https://www.usenix.org/publications/multimedia/ en-us ℗ & © 2007 USENIX Association Covering the latest in security, system administration, systems research, and more need-to-know technology topics USENIX Association USENIX Association The USENIX Multimedia RSS Feed brings you industry leaders covering the latest in security, system administration, systems research, and more need-to-know technology topics. USENIX, The Advanced Computing Systems Association, has been the premier forum for presenting groundbreaking technology information for over 30 years. Check out some of the great invited talks of past USENIX Conferences. The USENIX Multimedia RSS Feed brings you industry leaders covering the latest in security, system administration, systems research, and more need-to-know technology topics. USENIX, The Advanced Computing Systems Association, has been the premier forum for presenting groundbreaking technology information for over 30 years. Check out some of the great invited talks of past USENIX Conferences. unix,linux,dmca,securty,sysadmin,sage,computer,lisa,conference Anton podcast@usenix.org no https://www.usenix.org/graphics/podcast_invited_talks_50x50.jpg https://www.usenix.org/publications/multimedia/ 50 50 USENIX Invited Talks Logo Markus Jakobsson Markus Jakobsson Indiana University Invited Talk from Security 2007 In this talk, we discuss what impact deceit and misuse has on online security, drawing on examples from phishing, click-fraud, and general privacy intrusions. We believe that a methodology founded on an improved understanding of human behavior — in particular, in the context of deceit — may help anticipate trends and steer the development of structures and heuristics to curb online fraud. Guided by behavioral aspects of security, we consider technical measures to preemptively counter some of the threats we describe. An extended abstract is available at www.human-factor.org. In this talk, we discuss what impact deceit and misuse has on online security, drawing on examples from phishing, click-fraud, and general privacy intrusions. We believe that a methodology founded on an improved understanding of human behavior — in particular, in the context of deceit — may help anticipate trends and steer the development of structures and heuristics to curb online fraud. Guided by behavioral aspects of security, we consider technical measures to preemptively counter some of the threats we describe. An extended abstract is available at www.human-factor.org. https://www.usenix.org/media/events/sec07/tech/mp3/jakobsson.mp3 https://www.usenix.org/events/sec07/tech/jakobsson.pdf Fri, 12 Oct 2007 14:00:00 PST 4658 unix,security,conference,web,fruad,fraud no Ran Canetti Ran Canetti IBM Research Invited Talk from Security 2007 This talk motivates and presents the paradigm of Universally Composable security. It then briefly reviews some of the recent research done within this paradigm and on it. Part of this research touches foundational aspects in security and cryptography. Other parts have immediate practical implications. This talk motivates and presents the paradigm of Universally Composable security. It then briefly reviews some of the recent research done within this paradigm and on it. Part of this research touches foundational aspects in security and cryptography. Other parts have immediate practical implications. https://www.usenix.org/media/events/sec07/tech/mp3/canetti.mp3 https://www.usenix.org/events/sec07/tech/canetti.pdf Fri, 12 Oct 2007 14:00:00 PST 4417 unix,security,conference,research,usable no Gary McGraw Gary McGraw Cigital Invited Talk from Security 2007 This talk (based on a book of the same title co-authored by Greg Hoglund) frankly describes controversial security issues surrounding MMORPGs such as World of Warcraft. This no-holds-barred approach is fully loaded with code examples, debuggers, bots, and hacks, of interest whether you are a gamer, a game developer, a software security person, or an interested bystander. This talk (based on a book of the same title co-authored by Greg Hoglund) frankly describes controversial security issues surrounding MMORPGs such as World of Warcraft. This no-holds-barred approach is fully loaded with code examples, debuggers, bots, and hacks, of interest whether you are a gamer, a game developer, a software security person, or an interested bystander. https://www.usenix.org/media/events/sec07/tech/mp3/mcgraw.mp3 https://www.cigital.com/presentations/eog07/ Fri, 12 Oct 2007 14:00:00 PST 5037 unix,security,conference,research,games,hacks,cheats,gaming,online no Gary McGraw Gary McGraw Cigital Invited Talk from Security 2007 This talk (based on a book of the same title co-authored by Greg Hoglund) frankly describes controversial security issues surrounding MMORPGs such as World of Warcraft. This no-holds-barred approach is fully loaded with code examples, debuggers, bots, and hacks, of interest whether you are a gamer, a game developer, a software security person, or an interested bystander. This talk (based on a book of the same title co-authored by Greg Hoglund) frankly describes controversial security issues surrounding MMORPGs such as World of Warcraft. This no-holds-barred approach is fully loaded with code