«
Expand/Collapse
756 items tagged "Software"
Related tags:
software defined radio [+],
usb tv tuner [+],
chaos communication camp [+],
germany [+],
free open source software [+],
system [+],
free software updates [+],
development [+],
python [+],
india [+],
code [+],
hacks [+],
chaos communication congress [+],
v series [+],
user centered design [+],
user [+],
sql [+],
south america [+],
software sql [+],
software scene [+],
social networks [+],
service vulnerability [+],
randomization [+],
overtaking [+],
olivier cleynen [+],
network address translation [+],
network [+],
munich [+],
linux [+],
latin america [+],
hr software [+],
header values [+],
harald welte [+],
gsm [+],
fltk [+],
detection software [+],
detection [+],
design [+],
day [+],
corinna habets [+],
cisco nexus [+],
anontwi [+],
abstract overview [+],
Hardware [+],
web [+],
vserver [+],
virtualization [+],
transport layer security [+],
translation [+],
tonnerre [+],
thomas carlyle [+],
technology [+],
some critical remarks [+],
social hacks [+],
sip servers [+],
sip [+],
session initiation protocol [+],
session description protocol [+],
security incident response [+],
route [+],
reliable software development [+],
qemu [+],
protection [+],
project [+],
predefined commands [+],
polyvaccine [+],
pkgsrc [+],
patent attorneys [+],
patent [+],
party hacks [+],
open source systems [+],
north south [+],
nat [+],
mac [+],
linux kernel [+],
law [+],
intrusion prevention system [+],
injection [+],
industry [+],
identification [+],
hubert feyrer [+],
foss [+],
felix grbert [+],
felix erkinger [+],
exploitation [+],
european patent offices [+],
erwin erkinger [+],
ddos [+],
cryptographic primitives [+],
control flow graphs [+],
cisco vsg [+],
cisco virtual [+],
cisco product [+],
china [+],
brazil [+],
bangalore [+],
audio [+],
asia [+],
andreas krennmair [+],
anarchist theory [+],
aerospace [+],
Release [+],
Programming [+],
x. regardless [+],
whitepaper [+],
vhdl [+],
unix signals [+],
technique [+],
steven j. murdoch tags [+],
software patents [+],
software correctness [+],
sergio alvarez [+],
security authors [+],
sdr [+],
rsa works [+],
route processor [+],
risk [+],
privacy event [+],
principles of mathematics [+],
popularity thanks [+],
poor efficiency [+],
physical artifacts [+],
peach [+],
optical document security [+],
news [+],
michael eddington [+],
melissa j. dark [+],
martin vuagnoux [+],
mariano nunez [+],
marc eisenbarth [+],
mail servers [+],
mac os x [+],
mac os [+],
lisa thalheim [+],
libre [+],
language [+],
jordan [+],
jasc paint shop [+],
internet [+],
international proportions [+],
hyatt regency crystal city [+],
hyatt regency crystal [+],
how to [+],
hacker [+],
hackaday [+],
greg newby [+],
gps satellites [+],
freedom [+],
france [+],
felix von leitner [+],
explosion [+],
different leadership styles [+],
di croce [+],
dep [+],
dan [+],
counterfeit [+],
concurrency issues [+],
concurrency [+],
chris gates [+],
chip [+],
building [+],
bugtraq [+],
buffer overflow vulnerabilities [+],
bit [+],
ben laurie since [+],
autodaf [+],
authors [+],
arithmetic [+],
arbitrary code execution [+],
apple hardware [+],
apple [+],
apex software [+],
apex [+],
antivirus [+],
amit singh tags [+],
air traffic control [+],
Community [+],
vulnerability [+],
cisco security [+],
cisco ios [+],
cisco security advisory [+],
advisory [+],
zebes [+],
zach hoeken [+],
year [+],
yann guidon [+],
xxx software [+],
xxx [+],
x port [+],
windows box [+],
width [+],
web radio station [+],
web developer [+],
web applications [+],
way [+],
water droplets [+],
water [+],
visualizing [+],
vision [+],
virtual security [+],
video [+],
victor [+],
vb6 [+],
usb [+],
update [+],
upconverters [+],
unique solution [+],
ubuntu [+],
two choices [+],
tv tuner software [+],
transitioned [+],
tornado web [+],
tor [+],
tom sawyer software [+],
tom sawyer [+],
ti 84 emulator [+],
teaching [+],
tcp ip protocol [+],
tags hardware [+],
switch [+],
suspect faces [+],
steve markgraf [+],
step [+],
stcdude [+],
special software [+],
source computer [+],
source [+],
solver [+],
solution [+],
software vulnerability [+],
software vulnerabilities [+],
software protection agency [+],
software properties [+],
software pioneer [+],
software firm [+],
software filter [+],
software development environment [+],
software development [+],
smudges [+],
slides [+],
series switch [+],
scraping [+],
savvy users [+],
savants [+],
running software [+],
royer [+],
robots [+],
robot [+],
richard stallman [+],
rest [+],
regveg [+],
recording [+],
recognition [+],
recent poll [+],
real world [+],
read [+],
radio transceiver [+],
radio scene [+],
radio release [+],
radar system [+],
radar [+],
qr code [+],
python programming language [+],
punctuation marks [+],
protocol [+],
properties [+],
proper language [+],
proof of concept [+],
programming software [+],
processor [+],
private thoughts [+],
pirating [+],
pioneer [+],
philosophy [+],
peter buruk [+],
peter [+],
persistent software [+],
persistent [+],
pepper flash [+],
patricio palladino [+],
paper [+],
optical tomography [+],
open source advocacy [+],
online confessional [+],
objects [+],
nintendo wii [+],
nintendo [+],
nicolas boulay [+],
music [+],
mother brain [+],
minesweeper [+],
microcontrollers [+],
michael ossmann [+],
member companies [+],
marius ciepluch [+],
margin notes [+],
manual [+],
malware [+],
malformed [+],
magenta [+],
macs [+],
machine [+],
linux machine [+],
legit software [+],
lars [+],
land mines [+],
lan messenger [+],
klaus schleisiek [+],
kaspersky [+],
john mcafee [+],
john [+],
jeff forristal [+],
javascript interpreter [+],
javascript [+],
java virtual machine [+],
java bytecode [+],
java [+],
jason [+],
james [+],
irregularity [+],
iphone [+],
ios [+],
infinite beat [+],
inexpensive radio [+],
indian software [+],
indian [+],
image [+],
html [+],
hp network printers [+],
house [+],
home automation devices [+],
hide [+],
hardware software interface [+],
hardware prototyping [+],
hardware involved [+],
hardware hacking [+],
hardware architecture [+],
hacked [+],
gustaf [+],
greek city states [+],
graphing calculator [+],
gps [+],
gpg keys [+],
google [+],
george [+],
game [+],
fun [+],
freedom cpu [+],
free time [+],
free software implementation [+],
free software foundation [+],
fpga [+],
forever [+],
font [+],
fm broadcasts [+],
flash plugin [+],
firm [+],
firewall software [+],
filter [+],
field of vision [+],
few days [+],
felix [+],
false sense of security [+],
factory [+],
facial recognition software [+],
facial [+],
face detection [+],
face [+],
f cpu [+],
extradition [+],
extension [+],
exploits [+],
exact situation [+],
even [+],
engineering [+],
emulator [+],
emacs [+],
elias [+],
eight characters [+],
editing [+],
echo nest [+],
ec software [+],
drop images [+],
drop [+],
drawbot [+],
drag [+],
dont be [+],
dll [+],
dimitri [+],
digital [+],
device [+],
detecting [+],
depressed robot [+],
denial of service [+],
demonstration [+],
deep sleep [+],
dcpu [+],
david gustin tags [+],
david gustin [+],
dave [+],
database archiving [+],
database [+],
darwin [+],
darknet [+],
dan royer [+],
curiosity [+],
ct scanner [+],
creating [+],
computer vision [+],
computer [+],
code execution [+],
cnc [+],
cisco router [+],
chrome [+],
christina [+],
chaos congress [+],
chan ahn [+],
cedric bail [+],
car [+],
cameras [+],
calculator emulator [+],
calculator [+],
c. the [+],
border gateway protocol [+],
bootable [+],
book [+],
bitdefender [+],
bit computer [+],
better than the rest [+],
benedek [+],
belize [+],
average [+],
assembly programming [+],
ascii art [+],
ascii [+],
arm devices [+],
archiving [+],
android [+],
andrew [+],
ancient greek city [+],
amsterdam [+],
alexander van teijlingen [+],
aficionado [+],
adam obeng [+],
Countermeasures [+],
2d images [+],
12 year olds [+],
cisco ios software [+],
talk [+],
radio [+],
free [+],
security [+],
open source software [+],
zenworks,
zbfw,
xss,
x. making,
x snow,
wpa supplicant,
wpa,
world of computers,
world applications,
world,
wordlist,
wlan,
wireshark,
wireplay,
wireless radio,
wireless chip,
wing commander,
wing,
windows computers,
windows,
willy,
wifi,
wicd,
wi fi access,
wes faler,
wep key,
wep,
webpage,
webmanager,
webcam software,
webapps,
web proxy,
web giant,
web game,
wazzum,
wave of the future,
vulnerable version,
vulnerabilities,
volta,
voipong,
vncinject,
vnc,
vmware,
vit,
visual studio,
visual diff,
visual,
viscom,
virus,
virtualisation,
video analysis,
version,
verilog,
vector graphics,
value,
use,
usda,
usb wireless,
usb keyboards,
usb dongle,
usb charger,
usb anschluss,
usa,
unix specialists,
unified,
unidata,
und,
unacceptable levels,
unacceptable,
una,
un abrazo,
typical consumer,
txt software,
txt,
tv software,
tv capture card,
tutto,
tutorial series,
tutorial,
tutor,
tshark,
true,
troy wright,
trouble ticket,
trouble,
trojaner,
trawl,
transmission rates,
tranado,
train customers,
traffik,
traffic light,
traffic,
tracker software,
tracker,
tping,
toolbox,
tool,
took,
token,
tmp filesystem,
tmp,
tls,
tipard,
timer circuit,
timeclock software,
timeclock,
time scientists,
time depth,
tightvnc,
tiempo compartido,
ticket software,
ticket,
ti nspire,
thumb drives,
thread,
third party,
thieves,
theharvester,
tftp server software,
tftp,
temperature display,
technical underpinnings,
tcp segment,
tcp,
tavis ormandy,
tar xf,
tar gz,
tar,
synergy software,
synergy,
sunset software,
sunset,
sunbelt software,
sunbelt,
sun ray server software,
sun,
sulley,
sul,
sudoglove,
sudo,
studio,
stream software,
storage options,
sto,
steven wittens,
steve christey,
stender,
stem,
steam software,
steam,
static address,
starmoney,
stanford,
standing on the shoulders,
stack buffer,
sslstrip,
ssl check,
ssl,
sshv,
ssh login,
ssh,
sql server express,
sql injection,
spider,
speicher,
spectrum software,
spectrum,
space,
sony vaio,
something,
software windows,
software versions,
software version,
software v1,
software update,
software tutorials,
software toolkit,
software tests,
software technologies,
software techniques,
software solutions,
software shell,
software services,
software server,
software security,
software sector,
software radio,
software product,
software producers,
software patch,
software packages,
software movie player,
software maker,
software ltd,
software list,
software link,
software lifecycle,
software interface,
software installer,
software index,
software id,
software hackers,
software giants,
software errors,
software eagle,
software dl,
software distributor,
software developers,
software crashes,
software component,
software co,
