请输入您要查询的百科知识:

 

词条 Justin Cappos
释义

  1. Education and early research initiatives

  2. Compromise-resilient strategies

  3. Other significant research projects

  4. References

  5. External links

     Selected publications  Media citations and commentary 
{{Infobox scientist
| name = Justin Cappos
| image =
| image_size =
| alt =
| caption =
| birth_date = {{Birth date and age|1977|02|27}}
| birth_place =
| death_date =
| death_place =
| residence = New York, United States
| citizenship =
| nationality = American
| fields = Security, operating systems, networks
| workplaces =
| alma_mater = University of Arizona
| thesis_title =
| thesis_url =
| thesis_year = 2008
| doctoral_advisor = John Hartman
| doctoral_students =
| Religion =
| known_for =
| awards =
| signature =
| signature_alt =
| website = {{URL|http://engineering.nyu.edu/people/justin-cappos}}
{{URL|https://ssl.engineering.nyu.edu/personalpages/jcappos/}}
| footnotes =
| spouse =
| children =
}}Justin Cappos (born February 27, 1977) is a computer scientist and cybersecurity expert whose data-security software has been adopted by a number of widely used open-source projects. His research centers on software update systems, security, and virtualization, with a focus on real-world security problems. [1][2][3]

Cappos has been a faculty member at New York University Tandon School of Engineering since 2011, and was awarded tenure in 2017. Now an associate professor in the Department of Computer Science and Engineering, he has introduced a number of new software products and system protocols as head of the school's [https://ssl.engineering.nyu.edu/ Secure Systems Laboratory]. These include technologies that detect and isolate security faults,[4] secure private data,[5]provide a secure mechanism for fixing software flaws in different contexts,[6] and even foster a deeper understanding about how to help programmers avoid security flaws in the first place.[7]

Recognizing the practical impact of his work, Popular Science selected Cappos as one of its Brilliant 10 in 2013,[8] naming him as one of 10 brilliant scientists under 40. His awareness of the risks of today's connected culture—a knowledge strong enough to keep him from owning a smartphone or other connected device, or from using social media like Facebook and Twitter—has led to numerous requests to serve as an expert commentator on issues of cyber security and privacy for local, national, and international media.

Education and early research initiatives

The topic of Cappos' Ph.D. dissertation at the University of Arizona was the Stork Project,[9] a software package manager he built with John H. Hartman, a professor in the Department of Computer Science. Stork is still used today in some applications, but, more importantly, the project called attention to the need for improved security for software update processes, a research area Cappos has continued to pursue.

While a post-doctoral researcher at the University of Washington in 2009, Cappos also developed a peer-to-peer computing platform called Seattle,[10][11] which allows device-to-device connectivity in a decentralized network. Seattle is currently used by thousands of developers, who can access, download, and use the program on any type of smart device. In addition, spin-off technologies, such as Sensibility Testbed,[12] have extended the use of Seattle's security and enforced privacy protection strategies, allowing researchers to collect data from sensors at no risk to the privacy of the device owner.

Compromise-resilient strategies

In 2010, Cappos developed The Update Framework (TUF),[13][14] a flexible software framework that builds system resilience against key compromises and other attacks that can threaten the integrity of a repository.[15][16] TUF was designed for easy integration into the native programming languages of existing update systems, and since its inception, it has been adopted or is in the process of being integrated by a number of high-profile open-source projects. One of the more significant earlier adoptions was Docker Content Trust, [17][18]an implementation of the Notary project from Docker that deploys Linux containers. [19]Notary, which is built on TUF, can both certify the validity of the sources of Docker images, and encrypt the contents of those images.[20] In October 2017, Notary and TUF were both adopted as hosted projects by the Linux Foundation as part of its Cloud Native Computing Foundation.[21][22]

TUF has also been standardized in Python,[23][24] and been independently implemented in the Go language by Flynn, an open-source platform as a service (PaaS) for running applications in production.[25][26][27] As of early 2018, the list of tech companies and organizations using TUF in production include DigitalOcean,[28]

LEAP,[29] Kolide,[30]

Cloudflare,[31] and VMware[32].

