Home
Use our global calendar of privacy events to locate an event near you.
FILTER BY
picoCTF – a free, online computer security competition for students grades 6-12 – is coming March 31, 2017! The game is designed for total beginners *and* experts alike, and over 30,000 people have already played. Students can pre-register today on our website (https://picoctf.com/). Please take a moment to watch our orientation video (https://picoctf.com/about).
Overview
picoCTF is a computer security competition open to students grades 6-12. The competition is a series of challenges where students must reverse engineer, break, hack, decrypt, or do whatever it takes to solve the problem. The competition is open from March 31st to April 14th, 2017. Everything is exclusively on the Internet and completely free. Registration will not close until the end of the competition, and there is no penalty for registering later.
Eligibility
Anyone can play, but only eligible individuals will be able to win and receive prizes. An individual is eligible if they are attending a school in the United States and are a 6th to 12th grade student.
Prizes
We have received over $30,000 for prizes this year! Specific amounts cannot be announced at this time as we are finalizing funding with our sponsors.
Competing
Once the competition begins, participants will be able to log into picoctf.com using the username and password provided at registration. If participants have forgotten their username or password, a reset function will be available once competition opens.
Organization
To accommodate the diverse backgrounds participating in picoCTF, the competition is organized into four levels each significantly more difficult than the last. Level 1 is targeted at students with no programming experience but apt at using a computer. Level 2 is for students with introductory programming experience, perhaps in languages such as Visual Basic or Alice. Level 3 targets AP Computer Science students with a stronger background in programming. Level 4 features a diverse set of problems ranging from difficult to mind-bogglingly difficult.
Levels
A team need not solve every challenge in a level before unlocking the next level. The problems in each level have been designed such that a new level can be unlocked even while avoiding entire categories (e.g. cryptography).
Playing the Game
Similar to the preview, competition challenges will be presented in the context of a story-driven game. The *game* requires a modern web browser and a reasonably powerful computer to play. Each challenge is worth a fixed number of points. A competitor earns the respective number of points regardless of the progress of other teams. Scores are calculated independent of time, but time will be used as a tie breaker.
Hints and Lectures
Some problems have associated hints. Hints can contain text, links, and even entire video lectures relevant to solving the problem.
Restrictions
While there are no limitations on the resources or tools that you can use, only students can solve challenges. Others can only facilitate in solving problems (e.g. helping setup tools and providing resources). Additionally, competitors may not interfere with the progress of other competitors or the competition infrastructure. Breaking any of these rules will result in disqualification and notification of the affiliated school.
Sponsors
We would like to thank our diamond sponsor, Cognizant, for helping make picoCTF possible.
Contact
Any questions should be directed to [email protected]. Or, if it’s easier, you can chat with us on Twitter or Facebook.
HoTSoS is a research event centered on the Science of Security, which aims to address the fundamental problems of security in a principled manner.
The 2017 HoTSoS event, scheduled for April 4-5, 2017 in Hanover, Maryland, will bring together researchers from diverse disciplines to promote advancement of work related to the science of security. The conference will feature a mix of invited talks, panels, tutorials, and refereed papers to be published by ACM.
The Science of Security (SoS) emphasizes the advancement of research methods as well as the development of new research results. This dual focus is intended to improve both the confidence we gain from scientific results and also the capacity and efficiency through which we address increasingly technical problems.
The National Privacy & Data Governance Congress takes a refreshingly practical approach to explore leading issues at the crossroads of privacy, security, law and technology. Speakers focus on practical solutions and examples, and real-life case studies — rather than relying on theoretical models, or reciting statistical and performance data that’s publicly available elsewhere. Breakouts and plenary sessions are longer than at most conferences, and formal presentations are shorter — and that gives you time to ask questions and get real, unscripted answers. The Congress is much more than plenary sessions and workshops. It is a meeting place where delegates and speakers have the chance to reconnect with colleagues from public and private institutions, federal, provincial and territorial governments, industry, academia and regulatory authorities — to make new connections, share ideas, and enhance individual skills. Network with privacy, security, compliance and data governance professionals from industry and government. Enjoy workshop, breakout, keynote and plenary sessions. And get a clearer view of how privacy, security, law and technology intersect and why that matters to you and your organization. You will receive solid content and be spared from listening to vendor pitches. After all, you’re attending to learn, and we don’t think there’s good value in thinly-veiled sales pitches. But we do think that delegates and speakers who attend the Congress should be able to attend the entire Congress. That’s why all workshops, meals, plenary and breakout sessions are included in the conference registration fee. Read More at www.pacc-ccap.ca/congress.
Call for Team Participation
Dates: April 5-7, 2017
Times: 5 p.m. 4/5/17 to 4 p.m. 4/7/17
Location: April 5th & 6th -TBA, April 7th -Friend Center Convocation Room, Princeton University
Princeton University’s Center for Information Technology Policy (CITP), in collaboration with the Center for Digital Humanities, is hosting a workshop that explores the security and privacy concerns that arise from Internet-connected devices in smart homes and cities.
