Ethereum's Gasper consensus protocol typically requires 64 to 95 slots-the units of time during which a new chain extending the previous one by one block is proposed and voted-to finalize, even under ideal conditions with synchrony and honest validators. This exposes a significant portion of the blockchain to potential reorganizations during changes in network conditions, such as periods of asynchrony.

In this talk, I will introduce 3SF, a novel consensus protocol that addresses these limitations. With 3SF, finality is achieved within just three slots after a proposal, drastically reducing the exposure to reorganizations. This presentation will explore the motivation, design, and implications of 3SF, offering a new perspective on the future of Ethereum's consensus protocol.

Paper: https://arxiv.org/abs/2411.00558

Zoom link: https://cam-ac-uk.zoom.us/j/82398112798?pwd=vg2ZZm8mdSBW8A8mkkaMOOqSaFEgzw.1

Meeting ID: 823 9811 2798
Passcode: 784044

Dan Sexton is Chief Technology Officer at the Internet Watch Foundation, a not-for-profit whose vision is to create an internet free from child sexual abuse and is a safe place for children and adults to use around the world.

Zoom link:
https://cam-ac-uk.zoom.us/j/83115049986?pwd=6W5bzFb49HcCbWqz6HR3tRhpVxubTb.1

Online communities enable surveillance among <notextile>LGBTQ+</notextile> users despite being used as safe spaces where users can explore their identity free from most online harms. Coercion, doxxing, and public outing are all examples of privacy violations faced. These are experienced when users fail to conform to fellow community members’ expected language and expressions of gender identity and sexuality. Current moderation systems fail to capture this peer surveillance because of the complexity of language and unspoken rules involved. This talk will explore how surveillance is enabled as well as its effects on the censorship of gender identity/expression in online <notextile>LGBTQ+</notextile> communities.

Paper Link: https://discovery.ucl.ac.uk/id/eprint/10200690/

Zoom link:
https://cam-ac-uk.zoom.us/j/84128296595?pwd=WJoeK08vOkhNVzLyAqbwwuDYAonFQP.1

Meeting ID: 841 2829 6595
Passcode: 505923

In recent years, building and launching satellites has become considerably cheaper, making satellite systems more accessible to an expanding user base. This accessibility has led to a diverse array of applications—such as navigation, communications, and earth observation—that depend on satellites. However, hardware limitations and operational considerations often render cryptographic solutions impractical for these systems. Furthermore, the availability of low-cost software-defined radios has made signal capture, injection, and interference attacks more attainable for a wider range of potential attackers.

Therefore, mitigations must be developed for satellites that have already been launched without adequate protections in place. This talk introduces some of our research into how satellite systems are vulnerable, as well as ways to protect these systems.

Bio:
Simon Birnbach is a Senior Research Associate and a Royal Academy of Engineering UK IC Postdoctoral Research Fellow in the Systems Security Lab of Professor Ivan Martinovic in the Department of Computer Science at the University of Oxford. He specialises in the security of cyber-physical systems, with a focus on smart home, aviation, and aerospace security.

Zoom link:
https://cam-ac-uk.zoom.us/j/87594645761?pwd=qlkBblRXyjku3I3C3mnWcCZuidMP7B.1

Meeting ID: 875 9464 5761
Passcode: 648387

Common mitigation strategies to combat harmful speech online, such as reporting and blocking, are often insufficient as they are reactive, involve unethical human labour and impose censorship. This explores alternative counter strategies such as a quarantining tool and automated counterspeech generator. Quarantining online hate speech and disinformation like a computer virus gives power to the individual user, while a counterspeech generator is specifically designed to produce diverse counter responses to different forms of online harm. Both strategies can protect users from harm and significantly ease the burden of human counterspeakers. The talk will explore the benefits as well as current shortcomings of these strategies and discuss necessary further developments.