Another significant compromise-resilient software update framework by Cappos is the 2017 launch of a TUF-adapted technology called Uptane.[33][34][35] Uptane is designed to secure software updates for automobiles, particularly those delivered via over-the-air programming.[36][37][38] Developed in partnership with the University of Michigan Transportation Research Institute and the Southwest Research Institute, and in collaboration with stakeholders in industry, academia, and government, Uptane modifies the TUF design to meet the specific security needs of the automotive industry. These needs include accommodating computing units that vary greatly in terms of memory, storage capability, and access to the Internet, while preserving the customizability manufacturers need to design cars for specific client usage.[39] To date, Uptane has been integrated into OTA Plus and ATS Garage, two over-the-air software update products from Advanced Telematic Systems, and is a key security component of the OTAmatic program created by Airbiquity.[40][41]. The Airbiquity project was honored with a BIG Award for Business in the 2017 New Product Category in January 2018, and Popular Science magazine named Uptane one of the top 100 inventions for 2017.[42]

Other significant research projects

In 2014 Cappos developed PolyPasswordHasher,[43] a secure scheme that interrelates stored password data, forcing hackers to crack passwords in sets.[44][45] By making it significantly harder for attackers to figure out the necessary threshold of passwords needed to gain access, PolyPasswordHasher-enabled databases become very difficult to breach. PPH is currently used in several projects, including the Seattle Clearinghouse and BioBank. Implementations are available for seven languages, including Java,[46] Python,[47] C,[48] and Ruby.[49]

In 2016, Cappos introduced in-toto,[50] an open metadata standard that provides documentation of the end-to-end security of a software supply chain. The framework gathers both key information and signatures from all who can access a piece of software through the various stages of coding, testing, building and packaging, thus making transparent all the steps that were performed, by whom and in what order. By creating accountability, in-toto can prevent attackers from either directly introducing malicious changes into the code, or from altering the metadata that keeps the record of those changes along the supply chain.[51]

While working on in-toto, Cappos and the SSL research group identified metadata manipulation as a new threat against Version Control Systems like Git. His team has developed several new approaches to address this problem, including a defense scheme that mitigates these attacks by maintaining a cryptographically-signed log of relevant developer actions.[52] By documenting the state of the repository at a particular time when an action is taken, developers are given a shared history, so irregularities are easily detected. One recent accomplishment in this research arena is Arch Linux integrating a patch to check for invalid tags in git into the next release of its pacman utility.[53] More recently, Cappos and his collaborators have focused on development of a browser extension that can ensure users of convenient web-based hosting services, such as GitHub or GitLab, that the server will faithfully carry out their requested actions.

