1
0
This repository has been archived on 2023-09-01. You can view files and clone it, but cannot push or open issues or pull requests.
masters-thesis/tex/references.bib

517 lines
18 KiB
BibTeX
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

% =========================================================================== %
@misc{tls13rfc8446,
series = {Request for Comments},
number = 8446,
howpublished = {RFC 8446},
publisher = {RFC Editor},
doi = {10.17487/RFC8446},
author = {Eric Rescorla},
title = {{The Transport Layer Security (TLS) Protocol Version 1.3}},
pagetotal = 160,
year = 2018,
month = aug,
abstract = {This document specifies version 1.3 of the Transport Layer Security (TLS) protocol. TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery. This document updates RFCs 5705 and 6066, and obsoletes RFCs 5077, 5246, and 6961. This document also specifies new requirements for TLS 1.2 implementations.},
note = {{Also available from: \url{https://www.rfc-editor.org/info/rfc8446}.}},
}
@misc{pgauthmethods,
howpublished = {[online]},
title = {{Postgres 15 Authentication Methods}},
author = {{The PostgreSQL Global Development Group}},
year = 2023,
note = {{Available from: \url{https://www.postgresql.org/docs/15/auth-methods.html} [viewed 2023-05-17]}},
}
@misc{goscramsha256,
howpublished = {[online]},
title = {{Password-encryption tool for PostgreSQL with SCRAM-SHA-256}},
author = {{Taishi Kasuga}},
year = 2023,
note={{Available from: \url{https://github.com/supercaracal/scram-sha-256}. [viewed 2023-05-17]}},
}
@misc{scramsha256rfc7677,
series = {Request for Comments},
number = 7677,
howpublished = {RFC 7677},
publisher = {RFC Editor},
doi = {10.17487/RFC7677},
author = {Tony Hansen},
title = {{SCRAM-SHA-256 and SCRAM-SHA-256-PLUS Simple Authentication and Security Layer (SASL) Mechanisms}},
pagetotal = 8,
year = 2015,
month = nov,
abstract = {This document registers the Simple Authentication and Security Layer (SASL) mechanisms SCRAM-SHA-256 and SCRAM-SHA-256-PLUS, provides guidance for secure implementation of the original SCRAM-SHA-1-PLUS mechanism, and updates the SCRAM registration procedures of RFC 5802.},
note = {{Also available from \url{https://www.rfc-editor.org/info/rfc7677}}},
}
@misc{nixoslearn,
howpublished = {[online]},
title = {{How Nix Works}},
author = {{NixOS Contributors}},
year = 2023,
url = {},
note={{Available from: \url{https://nixos.org/guides/how-nix-works.html}. [viewed 2023-05-17]}},
}
@misc{nixlang,
howpublished = {[online], Nix Reference Manual},
title = {{Nix Language}},
author = {{NixOS Contributors}},
year = 2023,
note={{Available from: \url{https://nixos.org/manual/nix/stable/language/index.html}. [viewed 2023-05-17]}},
}
@misc{dhalllang,
howpublished = {[online]},
title = {{Dhall Configuration Language}},
author = {{The Dhall Language Contributors}},
year = 2017,
note={{Available from: \url{https://dhall-lang.org}. [viewed 2023-05-17]}},
}
@misc{dhallprelude,
howpublished = {[online]},
title = {{Prelude-v23.0.0}},
author = {{The Dhall Language Contributors}},
year = 2023,
note={{Available from: \url{https://store.dhall-lang.org/Prelude-v23.0.0/}. [viewed 2023-05-24]}},
}
@misc{dhallnorm,
howpublished = {[online]},
title = {{Safety Guarantees}},
author = {{The Dhall Language Contributors}},
year = 2023,
note={{Available from: \url{https://docs.dhall-lang.org/discussions/Safety-guarantees.html?highlight=normalization}. [viewed 2023-05-18]}},
}
@inproceedings{plan9namespaces,
title = {{The Use of Name Spaces in Plan 9}},
author = {Rob Pike and Dave Presotto and Ken Thompson and Howard Trickey and Phil Winterbottom},
