Security and Privacy Lunch

People interested in network security and privacy meet once a week over lunch break and watch videos related to security and privacy recorded at high-quality scientific conferences (IEEE Security and Privacy, ACM CCS, NSDI, USENIX Security, ACM SIGCOMM, ...). After the presentation, there will likely be a short discussion and brainstorming related to the presentation. This is a great way to spend your lunch break and keep pace with cutting edge security and privacy research. Watching and talking about scientific presentations often leads to interesting new ideas, possibly laying the foundation for your future thesis topic.

Organizational Information

  • Contact: Martin Henze
  • ECTS Credits: none (but you can get a certificate)
  • Audience: Anyone interested in security and privacy
  • Language: English
  • Registration: Please subscribe to our mailing list


  • Date: Thursdays, 12:30-13:15h (please follow the mailing list for announcements and last minute changes)
  • Place: COMSYS seminar room (Room 9007, Ground Floor, E3 Building)
  • First meeting: Thursday, October 12
  • Please bring your own lunch
  • Suggestions for videos are very welcome, please contact Martin Henze

Preliminary Schedule

Date Topic
2017-10-12 Securely Correcting Password Typos
pASSWORD tYPOS and How to Correct Them Securely (Rahul Chatterjee, Anish Athalye, Devdatta Akhawe, Ari Juels, Thomas Ristenpart @ IEEE S&P 2016)
2017-10-19 Dangers of Website-to-App Linking Schemes (in Room 9U10, basement of E3 building)
Measuring the Insecurity of Mobile Deep Links of Android (Fang Liu, Chun Wang, Andres Pico, Danfeng Yao, Gang Wang @ USENIX Security 2017)
2017-10-26 How Secure is the WWW? – A Browser Perspective
Measuring HTTPS Adoption on the Web (Adrienne Porter Felt, Richard Barnes, April King, Chris Palmer, Chris Bentzel, Parisa Tabriz @ USENIX Security 2017)
2017-11-02 Understanding the Mirai Botnet
Understanding the Mirai Botnet (Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, Yi Zhou @ USENIX Security 2017)
2017-11-09 Efficient Non-Equivocation via Bitcoin
Catena: Efficient Non-equivocation via Bitcoin (Alin Tomescu, Srinivas Devadas @ IEEE S&P 2017)
2017-11-16 DNSSEC in the Wild
A Longitudinal, End-to-End View of the DNSSEC Ecosystem (Taejoong Chung, Roland van Rijswijk-Deij, Balakrishnan Chandrasekaran, David Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, Christo Wilson @ USENIX Security 2017)
2017-11-23 Crowdsourcing of Privacy Permission Settings for Mobile Apps
To Permit or Not to Permit, That is the Usability Question: Crowdsourcing Mobile Apps' Privacy Permission Settings (Qatrunnada Ismail, Tousif Ahmed, Apu Kapadia, Michael Reiter @ PETS 2017)
2017-11-30 Low-Latency Anonymous Communication
The Loopix Anonymity System (Ania M. Piotrowska, Jamie Hayes, Tariq Elahi, Sebastian Meiser, George Danezis @ USENIX Security 2017)
2017-12-07 Defending Against Passive Website Fingerprinting Attacks
Walkie-Talkie: An Efficient Defense Against Passive Website Fingerprinting Attacks (Tao Wang, Ian Goldberg @ USENIX Security 2017)
2017-12-14 Cancelled - MAKI lecture
QUIC - A new Internet transport (Lars Eggert)
2017-12-21 Decentralized DNS for Tor Onion Services
The Onion Name System: Tor-powered Decentralized DNS for Tor Onion Services (Jesse Victors, Ming Li, Xinwen Fu @ PETS 2017)
2017-21-28 Cancelled - winter break
2018-01-04 Cancelled - winter break
2018-01-11 LIVE STREAM: Spectre and Meltdown: Data leaks during speculative execution (already starting at 11:45h)
Spectre and Meltdown: Data leaks during speculative execution (Jann Horn @ RealWorldCrypto 2018)
2018-01-18 A Scalable and Privacy-preserving Blockchain?
Mimblewimble and Scriptless Scripts (Andrew Poelstra @ RealWorldCrypto 2018)
2018-01-25 Cancelled - Chair retreat
2018-02-01 The Impact of Copy&Paste on Android Application Security
Stack Overflow Considered Harmful? - The Impact of Copy&Paste on Android Application Security (Felix Fischer, Konstantin Böttinger, Huang Xiao, Christian Stransky, Yasemin Acar, Michael Backes, Sascha Fahl @ IEEE S&P 2017)
2018-02-08 Cancelled - Fat Thursday
2018-02-15 Timing Attacks on Shared Event Loops in Web Browsers
Loophole: Timing Attacks on Shared Event Loops in Chrome (Pepe Vila, Boris Köpf @ USENIX Security 2017)
2018-02-22 The State of ZCash
ZCash: past, present and future (Ian Miers @ RealWorldCrypto 2018)
2018-03-01 Perils of Security-Oblivious Energy Management for Trusted Computing
CLKSCREW: Exposing the Perils of Security-Oblivious Energy Management (Adrian Tang, Simha Sethumadhavan, Salvatore Stolfo @ USENIX Security 2017)
2018-03-08 Securing Augmented Reality Output
Securing Augmented Reality Output (Kiron Lebeck, Kimberly Ruth, Tadayoshi Kohno, Franziska Roesner @ IEEE S&P 2017)
2018-03-15 Consequences of USB Sticks in the Wild
Users Really Do Plug in USB Drives They Find (Matthew Tischer, Zakir Durumeric, Sam Foster, Sunny Duan, Alec Mori, Elie Bursztein, Michael Bailey @ IEEE S&P 2016)
2018-03-22 Android's use of TLS
Removing Secrets from Android's TLS (Jaeho Lee, Dan S. Wallach @ NDSS 2018)
2018-03-29 Detecting and Explaining Incorrect Behavior in the Internet of Things
Fear and Logging in the Internet of Things (Qi Wang, Wajih Ul Hassan, Adam Bates, Carl Gunter @ NDSS 2018)


 Our security and privacy lunch continues in the summer semester.

- Impressum | Datenschutz -