References

1. ^{{cite book|title=A Look in the Mirror: Attacks on Package Managers|last1=Cappos|first1=Justin|last2=Samuel|first2=Justin|last3=Baker|first3=Scott|last4=Hartman|first4=John H.|date=1 January 2008|publisher=ACM|pages=565–574|doi=10.1145/1455770.1455841|chapter = A look in the mirror|isbn = 9781595938107}}
2. ^{{cite book|chapter-url=http://ieeexplore.ieee.org/document/6798970/?arnumber=6798970&tag=1|chapter=BlurSense: Dynamic fine-grained access control for smartphone privacy|first1=J.|title=2014 IEEE Sensors Applications Symposium (SAS)|last1=Cappos|first2=L.|last2=Wang|first3=R.|last3=Weiss|first4=Y.|last4=Yang|first5=Y.|last5=Zhuang|date=1 February 2014|pages=329–332|via=IEEE Xplore|doi=10.1109/SAS.2014.6798970|isbn=978-1-4799-2179-9}}
3. ^{{cite journal|url=https://www.usenix.org/conference/nsdi16/technical-sessions/presentation/kuppusamy|title=Diplomat: Using Delegations to Protect Community Repositories|first1=Trishank Karthik|last1=Kuppusamy|first2=Santiago|last2=Torres-Arias|first3=Vladimir|last3=Diaz|first4=Justin|last4=Cappos|date=March 2016|publisher=Usenix|pages=567–581}}
4. ^{{cite web|url=http://www.usenix.org/system/files/conference/atc17/atc17-li_yiwen.pdf|title=Lock-in-Pop:Securing Privileged Operating System Kernels by Keeping on the Beaten Path|first1=Yiwen|last1=Li|first2=Brendan |last2=Dolan-Gavitt|first3=Sam|last3=Weber|first4=Justin |last4=Cappos|date=2017|publisher=USENIX Association|pages=1–13}}
5. ^{{cite web|url= http://www.cs.uccs.edu/~yzhuang/CS4930_5930/spring2018/slides/hotmobile18.pdf|title=Sensibility Testbed: Automated IRB Policy Enforcement in Mobile Research Apps|last1=Zhuang|first1=Yanyan|last2=Rafetseder|first2=Albert|last3=Hu|first3=Yu|last4=Tian|first4=Yuan|last5=Cappos|first5=Justin|date=2018|publisher=ACM}}
6. ^{{cite web|url=https://www.usenix.org/conference/atc17/technical-sessions/presentation/kuppusamy |title=Mercury: Bandwidth-Effective Prevention of Rollback Attacks Against Community Repositories|first1=Trishank|last1=Kuppusamy|first2=Vladimir|last2=Diaz|first3=Justin|last3=Cappos|date=2017|publisher=USENIX Association |pages=673–688}}
7. ^{{cite book|chapter=Understanding Misunderstandings in Source Code|first1=Dan|title = Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering - ESEC/FSE 2017|last1=Gopstein|first2=Jake|last2=Iannacone|first3=Yu|last3=Yan|first4=Lois|last4=DeLong|first5=Yanyan|last5=Zhuang|first6=Martin K.-C.|last6=Yeh|first7=Justin|last7=Cappos|date= 2017|publisher=ACM|pages=129–139|doi=10.1145/3106237.3106264|isbn = 9781450351058}}
8. ^{{cite web|last1=Greenwood|first1=Veronique|title=How Justin Cappos Created A New Way To Cloud Compute|url=http://www.popsci.com/science/article/2013-09/justin-cappos|website=www.Popsci.com|publisher=Popular Science|accessdate=1 October 2016}}
9. ^{{cite journal|last1=Cappos|first1=Justin|title=Stork: Package Management for Distributed VM Environments|website=www.usenix.org|date=11 November 2007|pages=79–94|url=https://www.usenix.org/legacy/event/lisa07/tech/full_papers/cappos/cappos_html/|accessdate=1 October 2016}}
10. ^{{cite book|title=Seattle: A Platform for Educational Cloud Computing|first1=Justin|last1=Cappos|first2=Ivan|last2=Beschastnikh|first3=Arvind|last3=Krishnamurthy|first4=Tom|last4=Anderson|date=1 January 2009|publisher=ACM|pages=111–115|doi=10.1145/1508865.1508905|chapter = Seattle|isbn = 9781605581835}}