booktitle = {Proceedings of the 5th ACM SIGOPS European Workshop},
number = {Paper n. 34},
address = {Mont Saint-Michel},
year = 1992,
note={{Also available from: \url{https://plan9.io/sys/doc/names.pdf}. [viewed 2023-05-17]}},
}
@misc{ocicontainers,
howpublished = {[online]},
title = {Open Container Initiative},
author = {{The Linux Foundation}},
year = 2023,
note={{Available from: \url{https://opencontainers.org/}. [viewed 2023-05-17]}}
}
@misc{freebsdjails,
howpublished = {[online], FreeBSD Documentation Portal},
title = {{Chapter 16. Jails}},
author = {{The FreeBSD Project}},
year = 2023,
note={{Available from: \url{https://docs.freebsd.org/en/books/handbook/jails/}. [viewed 2023-05-17]}},
}
@misc{xdgbasedirspec,
howpublished = {[online]},
title = {XDG Base Directory Specification},
author = {Waldo Bastian and Allison Karlitskaya and Lennart Poettering and Johannes Löthberg},
year = 2021,
month = may,
note={{Available from: \url{https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html}. [viewed 2023-05-17]}}
}
@misc{fsfgnulinux,
howpublished = {[online]},
title = {Linux and the GNU System},
author = {Richard Stallman},
year = 2021,
month = nov,
note={{Available from: \url{https://www.gnu.org/gnu/linux-and-gnu.html}. [viewed 2023-05-17]}}
}
@misc{linux,
howpublished = {[online]},
title = {Linux from FOLDOC},
author = {Denis Howe},
year = 2000,
note={{Available from: \url{https://foldoc.org/linux}. [viewed 2023-05-17]}}
}
@misc{linuxnamespaces,
howpublished = {Linux manual page [online]},
title = {{namespaces(7)}},
author = {Andries Brouwer and Michael Kerrisk and Alejandro Colomar and Štěpán Němec and Michael Weiß and Bjarni Ingi Gislason and Tobias Klauser and Jakub Wilk and Kirill Tkhai and Serge E. Hallyn and Mike Frysinger and Wieland Hoffmann and Radostin Stoyanov},
year = 2021,
month = aug,
note={{Available from: \url{https://man7.org/linux/man-pages/man7/namespaces.7.html}. [viewed 2023-05-17]}}
}
@misc{ytdl,
howpublished = {[online]},
title = {{GitHub Reinstates youtube-dl After RIAA's Abuse of the DMCA}},
author = {Elliot Harmon and Mitch Stoltz},
publisher = {Electronic Frontier Foundation},
year = 2020,
month = nov,
note={{Available from: \url{https://www.eff.org/deeplinks/2020/11/github-reinstates-youtube-dl-after-riaas-abuse-dmca}. [viewed 2023-05-24]}},
}
@misc{agwagitssh,
howpublished = {[online]},
title = {It's Now Possible To Sign Arbitrary Data With Your SSH Keys},
author = {Andrew Ayer},
year = 2021,
month = nov,
note={{Available from: \url{https://www.agwa.name/blog/post/ssh_signatures}. [viewed 2023-05-17]}}
}
@misc{age,
howpublished = {[online]},
title = {A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.},
author = {Filippo Valsorda and Ben Cox and \texttt{age} contributors},
year = 2021,
note={{Available from: \url{https://github.com/FiloSottile/age}. [viewed 2023-05-23]}}
}
@misc{x25519rfc7748,
series = {Request for Comments},
number = 7748,
howpublished = {RFC 7748},
publisher = {RFC Editor},
doi = {10.17487/RFC7748},
author = {Adam Langley and Mike Hamburg and Sean Turner},
title = {{Elliptic Curves for Security}},
pagetotal = 22,
year = 2016,
month = jan,
abstract = {This memo specifies two elliptic curves over prime fields that offer a high level of practical security in cryptographic applications, including Transport Layer Security (TLS). These curves are intended to operate at the \textasciitilde{}128-bit and \textasciitilde{}224-bit security level, respectively, and are generated deterministically based on a list of required properties.},
