People Places
History Art
Science
SUMMARY / RELATED TOPICS

Trioceros

Trioceros is a genus of lizards in the family Chamaeleonidae. Trioceros was considered a subgenus of the genus Chamaeleo until 2009 when it was elevated to full genus level; the following species and subspecies are recognized as being valid. Trioceros affinis – beardless Ethiopian mountain chameleon, Rüppell's desert chameleon Trioceros balebicornutus – Bale Mountain two-horned chameleon Trioceros bitaeniatus – side-striped chameleon, two-lined chameleon, two-lined montane dwarf chameleon Trioceros camerunensis – Cameroon chameleon Trioceros chapini – Chapin's chameleon, grey chameleon Trioceros conirostratus – Sudanese cone-horned chameleon Trioceros cristatus – crested chameleon, fringed chameleon Trioceros deremensis – Usambara giant three-horned chameleon, wavy chameleon Trioceros ellioti – Elliot's chameleon, Elliot's groove-throated side-striped chameleon, montane side-striped chameleon Trioceros feae – Bioko hornless chameleon, Fea's chameleon Trioceros fuelleborni –, flapjack chameleon, Ngosi Volcano chameleon, Poroto Mountain three-horned chameleon Trioceros goetzei – Goetze's chameleon, Ilolo chameleon, whistling chameleon Trioceros goetzei goetzei – Goetze's whistling chameleon Trioceros goetzei nyikae – Nyika whistling chameleon Trioceros hanangensis Krause & Böhme, 2010 – Mount Hanang montane dwarf chameleon Trioceros harennae – Harenna hornless chameleon Trioceros harennae harennae – Harenna hornless chameleon Trioceros harennae fitchi – Fitch's Harenna hornless chameleon Trioceros hoehnelii – helmeted chameleon, high-casqued chameleon, von Höhnel's chameleon Trioceros incornutus – Ukinga hornless chameleon Trioceros ituriensis – Ituri forest chameleon Trioceros jacksonii – Jackson's chameleonTrioceros jacksonii jacksonii – Jackson's three-horned chameleon Trioceros jacksonii merumontanus – dwarf Jackson's chameleon Trioceros jacksonii xantholophus – Mount Kenya three-horned chameleon, yellow-crested Jackson's chameleon Trioceros johnstoni – Johnston's chameleon, Johnston's three-horned chameleon, Ruwenzori three-horned chameleon Trioceros kinangopensis Stipala et al. 2012 Trioceros kinetensis – Mount Kineti montane dwarf chameleon Trioceros laterispinis – spiny-flanked chameleon Trioceros marsabitensis – Marsabit one-horned chameleon, Mt. Marsabit chameleon, Tilbury's cameleon Trioceros melleri – giant one-horned chameleon, Meller's chameleon, Meller's giant one-horned chameleon Trioceros montium – Cameroon sailfin chameleon Trioceros narraioca – Mount Kulal helmeted chameleon Trioceros ntunte – Nyiru montane dwarf chameleon Trioceros nyirit Stipala et al. 2011 – Cherangani helmeted chameleon Trioceros oweni – Owen's chameleon Trioceros perreti – Perret's chameleon, southern peacock chameleon Trioceros pfefferi – Pfeffer's two-horned chameleon Trioceros quadricornis – four-horned chameleon Trioceros quadricornis quadricornis – southern four-horned chameleon Trioceros quadricornis eisentrauti – Rumpi Hills chameleon Trioceros quadricornis gracilior – northern four-horned chameleon Trioceros rudis – coarse chameleon, rough chameleon, Ruwenzori side-striped chameleon, Rwenzori bearded montane dwarf chameleon Trioceros schoutedeni – Schouteden's montane dwarf chameleon Trioceros schubotzi – Mount Kenya montane dwarf chameleon, Mount Kenya side-striped chameleon, Schubotz's chameleon Trioceros serratus – central peacock chameleon Trioceros sternfeldi –, Tanzanian montane dwarf chameleon Trioceros tempeli – Tanzania mountain chameleon, Tempel's chameleon, tubercle-nosed chameleon Trioceros werneri – Werner's chameleon, Werner's three-horned chameleon Trioceros wiedersheimi – Mount Lefo chameleon, northern peacock chameleon, Wiedersheim's chameleonNota bene: In the above list, a binomial authority or trinomial authority in parentheses indicates that the species or subspecies was described in a genus other than Trioceros.

Boelens, B.. The Eponym Dictionary of Reptiles. Baltimore: Johns Hopkins University Press. Xiii + 296 pp. ISBN 978-1-4214-0135-5. Tilbury, C. R. & Tolley, K. A.. A re-appraisal of the systematics of the African genus Chamaeleo. Zootaxa 2079: 57–68. Swainson, W.. The Natural History of Fishes, Amphibians, & Reptiles, or Monocardian Animals. Vol. II. London: Longman, Brown, Green & Longmans. 452 pp.. Http://www.chameleoninfo.com/Species_Profiles.html

BREACH

BREACH is a security exploit against HTTPS when using HTTP compression. BREACH is built based on the CRIME security exploit. BREACH was announced at the August 2013 Black Hat conference by security researchers Angelo Prado, Neal Harris and Yoel Gluck; the idea had been discussed in community before the announcement. While the CRIME attack was presented as a general attack that could work against a large number of protocols, only exploits against SPDY request compression and TLS compression were demonstrated and mitigated in browsers and servers; the CRIME exploit against HTTP compression has not been mitigated at all though the authors of CRIME have warned that this vulnerability might be more widespread than SPDY and TLS compression combined. BREACH is an instance of the CRIME attack against HTTP compression—the use of gzip or DEFLATE data compression algorithms via the content-encoding option within HTTP by many web browsers and servers. Given this compression oracle, the rest of the BREACH attack follows the same general lines as the CRIME exploit, by performing an initial blind brute-force search to guess a few bytes, followed by divide-and-conquer search to expand a correct guess to an arbitrarily large amount of content.

BREACH exploits the compression in the underlying HTTP protocol. Therefore, turning off TLS compression makes no difference to BREACH, which can still perform a chosen-plaintext attack against the HTTP payload; as a result and servers are either forced to disable HTTP compression or to adopt workarounds to try to foil BREACH in individual attack scenarios, such as using cross-site request forgery protection. Another suggested approach is to disable HTTP compression whenever the referrer header indicates a cross-site request, or when the header is not present; this approach allows effective mitigation of the attack without losing functionality, only incurring a performance penalty on affected requests. Around 2013-2014, there was an IETF draft proposal for a TLS extension for length-hiding padding that, in theory, could be used as a mitigation against this attack, it allows the actual length of the TLS payload to be disguised by the insertion of padding to round it up to a fixed set of lengths, or to randomize the external length, thereby decreasing the likelihood of detecting small changes in compression ratio, the basis for the BREACH attack.

However, this draft has since expired without further action. Tool that runs the BREACH attack demonstrated at BlackHat 2013 HEIST, a related compression-based attack on the body of the response demonstrated at BlackHat 2016