Mayall:a framework for desktop JavaScript auditing and post-exploitation analysis

Writing desktop applications in JavaScript offers developers the opportunity to write cross-platform applications with cutting edge capabilities. However in doing so, they are potentially submitting their code to a number of unsanctioned modifications from malicious actors. Electron is one such JavaScript application framework which facilitates this multi-platform out-the-box paradigm and is based upon the Node.js JavaScript runtime --- an increasingly popular server-side technology. In bringing this technology to the client-side environment, previously unrealized risks are exposed to users due to the powerful system programming interface that Node.js exposes. In a concerted effort to highlight previously unexposed risks in these rapidly expanding frameworks, this paper presents the Mayall Framework, an extensible toolkit aimed at JavaScript security auditing and post-exploitation analysis. The paper also exposes fifteen highly popular Electron applications and demonstrates that two thirds of applications were found to be using known vulnerable elements with high CVSS scores. Moreover, this paper discloses a wide-reaching and overlooked vulnerability within the Electron Framework which is a direct byproduct of shipping the runtime unaltered with each application, allowing malicious actors to modify source code and inject covert malware inside verified and signed applications without restriction. Finally, a number of injection vectors are explored and appropriate remediations are proposed

A taxonomy of approaches for integrating attack awareness in applications

Software applications are subject to an increasing number of attacks, resulting in data breaches and financial damage. Many solutions have been considered to help mitigate these attacks, such as the integration of attack-awareness techniques. In this paper, we propose a taxonomy illustrating how existing attack awareness techniques can be integrated into applications. This work provides a guide for security researchers and developers, aiding them when choosing the approach which best fits the needs of their application

Licit or Illicit? Encroachments on ‘the Lord’s Waste’ in North-east Scotland, c.1400 – c.1800

Open access via the CUP Agreement Many thanks to the two anonymous reviewers for their insightful comments and many excellent suggestions for improving this paper; they were much appreciated. All remaining errors are all my own work!Peer reviewe

Alcohol Screening and Brief Interventions for Offenders in the Probation Setting (SIPS Trial): a Pragmatic Multicentre Cluster Randomized Controlled Trial

Aim - To evaluate the effectiveness of different brief intervention strategies at reducing hazardous or harmful drinking in the probation setting. Offender managers were randomized to three interventions, each of which built on the previous one: feedback on screening outcome and a client information leaflet control group, 5 min of structured brief advice and 20 min of brief lifestyle counselling. Methods - A pragmatic multicentre factorial cluster randomized controlled trial. The primary outcome was self-reported hazardous or harmful drinking status measured by Alcohol Use Disorders Identification Test (AUDIT) at 6 months (negative status was a score of <8). Secondary outcomes were AUDIT status at 12 months, experience of alcohol-related problems, health utility, service utilization, readiness to change and reduction in conviction rates. Results - Follow-up rates were 68% at 6 months and 60% at 12 months. At both time points, there was no significant advantage of more intensive interventions compared with the control group in terms of AUDIT status. Those in the brief advice and brief lifestyle counselling intervention groups were statistically significantly less likely to reoffend (36 and 38%, respectively) than those in the client information leaflet group (50%) in the year following intervention. Conclusion - Brief advice or brief lifestyle counselling provided no additional benefit in reducing hazardous or harmful drinking compared with feedback on screening outcome and a client information leaflet. The impact of more intensive brief intervention on reoffending warrants further research

Expression analysis of the osteoarthritis genetic susceptibility locus mapping to an intron of the MCF2L gene and marked by the polymorphism rs11842874

BACKGROUND: Osteoarthritis (OA) is a painful, debilitating disease characterised by loss of articular cartilage with concurrent changes in other tissues of the synovial joint. Genetic association studies have shown that a number of common variants increase the risk of developing OA. Investigating their activity can uncover novel causal pathways and potentially highlight new treatment targets. One of the reported OA association signals is marked by the single nucleotide polymorphism (SNP) rs11842874 at chromosome 13q34. rs11842874 is positioned within a small linkage disequilibrium (LD) block within intron 4 of MCF2L, a gene encoding guanine-nucleotide exchange factor DBS. There are no non-synonymous SNPs that correlate with this association signal and we therefore set out to assess whether its effect on OA susceptibility is mediated by alteration of MCF2L expression. METHODS: Nucleic acid was extracted from cartilage, synovial membrane or infrapatellar fat pad tissues from OA patients. Expression of MCF2L was measured by quantitative PCR and RNA-sequencing whilst the presence of DBS was studied using immunohistochemistry. The functional effect of SNPs within the 13q34 locus was assessed using public databases and in vitro using luciferase reporter analysis. RESULTS: MCF2L gene and protein expression are detectable in joint tissues, with quantitative differences in the expression of the gene and in the transcript isoforms expressed between the tissues tested. There is an expression quantitative trait locus (eQTL) operating within synovial membrane tissue, with possession of the risk-conferring A allele of rs11842874 correlating with increased MCF2L expression. SNPs within the rs11842874 LD block reside within transcriptional regulatory elements and their direct analysis reveals that several show quantitative differences in regulatory activity at the allelic level. CONCLUSIONS: MCF2L is subject to a cis-acting eQTL in synovial membrane that correlates with the OA association signal. This signal contains several functional SNPs that could account for the susceptibility and which therefore merit further investigation. As far as we are aware, this is the first example of an OA susceptibility locus operating as an eQTL in synovial membrane tissue but not in cartilage. ELECTRONIC SUPPLEMENTARY MATERIAL: The online version of this article (doi:10.1186/s12881-015-0254-2) contains supplementary material, which is available to authorized users

