Collaborating Authors

Electron Windows Protocol Handler MITM/RCE (bypass for CVE-2018-1000006 fix)


Under certain circumstances, this bypass leads to session hijacking and remote code execution. The vulnerability is triggered by simply visiting a web page through a browser. Electron apps designed to run on Windows that register themselves as the default handler for a protocol and do not prepend dash-dash in the registry entry are affected. We reported the issue to the Electron core team (via on May 14, 2018, and received immediate notification that they were already working on a patch. The issue was also reported by Google's Nicolas Ruff a few days earlier.

The Trending Mobile VPN Technologies That You Need to Know

Huffington Post - Tech news and opinion

IKEv2 is a diversified version of the IPSec's IKE protocol, which is faster than other VPN protocols. It is designed to support a mobile device that tends to change its IP address several times and prevents re-authentication. However, the easier to set up IKEv2 does not shelter applications when the device is in the hibernate mode or out of reach, as it is only a key exchange protocol.


AAAI Conferences

Verification that agent communication protocols have desirable properties or do not have undesirable properties is an important issue in agent systems where agents intend to communicate using such protocols. In this paper we explore the use of model checkers to verify properties of agent communication protocols, with these properties expressed as formulae in temporal logic. We illustrate our approach using a recently-proposed protocol for agent dialogues over commands, a protocol that permits the agents to present questions, challenges and arguments for or against compliance with a command.

Protocol Oriented Programming with Swift - Programmer Books


At the heart of Swift's design is an incredibly powerful idea: protocol-oriented programming. Its many benefits include better code maintainability, increased developer productivity and superior application performance. The book will teach the reader how to apply the ideas behind the protocol oriented programing paradigm to improve the code they write. This book will introduce the readers to the world of protocol-oriented programming in Swift and will demonstrate the ideas behind this new programming paradigm with real world examples. In addition to learning the concepts of Protocol Oriented programming, it also shows the reader how to reduce the complexity of their codebase using protocol extensions.


AAAI Conferences

We introduce the notion of exploitability in cut-and-choose protocols for repeated cake cutting. If a cut-and-choose protocol is repeated, the cutter can possibly gain information about the chooser from her previous actions, and exploit this information for her own gain, at the expense of the chooser. We define a generalization of cut-and-choose protocols - forced-cut protocols - in which some cuts are made exogenously while others are made by the cutter, and show that there exist non-exploitable forced-cut protocols that use a small number of cuts per day: When the cake has at least as many dimensions as days, we show a protocol that uses a single cut per day. When the cake is 1-dimensional, we show an adaptive non-exploitable protocol that uses 3 cuts per day, and a non-adaptive protocol that uses n cuts per day (where n is the number of days). In contrast, we show that no non-adaptive non-exploitable forced-cut protocol can use a constant number of cuts per day. Finally, we show that if the cake is at least 2-dimensional, there is a non-adaptive non-exploitable protocol that uses 3 cuts per day.