examples, debuggers, bots, and hacks, of interest whether you are a gamer, a game developer, a software security person, or an interested bystander. https://www.usenix.org/media/events/sec07/tech/videos/mcgraw_320x240.mp4 Fri, 12 Oct 2007 14:00:00 PST 5048 unix,security,conference,research,games,hacks,cheats,gaming,online,video no Jerry Brady Jerry Brady Morgan Stanley Invited Talk from Security 2007 Computer security is one of the most complex challenges facing large enterprises today. Securing a multinational enterprise is a balancing act based on solid risk management and technical solutions in a multifaceted, changing environment. Managing risks without securing the enterprise is meaningless, but is there a one-size-fits-all solution or special technology to secure the organization? Will this solution or technology be cost-effective? What about the intersection between IT security, physical security, and information security? Ultimately, tackling computer security within a large enterprise is more than a technical problem; it must be based on people, process, and technology in order to properly manage risks associated with threats. Computer security is one of the most complex challenges facing large enterprises today. Securing a multinational enterprise is a balancing act based on solid risk management and technical solutions in a multifaceted, changing environment. Managing risks without securing the enterprise is meaningless, but is there a one-size-fits-all solution or special technology to secure the organization? Will this solution or technology be cost-effective? What about the intersection between IT security, physical security, and information security? Ultimately, tackling computer security within a large enterprise is more than a technical problem; it must be based on people, process, and technology in order to properly manage risks associated with threats. https://www.usenix.org/media/events/sec07/tech/mp3/brady.mp3 Fri, 12 Oct 2007 14:00:00 PST 4373 unix,security,conference,research,business,corporate no Mikko Hypponen Mikko Hypponen F-Secure Corp. Invited Talk from Security 2007 The first real viruses for mobile phones were found in June 2004. Since then, scores of different viruses have been found, most of them targeting smartphones running different versions of the Symbian operating system. Many of them are spreading in the wild and have been reported from all continents. These mobile viruses use new spreading vectors such as multimedia messages and Bluetooth and pose special problems for researchers. For example, they can easily escape during analysis as they use radio connections to spread. As total count of known mobile malware is now around 350, we know much more about what types of viruses to expect in the future and about who writes them. We also know what we should do to prevent this niche area from becoming a bigger problem. The first real viruses for mobile phones were found in June 2004. Since then, scores of different viruses have been found, most of them targeting smartphones running different versions of the Symbian operating system. Many of them are spreading in the wild and have been reported from all continents. These mobile viruses use new spreading vectors such as multimedia messages and Bluetooth and pose special problems for researchers. For example, they can easily escape during analysis as they use radio connections to spread. As total count of known mobile malware is now around 350, we know much more about what types of viruses to expect in the future and about who writes them. We also know what we should do to prevent this niche area from becoming a bigger problem. https://www.usenix.org/media/events/sec07/tech/mp3/hypponen.mp3 https://www.usenix.org/events/sec07/tech/hypponen.pdf Fri, 12 Oct 2007 14:00:00 PST 5576 unix,security,conference,research,usable,cell,phone,virus,iphone,nokia no Mikko Hypponen Mikko Hypponen F-Secure Corp. Invited Talk from Security 2007 The first real viruses for mobile phones were found in June 2004. Since then, scores of different viruses have been found, most of them targeting smartphones running different versions of the Symbian operating system. Many of them are spreading in the wild and have been reported from all continents. These mobile viruses use new spreading vectors such as multimedia messages and Bluetooth and pose special problems for researchers. For example, they can easily escape during analysis as they use radio connections to spread. As total count of known mobile malware is now around 350, we know much more about what types of viruses to expect in the future and about who writes them. We also know what we should do to prevent this niche area from becoming a bigger problem. The first real viruses for mobile phones were found in June 2004. Since then, scores of different viruses have been found, most of them targeting smartphones running different versions of the Symbian operating system. Many of them are spreading in the wild and have been reported from all continents. These mobile viruses use new spreading vectors such as multimedia messages and Bluetooth and pose special problems for researchers. For example, they can easily escape during analysis as they use radio connections to spread. As total count of