11. ^{{cite web|last1=Cappos|first1=Justin|title=NSF Award Search: Award#1205415 - CI-ADDO-EN: Enhancing and Supporting a Community Testbed|url=https://www.nsf.gov/awardsearch/showAward?AWD_ID=1205415|website=www.nsf.gov|publisher=National Science Foundation|accessdate=1 October 2016}}
12. ^{{cite web|title=Sensibility Testbed.com| url=https://sensibilitytestbed.com/projects/project|accessdate=19 October 2017}}
13. ^{{cite web|last1=Cappos|first1=Justin|title=NSF Award Search: Award#1345049 – TTP: Securing Python Package Management with The Update Framework (TUF)|url=https://www.nsf.gov/awardsearch/showAward?AWD_ID=1345049&HistoricalAwards=false|website=www.nsf.gov|accessdate=2 October 2016}}
14. ^{{cite web|url=https://justinsamuel.com/papers/survivable-key-compromise-ccs2010.pdf|title=Survivable Key Compromise in Software Update Systems|last1=Samuel|first1=Justin|last2=Mathewson|first2=Nick|last3=Cappos|first3=Justin|last4=Dingledine|first4=Roger|publisher=ACM|pages=61–72|via=CCS 2010|accessdate=13 November 2017}}
15. ^{{cite web|last1=Li|first1=Ying|last2=Lawrence|first2=David|title=Presentation: When the going gets tough, get TUF going {{!}} PyCon 2016 in Portland, OR|url=https://us.pycon.org/2016/schedule/presentation/2187/|website=us.pycon.org|publisher=Python Software Foundation|accessdate=2 October 2016}}
16. ^{{cite web|last1=Seifried|first1=Kurt|title=TUF Love » Linux Magazine|url=http://www.linux-magazine.com/Issues/2014/160/Security-Lessons-TUF|website=Linux Magazine|publisher=Linux Pro Magazine|accessdate=3 October 2016}}
17. ^{{cite web|last1=Monica|first1=Diogo|title=Introducing Docker Content Trust – Docker Blog|url=https://blog.docker.com/2015/08/content-trust-docker-1-8/|website=Blog.Docker.com|publisher=Docker|accessdate=2 October 2016|date=12 August 2015}}
18. ^{{cite web|title=Docker Content Trust Protects Integrity of Dockerized Content|url=http://www.cioreview.com/news/docker-content-trust-protects-integrity-of-dockerized-content-nid-8372-cid-92.html|website=www.CIOReview.com|publisher=CIO Review|accessdate=2 October 2016}}
19. ^{{cite web|last1=Fulton III|first1=Scott M.|title=Docker: With Content Trust, You Can Run Containers on Untrusted Networks – The New Stack|url=http://thenewstack.io/docker-content-trust-can-run-containers-untrusted-networks/|website=TheNewStack.io|publisher=The New Stack|accessdate=3 October 2016|date=12 August 2015}}
20. ^{{cite web|last1=Vaughan-Nichols|first1=Steven J.|title=Docker 1.8 adds serious container security ZDNet|url=http://www.zdnet.com/article/docker-1-8-adds-serious-container-security/|website=ZDNet|publisher=CBS Interactive|accessdate=3 October 2016}}
21. ^{{cite web|url=https://thenewstack.io/cncf-brings-security-cloud-native-stack-notary-tuf-adoption/|title=CNCF Brings Security to the Cloud Native Stack with Notary, TUF Adoption|last1=Jackson|first1=Joab|publisher=The New Stack|date=24 October 2017}}
22. ^{{cite web|url=http://www.enterprisecloudnews.com/author.asp?section_id=571&doc_id=737560|title=Cloud Native Computing Foundation Adopts 2 Security Projects |last1=Ferguson|first1=Scott|publisher=Enterprise Cloud News|date=24 October 2017}}
23. ^{{cite web|title=PEP 458—Surviving a Compromise of PyPI|url=https://www.python.org/dev/peps/pep-0458/|last1=Kuppusamy|first1=Trishank Karthik|last2=Diaz|first2=Vladimir|last3=Stufft|first3=Donald|last4=Cappos|first4=Justin|date=27 September 2013|accessdate=2 April 2018}}
24. ^{{cite web|title=PEP 480—Surviving a Compromise of PyPI: The Maximum Security Model|url=https://www.python.org/dev/peps/pep-0480/|last1=Kuppusamy|first1=Trishank Karthik|last2=Diaz|first2=Vladimir|last3=Stufft|first3=Donald|last4=Cappos|first4=Justin|date=8 October 2014|accessdate=2 April 2018}}
