One or more first servers can implement an example method including storing, at a memory accessible by the first one or more servers, a primary email address for a user. The method further includes detecting a request, from a client device associated with the user, to access a network resource hosted at a second one or more servers, wherein the network resource is associated with an online service. The method also includes automatically generating a secondary email address for the user that is unique to the online service; and transmitting the secondary email address to the second one or more servers such that the online service receives the secondary email address for the user without receiving the primary email address for the user, thereby enabling the online service to transmit emails to the user despite not receiving the primary email address for the user.

A method of authenticating a consumable or detachable element of a continuous inkjet printer comprising: the controller of the printer generating a 1.sup.st item of random information that is dispatched to an authentication circuit of the element; encrypting the 1.sup.st item of information by the authentication circuit using a 1.sup.st encryption algorithm and a 1.sup.st secret key to form a 1.sup.st item of encrypted random information; dispatching the 1.sup.st item of information to the controller; encrypting the 1.sup.st item of information by the controller using a 2.sup.nd encryption algorithm and a 2.sup.nd secret key to form a 2.sup.nd item of encrypted random information; comparing the 1.sup.st item of encrypted random information with the 2.sup.nd encrypted item of random information to authenticate the consumable element; and if the consumable element is authenticated, dispatching at least one part of a 3.sup.rd key, termed the shared key, by the element to the printer.

A system and method are provided for providing trusted links between applications. The method is executed by a registry server device. The method includes storing in a database coupled to the registry server device, query parameters for a plurality of applications; receiving, from a first application, a first request to obtain a trusted link to communicate with a second application; providing the trusted link, wherein the trusted link is signed by the registry server device and identifies one or more query parameters of the first request; sending to the first application, a first response comprising the trusted link; receiving, from the second application, a second request to verify, at least in part, permissions defined by the one or more query parameters identified based on to the trusted link; and sending to the second application a second response comprising a result of the verification that enables the second application to verify that the signed trusted link was not tampered with and that the one or more query parameters of the first request have not been tampered with.

A system and method for batched, supervised, in-situ machine learning classifier retraining for malware identification and model heterogeneity. The method produces a parent classifier model in one location and providing it to one or more in-situ retraining system or systems in a different location or locations, adjudicates the class determination of the parent classifier over the plurality of the samples evaluated by the in-situ retraining system or systems, determines a minimum number of adjudicated samples required to initiate the in-situ retraining process, creates a new training and test set using samples from one or more in-situ systems, blends a feature vector representation of the in-situ training and test sets with a feature vector representation of the parent training and test sets, conducts machine learning over the blended training set, evaluates the new and parent models using the blended test set and additional unlabeled samples, and elects whether to replace the parent classifier with the retrained version.

A system for protecting an endpoint device of a user includes a web interface module that identifies a present URL visited by the user and target URLs to which navigation is available. A password management module installed on the endpoint device stores multiple entries. One entry includes a username, a password, and a login URL. The password management module selectively supplies credentials to the web interface module, including supplying the password to the web interface module in response to the web interface module identifying the login URL as the present URL. A URL analysis module evaluates the target URLs to classify each of the target URLs as either safe or suspicious and initiates a warning to the user in response to one of the target URLs being classified as suspicious. The URL analysis module performs the classification based in part on login URLs stored by the password management module.

Privately determining whether a password satisfies a constraint without having to divulge the password itself to a third party that evaluates the constraint, and without the third party even being aware of the result of the evaluation. After the user selects a password, private communication (e.g., private information retrieval) is used to determine whether the selected password satisfies password constraints. For instance, the password might be encrypted (e.g., homomorphically), and then the encrypted password and a function definition (e.g., a homomorphic function definition) is then provided to the third party. The third party then performs the function and returns an already encrypted result. The third party generated the encrypted result directly, without having access to the result in the clear. Upon receiving the encrypted result, the user's computing system may then decrypt the result, to find out whether the password satisfies the constraints, and thus is sufficiently safe.

A content access device and system may allow portable remote devices to be paired with a variety of different devices, allowing remote control through a network connection. Content access devices may expose application program interfaces, allowing incoming network traffic to control operation of the device much in the same way that a local infrared remote would. Routing content commands through an external application server may also yield other benefits, such as allowing more customized selection of information and advertising content to users based on their viewing history.

In embodiments of the present teachings, improved capabilities are described for detecting restricted content associated with retrieved content. The method and system may include receiving a client request for content, saving contextual information from the client request, and presenting the contextual information from the client request, and retrieved content, to a scanning facility. The scanning facility may use the contextual information and the retrieved content to initiate a remedial action on the client.

Systems, methods, and computer-readable media are provided for generating a unique ID for a sensor in a network. Once the sensor is installed on a component of the network, the sensor can send attributes of the sensor to a control server of the network. The attributes of the sensor can include at least one unique identifier of the sensor or the host component of the sensor. The control server can determine a hash value using a one-way hash function and a secret key, send the hash value to the sensor, and designate the hash value as a sensor ID of the sensor. In response to receiving the sensor ID, the sensor can incorporate the sensor ID in subsequent communication messages. Other components of the network can verify the validity of the sensor using a hash of the at least one unique identifier of the sensor and the secret key.