known mobile malware is now around 350, we know much more about what types of viruses to expect in the future and about who writes them. We also know what we should do to prevent this niche area from becoming a bigger problem. https://www.usenix.org/media/events/sec07/tech/videos/hypponen_320x240.mp4 Fri, 12 Oct 2007 14:00:00 PST 5586 unix,security,conference,research,usable,cell,phone,virus,iphone,nokia,video no David Dill David Dill Stanford University Invited Talk from Security 2007 It is now quite clear that most electronic voting systems were designed with only minor concern and rudimentary knowledge of computer security. Over the past five years, people with more in-depth knowledge of computer security have helped tremendously in appraising the security of current systems and, to a lesser extent, in improving the security of voting systems. This talk will highlight the ways a computer security perspective might be able to contribute to more trustworthy voting systems, as well as some of the ways that voting is different from other computer security problems. It is now quite clear that most electronic voting systems were designed with only minor concern and rudimentary knowledge of computer security. Over the past five years, people with more in-depth knowledge of computer security have helped tremendously in appraising the security of current systems and, to a lesser extent, in improving the security of voting systems. This talk will highlight the ways a computer security perspective might be able to contribute to more trustworthy voting systems, as well as some of the ways that voting is different from other computer security problems. https://www.usenix.org/media/events/sec07/tech/mp3/dill.mp3 Fri, 12 Oct 2007 14:00:00 PST 4741 unix,security,conference,research,usable,bush,california,evoting,privacy no David Dill David Dill Stanford University Invited Talk from Security 2007 It is now quite clear that most electronic voting systems were designed with only minor concern and rudimentary knowledge of computer security. Over the past five years, people with more in-depth knowledge of computer security have helped tremendously in appraising the security of current systems and, to a lesser extent, in improving the security of voting systems. This talk will highlight the ways a computer security perspective might be able to contribute to more trustworthy voting systems, as well as some of the ways that voting is different from other computer security problems. It is now quite clear that most electronic voting systems were designed with only minor concern and rudimentary knowledge of computer security. Over the past five years, people with more in-depth knowledge of computer security have helped tremendously in appraising the security of current systems and, to a lesser extent, in improving the security of voting systems. This talk will highlight the ways a computer security perspective might be able to contribute to more trustworthy voting systems, as well as some of the ways that voting is different from other computer security problems. https://www.usenix.org/media/events/sec07/tech/videos/dill_320x240.mp4 Fri, 12 Oct 2007 14:00:00 PST 4746 unix,security,conference,research,usable,bush,california,evoting,privacy,video no David Wagner David Wagner University of California, Berkeley Invited Talk from Security 2007 Earlier this year, California Secretary of State Debra Bowen commissioned the University of California to examine 3 voting systems. They found significant security problems in all 3 systems. Earlier this year, California Secretary of State Debra Bowen commissioned the University of California to examine 3 voting systems. They found significant security problems in all 3 systems. https://www.usenix.org/media/events/sec07/tech/mp3/wagner.mp3 https://www.usenix.org/events/sec07/tech/wagner.pdf Fri, 12 Oct 2007 14:00:00 PST 1644 unix,linux,security,conference,research,usable,bush,california,evoting,privacy,flaws no Greg Hoglund Greg Hoglund HBGary Invited Talk from Security 2007 Rootkits are backdoor programs that can be placed in a computer without detection. Virus scanners and desktop firewalls are woefully inadequate to stop a rootkit attack, which can go undetected for years. This talk will explain how rootkits are built for Microsoft Windows XP. It will cover detailed technical aspects of rootkit development, such as compilation, loading and unloading, function hooking, paged and nonpaged memory, interrupts and inline code injections. You'll also learn the technical aspects of the hardware environment, such as interrupt handling, memory paging, and virtual memory address translation. The talk will also cover how to detect rootkits, including runtime integrity checks and detecting hooks of all kinds, such as IRP hooks, SSDT hooks, and IDT hooks. Rootkits are backdoor programs that can be placed in a computer without detection. Virus scanners and desktop firewalls are woefully inadequate to stop a rootkit attack, which can go undetected for years. This talk will explain how rootkits are built for Microsoft Windows XP. It will cover detailed technical aspects of rootkit development, such as compilation, loading and unloading, function hooking, paged and nonpaged