25. ^{{cite web|last1=Yegulalp|first1=Serdar|title=Open source Flynn takes the headaches out of app deployment|url=http://www.infoworld.com/article/3101765/open-source-tools/open-source-flynn-takes-the-headaches-out-of-app-deployment.html|website=www.Infoworld.com|publisher=IDG|accessdate=3 October 2016}}
26. ^{{cite web|title=Security – Flynn|url=https://flynn.io/docs/security|website=flynn.io|accessdate=3 October 2016}}
27. ^{{cite web|title=flynn/go-tuf|url=https://github.com/flynn/go-tuf#install|website=www.github.com|publisher=GitHub, Inc.|accessdate=3 October 2016}}
28. ^{{cite web|title=digitalcoean.com|url=https://www.digitalocean.com/|accessdate=16 March 2018}}
29. ^{{cite web|title=New releases for a new year| url=https://leap.se/en/2014/darkest-night/|publisher=Leap Encryption Access Project|date=23 December 2014|accessdate=19 October 2017}}
30. ^{{cite web|title=Kolide Updater|url=https://github.com/kolide/updater/blob/master/README.md|accessdate=16 March 2018}}
31. ^{{cite web|title=A container identity bootstrapping tool|url=https://blog.cloudflare.com/pal-a-container-identity-bootstrapping-tool/|last1=Sullivan|first1=Nick|publisher=Cloudflare blog|date=3 July 2017|accessdate=16 March 2018}}
32. ^{{cite web|title=VMware websitel|url=https://www.vmware.com/ |accessdate=16 March 2018}}
33. ^{{cite web|last1=Detsch|first1=Jack|title=Are software updates key to stopping criminal car hacks?|url=http://www.csmonitor.com/World/Passcode/2017/0118/Are-software-updates-key-to-stopping-criminal-car-hacks|website=www.csmonitor.com|publisher=Christian Science Monitor|accessdate=20 February 2017|date=18 January 2017}}
34. ^{{cite web|last1=Mathews|first1=Lee|title=Uptane Will Protect Your Connected Car From Hackers|url=https://www.forbes.com/sites/leemathews/2017/01/19/uptane-will-protect-your-connected-car-from-hackers/|website=www.forbes.com|publisher=Forbes|accessdate=20 February 2017|date=19 January 2017}}
35. ^{{cite web|last1=Rowe|first1=Martin|title=Automotive ECU Updates: Keeping the Hackers Out|url=http://www.eetimes.com/document.asp?doc_id=1331232|website=www.eetimes.com|publisher=EE Times|accessdate=20 February 2017|date=23 January 2017}}
36. ^{{cite web|title=Remote Software Update: Future growth business|url=http://blog.ihs.com/remote-software-update%3A-future-growth-business|website=IHS Markit Automotive Blog|publisher=IHS.com|date=14 January 2015|accessdate=13 November 2017}}
37. ^{{cite web|title=Cybersecurity and recalls will mean over-the-air updates for 203M cars by 2022|url=https://www.computerworld.com/article/3044499/emerging-technology/cybersecurity-and-recalls-will-mean-over-the-air-updates-for-203m-cars-by-2022.html|publisher=Computerworld|last1=Merian|first1=Lucas|date=15 March 2016|accessdate=13 November 2017}}
38. ^{{cite web|title=Big Auto look to tech companies to fix cars over the air|url=https://www.reuters.com/article/us-autos-wireless/big-auto-look-to-tech-companies-to-fix-cars-over-the-air-idUSKCN0RT0BV20150929|publisher=Reuters|last1=Sage|first1=Alexandria|date=29 September 2017|accessdate=29 January 2018}}
39. ^{{cite web|url=https://ssl.engineering.nyu.edu/papers/kuppusamy_login_2017.pdf |title=Uptane: Securing Software Updates for Automobiles|last1=Kuppusamy|first1=Trishank Karthik|last2=Brown|first2=Akan |last3=Awwad|first3=Sebastien|last4=McCoy|first4=Damon|last5=Bielawski|first5=Russ|last6=Mott|first6=Cameron |last7=Lauzon|first7=Sam|last8=Weimerskirch|first8=Andre|last9=Cappos|first9=Justin|publisher=escar2016}}