note = {{Also available from \url{https://www.rfc-editor.org/info/rfc7748}}},
}
@misc{lime,
author = {{Digital Forensics \& Computer Security Research}},
title = "{LiME - Linux Memory Extractor}",
publisher = "GitHub",
howpublished = {[online]},
year = "2007",
note={{Available from: \url{https://github.com/504ensicsLabs/LiME}. [viewed 2023-05-23]}},
}
@misc{wwwf,
howpublished = {[online]},
title = {History of the Web},
author = {{World Wide Web Foundation}},
year = 2021,
note={{Available from: \url{https://webfoundation.org/about/vision/history-of-the-web/}. [viewed 2023-05-23]}}
}
@misc{ddvweb,
howpublished = {[online]},
title = {What is this Gemini thing anyway, and why am I excited about it?},
author = {{Drew DeVault}},
year = 2020,
month = nov,
note={{Available from: \url{https://drewdevault.com/2020/11/01/What-is-Gemini-anyway.html}. [viewed 2023-05-23]}}
}
@misc{gemini,
howpublished = {[online]},
title = {Project Gemini},
author = {Solderpunk and Sean Conner and {{The Gemini Contributors}}},
year = 2019,
note={{Available from: \url{https://gemini.circumlunar.space/} and over Gemini from: \url{gemini://gemini.circumlunar.space/} [viewed 2023-05-23]}}
}
@misc{geminispec,
howpublished = {[online]},
title = {Speculative Specification},
author = {Solderpunk and Sean Conner and {{The Gemini Contributors}}},
year = 2019,
note={{Available from: \url{https://gemini.circumlunar.space/docs/specification.gmi} and over Gemini from: \url{gemini://gemini.circumlunar.space/docs/specification.gmi} [viewed 2023-05-23]}}
}
@misc{chromiumrootdns,
howpublished = {[online]},
title = {This well-intentioned Chrome feature is causing serious problems},
author = {Anthony Spadafora},
year = 2020,
month = aug,
note={{Available from: \url{https://www.techradar.com/news/this-well-intentioned-chrome-feature-is-causing-serious-problems} [viewed 2023-05-23]}}
}
@inbook{fortuna,
title={{Practical Cryptography}},
author={Niels Fergusson and Bruce Schneier},
publisher={John Wiley \& Sons},
address={Indianapolis, Indiana},
isbn={{978-0-471-22357-3}},
chapter={{10: Generating Randomness}},
pages={{137-161}},
year=2003,
note={{Also available from: \url{https://www.schneier.com/wp-content/uploads/2015/12/fortuna.pdf} [viewed 2023-05-24]}}
}
@misc{mcmillan,
howpublished = {[online]},
author = {Robert McMillan},
publisher = {Wired},
year = 2012,
month = jan,
day = 27,
title = {{The World's First Computer Password? It Was Useless Too}},
note={{Available from: \url{https://www.wired.com/2012/01/computer-password/} [viewed 2023-05-24]}}
}
@misc{nisthistory,
author = {{National Institute of Standards and Technology}},
publisher = {NIST},
title = {Passphrase},
howpublished = {[online]},
note={{Available from: \url{https://csrc.nist.gov/glossary/term/Passphrase} [viewed 2023-05-24]}}
}
@misc{speakeasy,
publisher = {Legends of America},
author = {Kathy Alexander},
title = {{Speakeasies of the Prohibition Era}},
year = 2022,
month = dec,
howpublished = {[online]},
note={{Available from: \url{https://www.legendsofamerica.com/ah-prohibitionspeakeasy/} [viewed 2023-05-24]}}
}
@misc{asciirfc20,
series = {Request for Comments},
number = 20,
howpublished = {RFC 20},
publisher = {RFC Editor},
doi = {10.17487/RFC0020},
author = {Vint Cerf},
title = {{ASCII format for network interchange}},
pagetotal = 9,
year = 1969,
month = oct,
note = {{Also available from \url{https://www.rfc-editor.org/info/rfc20}}},
}
@techreport{iso10646,
type = {Standard},
key = {ISO/IEC 10646:2020},
author = {{ISO/IEC 10646:2020}},
year = {2020},
title = {{Information technology -- Universal Coded Character Set (UCS)}},
address = {Geneva, CH},