memory, interrupts and inline code injections. You'll also learn the technical aspects of the hardware environment, such as interrupt handling, memory paging, and virtual memory address translation. The talk will also cover how to detect rootkits, including runtime integrity checks and detecting hooks of all kinds, such as IRP hooks, SSDT hooks, and IDT hooks. https://www.usenix.org/media/events/sec07/tech/mp3/hoglund.mp3 Fri, 12 Oct 2007 14:00:00 PST 3577 unix,linux,security,conference,research,usable,sony,windows,xp,drm no John Schwartz John Schwartz The New York Times Invited Talk from Security 2007 The MSM gets it wrong, the conventional wisdom goes, because the reporters aren't technically adept but are looking for scare stories to sell newspapers or get ratings. John Schwartz debunks a few myths about the mainstream media and explains that it is possible to write about security and other topics without hype to and still keep your job. The MSM gets it wrong, the conventional wisdom goes, because the reporters aren't technically adept but are looking for scare stories to sell newspapers or get ratings. John Schwartz debunks a few myths about the mainstream media and explains that it is possible to write about security and other topics without hype to and still keep your job. https://www.usenix.org/media/events/sec07/tech/mp3/schwartz.mp3 Fri, 12 Oct 2007 14:00:00 PST 4416 unix,linux,security,conference,research,mass,media,fox,technology no Mendel Rosenblum Mendel Rosenblum Stanford University Keynote Address from USENIX 2007 This talk describes how virtualization is changing the way computing is done in the industry today and how it is causing users to rethink how they view hardware, operating systems, and application programs. The talk will describe this new view of computing and the benefits driving users to adopt it. The roles of hardware and operating systems will be discussed, along with what changes will be needed to support this new computing model efficiently and simply. This talk describes how virtualization is changing the way computing is done in the industry today and how it is causing users to rethink how they view hardware, operating systems, and application programs. The talk will describe this new view of computing and the benefits driving users to adopt it. The roles of hardware and operating systems will be discussed, along with what changes will be needed to support this new computing model efficiently and simply. https://www.usenix.org/media/events/usenix07/tech/mp3/rosenblum.mp3 Fri, 12 Oct 2007 14:00:00 PST 4190 unix,linux,security,conference,research,usable,vmware,intel,amd,cpu,server no Werner Vogels Werner Vogels VP and CTO, Amazon.com Invited Talk from USENIX 2007 Traditionally a technology adaption cycle progresses at least 10–15 years before technologies become mature enough for wide-spread adaption. That time period is dramatically shortened as there is a need for technologies that can satisfy the unlimited appetite for ultra-scalable, highly-reliable, high-performance, and cost-effecient software architectures by the top Internet companies. In reality, however, it turns out to be very difficult to speed up the adoption process. In this presentation I will review some of the obstacles that are in the way of adoption of research results into production environments and will revist the principles of "worse is better" and Occam's razor in the context of technology transition. Traditionally a technology adaption cycle progresses at least 10–15 years before technologies become mature enough for wide-spread adaption. That time period is dramatically shortened as there is a need for technologies that can satisfy the unlimited appetite for ultra-scalable, highly-reliable, high-performance, and cost-effecient software architectures by the top Internet companies. In reality, however, it turns out to be very difficult to speed up the adoption process. In this presentation I will review some of the obstacles that are in the way of adoption of research results into production environments and will revist the principles of "worse is better" and Occam's razor in the context of technology transition. https://www.usenix.org/media/events/usenix07/tech/mp3/vogels.mp3 Fri, 12 Oct 2007 14:00:00 PST 5010 unix,linux,security,conference,research,business,amazon no Gary McGraw Gary McGraw Cigital Invited Talk from USENIX 2007 This talk (based on a book of the same title co-authored by Greg Hoglund) frankly describes controversial security issues surrounding MMORPGs such as World of Warcraft. This no-holds-barred approach is fully loaded with code examples, debuggers, bots, and hacks, of interest whether you are a gamer, a game developer, a software security person, or an interested bystander. This talk (based on a book of the same title co-authored by Greg Hoglund) frankly describes controversial security issues surrounding MMORPGs such as World of Warcraft. This no-holds-barred approach is fully loaded with code examples, debuggers, bots, and hacks, of interest whether you are a gamer, a game developer, a software security person, or an interested bystander. https://www.usenix.org/media/events/usenix07/tech/mp3/mcgraw.mp3 https://www.cigital.com/presentations/eog07/ Fri, 12 Oct 