Join Zoom Meeting
https://cam-ac-uk.zoom.us/j/81329781369?pwd=a8JRkV6tb7LRQUL4Pa4UbxmHRcaXam.1

Meeting ID: 813 2978 1369
Passcode: 294250

Vulnerabilities are becoming more and more prevalent in scientific research. Researchers usually wish to publish their research and, before that, have the vulnerabilities acknowledged and fixed, contributing to a secure digital world. However, the vulnerability disclosure process is fraught with obstacles, and handling vulnerabilities is challenging as it involves several parties (vendors, companies, customers, and community). We want to shed light on the vulnerability disclosure process and develop guidelines and best practices, serving vulnerability researchers as well as the affected parties for better collaboration in disclosing and fixing vulnerabilities.

We collected more than 1900 research papers published at major scientific security conferences and analyzed how disclosures are reported, finding inconsistent reporting, as well as spotty acknowledgments and fixes by affected parties. We then conducted semi-structured interviews with 21 security researchers with a broad range of expertise who published their work at scientific security conferences and qualitatively analyzed the interviews.

We discovered that the main problem starts with even finding the proper contact to disclose. Bug bounty programs or general-purpose contact email addresses, often staffed by AI or untrained personnel, posed obstacles to timely and effective reporting of vulnerabilities.

Experiences with CERT (entities supposed to help notify affected parties and facilitate coordinated fixing of vulnerabilities) were inconsistent, some extremely positive, some disappointing. Our interviewees further talked about lawsuits and public accusations from the vendors, developers, colleagues, or even the research community. Successful disclosures often hinge on researcher experience and personal contacts, which poses personal and professional risks to newer researchers.

We're working on making our collected best practices and common pitfalls more widely known both to researchers and industry, for more cooperative disclosure experiences.

Zoom link: https://cam-ac-uk.zoom.us/j/89699287551?pwd=shaVGdAyVagZX2AvrVI9mazeKk8ssI.1

Meeting ID: 896 9928 7551
Passcode: 471680

Bio: Yasemin Acar (she/her) is a professor of computer science at Paderborn University, Germany, and a research assistant professor at The George Washington University. She focuses on human factors in computer security. Her research centers humans, their comprehension, behaviors, wishes and needs. She aims to better understand how software can enhance users’ lives without putting their data at risk. Her recent focus has been on human factors in secure development, investigating how to help software developers implement secure software development practices. Her research has shown that working with developers on these issues can resolve problems before they ever affect end users. Her research has won distinguished paper awards at IEEE Security and Privacy and USENIX Security, as well as a NSA best cyber security paper competition. Her web page: https://yaseminacar.de.

In our digitally interconnected world, cyberstalking has become a significant concern for online users worldwide. Young people have embraced new technologies for communication, making social media apps such as Facebook, X, Instagram, Snapchat and other platforms an integral part of their lives for communicating with each other. Young people utilise digital spaces to create new connections and even initiate, sustain, and carry out part of their intimate relationships online. Consequently, technology has provided opportunities to facilitate online monitoring of others due to the proficiency and ease with which information can be obtained.

The rise of digital technologies has given perpetrators new avenues and opportunities to target victims resulting in a rise of cyberstalking. However, little work to date has explored young people’s perceptions and experiences of cyberstalking. With research consistently revealing very few cyberstalking victims choose to report their experiences to the police. There is notable research gap regarding young people’s reasons not to report cyberstalking incidents.

Guided by the power differentials between police officers and young people. This research examines police officers use of authority to regulate and influence behaviour of young people. This paper will explore some of the key issues identified in the literature review, including prevalence and variations of cyberstalking among young people, experiences and barriers to reporting to the police and other agencies. It draws on insights from interviews with young cyberstalking victims and frontline response police officers. Preliminary findings from the voices of young people indicate age bias among police officers, resulting in misguided advise on cyberstalking incidents, leading to escalated risk and lack of support. The perspectives and experiences of young people emphasise the importance of lasting changes in attitudes, policies and practices. By tackling these, the research aims to contribute to improved victims support, inform policy and refine practices within the cyberstalking sector.