Analysis of Globulin-1 promoter activity and the expression of GFP in transgenic maize seed tissues and processing of GFP-containing grain

The maize (Zea mays L) kernel is perfectly configured to store proteins and nutrients. The major proteins of the maize kernel are known as seed storage proteins because they have no enzymatic function and they accumulate to a high level for use during germination of the seed as an immediate nutrient source. These seed storage proteins are responsible for much of the nutrient quality of maize when used as a food or feed source. Understanding the regulation of seed storage protein deposition may allow researchers to improve the use of maize grain in a variety of food and feed products, as well as industrial and pharmaceutical applications. To understand the regulation of seed storage proteins and to improve the uses of maize grain, we have created transgenic maize lines that express the reporter gene Green Fluorescent Protein (GFP) under the control of seed storage protein promoters. Therefore, GFP is developmentally and spatially regulated similar to seed storage proteins. Our results indicate that GFP is expressed in seed tissues similar to seed storage proteins. To better utilize grain by dry-milling, we subjected the GFP transgenic grain to a dry-milling process and tracked its recovery. From the results we determined that optimization of dry-milling processes can be accomplished using GFP grain. To better express GFP, and other recombinant proteins in maize kernels, we developed a chimeric promoter that can express GFP in multiple seed tissues. Our results indicate that the chimeric promoter has endosperm and embryo tissue specificity, and that this promoter can be used to express recombinant proteins in maize kernels. To better understand the activity of the Glb1 promoter, we performed experiments that resulted in the correlation of immature leaf activity of the Glb1 promoter with a complex rearrangement within the Glb1 promoter due to transposon transposition events

Building Resilience and Sustainability in Lowland Scottish ‘Treescape’ Management Regimes : ‘Voices of the Future’/Re-imagining the Commons

Peer reviewedPublisher PD

The Fedderate Charter and its implications for the thirteenth-century social and economic landscapes of North-east Scotland

Peer reviewedPublisher PD

Inactivation of mammalian Ero 1α is catalysed by specific protein disulfide isomerases

Disulfide formation within the endoplasmic reticulum is a complex process requiring a disulfide exchange protein such as protein disulfide isomerase and a mechanism to form disulfides de novo. In mammalian cells, the major pathway for de novo disulfide formation involves the enzyme Ero1α which couples oxidation of thiols to the reduction of molecular oxygen to form hydrogen peroxide. Ero1α activity is tightly regulated by a mechanism that requires the formation of regulatory disulfides. These regulatory disulfides are reduced to activate and reform to inactive the enzyme. To investigate the mechanism of inactivation we analysed regulatory disulfide formation in the presence of various oxidants under controlled oxygen concentration. Neither molecular oxygen, nor hydrogen peroxide was able to oxidise Ero1α efficiently to form the correct regulatory disulfides. However, specific members of the PDI family such as PDI or ERp46 were able to catalyse this process. Further studies showed that both active sites of PDI contribute to the formation of regulatory disulfides in Ero1α and that the PDI substrate binding domain is crucial to allow electron transfer between the two enzymes. These results demonstrate a simple feedback mechanism of regulation of mammalian Ero1α involving its primary substrate

Obligations in the Shade: The Application of Fiduciary Directors’ Duties to Shadow Directors

This paper argues that shadow directors, as defined in English law, ought to owe the full range of directors’ duties, both fiduciary and non-fiduciary, enacted in the Companies Act 2006 (CA 2006), ss 171-177, to the relevant company under their influence. Following the enactment of the recent Small Business, Enterprise and Employment Act (SBEEA) 2015, these general duties are likely to apply to shadow directors, although there is still a case to be made as to why shadow directors should owe fiduciary duties to the relevant company. It is argued here that such a relationship is fiduciary in nature, but the current approach deployed in the English courts, based upon the application of Finn’s originally formulated ‘undertaking’ test alone, is inadequate. Given these inadequacies, it is proposed that the Canadian ‘power and discretion’ test be deployed alongside the ‘undertaking’ test, in order to provide a far more comprehensive justification for the application of fiduciary obligations to shadow directors. This position is supported by establishing a theoretical basis for the ‘power and discretion’ test, via Paul Miller’s ‘fiduciary powers theory’, as well as considering the application of such a test to shadow directors