P R E S S
A GUIDE TO SPYING ON CISCO PHONE CALLS
"Mr. Cui and his adviser, Salvatore J. Stolfo, informed Cisco of the vulnerability last October. Two days later, Cisco confirmed the problem and within a week issued a fix."
POPULAR OFFICE PHONES VULNERABLE TO EAVESDROPPING HACK, RESEARCHERS SAY
"Doctoral candidate Ang Cui and Columbia Professor Sal Stolfo, who discovered the flaw while working on a grant from the U.S. Defense Department, say they can remotely order a hacked telephone to do anything they want and use software to hide their tracks."
TO THWART HACKERS, FIRMS SALTING THEIR SERVERS WITH FAKE DATA
" 'The use of deception is a very powerful tool going back to Adam and Eve,' said Salvatore Stolfo, a Columbia University computer science professor who has created a technique that uses decoy data to trick intruders. 'If the hackers have to expend a lot of energy and effort figuring out what’s real and what’s not, they’ll go elsewhere.' "
STEPTOE CYBERLAW PODCAST, EPISODE #44: AN INTERVIEW WITH SAL STOLFO
"Stolfo brings an attacker’s sensibility to network security approaches usually dominated by defensive thinking. His approach to computer security includes flooding the network with plausible fake documents wired to alarm when touched by a user."
NEW "SYMBIOTE" MAY PROTECT MICROCHIPS FROM CYBER ATTACK
"Developers Ang Cui and Sal Stolfo of Columbia University say their “symbiote” can work with any type of firmware without slowing a computer's processing speed."
HACKING ATTACKS ON PRINTERS STILL NOT TAKEN SERIOUSLY
"Using freely available information and a budget of $2,000 (£1,280), professor Salvatore Stolfo and researcher Ang Cui from Columbia University's appropriately named Intrusion Detection System Laboratory used the printer's remote firmware update to install potentially crippling malware that could even be targeted to destroy the device itself."
FEDS LOOK TO FIGHT LEAKS WITH 'FOG OF DISINFORMATION'
"Imagine if some chemist invented some new formula for whatever that was of great value, growing hair, and they then placed the true [formula] in the midst of a hundred bogus ones," explains Salvatore Stolfo, the Columbia University computer science professor who coined the Fog Computing term. "Then anybody who steals the set of documents would have to test each formula to see which one actually works. It raises the bar against the adversary. They may not really get what they're trying to steal."
BYPASSING THE PASSWORD
"Research overseen by Salvatore J. Stolfo, professor of computer science at Columbia University, has led to the development of software that uses a simple means of detecting an intruder: placing decoy documents on the computer."
NPR Radio interview, Marketplace Tech Report, HP vulnerability, Nov 2011.
New York Times, Business section, Digital Domain, Seeking Ways to Make Passwords Unnecessary, March 17, 2012, http://www.nytimes.com/2012/03/18/business/seeking-ways-to-make-computer-passwords-unnecessary.html?partner=rss&emc=rss
NPR Radio interview, Marketplace Tech Report, on research to replace password, Decoy technology, March 2012
Wired Magazine, interview concerning Decoy Technology. Nov 2011 http://www.wired.com/dangerroom/2011/11/darpa-trap-wikileaks/
Time Magazine, “Cyberdefense”, November 10, 2003.
Trusted Information Systems Magazine, “The JAM Project”, March 1998.
Associated Press Newswire, Egs. The Bergen Record pp. E3, Staten Island Advance, “ATT accused of High-Tech Piracy”, October 17, 1991.
New York Times, “Scientists Bet on New Design”, Science Times Section, pp. C1, Tuesday, October 23, 1984.
Manhattan Inc, “Silicon Island”, pp. 107-116, March 1986.