless. The WUC system architecture is explained with a detailed discussion of the anatomy of an underground mote. The examples of UG wireless communication systems are explored. Furthermore, the differences of UG wireless and over-the-air wireless are debated. Different types of wireless underground channel (e.g., In-Soil, Soil-to-Air, and Air-to-Soil) are reported as well

Urban Land and Housing Markets in the Punjab, Pakistan

Well-functioning urban land and housing markets are critical success factors for achieving robust economic growth. This paper provides an overview of urban land and housing market performance in Punjab Province of Pakistan. It describes the characteristics of well-functioning markets and argues that the Punjab's present markets are not performing. In fact, there exists a range of impediments to efficient urban land and housing market performance: excessive public land ownership, inadequate infrastructure services, weak property rights, counterproductive urban planning policies and regulations, costly subdivision and construction regulations, limited financing for property development and acquisition, rent controls, and distortive taxation mechanisms