2007 14:00:00 PST 4058 unix,linux,security,conference,research,windows,gaming,hacks,cheat,wow,warcraft no Rob Lanphier and Mark Lentczner Rob Lanphier and Mark Lentczner Linden Lab Invited Talk from USENIX 2007 Rob Lanphier, Linden Lab's Open Source Busybody, and Mark Lentczner, who directs a software engineering studio at Linden Lab, will talk about the release of the Second Life viewer source code: what that means, what it might mean, and what it doesn't mean. He'll provide a brief overview of the technology and history of Second Life, discuss the astronomical growth in use of Second Life, and explain what Linden Lab is doing to cope with the ever-increasing stress on the system. He'll discuss some key improvements Linden Lab is making in the protocols used by the product—utilizing a Web services model to increase scalability and to decouple versioning between clients and servers, as well as server-to-server communication. Rob Lanphier, Linden Lab's Open Source Busybody, and Mark Lentczner, who directs a software engineering studio at Linden Lab, will talk about the release of the Second Life viewer source code: what that means, what it might mean, and what it doesn't mean. He'll provide a brief overview of the technology and history of Second Life, discuss the astronomical growth in use of Second Life, and explain what Linden Lab is doing to cope with the ever-increasing stress on the system. He'll discuss some key improvements Linden Lab is making in the protocols used by the product—utilizing a Web services model to increase scalability and to decouple versioning between clients and servers, as well as server-to-server communication. https://www.usenix.org/media/events/usenix07/tech/mp3/lanphier.mp3 Fri, 12 Oct 2007 14:00:00 PST 3227 unix,linux,security,conference,research,usable,games,online no Rob Lanphier and Mark Lentczner Rob Lanphier and Mark Lentczner Linden Lab Invited Talk from USENIX 2007 Q&A session following the Second Life talk. Q&A session following the Second Life talk. https://www.usenix.org/media/events/usenix07/tech/mp3/lanphier_qa.mp3 Fri, 12 Oct 2007 14:00:00 PST 1957 unix,linux,security,conference,research,usable,games,online,qa no Win Treese Win Treese SiCortex, Inc. Invited Talk from USENIX 2007 High-performance technical computing stresses computer systems in many ways, from CPU performance to memory systems to inter-system communication. Over the past twelve years, clusters of commodity hardware running Linux have become the most common tool for high-performance computing. However, the dynamics of such applications are often very different from those of applications that drive the design of commodity computer systems, which means that commodity systems may be cheap for computing, but they are not efficient for many technical applications. High-performance technical computing stresses computer systems in many ways, from CPU performance to memory systems to inter-system communication. Over the past twelve years, clusters of commodity hardware running Linux have become the most common tool for high-performance computing. However, the dynamics of such applications are often very different from those of applications that drive the design of commodity computer systems, which means that commodity systems may be cheap for computing, but they are not efficient for many technical applications. https://www.usenix.org/media/events/usenix07/tech/mp3/treese.mp3 https://www.usenix.org/events/usenix07/tech/slides/treese.pdf Fri, 12 Oct 2007 14:00:00 PST 2825 unix,linux,security,conference,research,hpc no Win Treese Win Treese SiCortex, Inc. Invited Talk from USENIX 2007 Q&A session following the Specializing General-Purpose Computing talk. Q&A session following the Specializing General-Purpose Computing talk. https://www.usenix.org/media/events/usenix07/tech/mp3/treese_qa.mp3 Fri, 12 Oct 2007 14:00:00 PST 542 unix,linux,security,conference,research,hpc,qa no Paul Ducklin Paul Ducklin Sophos Invited Talk from USENIX 2007 This talk will feature a live—but entirely self-contained, and therefore safe!—demonstration of a modern malware attack in action. Gain insight into how the bad guys think and operate, and you learn how better to defend yourself against them. The talk will also examine some of the tricks and techniques that can be used in a malware research lab to get even an apparently complex and heavily obfuscated piece of malware to reveal its secrets in safety. This talk will feature a live—but entirely self-contained, and therefore safe!