40. ^{{cite web|url=https://article.wn.com/view/2017/06/13/ATS_is_Integrating_the_Uptane_Security_Framework_for_Overthe/|title=ATS is Integrating the Uptane Security Framework for Over-the-air Software Updates to Connected Vehicles|publisher=World News.com|date=13 June 2017}}
41. ^{{cite web|title=Airbiquity introduces OTAmatic for connected vehicle Over-The-Air (OTA) software updates and data management|url=https://www.airbiquity.com/jp/news-press/press-releases/airbiquity-introduces-otamatic-connected-vehicle-over-air-ota-software-updates-and-data-management|publisher=Airbiquity.com|date=18 May 2017|accessdate=16 March 2018}}
42. ^{{cite web|url=https://www.popsci.com/top-security-innovations-2017| title=The Year's Most Important Innovations in Security|last1=Atherton|first1=Kelsey D.|last2=Feltman|first2=Rachel|publisher=Popular Science|date=17 October 2017}}
43. ^{{cite web|title=PolyPasswordHasher website|url=https://polypasswordhasher.github.io/PolyPasswordHasher/|publisher=Secure Systems Lab at NYU|accessdate=19 October 2017}}
44. ^{{cite web|last1=Prince|first1=Brian|title=New Protection Scheme Makes Weak Passwords Virtually Uncrackable {{!}} SecurityWeek.Com|url=http://www.securityweek.com/new-protection-scheme-makes-weak-passwords-virtually-uncrackable|website=www.securityweek.com|publisher=Wired Business Media|accessdate=3 October 2016}}
45. ^{{cite web|title=Interview With NYU-Poly's Professor Justin Cappos: Security Lessons From Retail Breaches|url=https://blog.varonis.com/conversation-nyu-polys-professor-justin-cappos-data-security-lessons-tips-companies/|website=blog.varonis.com|publisher=Varonis Blog|accessdate=3 October 2016|date=6 January 2015}}
46. ^{{cite web|title=PolyPasswordHasher-Java implementation|url=https://github.com/PolyPasswordHasher/PolyPasswordHasher-Java/|publisher=Secure Systems Lab at NYU|accessdate=19 October 2017}}
47. ^{{cite web|title=PolyPasswordHasher/python-reference-implementation |url=https://github.com/PolyPasswordHasher/PolyPasswordHasher/tree/master/python-reference-implementation/|publisher=Secure Systems Lab at NYU|accessdate=19 October 2017}}
48. ^{{cite web|title=PolyPasswordHasher-C|url=https://github.com/PolyPasswordHasher/PolyPasswordHasher-C/|publisher=Secure Systems Lab at NYU|accessdate=19 October 2017}}
49. ^{{cite web|title=PolyPasswordHasher/PolyPasswordHasher-Ruby/|url=https://github.com/PolyPasswordHasher/PolyPasswordHasher-Ruby/|publisher=Secure Systems Lab at NYU|accessdate=19 October 2017}}
50. ^{{cite web|title=in-toto website| url=https://in-toto.github.io/|accessdate=19 October 2017}}
51. ^{{cite web|title=in-toto Specification|url=https://github.com/in-toto/docs/blob/v0.9/in-toto-spec.pdf|date=11 April 2017|accessdate=6 April 2018}}
52. ^{{cite web|title=On omitting commits and committing omissions: Preventing git metadata tampering that (re)introduces software vulnerabilities|url=https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_torres-arias.pdf|last1=Torres-Arias|first1=Santiago|last2= Ammula l|first2=Anil Kumar|last3=Curtmola|first3=Reza|last4=Cappos|first4=Justin|publisher=25th USENIX Security Symposium Proceedings|pages=379–395}}
53. ^{{cite web|title=libmakepkg: check for invalid tags in git|url=https://git.archlinux.org/pacman.git/commit/?id=39319c1860d200a9b4a3cc2c6975e3cece502f2d|publisher=Arch Linux<|accessdate=13 September 2017}}