We solicit teams of computer scientists, engineers, designers, artists, legal scholars, and social theorists to come together and design systems that can provide users with more visibility into and control over the behavior of the devices that they connect to their networks, ultimately giving people more agency over these devices. Existing efforts to improve IoT privacy and security have begun to explore ways to visualize and control data flows from these devices, but many of these designs could be informed by insights from architects, designers, and sociologists as well as critical theories of design. The workshop plans to bring people together from these diverse knowledge bases to enrich and enhance existing approaches to security and privacy in smart homes and cities.
The designs developed at the workshop may have different goals. For example, in a smart home with multiple inhabitants, participants may develop designs that improve security or privacy in ways that incorporate a variety of living arrangements and user interests. Another design goal might be to allow communities to seamlessly communicate with manufacturers about privacy and security issues that they discover.
We are inviting teams of 3-5 people to come to Princeton University for the workshop. Each team will provide an analysis of a security or privacy concern related to smart homes or cities and develop an intervention to address that concern.
Teams may choose a device (or devices) to work with ahead of time, or make use of a set of devices that will be made available at the workshop. To facilitate prototyping and design, we will provide a Raspberry Pi-based system that inspects traffic on a network and provides users with rudimentary capabilities for visualizing and controlling traffic flows on that network. All teams will be asked to document their activities after the workshop in a short report. Teams may wish to use the workshop as a starting point to participate in the FTC’s “IoT Home Inspector Challenge.”
Potential teams should submit an application that includes:
- a short statement of interest describing questions and methods you plan to bring to the workshop, as well as a brief description of a possible intervention you would design.
- a list of team members (3-5 per team), including short biographies of each member.
We encourage teams whose members span a broad range of backgrounds, possibly spanning fields including computer science, design, urban studies, arts, and architecture.
Costs and Travel Support:
There is no registration fee for the workshop. We have limited funds to support three external teams with a budget of up to $1,000, and a total budget of $3,000 to offer honorarium to independent artists and designers that participate in the workshop. If you are in need of funding for participation, we kindly ask you to indicate this in your application with a short justification.
Important Dates:
- Applications due: February 24, 2017
- Decisions on applications: March 3, 2017
More About The Workshop:
- Applications for team participants for the three-day event can be submitted here
- A separate event webpage will be availabe soon for people who would like to attend the public portion of the workshop on Friday, April 7, 2017. This portion will be held in the Friend Center Convocation Room on the Princeton University campus. A link will be provided for attendees (not participants) to RSVP at a later date.
This workshop is part of the CITP Project Agonistic Algorithms put together by Carl DiSalvo (Georgia Tech), Nick Feamster (Princeton University), Seda Gurses (Princeton University, Leuven), and Janet Vertesi (Princeton University) and is produced in collaboration with the Center for Digital Humanities. The workshop is part of an ongoing effort to explore how theories of agonistic pluralism—which champions a diversity of perspectives, affect, and contestation as foundational to democratic politics—might be brought to bear on computational media and systems design. Adversarial design refers to such practice and, in the context of this workshop, its combination with adversarial modeling in computer science privacy and security research.
For further questions, please email [email protected]
The successful deployment of smart grids is predicated on the ability
to guarantee their security. Such a requirement is of paramount
importance since electrical grids are essential to several components
of the critical infrastructure. Recent cyber security incidents and
security research studies demonstrate that electrical grids could be
subjected to disrupting attacks that might lead to severe security and
economic consequences, and even to the endangerment and loss of human
lives. In this talk, we will first present the ongoing activities of
our research program on smart grid security. We will then, present
some of our recent research contributions in terms of the detection
and the mitigation of delay attacks on time synchronization. In
addition, we will discuss our recent ongoing research on security
metrics for the smart grid.
———————
For over thirty years has the ACM Symposium on Applied Computing been a primary gathering forum for applied computer scientists, computer engineers, software engineers, and application developers from around the world. SAC 2018 is sponsored by the ACM Special Interest Group on Applied Computing (SIGAPP www.acm.org/sigapp). Its proceedings are published by ACM; they are also available on the web through the ACM Digital Library www.acm.org/dl. More information about SAC 2018 can be found at www.sigapp.org/sac/sac2018/
The Privacy by Design in Pract
——————————
The aim of this track is to promote research on privacy-preserving technologies to be used in practice. “Privacy by Design” is a requirement in the new EU data protection regulation, which will be applied in the EU countries from May 2018. Thus, privacy needs to be considered by engineers from the beginning and built in to newly developed systems properly.
The track seeks submissions from academia, industry and public authorities (e.g. data protection agencies) presenting novel research on how to implement Privacy by Design i
Topics of the track include, but are not limited to:
– Privacy Engineering
– Privacy-enhancing Technologies
– Anonymization and Pseudonymization
– Privacy in the Internet of Things (e.g. Smart Home, Smart City, Connected Cars, Smart TV, Smart Grid, etc.)