software bug,
software backup,
software authors,
software architects,
softap,
social engineering,
snmp,
snafu,
sms,
smart,
sketchup,
sketchchair,
sito,
simulation,
simple software,
simple hello,
simple,
sijio,
signal interface,
signal generator,
siggraph,
sia,
shopping cart software,
shell,
shared object,
settings,
session,
service,
server versions,
server version,
server v2,
server down,
server address,
server,
serp,
series switches,
series,
serial port,
serial interface,
sensitive,
security vulnerabilities,
security software,
security response,
security initiatives,
security guru,
security flaws,
security fixes,
security division,
security community,
security co,
security clearance,
security advisory,
securid,
secret,
sebastian,
search,
sdk version,
sdk,
script injection,
script,
scrib,
scott stender,
science,
sarah gordon tags,
sarah gordon,
san,
salve,
safer use,
rx packets,
russell spitler,
rugged,
rsvp,
rsa,
router,
rootkits,
root,
rocket software,
rocket,
robert a. martin sean barnum,
robert a martin,
rm mp,
ripper,
ricoh,
richard,
ricerca,
rfi,
reverse engineering,
revealed,
rete wireless,
response,
resolution,
replay attack,
rental software,
rental,
remote shell,
remote buffer overflow vulnerability,
remote buffer overflow,
remote,
refresh,
red,
reconstructme,
real time,
reading package,
react,
ray server,
ramaas,
ram space,
ram,
raknet,
radius authentication,
rachel fee,
r software,
quote,
quot quot,
quot,
questo,
question,
queria,
que es un hacker,
quake ii,
quake,
python script,
python language,
pwlist,
proxy,
protocol sip,
protocol igmp,
protocol designs,
pros and cons,
promoting,
programming style,
programming problem,
programming environment,
programming challenge,
programmer,
program,
prog,
production servers,
problema,
problem,
privilege escalation vulnerability,
printer software,
printer,
portable,
point,
poc,
png,
player space,
player,
placa,
pirated,
pipeline,
piece,
pidgin,
pic,
php,
phone,
peripherals,
pentest,
penetration test,
pdi,
pdfsaver,
pdf,
pda software,
pda,
pcb layout software,
pcb designs,
pc.after,
patch,
password list,
password,
passport,
partition,
parameter,
para,
paper software,
paper pdf,
palm fiber,
pagina di login,
packet,
outlines,
orchestration,
oracle,
open source hardware,
open source,
open environment,
open,
old software,
oisc,
object oriented programming,
object initialization,
obfuscated c code,
obfuscated,
nx os,
novell zenworks,
novell,
notebook,
nome,
no prob,
nmea data,
nexus,
nexpose,
newest software,
new programming technology,
new,
network interfaces,
net resource,
nessus,
nbsp nbsp nbsp nbsp nbsp,
nbsp,
nat skinny,
napster,
nancy france,
nancy,
nac,
mxe,
music controller,
multitasker,
multiple buffer overflow,
multiple,
msfpayload,
mp3 file,
mp3 decoder,
mozilla,
movie,
mouse work,
mouse,
monster,
monitoring software,
monitoring,
module,
modual,
modern infrastructure,
modern computer,
mode,
mobile apps,
mobile,
mit opencourseware,
misc,
minor improvements,
mini stream ripper,
mini stream,
minecraft,
milw0rm,
milw,
mike field,
mike,
microtouch,
microsoft windows,
microsoft software,
microsoft acquisition,
microsoft,
microprocessor,
microcontroller,
micro code,
mia,
meterpreter,
metasploit,
metagoofil,
message code,
memory issue,
memory corruption,
memory,
medussa,
medusa,
mascot,
market,
marco morana,
mano,
mandelbrot fractal,
mandelbrot,
malaysia,
mal,
maker,
make,
mailboy,
mail client,
mail,
magnetosoftnfc universal,
magneto,
mace,
mac users,
mac computer users,
mac antivirus,
mac address filters,
mac address,
lynis,
ltd,
low disk space,
lost,
login credentials,
login,
logic analyzer,
logic,
loco,
locazioni,
little bit,
list,
linux wireless,
linux windows,
linux source,
link,
linear technology,
lindner,
limelight,
lifehacker,
lifecycle,
libwiretap,
library software,
library,
libprngwrap,
libc,
lib,
liado,
level languages,
len,
legacy software,
leasing software,
leasing,
ldp,
layout manager,
latex,
laser light show,
laser assembly,
laser,
las herramientas,
laptops,
laptop,
lancio,
lan management solution,
lan,
label distribution protocol,
l. patterson,
krakow,
komppa,
koha,
knowledge,
kismet,
kinect,
keyworks,
keylogger,
keyhelp,
kernel extensions,
kde,
karl,
k javascript,
josh corman,
joomla,
jonathan brossard,
joey,
joe grand,
joe,
job,
jewelry cart,
jewelry,
jeri ellsworth,
jeremy blum,
jeremy,
jenkins,
jdk java,
jdk,
jari komppa,
jamf,
jacob nahin,
iwl,
iwconfig,
ivs,
issue,
ipwraw,
ipv,
ipsec,
ip version 4,
ip phones,
ios software,
ioccc,
invaders,
introductions,
introduction to databases,
internet key exchange,
internet group management protocol,
internet group management,
internationalized,
international obfuscated c code contest,
international,
interface processor,
interface,
intelligence,
intel pro wireless 3945 abg,
intel pro,
intel graphics media accelerator,
integrated development,
integrated,
instruction computer,
instruction,
installer,
installazione,
insight software,
insight,
insecurity,
input validation vulnerabilities,
initiation,
iniciar,
information disclosure,
information,
inet addr,
inet,
indie,
index,
inconveniente,
inclusion,
inalambrica,
impossible objects,
implicit declaration of function,
immagine,
image processing software,
ike,
igmp,
ieee,
hxxp,
html files,
hpediag,
hp ux,
hp software,
howtos,
hostfriendz,
host machine,
honggfuzz,
home,
holes,
hola,
hobbyist electronics,
hillstone,
hijacking,
high score,
help desk software,
hello world,
header error,
hat europe,
hasith,
hardware version,
hardware security,
hardware keylogger,
hardware hack,
harddrive,
hard disk,
hard,
handhelds,
half,
hak,
hacking,
hackers de software,
hack in the box,
guida,
gui techniques,
gui,
grub,
group,
gross body,
greg jacobs,
graphics demo,
graphical user interface gui,
graphical user interface,
graphical elements,
goolge,
gia,
gerix,
genetic,
gcc version,
gateway,
fuzzing,
furniture,
function,
funciona,
ftp,
framework,
fractal,
found,
forensics,
forcal,
fnet,
flake,
flair,
firesheep,
firefox,
finishing touch,
fingerprint software,
fingerprint,
fingered,
fine,
fileden,
file upload,
file password,
file,
ferrati,
fence,
fast track,
fake,
facebook,
fabian mihailowitsch,
f shopping,
eye candy,
express,
exploit,
explicit,
experience engine,
existe,
execution,
executable file,
everyday tasks,
europe,
ettercap,
ethical hacker,
ethercap,
etc network,
esyndicat directory software,
esyndicat,
estimados,
errors,
error while loading shared libraries,
error array,
error,
eric butler,
epractize,
environments,
entertainment,
engine crawler,
energizer,
endpoints,
employee timeclock,
employee,
elf,
electrical engineer,
eio,
efs,
edge,
ecosystem,
eclipse,
easy language,
easy,
eagleup,
eagle cad,
eagle,
dvd,
dumber,
droiddraw,
drawtext method,
dramatic effect,
dos vulnerability,
dorkmaster,
dopo,
doom port,
doom,
dont blame,
don,
document,
dlsw cisco,
dlsw,
distributor,
disk,
discovery protocol,
disclosure of information,
disclosure,
directory traversal vulnerability,
directory software,
directory,
direcciones mac,
digital infrastructure,
dhcpd,
development environments,
desk software,
desk,
designer,
design decisions,
depth image,
depth,
denke,
denial of service dos,
denial,
demonio,
demo code,
demo,
dell webcam,
dell axim,
decoding,
decoder,
ddms,
dc software,
dave king,
dating software,
dating,
dati,
database code,
darpa,
danke schon,
daniel dietrich,
dangerous software,
d cad,
cusm,
crowd,
cross site scripting,
critical security,
creative software,
creative,
creare,
cpu mode,
correct ip,
core module,
controls,
control protocol,
control,
contests,
contest,
consola,
conference,
conexion adsl,
conexion,
conclusion,
computer security vulnerabilities,
computer science concepts,
computer keyboard,
compliance system,
compatibility,
compaq presario,
compaq,
company,
community software,
commodore vic20,
commodore vic,
commodityrentals,
commander,
command line interface,
color,
collin mulliner,
code coverage,
cms,
cluster computing,
closed source,
classpath,
classifieds software,
classifieds,
classified ads software,
classified,
classic space,
class,
ciscoworks,
cisco unified communications manager,
cisco unified,
cisco telepresence video,
cisco telepresence,
cisco nx os,
cisco network,
cisco ios device,
cisco industrial,
cisco cius,
cisco catalyst,
cisco carrier,
cisco callmanager,
cisco asr,
cisco,
circuit simulation software,
circuit,
cid,
ciao a tutti,
ciao,
chipset,
chilkatftp,
chilkat software,
chilkat,
chiavetta,
che,
chat server,
change,
ch10,
cdpi,
castripper,
cart software,
cart,
carpeta,
card,
camera software,
camera,
call,
calendar issues,
cadsoft,
c series,
c code,
c application,
bypass,
busy working,
business software alliance,
business,
buongiorno,
buon giorno a tutti,
bundled,
building security,
bug,
buffer overflow vulnerability,
buffer overflow,
buenas,
buen dia,
budget,
bt4,
bt3,
brutessh,
browsing,
bridge,
brackets,
bot,
boston,
border,
bootloader,
boot,
body movements,
board software,
board,
blum,
blitz,
bleeding edge,
black hat,
black art,
black and white,
bit operating system,
bing tags,
bing,
billy rios,
big g,
beta testing,
beta,
best friend,
bejeweled,
battery,
basic linux books,
based buffer overflow,
base question,
base interface,
base,
barnum,
baremetal,
banking software,
banking,
backdoor,
avtech,
avira,
avc,
autoupdate,
automaticamente,
auto,
authentication software,
authentication request,
authentication,
auditing software,
auction software,
auction,
attacking,
attacker,
atomization,
ath,
assembly,
asp,
artologics,
artificial intelligence,
artificial,
art,
array type,
arp,
arduino,
archive,
application,
apple tv,
apple security,
antonio,
anton,
anti virus software,
anomalia,
analyzer,
analysis,
analog oscilloscope,
analog,
amigos,
alu,
alton brown,
alliance,
algopars,
algn,
alfa,
alex miller,
alex,
alejandro,
alambrica,
airpwn,
airodump,
aireplay ng,
aircrack,
aim,
agn,
aggregation services,
advanced software engineering,
advanced,
adsl,
admission control,
admission,
address,
adam,
actualizar kde,
actualizar,
activex controls,
activex control buffer overflow,
activex control,
activex,
active x control,
actionscript,
accurate copy,
account,
accomplease,
access point,
abu dhabi,
Tutorials,
Supporto,
Support,
Soporte,
Related,
Newbie,
NON,
Learn,
Issues,
General,
ExploitsVulnerabilities,
Discusion,
BackTrack,
Area,
3d shutter glasses,
3d mouse,
3d cameras,
2 gb
-
-
1:00
»
Hack a Day
Many languages feature a random number generator library for help with tasks like rolling a die or flipping a coin. Why, you may ask, is this necessary when humans are perfectly capable of randomly coming up with values?
