research-article

Free Access

Weapons of mass assignment

Author:
Patrick McKenzie

View Profile

Authors Info & Claims

Communications of the ACM Volume 54 Issue 5May 2011pp 54–59https://doi.org/10.1145/1941487.1941503

Published:01 May 2011Publication History

Check for updates on crossmark

Communications of the ACM

Abstract

A Ruby on Rails app highlights some serious, yet easily avoided, security vulnerabilities.

Index Terms

Weapons of mass assignment

Recommendations

Weapons of Mass Assignment: A Ruby on Rails app highlights some serious, yet easily avoided, security vulnerabilities.
Programming Languages

In May 2010, during a news cycle dominated by users’ widespread disgust with Facebook privacy policies, a team of four students from New York University published a request for $10,000 in donations to build a privacy-aware Facebook alternative. The ...
Read More
Using 3D printers as weapons

Additive manufacturing, also known as 3D printing, is a transformative manufacturing technology that will play a significant role in the critical manufacturing sector. Industrial-grade 3D printers are increasingly used to produce functional parts for ...
Read More
Off-Path TCP Exploits of the Mixed IPID Assignment
CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security

In this paper, we uncover a new off-path TCP hijacking attack that can be used to terminate victim TCP connections or inject forged data into victim TCP connections by manipulating the new mixed IPID assignment method, which is widely used in Linux ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in

Communications of the ACM Volume 54, Issue 5
May 2011
134 pages
ISSN:0001-0782
EISSN:1557-7317
DOI:10.1145/1941487
Issue’s Table of Contents

Copyright © 2011 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 1 May 2011
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Qualifiers
- research-article
- Popular
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 0
  Total Citations
  View Citations
- 39,421
  Total Downloads
- Downloads (Last 12 months)15,642
- Downloads (Last 6 weeks)20
Other Metrics
View Author Metrics
Cited By
This publication has not been cited yet

PDF Format

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format .

View HTML Format

View Issue’s Table of Contents