We participated in the IT Security Days of the HEIG-VD engineering school. If you followed our presentation and demos, cross site scripting would have no more secrets for you and you would know how to use it to steal a server’s /etc/passwd file.
The netobservatory.ch research project lead by the ICT institute of Ecole d’ingénieurs et d’architectes de Fribourg aims to provide concrete and verified images and statistics of the security of the Swiss Internet. The first report was published and presented during a press conference. We actively participate in this interesting project by collecting public data about the Swiss Internet.
Philippe Oechslin attended the hashdays conference organized by Defcon Switzerland in Luzern at the beginning of November. He gave a talk about tests we made on Extended Validation SSL certificates to determine how trustworthy they are. The slides of this talk named Testing the limits of EV certificates can be downloaded here.