[ex-punctis] was curious about the same quandary and decided to code up an experiment to test the true randomness of human. A script guesses the user’s next input from two choices, keeping a tally in the JavaScript backend that holds on to the past five choices. If the script guesses correctly, they take $1 from the user. Otherwise, the user earns $1.05.
The data from gathered from running the script with 200 pseudo-random inputs 100,000 times resulted in a distribution of correct guess approximately normal (µ=50% and σ=3.5%). The probability of the script correctly guessing the user’s input is >57% from calculating µ+2σ. The result? Humans aren’t so good at being random after all.
It’s almost intuitive why this happens. Finger presses tend to repeat certain patterns. The script already has a database of all possible combinations of five presses, with a counter for each combination. Every time a key is pressed, the latest five presses is updated and the counter increases for whichever combination of five presses this falls under. Based on this data, the script is able to make a prediction about the user’s next press.
In a follow-up statistic analysis, [ex-punctis] notes that with more key presses, the accuracy of the script tended to increase, with the exception of 1000+ key presses. The latter was thought to be due to the use of a psuedo random number generator to achieve such high levels of engagement with the script.
Some additional tests were done to see if holding shorter or longer sequences in memory would account for more accurate predictions. While shorter sequences should theoretically work, the risk of players keeping a tally of their own presses made it more likely for the longer sequences to reduce bias.
There’s a lot of literature on behavioral models and framing effects for similar games if you’re interested in implementing your own experiments and tricking your friends into giving you some cash.
-
-
19:00
»
Hack a Day
Finding a good apartment is a lot of work and includes searching websites for available places and then cross-referencing with a list of characteristics. This can take hours, days or even months but in a world where cars drive themselves, it is possible to use machine learning in your hunt.
[veesot] lives in a city between Europe and Asia and was looking for a new home, and his goal was to create a model that can use historical data to not only suggest if an advertised price was right, but also recommend waiting by predicting the decrease in the the future. The data-set includes parameters such as “area”, “district”, “number of balconies” etc and tried to determine an optimal property to view.
There is a lot that [veesot] describes in his post which includes cleaning the data in terms of removing flats that are tool small or tool large. This is essentially creating a training data-set for the machine learning system that will allow the system to generate usable output. [veesot] also added parameters such districts which relate to the geographical location, age of the building and even the materials used in the construction.
There is also an interesting bit about analyzing the data variables and determining cross-correlation which ultimately leads to the obvious conclusions that the central/older districts have older apartments and newer ones are larger. It makes for a few cool graphs but the code can certainly come in handy when dealing with similar data-sets. The last part of the writing discusses applying Linear Regression and then testing its accuracy. Interpreting the model produces interesting results about the trained model and the values of the coefficients.
The python code is available and the same approach can be applied to a number of problems. We loved the commentary and we hope the author will continue working on the challenge. For those how are looking at similar problems, there is also the possibility of running regression using TensorFlow and it can be done in your browser no less.
-
0:46
»
Darknet
LambdaGuard is a tool which allows you to visualise and audit the security of your serverless assets, an open-source AWS Lambda Serverless Security Scanner.
AWS Lambda is an event-driven, serverless computing platform provided by Amazon Web Services. It is a computing service that runs code in response to events and automatically manages the computing resources required by that code.
LambdaGuard is an AWS Lambda auditing tool designed to create asset visibility and provide actionable results.
Read the rest of LambdaGuard – AWS Lambda Serverless Security Scanner now! Only available at Darknet.
-
-
19:00
»
Hack a Day
It wasn’t long ago that we introduced you to a web site, the Godbolt compiler explorer, that allows the visitor to compile code using a slew of compilers and compare their output. We suspect some number of readers said, “Wow! I can use that!”, while perhaps everyone else said, “Huh?” Well if you were in the second group, you ought to watch [What’s a Creel’s] video below where he walks through using the website. He looks at four different algorithms using four different compilers and it is a good example of how you might use the tool to make decisions about how you write software.
If you missed our original post about the tool, you can still catch up. Even if you don’t care much about the compiler explorer, this is an opportunity to gaze over an experienced programmer’s shoulder as he looks at some C code and generated assembly code.
The results might surprise you. In the first example, CLANG did some great optimization but other compilers created a lot of code by comparison. One of the compilers, the Microsoft compiler, had an incorrect option specified, so it didn’t so well, but would probably do better with the right options. You could always try it yourself if you are interested.
We’d love to see something like this done for FPGAs. If you can run Docker, you might also be interestedin PenguinTrace.
-
-
1:00
»
Hack a Day
[Sandro Magi] noted that the async/await idiom has become more prevalent in programming recently. According to him, he first encountered it in C# but has found examples of it in JavaScript and Rust, too. The idea is simple: allow a function to return but come back later to complete something that takes a long time. Of course, multithreading is one answer to this, but generally, this technique implies more of a coroutine setup where functions cooperate to some degree to get good behavior. [Sandro] took some ideas from the existing protothread library and used it to create a system to get this effect in C and, by extension, C++.
Adding this “library” is as simple as including a header file. All the magic occurs at the preprocessor and compiler. There’s no code to link. The async routines only need two bytes of overhead and — unlike proper threads — don’t need a preallocated private stack.
Here’s a simple example from the project’s GitHub:
#include "async.h"
typedef struct {
async_state; // declare the asynchronous state
timer timer; // declare local state
} example_state;
example_state pt;
async example(example_state *pt) {
async_begin(pt);
while(1) {
if(initiate_io()) {
timer_start(&timer);
await(io_completed() || timer_expired(&timer));
read_data();
}
}
async_end;
}
Of course, initiate_io, timer_start, timer_expired, read_data, and io_completed are defined somewhere else. The idea is simple. The first time you call the async function, it will run like normal until it hits some form of await. Then it may return. Each time after that, the function jumps back to the await statement. You can, of course, have multiple await statements.
In the example,s case, once I/O starts, the code will keep returning until either the I/O completes or the timer expires. Then it will return a final answer.
The magic here is due to a switch statement (and one limitation: you can’t use a switch statement inside the async code). The function returns the line number it wants to jump to next time or -1 to end the cycle. Each await generates a case label that has the current line number. This is easy to see if you pass -E to the gcc compiler and look at the output after preprocessing:
async example(struct async *pt) {
switch((pt)->_async_kcont) { case 0:;
while(1) {
if(initiate_io()) {
timer_start(&xtimer);
case 21: if (!(io_completed() || timer_expired(&xtimer))) return 21;
read_data();
}
}
default: return ASYNC_DONE; };
Sure, you could roll it yourself, but this is a handy syntactic shortcut. We’ve seen the use of protothreads on small systems before. Protothreads even earned one hacker a job.
-
-
19:00
»
Hack a Day
Working in a theater or night club often requires a specialized set of technical skills that you might not instantly think about. Sure, the audio system needs to be set up and managed but the lighting system is often actively managed as well. For simple setups, this is usually not too difficult to learn. With more complicated systems you will need to get elbow-deep into some software. With [trackme518]’s latest tool, though, you will only need to be able to edit video.
Sure, this sounds like just trading one piece of software for another, but it’s more likely that professionals working in lighting will already know how to edit video rather than know programming or complicated proprietary lighting software. All you have to do to control a set of lights is to create a video, or use an existing one, and the lighting system will mimic the video on its own. If you do know programming, though, it’s written in Processing Java so changes aren’t too difficult to make.
The software (available on the project’s GitHub page) will also work outside of a professional environment, as well. It’s set up to work with DMX systems as well as LED strips so you could use it to run a large LED display board using only an input video as control. You could even use it to run the display on your guitar.
Photo courtesy of Rob Sinclair (Gribiche) [CC BY-SA 2.0 (https://creativecommons.org/licenses/by-sa/2.0)]
-
-
19:00
»
Hack a Day
We don’t know what normal people argue about, but we know we spend a lot of time arguing about the best microcontroller, which editor is the best, and what language or compiler does the best job. The problem with all those compilers is getting them loaded and digging into the generated code. If you too spend your time thinking about those things, you ought to have a look at [Matt Godbolt’s] Compiler Explorer. We know that hosting an IDE-like web page and compiling code is old hat — although [Matt’s] site has been around quite some time. But [Matt’s] doing it differently. The code you build on the left hand pane shows up as assembly language on the right hand side.
There are plenty of options, too. For example, here’s a bit of C code from the site’s example:
int square(int num) {
return num * num;
}
Here’s the corresponding assembly from gcc 9.2 for x86-64:
square:
push rbp
mov rbp, rsp
mov DWORD PTR [rbp-4], edi
mov eax, DWORD PTR [rbp-4]
imul eax, eax
pop rbp
ret
However, ARM64 gcc 8.2 outputs:
square:
sub sp, sp, #16
str w0, [sp, 12]
ldr w1, [sp, 12]
ldr w0, [sp, 12]
mul w0, w1, w0
add sp, sp, 16
ret
There are options for many compilers including AVR. 6502, and MIPS. Even more interesting is there is support for many other languages ranging from FORTRAN to Rust and Go. It is a nice touch that the source code lines get colors that match the region of the disassembly that corresponds to that line.
As a side note, you can click the Output button at the bottom and actually run your test program, if you like. If you are interested in how the system works, there’s a document that describes how the system leverages Amazon’s elastic cloud and Docker. Of course, [Matt’s] made a lot of changes since that document was written, but at least it will give you a general idea, plus you can always go dig around in his GitHub repo.
We’ve gotten to the point where we sort of enjoy these web-based playgrounds for learning purposes. We probably wouldn’t write our million dollar super secret code on it, but who are we kidding? No one really wants to read the source to our latest IoT garage door.
-
-
11:12
»
Darknet
HiddenWall is a Linux kernel module generator used to create hidden kernel modules to protect your server from attackers. It supports custom rules with netfilter (block ports, hidden mode, rootkit functions etc).
The motivation is basically another layer of protection, much like a hidden firewall – setting securelevel to 2 on BSD would have a similar effect.
In a typical attack, the bad actor can alter your IPTables or UFW rules – with HiddenWall you still have another layer that can block external access because it hooks directly into netfilter from kernel land.
Read the rest of HiddenWall – Create Hidden Kernel Modules now! Only available at Darknet.
-
-
8:01
»
Hack a Day
Suppose you ran a website releasing many articles per day about various topics, all following a general theme. And suppose that your website allowed for a comments section for discussion on those topics. Unless you are brand new to the Internet, you’ll also imagine that the comments section needs at least a little bit of moderation to filter out spam, off topic, or even toxic comments. If you don’t want to employ any people for this task, you could try this machine learning algorithm instead.
