Computing: Secure the Internet

  title={Computing: Secure the Internet},
  author={Ben Laurie and Cory Doctorow},
Software engineers must close the loophole used to intercept online communications, say Ben Laurie and Cory Doctorow. 
The Web's PKI: An Expository Review and Certificate Validation Cost Simulation
This paper offers an overview of PKIX, the model implementation for PKI that included a fundamental, openly defined, digital certificate, with discussion on modeling and simulation of costs associated with certificate validation, and some computational number theory.
Software Distribution Transparency and Auditability
This work proposes a transparency system for software updates and implements it for a widely deployed Linux package manager, namely APT, and introduces tree root cross logging, where the log's Merkle tree root is submitted into a separately operated log server.
Rigorous statistical analysis of HTTPS reachability
More than three million measurements provide statistically significant evidence of degradation, and various factors are shown to influence the problem, ranging from the client's browser, to the locale from which they connect.
DNS/DANE Collision-Based Distributed and Dynamic Authentication for Microservices in IoT †
This article proposes a solution that modifies the DNSSEC/DANE signature mechanism using chameleon signatures and defining a new soft delegation scheme that allows performing changes in a constrained zone without affecting normal DNS operation.
Don’t Stop at the Top: Using Certificate Transparency Logs to Extend Domain Lists for Web Security Studies
This work proposes Certificate Transparency (CT) logs as an alternative domain list source for use in internet measurement studies and describes the process of deriving a domain list from available CT log servers and analyzes the gathered domain list.
Effective Cyber Security Strategies for Small Businesses
The study findings indicated that the SME owners’ successful cyber security strategies might serve as a foundational guide for others to assess and mitigate cyber threat vulnerabilities.
Rasch analysis of HTTPS reachability
More than three million measurements provide statistically significant evidence of degradation and are shown through statistical techniques, in particular Rasch analysis, which shows that various factors influence the problem ranging from the client’s browser, to their locale.
Accept the Risk and Continue: Measuring the Long Tail of Government https Adoption
An overall lower https rate and a steeper dropoff with descending popularity among government sites compared to the commercial websites are observed & recommendations to improve the usage of https in governments worldwide are provided.