– Privacy and Quantified Self
– Privacy Laws and their impacts on technology
– Conflict between Privacy and Security
Important Dates
———————-
September 15, 2017: Submission of regular papers and SRC research abstracts
November 10, 2017: Notification of paper and SRC acceptance/rejection
November 25, 2017: Camera-ready copies of accepted papers/SRC
December 10, 2017: Author registration due date
April 9 – 13, 2018: SAC 2018 in Pau, France
Track Program Chairs
—————————–
– Ronald Petrlic, Commissioner for Data Protection Baden-Württemberg
– Christoph Sorge, CISPA, Saarland University
Program Committee
—————————-
Claude Castelluccia, INRIA France
Tooska Dargahi, University of Rome Tor Vergata, Italy
Martin Degeling, CMU USA
Isao Echizen, National Institute of Informatics, Japan
Felix Gomez Marmol, Universidad de Murcia, Spain
Bart Knijnenburg, Clemson University, USA
Sebastian Pape, Goethe University Frankfurt, Germany
Andreas Reiter, TU Graz, Austria
Burkhard Schafer, University of Edinburgh, GB
Francesc Sebe Feixas, University of Lleida, Spain
Dirk Westhoff, University of Applied Sciences Offenburg, Germany
Submission Guidelines
——————————
The submission guidelines must be strictly followed for a paper to be considered.
Original papers from the above mentioned or other related areas will be considered. Only full papers about original and unpublished research are sought. Parallel submission to other conferences or other tracks of SAC 2018 is forbidden. Each paper must be BLIND in the sense that it must only include its title but not mention anything about its authors. Self-citation must be in third person, such as “Smith et al. [citation] showed…”. All submissions must be formatted using the ACM conference-specific LaTeX style, which can be obtained from the symposium web page. All papers must be submitted by the deadline stated above.
Papers must be submitted through the symposium-wide paper management system for SAC 2018 athttps://www.softconf.com/h/s
Review and publication of accepted papers
——————————
Each paper will be fully refereed and undergo a blind review process by at least three referees. Accepted papers will be published in the ACM SAC 2018 proceedings. Some papers may only be accepted as poster papers, and will be published as extended abstracts in the proceedings.
Student research abstract competition
——————————
Graduate students are invited to submit research abstracts at www.softconf.com/h/sac-src2
More information can be found at: www.legalinf.de/pbd2018
On 10 January 2017 the Commission has presented a proposal for a Regulation concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC) (ePrivacy Regulation).
The ePrivacy Directive (2002/58/EC) set forth rules guaranteeing the protection of privacy in the electronic communications sector. It aimed to ensure that the protection of confidentiality of communications, in line with the fundamental right to the respect of private and family life enshrined in Article 7 of the EU Charter of Fundamental Rights, is guaranteed.
The proposed ePrivacy Regulation takes account of the important technological and economic developments in the electronic communication sector since the adoption of the ePrivacy Directive in 2002, where new services of interpersonal communications coexist in parallel with traditional communication services and presenting a similar impact on the privacy and the protection of personal data of individuals. These new services were not submitted to the protections of private life and data processing set out in Directive 2002/58 resulting therefore in a void of protection.
The proposal expands its scope to cover the new forms of electronic communications and ensure the same level of protection of individuals regardless the communication service used. It also update the current rules on the e-Privacy Directive 2002/58/EC to align with the new EU data protection legal framework established by the General Data Protection Regulation (EU) 2016/679. It takes account of experience gained over the years regarding cookies and other tools enabling tracking of individuals and seriously impacting on the private life and confidentiality of communications. Finally, it takes stock of the recent case law of the Court of Justice.
Similarly to the articulation between the ePrivacy Directive 2002/58/EC and the Directive 95/46/EC, the proposed ePrivacy Regulation particularises and complements the General Data Protection Regulation 2016/679. The rules of the ePrivacy Regulation should not lower the level of protection afforded by the General Data Protection Regulation.
The proposal would increase trust and security of digital services contributing to the achievement of the Digital Single Market Strategy.
This hearing addresses different elements of the new proposal in order to provide the European Parliament with the views of the main actors involved: telecommunications sector, new communication services provides (OTT), consumers, NGOs, professors, data protection authorities so as to obtain a broad and representative picture in view of the preparation of the LIBE Committee legislative report.
| Join the Program on Data and Governance on Tuesday, April 11, 2017, for a “Data Points: Ideas on Data, Law and Society” lecture series event featuring Dr. Lorrie Cranor, former chief technologist for the Federal Trade Commission and professor of computer science and engineering and public policy at Carnegie Mellon University. Dr. Cranor will deliver a talk on “Adventures in Usable Privacy and Security: From Empirical Studies to Public Policy.”
Why are usability studies important for security and privacy? How can researchers put study participants in realistic risky situations without actually putting them at risk? Why might it be counterproductive to mandate frequent password changes? And how are identity thieves able to hijack mobile phone accounts? Dr. Cranor will discuss the answers to these and other questions she has been exploring since she started her work as an academic usable security researcher and while she served as chief technologist at the FTC. |
