Narrow Results

Software security vulnerabilities and leakages of private information are two of the main issues in modern software systems. Several different approaches, ranging from design techniques to run-time monitoring, have been applied to prevent, detect and isolate such vulnerabilities. Static taint analysis has been particularly successful in detecting injection vulnerabilities at compile time. However, its extension to detect leakages of sensitive data has been only partially investigated. In this paper, we introduce BackFlow, a backward flow reconstructor that, starting from the results of a generic taint analysis engine, reconstructs the flow of tainted data. If successful, BackFlow provides full information about the flow that such data (e.g. private information or user input) traversed inside the program before reaching a sensitive point (e.g. Internet communication or execution of an SQL query). Such information is needed to extend taint analysis to privacy analyses, since in such a scenario it is important to know which exact type of sensitive data flows to what type of communication channels. BackFlow has been implemented in Julia (an industrial static analyzer for Java, Android and .NET programs), and applied to WebGoat and different benchmarks to detect both injections and privacy issues. The experimental results prove that BackFlow is able to reconstruct the flow of tainted data for most of the true positives, it scales up to industrial applications, and it can be effectively applied to privacy analysis, such as the detection of sensitive data leaks or compliance with a data regulation.

First carpometacarpal joint osteoarthritis (1^st CMCJ OA) is a common condition with variable results reported from local corticosteroid injection. This study aims to explore the medium-term outcome with respect to pain relief, patient satisfaction and the need for subsequent surgical intervention. A prospective review was performed of patients undergoing fluoroscopically guided corticosteroid injection by one surgeon, with postal questionnaires for medium-term follow-up. Forty-one patients were included. Thirty-one were female and ten male, with a mean age of 60 years. In the short term 76% of patients reported pain relief with an average duration of four weeks and 69% of the patients reported benefit from injection. After a median follow-up of 36 months 76% of patients reported continuing pain but 59% reported satisfaction with the outcome. Twenty-eight per cent of the patients had undergone surgery. Local corticosteroid injection of the CMCJ provides only short-term pain relief, but few patients go on to surgical intervention.

Robots, A Potential Staple in Eye Surgery.

Interviews at Commonwealth Science Conference 2017.

Precision Medicine for Cancer Patients: Interview with Dr Allen Lai.