[Ladvien] goes through a general overview of how to set up a convolutional neural network (CNN) which can be programmed to do many things, but this one crawls a web page, gathers data, and also makes decisions regarding that data. In this case, the task is to identify toxic comments but the goal is not to achieve the sharpest sword in the comment moderator’s armory, but to learn more about how CNNs work.
Written in Python, the process outlines the code itself and how it behaves, setting up a small server to host the neural network, and finally creating the webservice. As with any machine learning, you need a reliable dataset to use for training and this one came from Wikipedia comments previously flagged by humans. Trolling nuance is thrown aside, as the example homes in on blatant insults and vulgarity.
While [Ladvien] notes that his guide isn’t meant to be comprehensive, but rather to fill in some gaps that he noticed within other guides like this, we find this to be an interesting read. He also mentioned that, in theory, this tool could be used to predict the number of comments following an article like this very one based on the language in the article. We’ll leave that one as an academic exercise for now, probably.
-
-
4:00
»
Hack a Day
[Ryan Flowers] writes in with a clever little hack that can allow you to hide data where nobody is going to go looking for it. By exploiting the fact that a web server will generally log all HTTP requests whether or not it’s valid, he shows how you can covertly send a message by asking the server for a carefully crafted fictitious URL.
We aren’t talking about requesting “yousuck.txt” from the server that hosts your least favorite website, either. As [Ryan] demonstrates, you can compress a text file, encode it with uuencode, and then send it line by line to the destination server with curl. He shows how the process, which he calls “CurlyTP” can be done manually on the command line, but it would be a simple matter of wrapping it up in a Bash script.
To get the message back, you just do the opposite. Use grep to find the lines in the log file that contain the encoded data, and then put them through uudecode to get the original text back. Finding the appropriate lines in the log file is made easier by prepending a prearranged keyword to the beginning of the URL requests. The keyword can be changed for each message to make things easier to keep track of.
If you’re still wondering why anyone would go through the trouble to do this, [Ryan] provides an excellent example: a covert “dead drop” where people could leave messages they’d rather not send through the usual channels. As long as the sender used a service to mask their true IP address, they could anonymously deliver messages onto the server without having to use any special software or protocol they might not have access to. Even the most restrictive firewalls and security measures aren’t likely to be scanning URLs for compressed text files.
We’ve seen web-based dead drops done with Python in the past, and even purpose built “PirateBoxes” that allow people to covertly exchange files, but we like how this method doesn’t require any special configuration on the server side. You should check your server logs, somebody might be trying to tell you something.
-
-
4:00
»
Hack a Day
One of the core lessons any physics student will come to realize is that the more you know about physics, the less intuitive it seems. Take the nature of light, for example. Is it a wave? A particle? Both? Neither? Whatever the answer to the question, scientists are at least able to exploit some of its characteristics, like its ability to bend and bounce off of obstacles. This camera, for example, is able to image a room without a direct light-of-sight as a result.
The process works by pointing a camera through an opening in the room and then strobing a laser at the exposed wall. The laser light bounces off of the wall, into the room, off of the objects on the hidden side of the room, and then back to the camera. This concept isn’t new, but the interesting thing that this group has done is lift the curtain on the image processing underpinnings. Before, the process required a research team and often the backing of the university, but this project shows off the technique using just a few lines of code.
This project’s page documents everything extensively, including all of the algorithms used for reconstructing an image of the room. And by the way, it’s not a simple 2D image, but a 3D model that the camera can capture. So there should be some good information for anyone working in the 3D modeling world as well.
Thanks to [Chris] for the tip!
-
-
8:30
»
Hack a Day
Humans seem to have a need to do things that aren’t practical. Make the biggest ball of twine. Engrave the Declaration of Independence on a grain of rice. We want to make things bigger, smaller, faster, or whatever. That might explain why [nanochess] put out bootBASIC.
The 8088 (or later) assembly code gives you a very restricted BASIC interpreter that you can boot up. That means it has to fit in the 512-byte boot block that the hardware loads to get an operating system running. How restricted? Keep in mind it fits in 512 bytes. Each line can only have 19 characters or less. Backspace works, but doesn’t update the screen. Line numbers range from 1 to 999 and there are only 26 integer variables named a through z that hold 16 bits. All statements are in lower case.
While that’s pretty draconian, it still isn’t bad for less than 1K of space. Not only are the four common math operators available, but they obey standard precedence rules (that is, multiply and divide before add and subtract). You can even use parenthesis.
This isn’t going to replace VisualBasic or anything else, of course. But that really isn’t the point. It looks like [nanochess] is using this to promote a book about developing for the boot sector, but that’s not something everyone needs to know how to do. The readme implies the code comments are only in the book, but we glanced through the code on GitHub and it seemed well commented if you are interested in learning a little assembly language.
If you’d rather do your Basic programming for the Web, that’s easy. Or there’s always QuckBasic.
-
-
19:00
»
Hack a Day
If you are writing a program that has a technical user base, it is a nice touch to make the program scriptable. In fact, you might want to do the hard work in a programming language and then use your scripting language to build out features. In theory, this should be easy. There are plenty of embedded scripting libraries and they provide some way for your code to access script resources and for script resources to access selected host variables and functions. If you use C++, one of the easier ways to do this is with ChaiScript.
ChaiScript is BSD licensed and — assuming your compiler supports C++ 14 — it is as easy as including a header file and making a few calls. There are no special tools or libraries required. The code is portable between operating systems, including both 32-bit and 64-bit Windows. It is also threadsafe unless you turn that feature off.
How simple is ChaiScript? Here’s their example of exposing a function (HelloWorld, of course). The function takes an argument and returns a value. The main program sets up the link between the function and script and then runs a simple script.
#include <chaiscript/chaiscript.hpp>
std::string helloWorld(const std::string &t_name) {
return "Hello " + t_name + "!";
}
int main() {
chaiscript::ChaiScript chai;
chai.add(chaiscript::fun(&helloWorld), "helloWorld");
chai.eval(R"(
puts(helloWorld("Bob"));
)");
}
A real program is probably more likely to read its script from a file or some other user-specified thing, but that’s easy enough to imagine. According to the documentation, your script can call C++ and C++ can call into scripts and all in a type-safe manner. You can also propagate exceptions.
The scripting language itself is straightforward. Instead of the formal documentation, you might appreciate the cheat sheet. There are also quite a few examples.
It is easy to dismiss scripting languages, but they are perfect for some applications. ChaiScript and similar tools let you build the hard parts the hard way and the easy parts the easy way. After all, you probably use bash and it is nothing more than a scripting language.
-
-
19:00
»
Hack a Day
We’ve all come to terms with a neural network doing jobs such as handwriting recognition. The basics have been in place for years and the recent increase in computing power and parallel processing has made it a very practical technology. However, at the core level it is still a digital computer moving bits around just like any other program. That isn’t the case with a new neural network fielded by researchers from the University of Wisconsin, MIT, and Columbia. This panel of special glass requires no electrical power, and is able to recognize gray-scale handwritten numbers.
The glass contains precisely controlled inclusions such as air holes or an impurity such as graphene or other material. When light strikes the glass, complex wave patterns occur and light becomes more intense in one of the ten areas on the glass. Each of those areas corresponds to a digit. For example, here are two examples of the pattern of light recognizing a two on the glass:
With a training set of 5,000 images, the network was able to correctly identify 79% of 1,000 input images. The team thinks they could do better if they allowed looser constraints on the glass manufacturing. They started with very strict design rules to assist in getting a working device, but they will evaluate ways to improve recognition percentage without making it too difficult to produce. The team also has plans to create a network in 3D, as well.
If you want to learn more about traditional neural networks, we have seen plenty of starter projects. If TensorFlow is too much to swallow, try these 200 lines of C code.
-
-
1:00
»
Hack a Day
[Avi Press] recently made a Medium post sharing his thoughts on a failed effort to allow for paid users of an open source project. [Avi] is the author of Toodles, a tool to help organize and manage TODO items in software development. Toodles enjoyed unexpected popularity, and some of its users were large organizations. It seemed that Toodles was of value to people who could afford to pay, and they might even be willing to do so if [Avi] provided a way for them to do it. It turned out that the monetizing process was far from simple, and he ultimately wasn’t successful.
Before he even started, [Avi] thought carefully about things and found that even basic and preliminary questions were difficult to answer, such as:
- How many people were actually using the software on a regular basis? Were they gaining quantifiable value from it?
- What exactly would someone be buying? How would they pay, and how would it get delivered to them?
- How could companies be charged for the tool while still offering it freely to individuals?
- Is it even ethical to accept money for a project to which others have contributed? How could money be shared with contributors? How to fairly decide who gets how much?
In short, [Avi] discovered that much of the data he felt he needed in order to make these decisions didn’t exist, wasn’t easily accessible, or couldn’t be reliably measured. His experiment in adding a license and payment system (which always seemed to need more work than it should) yielded no fruit, as there were zero paid users anyway.
Regardless of whether “difficulty in shoehorning a paid license system into an open source project” should be filed under “Feature, not Bug” [Avi] does thoughtfully present the issues he encountered. Open source and getting paid are not necessarily mutually exclusive. Octoprint is one example of an open source project that eventually navigated these waters, but that doesn’t mean it was easy, nor does it mean there are established tools and processes.
-
-
19:00
»
Hack a Day
Cloud based IDEs and development tools have grown over the years, though most have limitations in their free tiers and may not be fully compatible with other services such as GitHub. [Aadi Bajpai] loved using PythonAnywhere and to collaborate using GitHub, so he made a update server that automatically updates the running code once you make a push to Github
PythonAnywhere gives you access to a python shell over a web browser, and also lets you run a web app that can be accessed via a custom sub-domain. Even though it does not have direct integration with GitHub, you can drop to the bash shell to and get access to a git client.
For this hack, [Aadi Bajpai] utilizes the webhooks from GitHub that are triggered when a push event is detected. A flask server running on PythonAnywhere is written such that once triggered by the get POST request, it locally executes a git pull from the repository. There a bit more work that allows adding a bit of security sauce to the recipe but it is a pretty elegant solution and can be used for other cases as well.
Setting up alert notifications has been demonstrated to be an interesting task, though integrating Discord or Slack for notifications adds a little more bragging rights.
-
-
19:00
»
Hack a Day
Most of us have a pretty simple model of how a computer works. The CPU fetches instructions and data from memory, executes them, and writes data back to memory. That model is a good enough abstraction for most of what we do, but it hasn’t really been true for a long time on anything but the simplest computers. A modern computer’s memory subsystem is much more complex and often is the key to unlocking real performance. [Pdziepak] has a great post about how to take practical advantage of modern caching to improve high-performance code.
If you go back to 1956, [Tom Kilburn’s] Atlas computer introduced virtual memory based on the work of a doctoral thesis by [Fritz-Rudolf Güntsch]. The idea is that a small amount of high-speed memory holds pieces of a larger memory device like a memory drum, tape, or disk. If a program accesses a piece of memory that is not in the high-speed memory, the system reads from the mass storage device, after possibly making room by writing some part of working memory back out to the mass storage device.
Caching takes this even further. The CPU executes code from a small but very fast cache. A larger and slower cache acts as mass storage for the fast cache. That cache may have its own cache until eventually one of the caches empties into a mass storage device. Naturally, there are some differences since the purpose is different: cache is mainly concerned with faster memory access while virtual memory tries to allow large programs to run in less physical memory.
