Developers generally like to share their code, and many of them do so by open sourcing it on GitHub, a social code hosting and collaboration service. Many companies also use GitHub as a convenient place to host both private and public code repositories by creating GitHub organizations where employees can be joined.
Sometimes employees might publish things that should not be publicly available. Things that contain sensitive information or things that could even lead to direct compromise of a system. This can happen by accident or because the employee does not know the sensitivity of the information.
Gitrob is a command line tool that can help organizations and security professionals find such sensitive information. The tool will iterate over all public organization and member repositories and match filenames against a range of patterns for files that typically contain sensitive or dangerous information.
CALL FOR PAPERS
International Conference on Security and Cryptography
SECRYPT website: http://www.secrypt.icete.org/
July 20 – 22, 2015
Colmar, Alsace, France
Sponsored by: INSTICC
INSTICC is Member of: WfMC, OMG and FIPA
Logistics Partner: SCITEVENTS
Regular Paper Submission: March 3, 2015
Authors Notification (regular papers): Mayl 18, 2015
Final Regular Paper Submission and Registration: May 26, 2015
You are cordially invited to submit a paper to the SECRYPT 2015 Conference, to be held in Colmar, Alsace, France. The deadline for paper submission is scheduled for March 3, 2015.
SECRYPT is an annual international conference covering research in information and communication security. The 12th International Conference on Security and Cryptography (SECRYPT 2015) will be held in Colmar, France on 20-22 July 2015.
The conference seeks submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of data protection, privacy, security, and cryptography.
Papers describing the application of security technology, the implementation of systems, and lessons learned are also encouraged. Papers describing new methods or technologies, advanced prototypes, systems, tools and techniques and general survey papers indicating future directions are also encouraged.
SECRYPT is interested in promoting high quality research as it can be confirmed by last year acceptance rates, where from 139 submissions, 21% of which were orally presented and 22% presented as posters.
We would like to highlight the presence of the following keynote speakers:
– Anthony C. Boucouvalas, University of Peloponnese, Greece
– Eleni Karatza, Aristotle University of Thessaloniki, Greece
– Andrew Moore, University of Cambridge, United Kingdom
Submitted papers will be subject to a double-blind review process. All accepted papers will be published in the conference proceedings, under an ISBN reference, on paper and on CD-ROM support.
It is planned to publish a short list of revised and extended versions of presented papers with Springer in a CCIS Series book (final approval pending).
The proceedings will be submitted for indexation by Thomson Reuters Conference Proceedings Citation Index (ISI), INSPEC, DBLP, EI (Elsevier Index) and Scopus.
All papers presented at the conference venue will be available at the SCITEPRESS Digital Library (http://www.scitepress.org/DigitalLibrary/). SCITEPRESS is a member of CrossRef (http://www.crossref.org/).
Best paper awards will be distributed during the conference closing session. Please check the website for further information (http://www.secrypt.icete.org/BestPaperAward.aspx).
Workshops, Special sessions, Tutorials as well as Demonstrations dedicated to other technical/scientific topics are also envisaged: companies interested in presenting their products/methodologies or researchers interested in holding a tutorial are invited to contact the conference secretariat. Workshop chairs and Special Session chairs will benefit from logistics support and other types of support, including secretariat and financial support, to facilitate the development of a valid idea.
SECRYPT is part of ICETE, the 12th International Joint Conference on e-Business and Telecommunications. Registration to SECRYPT allows free access to all other ICETE conferences.
ICETE 2015 will be held in conjunction with ICINCO 2015, ICSOFT 2015, SIMULTECH 2015 and DATA 2015. Registration to ICETE allows free access to the ICINCO, ICSOFT, SIMULTECH and DATA conferences as a non-speaker.