—demonstration of a modern malware attack in action. Gain insight into how the bad guys think and operate, and you learn how better to defend yourself against them. The talk will also examine some of the tricks and techniques that can be used in a malware research lab to get even an apparently complex and heavily obfuscated piece of malware to reveal its secrets in safety. https://www.usenix.org/media/events/usenix07/tech/mp3/ducklin.mp3 Fri, 12 Oct 2007 14:00:00 PST 5408 unix,linux,security,system,administration,conference,research,anti,virus,trojan,windows no Brad Fitzpatrick Brad Fitzpatrick LiveJournal Invited Talk from USENIX 2007 Hear the history and lessons learned while scaling a community site (LiveJournal.com) from a single server with a dozen friends to hundreds of machines and 10M+ users: what's worked, what hasn't, and all the things we've had to build ourselves that are now in common use thoughout the Web 2.0 world, including memcached, MogileFS, Perlbal, and our job dispatch systems. Hear the history and lessons learned while scaling a community site (LiveJournal.com) from a single server with a dozen friends to hundreds of machines and 10M+ users: what's worked, what hasn't, and all the things we've had to build ourselves that are now in common use thoughout the Web 2.0 world, including memcached, MogileFS, Perlbal, and our job dispatch systems. https://www.usenix.org/media/events/usenix07/tech/mp3/fitzpatrick.mp3 https://www.usenix.org/events/usenix07/tech/slides/fitzpatrick.pdf Fri, 12 Oct 2007 14:00:00 PST 2631 unix,linux,security,system,administration,conference,research,blog,social,networking no Brad Fitzpatrick Brad Fitzpatrick LiveJournal Invited Talk from USENIX 2007 Q&A session following the LiveJournal talk. Q&A session following the LiveJournal talk. https://www.usenix.org/media/events/usenix07/tech/mp3/fitzpatrick_qa.mp3 Fri, 12 Oct 2007 14:00:00 PST 697 unix,linux,security,system,administration,conference,research,blog,social,networking,qa no Jeffrey Dean Jeffrey Dean Google Invited Talk from USENIX 2007 MapReduce is a programming model and an associated implementation for processing and generating large data sets. Users specify a Map function which processes a key/value pair to generate a set of intermediate key/value pairs, and a Reduce function which merges all intermediate values associated with the same intermediate key. Programs written in this functional style are automatically parallelized and executed on a large cluster of commodity machines. The MapReduce run-time system takes care of the details of partitioning the input data, scheduling the program's execution across a set of machines, handling machine failures, and managing the required inter-machine communication. This allows programmers without any experience with parallel and distributed systems to easily utilize the resources of a large distributed system. Thousands of MapReduce programs have been implemented, and several thousand MapReduce jobs are executed on Google's clusters every day. In this talk I'll describe the design and implementation of MapReduce and other building blocks for large-scale distributed systems at Google. MapReduce is a programming model and an associated implementation for processing and generating large data sets. Users specify a Map function which processes a key/value pair to generate a set of intermediate key/value pairs, and a Reduce function which merges all intermediate values associated with the same intermediate key. Programs written in this functional style are automatically parallelized and executed on a large cluster of commodity machines. The MapReduce run-time system takes care of the details of partitioning the input data, scheduling the program's execution across a set of machines, handling machine failures, and managing the required inter-machine communication. This allows programmers without any experience with parallel and distributed systems to easily utilize the resources of a large distributed system. Thousands of MapReduce programs have been implemented, and several thousand MapReduce jobs are executed on Google's clusters every day. In this talk I'll describe the design and implementation of MapReduce and other building blocks for large-scale distributed systems at Google. https://www.usenix.org/media/events/usenix07/tech/mp3/dean.mp3 Fri, 12 Oct 2007 14:00:00 PST 3460 unix,linux,security,system,administration,conference,research,google,hpc,search no Jeffrey Dean Jeffrey Dean Google Invited Talk from USENIX 2007 Q&A session following the MapReduce at Google Talk. Q&A session following the MapReduce at Google Talk. https://www.usenix.org/media/events/usenix07/tech/mp3/dean_qa.mp3 Fri, 12 Oct 2007 14:00:00 PST 641 unix,linux,security,system,administration,conference,research,google,hpc,search,qa no Daniel V. Klein Daniel V. Klein Consultant Invited Talk from USENIX 2007 It is no secret that we are at the dawn of the digital age—our parents (and, for some of us, even our grandparents) have computers, digital cameras, MP3 players, etc. We each have more computing power in our cell phones than the mainframes of 35 years ago had, and everywhere we find data acquisition and tracking systems. Privacy has never been more zealously guarded nor more freely abandoned, and with the proliferation of digital data collection and dissemination have come new worries It is no secret that we are at the dawn of the digital age—our parents (and, for some of us, even our grandparents) have computers, digital cameras, MP3 players, etc. We each have more computing power in our cell phones than the mainframes of 35 years ago had, and everywhere we find data acquisition and tracking systems. Privacy has never been more zealously guarded nor more freely abandoned, and with the proliferation of digital data collection and dissemination have come new worries https://www.usenix.org/media/events/usenix07/tech/mp3/klein.mp3 Fri, 12 Oct 2007 14:00:00 PST 4977 unix,linux,security,system,administration,conference,research,privacy