However, this is a lot different than our common mental model. In a very real sense, today’s modern CPUs execute programs from mass storage. That’s why you can have many huge programs running on a single computer with limited memory. However, the CPU really executes from a very small high-speed memory.
A modern cache is often split into separate parts for instruction and data, and [Pdziepak] is looking specifically at the level 1 instruction cache. It gets pretty detailed, but it does talk about tools to examine cache performance and also about hot and cold functions, something we don’t think gets enough use.
Of course, if you are just writing normal code, you probably don’t care. But if you are trying to wring the most performance you can get out of your CPU, you’ll enjoy the post.
Unfortunately, the cache has had a bad security rep lately. Although Meltdown and Spectre got most of the press, there’s also Foreshadow.
-
-
19:00
»
Hack a Day
If you like nitpicking around C code and generated assembly language — and we’ll admit that we do — you shouldn’t miss [Scaramanga’s] analysis of what’s known as Kernighan’s trick. If you haven’t heard of the trick, it’s a pretty efficient way of counting bits.
Like the Wheatstone bridge and a lot of other things, the Kernighan trick is misnamed. Brian Kernighan made it famous, but it was actually first published in 1960 and again in 1964 before he wrote about it in 1988. The naive way to count bits would be to scan through each bit position noting how many one bits you encounter, but the problem is, that takes a loop for each bit. A 64-bit word, then, takes 64 loops no matter what it contains. You can do slightly better by removing each bit you find and stopping when the word goes to zero, but that still could take 64 cycles if the last bit you test is set.
Using the trick, you make the observation that X & (X-1) will always clear the least significant bit of a word. Try a few examples:
X X-1 X&(X-1)
0001 0000 0000
0010 0001 0000
0011 0010 0010
1010 1001 1000
1100 1011 1000
1111 1110 1110
You can probably see where this is going. By computing X&(X-1) you clear a bit on each loop iteration and you only have to go through the number of bits that are actually set.
This kind of thing is a common enough type of interview question although as [Scaramanga] points out, compilers will probably optimize this to use specific CPU operations and get even better performance. The POPCNT instruction on the x86 architecture, for example, will do it all in one instruction. He also has a detailed explanation of exactly why this works the way it does.
Of course, most software doesn’t need to run so fast that it is worth using obscure tricks. But sometimes it makes sense. It is also a nice test of logic and problem solving in an interview situation.
If you like this sort of thing, be sure to check out [Sean Anderson’s] extensive list of bit hacks. It shows several different ways to count bits and do other common and uncommon tasks with different tradeoffs. For example, you could dedicate a 256-entry lookup table and do the whole thing with one loop per byte with great speed but bad memory utilization. Always a trade-off.
There are lots of ways to play with bits, especially in C. Or you can use tools to chop things up if you just want to analyze them.
-
-
19:00
»
Hack a Day
Photoshop can take a bad picture and make it look better. But it can also take a picture of you smiling and make it into a picture of your frowning. Altering images and video can of course be benign, but it can also have nefarious purposes. Adobe teamed up with researchers at Berkeley to see if they could teach a computer to detect a very specific type of photo manipulation. As it turns out, they could.
Using a Photoshop feature called face-aware liquify, slightly more than half of the people tested could tell which picture was the original and which was retouched to alter the facial expression. However, after sufficient training, Adobe’s neural network could solve the puzzle correctly 99% of the time.
It might seem odd to focus on that specific type of edit, but it is useful for making very subtle changes to a person’s face. Earlier research worked on detecting cruder manipulations.
It sounds as though the neural network could determine which of the two photos was altered. This seems like an easier problem then simply identifying a picture as altered without another photo to compare. That would be a lot more useful, but also probably a lot more difficult, as well.
We suppose neural networks detecting fake photos is no more outlandish than asking them to judge our photography. We’ve even seen them correct for depth of field.
-
-
1:00
»
Hack a Day
If you are browsing GitHub it is very tempting to open up the source code to some project and peek at how it works. The code view is easy to read, but the viewer lacks one important feature: the ability to click on an included file and find it. The Octolinker extension fixes that oversight.
If you want to try it without installing the extension, there is a mock-up demo available. Even though the demo wants you to click on specific things, if you don’t play by the rules it will still do the right thing and take you to either the code on GitHub or an appropriate page. You can even substitute the demo URL for github.com and try it out on any GitHub page without the extension.
The tool supports at least 20 languages although we were bemused to see that C and C++ were not among them. The developer claims that none of your source code is ever sent out of your browser by the extension. If you use Octolinker on a private repository, you also have to supply a GitHub API token and that’s never sent out of your browser, either, according to the web site.
The code (on GitHub, of course) has a plug in architecture, so it ought to be easy to add the language of your choice. If you crave pop up tool tips for source code in GitHub, check out OctoHint.
GitHub seems to have survived being bought by Microsoft without becoming tarnished. If you want to keep an eye on your GitHub properties, there’s always this project.
-
-
4:00
»
Hack a Day
These days everyone talks about data “in the cloud.” However, before that phrase was fashionable, there were a few pioneers and one of the most famous of these is Dropbox — a service that let you store files on a remote server that dates back to 2007. [Vincent Berg] first noticed some odd network traffic on a hotel network, and figured out that it was a feature of Dropbox that allows computers on the same network to update each other. This led him to start investigating the undocumented Dropbox protocol and reverse engineering the Linux client.
We won’t ask why [Vincent] was poking around the hotel network to start with. However, a cursory glance at the Dropbox client gave away that it was using Python. The byte-compiled classes were — at the time — in a ZIP file added to the executable (which was nothing but a modified copy of Python). The files were encrypted, but [Vincent] used a clever technique. He built a shared object using normal Python and put a backdoor in it that gave him access to the Dropbox Python interpreter.
Apparently, however, Dropbox knew that was possible. They had built in several anti-debugging measures in their code and [Vincent] explains some of them. For example, though, the custom Python interpreter remapped opcodes to different numbers and marshaling was now encrypted to some extent.
The Dropbox client has changed over that time period and [Vincent] has kept up with it. His current code and the first version is in a GitHub repo if you are interested in doing what he’s done. Honestly, we don’t really want to reverse engineer the Dropbox client and protocol, but we learned a lot about hacking into a Python executable by looking over [Vincent’s] shoulder.
If you are interested in the same sort of tricks with Android, we suggest you read this post with a refreshing beverage. Just remember, too much decompilation can come with significant legal fees.
-
-
19:01
»
Hack a Day
Algebra is the bane of many a student, but it is surprisingly useful when it comes to electronics. Sure, you can just memorize all the permutations of things like Ohm’s law. But it is better if you can remember one form and deduce the others on the fly.
There are many occasions where you — as our old Algebra teacher used to say — need to use what you know to get what you don’t know. The gold standard, of course, is a computer program called Mathematica. For home and student use, the software is “only” about $160-$600, but commercial versions range from about $1,000 to nearly $8,000. Of course, there are free alternatives, and the one we’re looking at today is Mathics. It will run in your browser or as a desktop application powered by Python, and it’s available for free.
The program does a nice job of displaying mathematical formulae and you can get an idea of its power by visit the online version. which has examples if you click the question-mark in the upper right and look for the fourth item down. There’s also a standalone version of the online help.
We did have a little trouble with some of the gallery examples timing out, as well as the site certificate being expired. We also had a bit of difficulty remembering the linear algebra classes we took a long time ago! If you want something easy to play with try this:
Solve[4x+3==20,x]
Don’t forget to press Shift+Enter in the browser to get the solution.
Under the hood, MathJax and SymPy do a lot of the heavy lifting. In fact, we imagine a lot of the program’s intended audience would wind up using Jupyter notebooks with Python underneath. Of course, there are copies of Wolfram software on stock Raspberry Pi’s, too.
-
-
1:00
»
Hack a Day
C-programmers who don’t have a mental model of what’s going on underneath their thin veneer of abstraction above assembly code are destined for trouble. In order to provide a convenient way to understand what C-code gets compiled to and how it runs on the machine, [Alex Beharrell] has created penguinTrace, a program which allows you to see what instructions your code compiles to, and examine how it executes.
While you can get somewhat similar functionality out of standard debuggers, penguinTrace was purpose-built to facilitate exploration of how the whole process works. You can single-step through the instructions your code compiled to, examine variables, and look at the stack — the usual debugger stuff — but structured more for exploration and learning than full-on debugging. Based on our experiences when we learned low-level programming, anything that can help novices build that all-important mental picture of what’s going on underneath is a good thing. But, since it was written with a secondary purpose of learning how debuggers themselves work, it’s a great opportunity for exploring that space, too.
The UI harnesses CodeMirror to provide a browser-based interface, and is configurable to use Clang or GCC for compilation. It supports AMD64/X86-64 and AArch64 architectures, and will run on Windows using WSL: if you’ve got a PC running Linux, a Raspberry Pi, or a Windows box, you’re good to go. The code is AGPL-licensed and available on GitHub. So, if you want to gain a better understanding of what happens when you compile and run “hello, world,” grab a copy and start exploring.
This isn’t the only way to debug, though – we previously featured an application that allows a type of debugging for the Arduino platform.
-
-
1:00
»
Hack a Day
When you think of Fortran you probably think of punched cards and green bar paper. While it is true that Fortran isn’t the go-to language it used to be — pun unintentional — it still has a vibrant community of people who do serious number crunching. However, many members of that community have been seduced away by interactive tools that are also good at number crunching like MATLAB, Julian, and Python with special libraries. The LFortran project aims to create a Fortran environment with interactivity like Python, but retaining the speed that Fortran is known for.
The resulting tool is impressive. You can use it from Jupyter, can parse code targeting existing Fortran compilers, and supports Linux, Mac, and Windows. There is development to make the code fully interoperable with other languages like C or Python as well as take advantage of GPUs and other specialized hardware. They are also zeroing in on full Fortran 2018 support.
If you want to try it out, you could go to the Git repository. However, since it is compatible with Jupyter, you can open it online using Binder. The developers hope people won’t see it as just a way to run legacy code, but will introduce Fortran to a new generation of developers who will use it to do new things.
We’ve seen Fortran make a bit of a comeback lately. You can use it to serve Web pages, although that might not be the best use of its power. If you want to learn more about using Jupyter notebooks which can support many different languages, we covered that earlier this year.
-
-
16:01
»
Hack a Day
Over the years we’ve seen KiCad grow from a niche, somewhat incomplete, but Open Source PCB design suite to a full-featured extravaganza of schematics and board layouts. We’ve plumbed the depths of keys and kais and queues and quays, and KiCad just had its first conference last weekend. While we wait for the rest of the talks to be published, there’s a special treat for KiCad users everywhere. Here’s a banana for scale.
Have you ever worried your PCB was too big? Confused if you’re working in inches or millimeters? Do you just want to know the scale of your PCB? Just add this footprint to your KiCad project, and you’ll have a banana on your board view. This is immediate visual feedback, giving you all the information you need to continue on with your design. There’s a 2D view and a 3D view. It’s something no electrical engineer should be without. All of this can be yours for the low, low, cost of free because KiCad is Open Source.
If you’re wondering what official features are in the works for the EDA suite, the first two talks from the con delve into that. project leader Wayne Stambaugh’s talk covers features new to version 5.1 and plans for 6.0. There was also a developers panel that provides insight on what goes into a large project like this one.