institution = {International Organization for Standardization}
}
@misc{larsklint,
author = {{Lars Klint}},
publisher = {Twitter},
year = 2016,
month = {{June}},
day = 30,
title = {{Excuse me @EtihadAirways, why do you insist on making my passwords worse?}},
howpublished = {[online]},
note={{Available from: \url{https://twitter.com/larsklint/status/748615185762484224} [viewed 2023-05-24]}}
}
@misc{etihad,
author = {{Etihad Airways}},
publisher = {Twitter},
year = 2016,
month = {{June}},
day = 30,
title = {Reply to Lars Klint},
howpublished = {[online]},
note={{Available from: \url{https://twitter.com/EtihadAirways/status/748626413306150912} [viewed 2023-05-24]}}
}
@misc{forbiddencharacters,
author = {{Nick Heer}},
publisher = {Twitter},
year = 2017,
month = jul,
day = 18,
title = {{This does not give me confidence in your password security, @YourAlberta. (cc. @troyhunt)}},
howpublished = {[online]},
note={{Available from: \url{https://twitter.com/nickheer/status/887196833872658432} [viewed 2023-05-24]}}
}
@misc{ncsc,
author = {{National Cyber Security Centre}},
year = 2018,
month = nov,
day = 18,
title = {{Password policy: updating your approach}},
howpublished = {[online]},
note={{Available from: \url{https://twitter.com/nickheer/status/887196833872658432} [viewed 2023-05-24]}}
}
@book{seriouscryptography,
author = {{Jean-Philippe Aumasson}},
title = {Serious Cryptography},
publisher = {No Starch Press},
year = 2017,
isbn = {978-1593278267},
}
@misc{owasptop10,
author = {{The Open Worldwide Application Security Project}},
year = 2021,
title = {{OWASP Top 10:2021}},
howpublished = {[online]},
note={{Available from: \url{https://owasp.org/Top10/} [viewed 2023-05-24]}}
}
@inproceedings{longliveCSP,
title = {{CSP Is Dead, Long Live CSP! On the Insecurity of Whitelists and the Future of Content Security Policy}},
author = {Lukas Weichselbaum and Michele Spagnuolo and Artur Janc and Sebastian Lekies},
booktitle = {Proceedings of the 5th ACM SIGSAC Conference on Computer and Communications Security (CCS '16)},
address = {New York, NY, USA},
doi = {10.1145/297674},
isbn = {978-1-4503-4139-4/16},
pages = {1376-1387},
year = 2016,
}
@inproceedings{reininginCSP,
title = {{Reining in the Web with Content Security Policy}},
author = {Sid Stamm and Brandon Sterne and Gervase Markham},
booktitle = {Proceedings of the 19th International Conference on World Wide Web},
address = {Raleigh, North Carolina, USA},
isbn = {978-1-60558-799},
pages = {921-930},
year = 2010,
}
@misc{siteisolation,
author = {{The Chromium Projects}},
year = 2023,
title = {{Chromium Security -- Site Isolation}},
howpublished = {[online]},
note={{Available from: \url{https://www.chromium.org/Home/chromium-security/site-isolation/} [viewed 2023-05-24]}}
}
@misc{projectfission,
author = {{Anny Gakhokidze}},
year = 2021,
month = may,
title = {{Introducing Firefoxs new Site Isolation Security Architecture}},
howpublished = {[online]},
note={{Available from: \url{https://hacks.mozilla.org/2021/05/introducing-firefox-new-site-isolation-security-architecture/} [viewed 2023-05-24]}}
}
@misc{podmanNet,
author = {{Brent Baude}},
year = 2019,
month = may,
title = {{Podman: Managing pods and containers in a local container runtime}},
howpublished = {[online]},
note={{Available from: \url{https://developers.redhat.com/blog/2019/01/15/podman-managing-containers-pods} [viewed 2023-07-24]}}
}
@misc{hibpBillingChanges,
author = {{Troy Hunt}},
year = 2022,
title = {{The Have I Been Pwned API Now Has Different Rate Limits and Annual Billing}},
howpublished = {[online]},