no Daniel V. Klein Daniel V. Klein Consultant Invited Talk from USENIX 2007 Q&A followinf the Perfect Data in an Imperfect World talk. Q&A followinf the Perfect Data in an Imperfect World talk. https://www.usenix.org/media/events/usenix07/tech/mp3/klein_qa.mp3 Fri, 12 Oct 2007 14:00:00 PST 138 unix,linux,security,system,administration,conference,research,privacy,qa no Luis von Ahn Luis von Ahn Carnegie Mellon University Invited Talk from USENIX 2007 Tasks like image recognition are trivial for humans, but continue to challenge even the most sophisticated computer programs. This talk introduces a paradigm for utilizing human processing power to solve problems that computers cannot yet solve. Traditional approaches to solving such problems focus on improving software. I advocate a novel approach: constructively channel human brainpower using computer games. For example, the ESP Game, described in this talk, is an enjoyable online game—many people play over 40 hours a week—and when people play, they help label images on the Web with descriptive keywords. These keywords can be used to significantly improve the accuracy of image search. People play the game not because they want to help, but because they enjoy it. The ESP Game has been licensed by a major Internet company and will soon become the basis of their image search engine. Tasks like image recognition are trivial for humans, but continue to challenge even the most sophisticated computer programs. This talk introduces a paradigm for utilizing human processing power to solve problems that computers cannot yet solve. Traditional approaches to solving such problems focus on improving software. I advocate a novel approach: constructively channel human brainpower using computer games. For example, the ESP Game, described in this talk, is an enjoyable online game—many people play over 40 hours a week—and when people play, they help label images on the Web with descriptive keywords. These keywords can be used to significantly improve the accuracy of image search. People play the game not because they want to help, but because they enjoy it. The ESP Game has been licensed by a major Internet company and will soon become the basis of their image search engine. https://www.usenix.org/media/events/usenix07/tech/mp3/vonahn.mp3 https://www.usenix.org/events/usenix07/tech/slides/vonahn.pdf Fri, 12 Oct 2007 14:00:00 PST 2533 unix,linux,security,system,administration,conference,research,captcha,search no Luis von Ahn Luis von Ahn Carnegie Mellon University Invited Talk from USENIX 2007 Q&A session following the Human Computation talk. Q&A session following the Human Computation talk. https://www.usenix.org/media/events/usenix07/tech/mp3/vonahn_qa.mp3 Fri, 12 Oct 2007 14:00:00 PST 841 unix,linux,security,system,administration,conference,research,captcha,search,qa no Luiz André Barroso Luiz André Barroso Google Inc. Invited Talk from USENIX 2007 The computing systems that are powering many of today's large-scale Internet services look less like refrigerators and more like warehouses. Designing efficient warehouse-scale computers requires many of the traditional tools and methods developed by computer architects, and some new tricks as well. In this talk I'll describe some of the defining characteristics of these systems, with a focus on failure handling and power management. The computing systems that are powering many of today's large-scale Internet services look less like refrigerators and more like warehouses. Designing efficient warehouse-scale computers requires many of the traditional tools and methods developed by computer architects, and some new tricks as well. In this talk I'll describe some of the defining characteristics of these systems, with a focus on failure handling and power management. https://www.usenix.org/media/events/usenix07/tech/mp3/barroso.mp3 Fri, 12 Oct 2007 14:00:00 PST 4166 unix,linux,security,system,administration,conference,research,google,cooling,hpc no Luiz André Barroso Luiz André Barroso Google Inc. Invited Talk from USENIX 2007 Q&A session following the Warehouse-scale Computers talk. Q&A session following the Warehouse-scale Computers talk. https://www.usenix.org/media/events/usenix07/tech/mp3/barroso_qa.mp3 Fri, 12 Oct 2007 14:00:00 PST 990 unix,linux,security,system,administration,conference,research,google,cooling,hpc,qa no Mary Lou Jepsen Mary Lou Jepsen One Laptop per Child Invited Talk from USENIX 2007 This effort emerged as a way to capture the endless momentum of Moore's Law and create a laptop for those far on the other side of the digital divide—the poor children of the world and their families. In fact, the vast majority of the world lives without so many of the things we consider essential, not least of which is access to education and information. This year, we intend to launch with millions of laptops simultaneously in Rwanda, Pakistan, Brazil, Argentina, Uruguay, Libya, Nigeria, and Thailand. The children themselves will own these laptops, which will be distributed to them by the Ministries of Education. They should last for five years and are cheaper than five years' worth of textbooks in the average developing country. This effort emerged as a way to capture