ICETE CONFERENCE CO-CHAIRS
Mohammad S. Obaidat, Monmouth University, United States
Pascal Lorenz, University of Haute Alsace, France
Pierangela Samarati, Universita degli Studi di Milano, Italy
Please check the program committee members at http://www.secrypt.icete.org/ProgramCommittee.aspx
– Access Control
– Applied Cryptography
– Biometrics Security and Privacy
– Critical Infrastructure Protection
– Data Integrity
– Data Protection
– Database Security and Privacy
– Digital Forensics
– Digital Rights Management
– Ethical and Legal Implications of Security and Privacy
– Formal Methods for Security
– Human Factors and Human Behavior Recognition Techniques
– Identification, Authentication and Non-repudiation
– Identity Management
– Information Hiding
– Information Systems Auditing
– Insider Threats and Countermeasures
– Intellectual Property Protection
– Intrusion Detection & Prevention
– Management of Computing Security
– Network Security
– Organizational Security Policies
– Peer-to-Peer Security
– Personal Data Protection for Information Systems
– Privacy Enhancing Technologies
– Reliability and Dependability
– Risk Assessment
– Secure Software Development Methodologies
– Security and Privacy for Big Data
– Security and privacy in Complex Systems
– Security and Privacy in Crowdsourcing
– Security and Privacy in IT Outsourcing
– Security and Privacy in Location-based Services
– Security and Privacy in Mobile Systems
– Security and Privacy in Pervasive/Ubiquitous Computing
– Security and Privacy in Smart Grids
– Security and Privacy in Social Networks
– Security and Privacy in the Cloud
– Security and Privacy in Web Services
– Security and Privacy Policies
– Security Area Control
– Security Deployment
– Security Engineering
– Security in Distributed Systems
– Security Information Systems Architecture
– Security Management
– Security Metrics and Measurement
– Security Protocols
– Security requirements
– Security Verification and Validation
– Sensor and Mobile Ad Hoc Network Security
– Service and Systems Design and QoS Network Security
– Software Security
– Trust management and Reputation Systems
– Ubiquitous Computing Security
– Wireless Network Security
- access control, authentication, call for papers, cloud, communication, conference, cryptography, digital, elsevier, ethic, formal, grid, identity, integrity, metrics, mobile, pervasive, policies, privacy, protection, reputation, researcher, security, social, social network, springer, trust, web, wireless, workshop
Emotional states can be transferred to others via emotional contagion, leading people to experience the same emotions without their awareness. Emotional contagion is well established in laboratory experiments, with people transferring positive and negative emotions to others. Data from a large real-world social network, collected over a 20-y period suggests that longer-lasting moods (e.g., depression, happiness) can be transferred through networks [Fowler JH, Christakis NA (2008) BMJ 337:a2338], although the results are controversial. In an experiment with people who use Facebook, we test whether emotional contagion occurs outside of in-person interaction between individuals by reducing the amount of emotional content in the News Feed. When positive expressions were reduced, people produced fewer positive posts and more negative posts; when negative expressions were reduced, the opposite pattern occurred. These results indicate that emotions expressed by others on Facebook influence our own emotions, constituting experimental evidence for massive-scale contagion via social networks. This work also suggests that, in contrast to prevailing assumptions, in-person interaction and nonverbal cues are not strictly necessary for emotional contagion, and that the observation of others’ positive experiences constitutes a positive experience for people.
The founder of the DEF CON hacker conference has announced that members of the U.S. federal government will not be welcome to attend this year’s event.
DEF CON is one of the world’s largest hacker conferences and has been running for 21 years. Until now the conference has always welcomed the participation of federal government employees.
This unusual step has been taken by DEF CON’s founder on behalf of the hacker community and is a response to the recent exposure of the NSA’s omnipresent online spying operation commonly known as PRISM.
The announcement was made by conference founder James Moss (AKA The Dark Tangent) on Wednesday in a short post on the DEF CON website:
“For over two decades DEF CON has been an open nexus of hacker culture, a place where seasoned pros, hackers, academics, and feds can meet, share ideas and party on neutral territory. Our community operates in the spirit of openness, verified trust, and mutual respect.
When it comes to sharing and socializing with feds, recent revelations have made many in the community uncomfortable about this relationship. Therefore, I think it would be best for everyone involved if the feds call a “time-out” and not attend DEF CON this year.
This will give everybody time to think about how we got here, and what comes next.”
When you use the Internet, you entrust your conversations, thoughts, experiences, locations, photos, and more to companies like Google, AT&T and Facebook. But what do these companies do when the government demands your private information? Do they stand with you? Do they let you know what’s going on?
In this annual report, the Electronic Frontier Foundation examined the policies of major Internet companies — including ISPs, email providers, cloud storage providers, location-based services, blogging platforms, and social networking sites — to assess whether they publicly commit to standing with users when the government seeks access to user data. The purpose of this report is to incentivize companies to be transparent about how data flows to the government and encourage them to take a stand for user privacy whenever it is possible to do so.