note={{Available from: \url{https://www.troyhunt.com/the-have-i-been-pwned-api-now-has-different-rate-limits-and-annual-billing/} [viewed 2023-08-15]}}
}
@misc{blake3,
author = {Jack O'Connor and Jean-Philippe Aumasson and Samuel Neves and Zooko Wilcox-O-Hearn},
year = 2021,
title = {{BLAKE3 - one function, fast everywhere}},
subtitle = {{one function, fast everywhere}},
howpublished = {[online]},
note={{Available from: \url{https://raw.githubusercontent.com/BLAKE3-team/BLAKE3-specs/master/blake3.pdf} [viewed 2023-08-14]}}
}
@misc{megatron,
author = {m3g9tr0n},
year = 2012,
publisher ={Thireus},
title = {{Cracking Story - How I Cracked Over 122 Million SHA1 and MD5 Hashed Passwords}},
howpublished = {[online]},
note={{Available from: \url{https://blog.thireus.com/cracking-story-how-i-cracked-over-122-million-sha1-and-md5-hashed-passwords/} [viewed 2023-08-13]}}
}
@misc{linkedin1,
author = {Chris Velazco},
year = 2012,
monnt = {{June}},
title = {{6.5 Million LinkedIn Passwords Reportedly Leaked, LinkedIn Is “Looking Into” It}},
howpublished = {[online]},
note={{Available from: \url{https://techcrunch.com/2012/06/06/6-5-million-linkedin-passwords-reportedly-leaked-linkedin-is-looking-into-it/} [viewed 2023-08-13]}}
}
@misc{linkedin2,
author = {Sarah Perez},
year = 2016,
month = may,
title = {{117 million LinkedIn emails and passwords from a 2012 hack just got posted online}},
howpublished = {[online]},
note={{Available from: \url{https://techcrunch.com/2016/05/18/117-million-linkedin-emails-and-passwords-from-a-2012-hack-just-got-posted-online/} [viewed 2023-08-13]}}
}
@misc{plaintextpasswds1,
author = {Dan Goodin},
year = 2015,
publisher = {ArsTechnica},
title = {{13 million plaintext passwords belonging to webhost users leaked online}},
howpublished = {[online]},
note={{Available from: \url{https://arstechnica.com/information-technology/2015/10/13-million-plaintext-passwords-belonging-to-webhost-users-leaked-online/} [viewed 2023-08-13]}}
}
@misc{plaintextpasswds2,
author = {Forcepoint},
year = 2011,
month = dec,
title = {{Chinese Internet Suffers the Most Serious User Data Leak in History}},
howpublished = {[online]},
note={{Available from: \url{https://www.forcepoint.com/blog/x-labs/chinese-internet-suffers-most-serious-user-data-leak-history} [viewed 2023-08-13]}}
}
@misc{plaintextpasswds3,
author = {Dan Goodin},
year = 2016,
month = sep,
title = {{6.6 million plaintext passwords exposed as site gets hacked to the bone}},
howpublished = {[online]},
note={{Available from: \url{https:
//arstechnica.com/information-technology/2016/09/plaintext-passwords-
and-wealth-of-other-data-for-6-6-million-people-go-public/} [viewed 2023-08-13]}}
}
@misc{rockyou,
author = {Imperva},
year = 2014,
title = {{Consumer Password Worst Practices}},
howpublished = {[online]},
note={{Available from: \url{https://www.imperva.com/docs/gated/WP_Consumer_Password_Worst_Practices.pdf} [viewed 2023-08-13]}}
}
@misc{hashcracking,
author = {Dan Goodin},
year = 2012,
month = aug,
publisher = {ArsTechnica},
title = {{Why passwords have never been weaker—and crackers have never been stronger}},
howpublished = {[online]},
note={{Available from: \url{https://arstechnica.com/information-technology/2012/08/passwords-under-assault/} [viewed 2023-08-13]}}
}
@misc{hashcracking2,
author = {Per Thorsheim},
year = 2012,
month = {{June}},
title = {{Linkedin Password Infographic}},
howpublished = {[online]},
note={{Available from: \url{https://securitynirvana.blogspot.com/2012/06/linkedin-password-infographic.html} [viewed 2023-08-13]}}
}
% =========================================================================== %