the endless momentum of Moore's Law and create a laptop for those far on the other side of the digital divide—the poor children of the world and their families. In fact, the vast majority of the world lives without so many of the things we consider essential, not least of which is access to education and information. This year, we intend to launch with millions of laptops simultaneously in Rwanda, Pakistan, Brazil, Argentina, Uruguay, Libya, Nigeria, and Thailand. The children themselves will own these laptops, which will be distributed to them by the Ministries of Education. They should last for five years and are cheaper than five years' worth of textbooks in the average developing country. https://www.usenix.org/media/events/usenix07/tech/mp3/jepsen.mp3 https://www.usenix.org/events/usenix07/tech/slides/jepsen.pdf Fri, 12 Oct 2007 14:00:00 PST 3063 unix,linux,security,system,administration,conference,research,olpc,poor,digital,divide no Mary Lou Jepsen Mary Lou Jepsen One Laptop per Child Invited Talk from USENIX 2007 Q&A session following the One Laptop per Child talk. Q&A session following the One Laptop per Child talk. https://www.usenix.org/media/events/usenix07/tech/mp3/jepsen_qa.mp3 Fri, 12 Oct 2007 14:00:00 PST 2397 unix,linux,security,system,administration,conference,research,olpc,poor,digital,divide,qa no Ronald L. Rivest Ronald L. Rivest Viterbi Professor of Computer Science, Massachusetts Institute of Technology Keynote Address from NSDI 2007 While running an election sounds simple, it is in fact extremely challenging. Not only are there millions of voters to be authenticated and millions of votes to be carefully collected, counted, and stored, there are now millions of "voting machines" containing millions of lines of code to be evaluated for security vulnerabilities. Moreover, voting systems have a unique requirement: the voter must not be given a "receipt" that would allow them to prove how they voted to someone else—otherwise the voter could be coerced or bribed into voting a certain way. This lack of receipts makes the security of voting system much more challenging than, say, the security of banking systems (where receipts are the norm). While running an election sounds simple, it is in fact extremely challenging. Not only are there millions of voters to be authenticated and millions of votes to be carefully collected, counted, and stored, there are now millions of "voting machines" containing millions of lines of code to be evaluated for security vulnerabilities. Moreover, voting systems have a unique requirement: the voter must not be given a "receipt" that would allow them to prove how they voted to someone else—otherwise the voter could be coerced or bribed into voting a certain way. This lack of receipts makes the security of voting system much more challenging than, say, the security of banking systems (where receipts are the norm). https://www.usenix.org/media/events/nsdi07/tech/mp3/rivest.mp3 Fri, 12 Oct 2007 14:00:00 PST 4174 unix,linux,security,system,administration,conference,research,networking,bush,evoting,california,internet no Dawson Engler Dawson Engler Professor, Stanford University Invited Talk from FAST 2007 This talk describes several effective bug-finding tools we have developed, which exploit not-widely-understood techniques—implementation-level model checking and symbolic execution—focusing on the key intuitions and ideas behind them. This talk describes several effective bug-finding tools we have developed, which exploit not-widely-understood techniques—implementation-level model checking and symbolic execution—focusing on the key intuitions and ideas behind them. https://www.usenix.org/media/events/fast07/tech/mp3/engler.mp3 https://www.usenix.org/events/fast07/tech/slides/engler.pdf Fri, 12 Oct 2007 14:00:00 PST 3080 unix,linux,security,system,administration,conference,research,storage,hacking,disk no Steve Kleiman Steve Kleiman CTO, Network Appliance Invited Talk from FAST 2007 The explosive growth in stored data has made petabyte-scale storage infrastructures increasingly common. The scale, growth rate, and increases in regulations related to data storage have imposed a number of non-obvious burdens on data ownership. These trends are driving the need to reorganize the traditional application-centric storage architectures toward a more unified storage infrastructure with new data management paradigms. This reorganization will likely drive a vibrant storage market over the next ten years. The explosive growth in stored data has made petabyte-scale storage infrastructures increasingly common. The scale, growth rate, and increases in regulations related to data storage have imposed a number of non-obvious burdens on data ownership. These trends are driving the need to reorganize the traditional application-centric storage architectures toward a more unified storage infrastructure with new data management paradigms. This reorganization will likely drive a vibrant storage market over the next ten years. https://www.usenix.org/media/events/fast07/tech/mp3/kleiman.mp3 https://www.usenix.org/events/fast07/tech/slides/kleiman.pdf Fri, 12 Oct 2007 14:00:00 PST 2940 unix,linux,security,system,administration,conference,research,storage,large no