External links

  • [https://ssl.engineering.nyu.edu/personalpages/jcappos/ Prof. Justin Cappos], New York University profile page
  • Justin Cappos, New York University Tandon School of Engineering profile page
  • [https://ssl.engineering.nyu.edu/ Secure Systems Laboratory website]

Selected publications

  • [https://academic.microsoft.com/#/search?iq=%2540justin%2520cappos%2540&q=justin%20cappos&filters=&from=0&sort=0 List of Publications] from Microsoft Academic Search
  • [https://scholar.google.com/citations?user=COE6KUgAAAAJ&hl=en&oi=ao Justin Cappos' Publications] indexed by Google Scholar

Media citations and commentary

  • WLIW 21-PBS TV Long Island (26 March 2018). SciTech Now "Protecting today's highly computerized cars from hackers"
  • The Verge (14 Feb 2018). O'Kane, Sean. [https://www.theverge.com/2018/2/14/17013016/fiat-chrysler-ota-update-problem-jeep "Chrysler’s over-the-air update fiasco is limited to the Northeast, but customers are still waiting for a fix"]
  • WBRC Ch.6-TV (4 Jan 2018). Gauntt, Joshua. "Charging your phone in ride-sharing services, airports could put your information at risk"
  • Healthcare Analytics (29 Dec 2017) Steptoe, George. "The Worst Healthcare Cybersecurity Breaches of 2017"
  • IEEE CyberSecurity (4 Oct 2017). [https://cybersecurity.ieee.org/blog/2017/07/05/justin-cappos-on-why-cars-are-not-like-computers-when-it-comes-to-cybersecurity/ “Justin Cappos on why cars are not like computers when it comes to Cybersecurity”]
  • The Washington Post (11 July 2017) [https://www.washingtonpost.com/news/business/wp/2017/07/11/hackers-have-been-stealing-credit-card-numbers-from-trumps-hotels-for-months/ “Hackers have been stealing credit card numbers from Trump’s Hotels for Months”]
  • AdAge (27 June 2017) “Pay up or lose everything: What Madison Avenue should know about the WPP Ransom Attack”
  • KSTX-Texas Public Radio (21 June 2017) All Things Considered "Software Protecting Future Cars, Starting To Make Inroads"
  • Financial Times (14 June 2017). [https://www.ft.com/content/6214a7e0-510d-11e7-bfb8-997009366969 “Three US banks chiefs fall victim to email pranksters”]
  • Fox 5-TV News (23 May 2017) Toohey, Joe. "Can big data analysis swing a political election?"
  • Fox 5-TV News (15 May 2017) Chi’en, Arthur. "WannaCry malware exploited OS weakness to spread"
  • The Los Angeles Times (15 May 2017) Dave, Paresh and James F. Peltz. “WannaCry cyberattack: When a hack shuts down a hospital, who’s to blame”
  • BBC (4 May 2017) [https://www.bbc.com/news/business-39798022 “Google docs users hit by phishing scam”]
  • WBUR-NPR Boston (4 May 2017) On Point. "Phishing, Hacks And Better Online Security"
  • Reuters (3 May 2017) [https://www.reuters.com/article/us-cyber-alphabet/spam-campaign-targets-google-users-with-malicious-link-idUSKBN17Z2I6 “Spam campaign targets Google users with malicious link”]
  • Fox 5-TV News (25 Apr 2017) King, Mac. "You really should read an app's service terms"
  • Fox 5-TV News (30 March 2017). [https://vimeo.com/211720861 "Selling Your Online Search History"]
  • International Business Times (24 March 2017). “Is Privacy Real? The CIA is Jeopardizing America’s Digital Security”