-
-
19:00
»
Hack a Day
For those hosting their own git repositories there are a number of solutions for creating convenient web-accessible front ends, but [mitxela] wasn’t quite satisfied with any of them. After trying a number of alternatives and reflecting on his requirements, he realized that all he really needed was a summary page …read more
-
-
4:00
»
Hack a Day
Getting into the weeds of operating systems is daunting work. Especially when the operating system involved is a fully featured modern PC operating system with millions of lines of code all working together to integrate hardware and software seamlessly. One such operating system “weed” is figuring out how to handle …read more
-
-
10:00
»
Hack a Day
It’s a thankless task, searching for a job. You send off your CV, or resume, and it joins a thousand other destined for the round file. What on earth can you do to make your career stand out, and catch the eye of the recruiter?
If you are [Pablo Jiménez …read more
-
-
4:00
»
Hack a Day
Google+ is dead. Granted people have been saying that much for years now, but this time it’s really true. As of April, Google’s social media experiment will officially go the way of Reader, Buzz, Wave, Notebook, and all the other products that the search giant decided they were no longer …read more
-
-
22:00
»
Hack a Day
Panelization of printed circuit boards is a very helpful trick for any PCB design tool to have. By panelizing boards, you can get them ready for automated assembly. You can put testing rigs right on the panel. You can combine different boards to reduce your PCB production cost. But Eagle, …read more
-
-
1:00
»
Hack a Day
Speedrunning is the practice of attempting to beat a videogame in as short a time as possible. There are a huge variety of methods and styles. There are 100% completion speedruns, tool-assisted speedruns, and speedruns that just focus on getting to the game over screen as quickly as possible by …read more
-
-
4:00
»
Hack a Day
Machine learning has brought an old idea — neural networks — to bear on a range of previously difficult problems such as handwriting and speech recognition. Better software and hardware has made it feasible to apply sophisticated machine learning algorithms that would have previously been only possible on giant supercomputers. …read more
-
-
19:00
»
Hack a Day
We are big fans of posts and videos that try to give you a gut-level intuition on technical topics. While [vas3k’s] post “Machine Learning for Everyone” fits the bill, we knew we’d like it from the opening sentences:
Machine Learning is like sex in high school. Everyone is talking about
…read more
-
-
22:00
»
Hack a Day
[Ben] made an interesting discovery during the FIFA World Cup in 2018, and used it to grant himself the power to call goals before they happened. Well, before they happened on live TV or live streaming, anyway. It was possible because of the broadcast delay on “live” broadcasts, combined with the sports betting industry’s need for timely and detailed game state tracking.
He discovered that a company named Running Ball provides fairly detailed game statistics in digital form, which are generated from inside the stadium as events occur. An obvious consumer of this data are sports betting services, and [Ben] …read more
-
-
1:00
»
Hack a Day
A whole generation of programmers learned to program by writing — or at least typing in — game programs for relatively simple computers like a TRS-80, a Commodore 64, or any of a handful of similar machines. These days, games are way more complicated and so are computers. Sure, it is more fun to play Skyrim than Snake, but for learning, you are probably going to get more out of starting with a simple game. If you want to learn programming today — or maybe start someone else on that same journey, you should check out Script-8, a project by …read more
-
-
19:00
»
Hack a Day
If you are writing a hello world program, you probably aren’t too concerned about how the compiler translates your source code to machine code. However, if your code runs on something that people’s lives depend on, you will want to be a bit pickier and use something like the COMPCERT compiler. It’s a formally verified compiler, meaning there is a mathematical proof that what you write in C will be correctly translated to machine code. The compiler can generate for PowerPC, ARM, RISC-V, and x86, accepting a subset of ISO C 99 with a few extensions. While it doesn’t produce …read more
-
-
19:00
»
Hack a Day
We typically feature projects from people sharing what they’ve learned while building something for themselves. But our community has a healthy contingent who deploy their skills for the benefit of future generations, developing a child’s natural curiosity for play into interest in understanding the technical world they will grow up in. This field is where MIT’s release of Scratch 3.0 can open up interesting possibilities.
Scratch is a block-based programming language designed for elementary school children, letting them learn fundamental concepts while experimenting in an environment filled with visual and audible feedback. In an effort to make Scratch more widely …read more
-
-
19:00
»
Hack a Day
Who’s the better programmer? The guy that knows 10 different languages, or someone who knows just one? It depends. Programming is akin to math, or perhaps it is that we treat some topics differently than others which leads to misconceptions about what makes a good programmer, mathematician, or engineer. We submit that to be a great programmer is less about the languages you know and more about the algorithms and data structures you understand. If you know how to solve the problem, mapping it to a particular computer language should be almost an afterthought. While there are many places that …read more
-
-
19:00
»
Hack a Day
Some time ago, [Trammell Hudson] took a shot at creating a tool that unfolds 3D models in STL format and outputs a color-coded 2D pattern that can be cut out using a laser cutter. With a little bending and gluing, the 3D model can be re-created out of paper or cardboard.
There are of course other and more full-featured tools for unfolding 3D models: Pepakura is used by many, but is not free and is Windows only. There is also a Blender extension called Paper Model that exists to export 3D shapes as paper models.
What’s interesting about [Trammell]’s project …read more
-
-
7:01
»
Hack a Day
If there’s one thing that will bring down the yield of your PCB assembly, it’s your solder paste. Put too much on, and you’ll get bridged leads. If you don’t put enough on, that pad might not make good contact. [ScalarElectric] has an amazing trick that’s sure to astonish and astound. Just use wedges and you’ll get better yield with fine-pitched components.
The trick here is to define the cream/solder paste layer of each package as a wedge on each pad instead of the usual rectangle. This gives a few benefits, the largest being the increased gap between paste shapes. …read more
-
-
10:00
»
Hack a Day
The ability to execute code in parallel is crucial in a wide variety of scenarios. Concurrent programming is a key asset for web servers, producer/consumer models, batch number-crunching and pretty much any time an application is bottlenecked by a resource.
It’s sadly the case that writing quality concurrent code can be a real headache, but this article aims to demonstrate how easy it is to get started writing threaded programs in Python. Due to the large number of modules available in the standard library which are there to help out with this kind of thing, it’s often the case that …read more
-
-
10:00
»
Hack a Day
We can tell that [Jon Howell] is our kind of guy. After updating his vintage 1985 Hewlett-Packard plotter with WiFi and the ability to load SVG files, he obviously needed to find a bunch of stuff to run off with it. Gotta justify those hacks somehow. So he doubled down and decided support a hack with another hack by writing a maze generator to keep his plotter well fed. He was kind enough to unleash his creation on an unsuspecting Internet as an open source project, and now we all can benefit from a couple of reams worth of mazes. …read more
-
-
19:00
»
Hack a Day
[Brendan Herger] was warned that the process of publishing a Python package would be challenging. He relishes a challenge, however, and so he went at it with gusto. The exhausting process led him to share a cheat sheet for publishing Python packages with the goal of making the next time smoother, while also letting other people benefit from his experience and get a running start.
[Brendan] describes publishing a Python package as “tying together many different solutions with brittle interchanges.” His cheat sheet takes the form of an ordered workflow for getting everything in place, with some important decisions and …read more
-
-
7:01
»
Hack a Day
A little while back, we were talking about utilizing compiler warnings as first step to make our C code less error-prone and increase its general stability and quality. We know now that the C compiler itself can help us here, but we also saw that there’s a limit to it. While it warns us about the most obvious mistakes and suspicious code constructs, it will leave us hanging when things get a bit more complex.
But once again, that doesn’t mean compiler warnings are useless, we simply need to see them for what they are: a first step. So today …read more
-
-
19:00
»
Hack a Day
Throughout human history, people try to make the biggest, the fastest, and — sometimes — the smallest. [Hellmood] falls into the latter category and proves it with a 64 byte interactive 3D raycasting application for MSDOS.
Why MSDOS? We suppose why not? The .COM file format is lean, and you can take over everything without a lot of work. If the program were huge, it wouldn’t be very impressive. There are 64 shades of gray which is odd looking these days, however there are versions that use various color palettes and each one fits in 64 bytes or less. There’s …read more
-
1:00
»
Hack a Day
In systems where there are multiple participants who need to interact with a shared resource some sort of concurrency protection is usually appropriate. The obvious technique is to use locking (and fun words like “mutex”) but this adds a constant performance hit as every participant needs to spend time interacting with the lock regardless of the number of other participants. It turns out this is actually a Big Problem that garners original research, but there are techniques that can yield great effect without a PhD. Years ago [Marc] posted a great walkthrough of one such method, exponential backoff with jitter, …read more
-
-
22:00
»
Hack a Day
Maybe its a capture file from a network dump. Maybe it’s from an Arduino. Maybe it is a random file off the Internet. But there will be a time when you have a file full of seemingly meaningless numbers and you need to impose order. We usually resort to a printout and highlighter, but BitBench seems like a better option. That link will take you to the code, but if you want to play with a live instance, the author has one loaded with example data.
If you look at the live example, there’s an area up top with a …read more
-
7:00
»
Hack a Day
If there’s one thing C is known and (in)famous for, it’s the ease of shooting yourself in the foot with it. And there’s indeed no denying that the freedom C offers comes with the price of making it our own responsibility to tame and keep the language under control. On the bright side, since the language’s flaws are so well known, we have a wide selection of tools available that help us to eliminate the most common problems and blunders that could come back to bite us further down the road. The catch is, we have to really want it …read more
-
-
19:00
»
Hack a Day
We should all be familiar with QR codes, those blocky printed patterns containing encoded text, URLs, or other data. A few years ago they were subject to their own cloud of hype, but now they have settled down in their niche of providing a handy route for a smartphone owner to reach a website without having to type an address.
Have you ever wondered how they work? There are plenty of dry technical guides out there, but if they’re not your thing you might find [Nayuki]’s step-by-step guide to be of interest. It explains the encoding and error checking bit …read more
-
-
19:00
»
Hack a Day
One of the difficulties in learning about neural networks is finding a problem that is complex enough to be instructive but not so complex as to impede learning. [ThomasNield] had an idea: Create a neural network to learn if you should put a light or dark font on a particular colored background. He has a great video explaining it all (see below) and code in Kotlin.
[Thomas] is very interested in optimization, so his approach is very much based on mathematics and algorithms of optimization. One thing that’s handy is that there is already an algorithm for making this determination. …read more
-
-
19:00
»
Hack a Day
For anyone out there who has ever struggled finding a part for Eagle or KiCad, there are some who would say you’re doing it wrong. You’re supposed to make your own parts if you can’t find them in the libraries you already have. This is really the only way; PCB design tools are tools, and so the story goes you’ll never be a master unless you can make your own parts.
That said, making schematic parts and footprints is a pain, and if there’s a tool to automate the process, we’d be happy to use it. That’s exactly what …read more
-
-
19:00
»
Hack a Day
When we first heard Nim, we thought about the game. In this case, though, nim is a programming language. Sure, we need another programming language, right? But Nim is a bit different. It is not only cross-platform, but instead of targeting assembly language or machine code, it targets other languages. So a Nim program can wind up compiled by C or interpreted by JavaScript or even compiled by Objective C. On top of that, it generates very efficient code with — at least potentially — low overhead. Check out [Steve Kellock’s] quick introduction to the language.
The fact that it …read more
-
-
19:01
»
Hack a Day
There is a widely derided quote attributed to [Bill Gates], that “640k should be enough for anyone”. Meaning of course that the 640 kb memory limit for the original IBM PC of the early 1980s should be plenty for the software of the day, and there was no need at the time for memory expansions or upgrades. Coupled with the man whose company then spent the next few decades dominating the software industry with ever more demanding products that required successive generations of ever more powerful PCs, it was the source of much 1990s-era dark IT humour.
In 2018 we …read more
-
-
7:00
»
Hack a Day
If you’ve ever written any Python at all, the chances are you’ve used iterators without even realising it. Writing your own and using them in your programs can provide significant performance improvements, particularly when handling large datasets or running in an environment with limited resources. They can also make your code more elegant and give you “Pythonic” bragging rights.
Here we’ll walk through the details and show you how to roll your own, illustrating along the way just why they’re useful.
You’re probably familiar with looping over objects in Python using English-style syntax like this:
These kind of statements are …read more
-
-
19:00
»
Hack a Day
Java isn’t everyone’s cup of tea. With all its boilerplate and overhead, you’re almost always better off with a proper IDE that handles everything under the hood for you. However, if you learn a new language, you don’t really want to be bothered setting up a clunky and complex IDE. If only you could use a simple, standard Windows program that you are most likely already familiar with. This wish led [RubbaBoy] to create the MSPaintIDE, a Java development environment that let’s you write your code in — yes — MS Paint.
If you’re thinking now that you will end …read more
-
-
10:00
»
Hack a Day
Programming languages tend to polarize, and Rust is by far no exception. Whether it will stick around and grow as an alternative for the lower levels or not — time will tell. In the meantime, if you’re curious about the language and its low-level abilities yourself, [phil-opp] has written a series of blog posts on building your own little bare metal kernel in Rust.
Starting from the basics, [phil-opp] describes in detail the set-up and build process to create a standalone executable that won’t be linked against the Rust standard library. From here he proceeds to build a simple operating …read more
-
-
7:00
»
Hack a Day
Whether you want some quick and dirty data storage, or simply don’t have that heavy requirements for your local database system, SQLite is always a good choice. With its portable single-file approach, bindings to all major languages, and availability on systems of all sizes, it is relatively easy to integrate a SQLite database in your undertakings. And if you tend to develop directly in your production environment, you may be interested to hear that the folks at [aergo] made this a lot more flexible (and interesting) by adding Git-style branching to the SQLite engine.
Similar to Git, each database operation …read more
-
-
9:30
»
Hack a Day
Software defined radio picked up a lot of popularity when it was discovered that cheap USB TV tuners were functional bits of hardware that could become SDRs. It’s the software that makes this possible, and when it comes to SDR software, there’s no better tool than GNU Radio. For this week’s Hack Chat we’re going to sit down with some of the people behind this awesome software tool and pick their brains.
Our guests for this week’s Hack Chat will be Derek Kozel and Nate Temple, officers of the GNU Radio project. They’re also organizers of this year’s GNU Radio …read more
-
-
19:00
»
Hack a Day
When you think of technical education about machine learning, Facebook might not be the company that pops into your head. However, the company uses machine learning, and they’ve rolled out a six-part video series that they say “shares best real-world practices and provides practical tips about how to apply machine-learning capabilities to real-world problems.”
The videos correspond to what they say are the six aspects of machine learning development:
- Problem definition
- Data
- Evaluation
- Features
- Model
- Experimentation
None of the videos are longer than 10 minutes, so you’ll invest less than an hour. The videos focus less on a specific product …read more
-
-
19:00
»
Hack a Day
Forth. You either love it or you hate it. If you have struggled to work on tiny microcontrollers, you probably are in the first camp. After all, bringing up a minimal Forth system is pretty simple and requires very little resources on the CPU. Once you have such an environment it is then easy to extend Forth in Forth. [Remko] decided he wanted to build a Forth compiler that uses WebAssembly and runs in your browser. Why? We’ve learned not to think about that question too much.
The world has changed a lot since the first introduction of the WorldWideWeb …read more
-
13:00
»
Hack a Day
Humans can turn anything into a competition. Someone always wants to be faster or drive a ball farther. Technical pursuits are no different, which is why a lot of people overclock or play regular expression golf. [Alok Menghrajani] sets himself some odd challenges. A few years ago, he hand-built a bootable floppy image that had a simple game onboard and managed to fit it in a Twitter message. Twitter has increased their number of characters, so — you guessed it — this time he’s back with a CDROM image.
His tweet is a command line that starts with perl. The …read more
-
-
16:01
»
Hack a Day
If you have ever worked in software-related industries, the chances are that the word “Rockstar” will elicit a visceral reaction. It’s a word used by a Certain Type Of Manager for an elite software developer who’s so 1337 they don’t play by the rules of ordinary mortals. In reality it’s use is invariably an indication of trouble ahead, either from clueless startups or troublesome rockstar developers making a toxic atmosphere for the mere members of the backing band. Hackaday has a team that brings together a huge breadth of experience, and we’ve been there.
Would you like to be a …read more
-
-
7:01
»
Hack a Day
Used for general purpose programming, data science, website backends, GUIs, and pretty much everything else; the first programming language for many, and claimed to be the fastest growing in the world, is of course Python. The newest version 3.7.0 has just recently been released.
Naturally any release of Python, no matter how small, undergoes meticulous planning and design before any development is started at all. In fact, you can read the PEP (Python Enhancement Proposal) for Python 3.7, which was created back in 2016.
What’s new in 3.7? Why should you upgrade? Is there anything new that’s actually useful? I …read more
-
-
22:00
»
Hack a Day
Most Hackaday readers are likely to be familiar with the infinity mirror, a piece of home decor so awesome that Spock still has one up on the wall in 2285. The idea is simple: two parallel mirrors bounce and image back and forth, which creates a duplicate reflection that seems to recede away into infinity. A digital version of this effect can be observed if you point a webcam at the screen that’s displaying the camera’s output. The image will appear to go on forever, and the trick provided untold minutes of fun during that period in the late 1990’s …read more
-
-
19:00
»
Hack a Day
Quantum computing is coming, so a lot of people are trying to articulate why we want it and how it works. Most of the explanations are either hardcore physics talking about spin and entanglement, or very breezy and handwaving which can be useful to get a little understanding but isn’t useful for applying the technology. Microsoft Research has a video that attempts to hit that spot in the middle — practical information for people who currently work with traditional computers. You can see the video below.
The video starts with basics you’d get from most videos talking about vector representation …read more
-
-
19:00
»
Hack a Day
The GOES-R series of Earth observation satellites are the latest and greatest NASA has to offer. As you might expect, part of the GOES-R job description is imaging Earth at high-resolution, but they also feature real-time lighting monitoring as well as enhanced solar flare and space weather capabilities. Four of these brand new birds will be helping us keep an eye on our planet’s condition into the 2030s. Not a bad way to spend around 11 billion bucks.
To encourage innovation, NASA is making the images collected by the GOES-R satellites available to the public through a collaboration with Google …read more
-
-
19:00
»
Hack a Day
Based on [Ben Jojo’s] title — x86 Assembly Doesn’t have to be Scary — we assume that normal programmers fear assembly. Most hackers don’t mind it, but we also don’t often have an excuse to program assembly for desktop computers.
In fact, the post is really well suited for the typical hacker because it focuses the on real mode of an x86 processor after it boots. What makes this tutorial a little more interesting than the usual lecture is that it has interactive areas, where a VM runs your code in the browser after assembling with NASM.
We really like …read more
-
-
22:00
»
Hack a Day
KiCad, the open source EDA software, is popular with Hackaday readers and the hardware community as a whole. But it is not immune from the most common bane of EDA tools. Managing your library of symbols and footprints, and finding new ones for components you’re using in your latest design is rarely a pleasant experience. Swooping in to help alleviate your pain, [twitchyliquid64] has created KiCad Database (KCDB). a beautifully simple web-app for searching component footprints.
The database lets you easily search by footprint name with optional parameters like number of pins. Of course it can also search by tag …read more
-
-
1:00
»
Hack a Day
Despite the general public’s hijacking of the word “hacker,” we don’t advocate doing disruptive things. However, studying code exploits can often be useful both as an academic exercise and to understand what kind of things your systems might experience in the wild. [Code Explainer] takes apart a compiler bomb in a recent blog post.
If you haven’t heard of a compiler bomb, perhaps you’ve heard of a zip bomb. This is a small zip file that “explodes” into a very large file. A compiler bomb is a small piece of C code that will blow up a compiler — in …read more
-
-
19:00
»
Hack a Day
Machines – is there anything they can’t learn? 20 years ago, the answer to that question would be very different. However, with modern processing power and deep learning tools, it seems that computers are getting quite nifty in the brainpower department. In that vein, a research group attempted to use machine learning tools to predict stock market performance, based on publicly available earnings documents.
The team used the Azure Machine Learning Workbench to build their model, one of many tools now out in the marketplace for such work. To train their model, earnings releases were combined with stock price data …read more
-
-
19:00
»
Hack a Day
When the time comes to add an object recognizer to your hack, all you need do is choose from many of the available ones and retrain it for your particular objects of interest. To help with that, [Edje Electronics] has put together a step-by-step guide to using TensorFlow to retrain Google’s Inception object recognizer. He does it for Windows 10 since there’s already plenty of documentation out there for Linux OSes.
You’re not limited to just Inception though. Inception is one of a few which are very accurate but it can take a few seconds to process each image and …read more
-
-
19:00
»
Hack a Day
We’ve been talking a lot about machine learning lately. People are using it for speech generation and recognition, computer vision, and even classifying radio signals. If you’ve yet to climb the learning curve, you might be interested in a new free class from Google using TensorFlow.
Of course, we’ve covered tutorials for TensorFlow before, but this is structured as a 15 hour class with 25 lessons and 40 exercises. Of course, it is also from the horse’s mouth, so to speak. Google says the class will answer questions like:
- How does machine learning differ from traditional programming?
- What is loss,
…read more
-
-
22:00
»
Hack a Day
It mind seem odd to think about programming in MSDOS in 2018. But if you are vintage computer enthusiast or have to support some old piece of equipment with an MSDOS single board computer, it could be just the thing. The problem is, where do you get a working compiler that doesn’t have to run on the ancient DOS machine? Turns out, gcc can do the trick. [RenéRebe] offers a video demo based on a blog post by [Chris Wellons]. You can see the video, below.
The technique generates COM files, not EXE files, so there are some limitations, such …read more
-
-
22:00
»
Hack a Day
Computer programming is a lot like chess. It is fairly simple to teach people the moves. But knowing how the pieces move isn’t the reason you can win. You have to understand how the pieces work together. It is easy to learn the mechanics of a for loop or a Java interface. But what makes programs work are algorithms. There are many books and classes dedicated to algorithms, but if you are a visual learner, you might be interested in a site that shows visualizations of algorithms called VisuAlgo.
The site is from [Dr. Steven Halim] and is meant for …read more
-
-
19:00
»
Hack a Day
Digikey might wow us with their expansive stock, but now they’re wowing us with a personal gesture. The US-based electronics vendor is nodding its head in approval to KiCad users with its very own parts library. What’s more, [Chris Gammell] walks us through the main features and thought process behind its inception.