  • WBUR-NPR Boston (17 March 2017), Here and Now, "Researchers Race To Develop Software To Prevent Car Hacking"
  • The Washington Post (10 March 2017). [https://www.washingtonpost.com/local/the-42-words-you-can-never-say-in-emails-to-the-dc-government/2017/03/10/84904516-fecb-11e6-be8b-3578bc1ed64e_story.html “The 42 words you can never say in emails to the D.C. government”]
  • WNBC-TV New York (9 March 2017). “WikiLeaks to Help Shield Tech Firms From CIA's Hacking Tools”
  • Fox 5-TV News (7 March 2017). Publishes 1000s of CIA Cyber-espionage Documents"
  • Mic (3 March 2017). [https://mic.com/articles/170243/mike-pence-email-hack-how-the-vp-s-private-email-debacle-compares-to-hillary-clinton-s#.je2q4SJjF“Mike Pence Email Hack: How the VPs private email debacle compares to Hillary Clinton’s”]
  • KSTX- Texas Public Radio (26 January 2017), Here and Now. Future Car May Be Protected From Hacking By Software Developed In San Antonio"
  • Forbes (19 January 2017). [https://www.forbes.com/sites/.../uptane-will-protect-your-connected-car-from-hackers/ “Uptane will protect your connected car from hackers”]
  • Reuters Live on Facebook (18 January 2017). [https://www.facebook.com/Reuters/videos/1364617036891982/ “How Uptane can Protect Your Car from Hackers”]
  • WWL AM 870 / FM 105.3 (9 January 2017). "How Did the Russian Hacks Happen?"
  • Fox 5-TV News (18 November 2016). "Are smart devices worth the hacking risk?"
  • WPIX-11-TV News (31 October 2016) Diaz, Mario. "Clinton email investigation bombshell dominates campaign for both candidates”
  • CNN Money (15 August 2016) Pagliery, Jose. "Hacker claims to be selling stolen NSA spy tools"
  • Vice (6 July 2016) Pearl, Mike. [https://www.vice.com/read/clinton-emails-national-security "We Asked a Cybersecurity Expert if Clinton's Email System Could Have Jeopardized National Security"]
  • Scientific American (23 March 2016) Sneed, Annie. "The Most Vulnerable Ransomware Targets Are the Institutions We Rely On Most"
  • PBS Newshour (29 February 2016). "Ransomware attack takes down LA hospital for hours"
  • PBS Newshour (18 April 2015). "The hack attack that takes your computer hostage till you pay"
  • New York Daily News (4 March 2015). you check your personal email at work?"
  • CBS News (3 December 2014). "5 counterintuitive ways to protect against hackers"
  • CBS-TV News (15 August 2014). "How a password manager can help you stay more secure online"
  • Varonis (6 January 2015). [https://blog.varonis.com/conversation-nyu-polys-professor-justin-cappos-data-security-lessons-tips-companies/ "Interview With NYU-Poly’s Professor Justin Cappos: Security Lessons From Retail Breaches"]
  • MIT Technology Review (21 February 2013) Lim, Dawn. [https://www.technologyreview.com/s/511331/startup-offers-to-protect-printers-phones-and-other-devices-from-hackers/ "Startup Red Balloon Security Offers to Protect Printers, Phones, and Other Devices from Hackers"]
{{Authority control}}{{DEFAULTSORT:Cappos, Justin}}

5 : New York University|1977 births|Living people|Polytechnic Institute of New York University faculty|Computer security academics
随便看

 

开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。

 

Copyright © 2023 OENC.NET All Rights Reserved
京ICP备2021023879号 更新时间:2024/9/30 22:28:59