With all the work that’s going into this library, it’s nice to see features showing that Digikey took a thorough look at KiCad and how it fits into the current state of open-source PCBA design. First off, this library follows a slightly different design pattern from most other …read more
-
-
1:00
»
Hack a Day
For simple circuits, it’s easy enough to grab a breadboard and start putting it together. Breadboards make it easy to check your circuit for mistakes before soldering together a finished product. But if you have a more complicated circuit, or if you need to do response modeling or other math on your design before you start building, you’ll need circuit simulation software.
While it’s easy to get a trial version of something like OrCAD PSpice, this software doesn’t have all of the features available unless you’re willing to pony up some cash. Luckily, there’s a fully featured free and open …read more
-
-
7:00
»
Hack a Day
[Conor Patrick] is no stranger to hardware development, and he’s had an interesting project for the past few months. He’s attempting to create a tool to convert images of technical drawings (such as footprints for electronic components) into digital formats that can be imported into other tools. This could automate turning a typical footprint drawing like the one shown into an actual part definition in a CAD program, which could really speed up the creation of custom parts.
Key to the entire concept is the detection of lines in a black-and-white technical drawing. To some people this won’t sound like …read more
-
1:00
»
Hack a Day
If you can code, you can create an Alexa skill — the programs that allow an Amazon Echo or similar device interact with you. What if you can’t code or you are just too lazy to do all the setup? Amazon now has Blueprints that can help anyone make a skill. The only problem is the skills you can create are pretty limited. In addition, they are only available to your Alexa devices.
The idea is simple. You start with a template — OK, a blueprint. This is a model application that does something like giving you a compliment or …read more
-
-
7:01
»
Hack a Day
Deep Neural Networks can be pretty good at identifying images — almost as good as they are at attracting Silicon Valley venture capital. But they can also be fairly brittle, and a slew of research projects over the last few years have been working on making the networks’ image classification less likely to be deliberately fooled.
One particular line of attack involves adding particularly-crafted noise to an image that flips some bits in the deep dark heart of the network, and makes it see something else where no human would notice the difference. We got tipped with a YouTube video …read more
-
-
19:00
»
Hack a Day
What does it take to build a quantum computer? Lots of exotic supercooled hardware. However, creating a simulator isn’t nearly as hard and can give you a lot of insight into how this kind of computing works. A simulator doesn’t even have to be complicated. Here’s one that exists in about 150 lines of Python code.
You might wonder what the value is. After all, there are plenty of well-done simulators including Quirk that we have looked at in the past. What’s charming about this simulator is that with only 150 lines of code, you can reasonably read the whole …read more
-
-
22:00
»
Hack a Day
Neural networks have gone mainstream with a lot of heavy-duty — and heavy-weight — tools and libraries. What if you want to fit a network into a little computer? There’s tinn — the tiny neural network. If you can compile 200 lines of standard C code with a C or C++ compiler, you are in business. There are no dependencies on other code.
On the other hand, there’s not much documentation, either. However, between the header file and two examples, you should be able to figure it out. After all, it isn’t much code. The example in the repository directs …read more
-
-
19:00
»
Hack a Day
To the uninitiated the words ‘State machine’ sound like something scarily big and complex. They aren’t (necessarily) and can be quite useful. In fact, state machines are no physical machines but a model of processes. They link the states a system can be in with allowed transitions. For example a media player when stopped can change to play or open another file. While playing, it can go to pause, stop, reverse, fast forward and so on. A state machine creates a map of all states and how they are connected. It is an abstract tool hat offers a graphical approach …read more
-
-
19:00
»
Hack a Day
Some people love Forth and some people hate it. However, you usually think of Forth as something running on a little computer such as an 8-bit microcomputer. When [Chuck Moore] developed the system back in the 1960s though, it ran on an IBM 1130. [Carl Claunch] took a scanned listing of the original code and got it running once again.
There are actually a few blog posts with details. Luckily, Forth is pretty simple — especially the core parts. However, there are a lot of differences from a modern Forth. The most obvious is that the dot keyword starts a …read more
-
-
10:00
»
Hack a Day
The word supercomputer gets thrown around quite a bit. The original Cray-1, for example, operated at about 150 MIPS and had about eight megabytes of memory. A modern Intel i7 CPU can hit almost 250,000 MIPS and is unlikely to have less than eight gigabytes of memory, and probably has quite a bit more. Sure, MIPS isn’t a great performance number, but clearly, a top-end PC is way more powerful than the old Cray. The problem is, it’s never enough.
Today’s computers have to processes huge numbers of pixels, video data, audio data, neural networks, and long key encryption. Because …read more
-
-
19:00
»
Hack a Day
AlphaGo is the deep learning program that can beat humans at the game Go. You can read Google’s highly technical paper on it, but you’ll have to wade through some very academic language. [Aman Agarwal] has done us a favor. He took the original paper and dissected the important parts of in in plain English. If the title doesn’t make sense to you, you need to read more XKCD.
[Aman] says his treatment will be useful for anyone who doesn’t want to become an expert on neural networks but still wants to understand this important breakthrough. He also thinks people …read more
-
-
4:31
»
Darknet
QualysGuard is a web-based vulnerability management tool provided by Qualys, Inc, which was the first company to deliver vulnerability management services as a SaaS-based web-service.
From reviews, it seems like a competent tool with a low rate of false positives that is fairly easy to work with and keep the more ‘dangerous’ parts of vulnerability scanning out of the hands of users, but with the flexibility for expert users to do what they need.
Read the rest of QualysGuard – Vulnerability Management Tool now! Only available at Darknet.
-
-
10:01
»
Hack a Day
You can leave the TI graphing calculator at home thanks to this web-based TI-83 and TI-84 emulator. As with pretty much all emulators, this depends on a ROM image from the actual hardware to work. But if you have one of the supported calculators (TI-83+, TI-83+ SE, TI-84+, or TI-84+SE) you can dump the image [...]
-
-
8:51
»
Packet Storm Security Recent Files
AnonTwi is a free software python client designed to navigate anonymously on social networks. It supports Identi.ca and Twitter.com. It can leverages proxying, randomization of header values, send fake geolocation data, and more.
-
8:51
»
Packet Storm Security Tools
AnonTwi is a free software python client designed to navigate anonymously on social networks. It supports Identi.ca and Twitter.com. It can leverages proxying, randomization of header values, send fake geolocation data, and more.
-
8:51
»
Packet Storm Security Tools
AnonTwi is a free software python client designed to navigate anonymously on social networks. It supports Identi.ca and Twitter.com. It can leverages proxying, randomization of header values, send fake geolocation data, and more.
-
8:51
»
Packet Storm Security Misc. Files
AnonTwi is a free software python client designed to navigate anonymously on social networks. It supports Identi.ca and Twitter.com. It can leverages proxying, randomization of header values, send fake geolocation data, and more.
-
-
13:01
»
Hack a Day
We think we have found project that will take over our holiday free time. [Bai Li] just published an excellent article about writing a program that can automatically solve the game of Minesweeper. For those of you who are unfamiliar, Minesweeper gives you a grid in which land mines have been randomly placed. As you click [...]
-
-
7:00
»
Hack a Day
As the year draws to a close, we must look back and look at the advances in amateur radio this year. The RTL-SDR tuner hack, a USB TV Tuner to create a software defined radio receiver, is one of the greatest hacks of the last 12 months and a great justification for 2012 being the [...]
-
-
15:44
»
Packet Storm Security Recent Files
Polyvaccine is a detection software that enables protection to HTTP or SIP servers from unknown binary attacks, such as polymorphic exploit attacks, and DDoS at the application layer. Linux and FreeBSD platforms are supported.
-
15:44
»
Packet Storm Security Tools
Polyvaccine is a detection software that enables protection to HTTP or SIP servers from unknown binary attacks, such as polymorphic exploit attacks, and DDoS at the application layer. Linux and FreeBSD platforms are supported.
-
15:44
»
Packet Storm Security Misc. Files
Polyvaccine is a detection software that enables protection to HTTP or SIP servers from unknown binary attacks, such as polymorphic exploit attacks, and DDoS at the application layer. Linux and FreeBSD platforms are supported.
-
-
7:55
»
Packet Storm Security Exploits
Apex Software House suffers from a remote SQL injection vulnerability that allows for administrative bypass. Note that this finding houses site-specific data.
-
-
16:26
»
Hack a Day
The Dubjoy project was stopped dead in its tracks when the newest version of the Google Chrome browser stopped using Adobe’s flash plugin and transitioned to their own called Pepper Flash. The aim of development was to produce a browser-based editor for translating the audio track of a video clip. After a bit of head scratching and [...]
-
-
5:01
»
Hack a Day
Forever.fm is [Peter]‘s combination of SoundCloud and The Echo Nest that plays a continuous stream of beat-matched music. The result is a web radio station that just keeps playing. [Peter] provided a great write up on how he built the app. The server side is Python, using the Tornado web server and Tornadio2 + Socket.IO for handling live updates in the client. To deal with [...]
-
-
7:01
»
SecurityFocus Vulnerabilities
Cisco Security Advisory: Cisco Nexus 1000V Series Switch Software Release 4.2(1)SV1(5.2) Virtual Security Gateway Bypass Issue
-
-
16:28
»
Packet Storm Security Advisories
Cisco Security Advisory - The Cisco Product Security Incident Response Team (PSIRT) would like to notify customers of an issue that may impact their network security posture when upgrading the Cisco Nexus 1000V Series Switches to Software Release 4.2(1)SV1(5.2) with deployments that have Cisco Virtual Security Gateway (VSG) integration. This issue will manifest itself when administrators perform an in-service software upgrade to Software Release 4.2(1)SV1(5.2) from Software Release 4.2(1)SV1(5.1a) or earlier. After the software upgrade, a bug in Software Release 4.2(1)SV1(5.2) could cause all the virtual Ethernet ports on the Virtual Ethernet Modules (VEM) of the Cisco Nexus 1000V Series Switch to stay in No-Policy pass-through mode because a valid VSG license is not actively installed. As a result, the VEMs no longer use a configured Cisco VSG; therefore, the virtual machines (VM) are not firewalled and traffic is not inspected by the VSG.
-
16:28
»
Packet Storm Security Recent Files
Cisco Security Advisory - The Cisco Product Security Incident Response Team (PSIRT) would like to notify customers of an issue that may impact their network security posture when upgrading the Cisco Nexus 1000V Series Switches to Software Release 4.2(1)SV1(5.2) with deployments that have Cisco Virtual Security Gateway (VSG) integration. This issue will manifest itself when administrators perform an in-service software upgrade to Software Release 4.2(1)SV1(5.2) from Software Release 4.2(1)SV1(5.1a) or earlier. After the software upgrade, a bug in Software Release 4.2(1)SV1(5.2) could cause all the virtual Ethernet ports on the Virtual Ethernet Modules (VEM) of the Cisco Nexus 1000V Series Switch to stay in No-Policy pass-through mode because a valid VSG license is not actively installed. As a result, the VEMs no longer use a configured Cisco VSG; therefore, the virtual machines (VM) are not firewalled and traffic is not inspected by the VSG.
-
16:28
»
Packet Storm Security Misc. Files
Cisco Security Advisory - The Cisco Product Security Incident Response Team (PSIRT) would like to notify customers of an issue that may impact their network security posture when upgrading the Cisco Nexus 1000V Series Switches to Software Release 4.2(1)SV1(5.2) with deployments that have Cisco Virtual Security Gateway (VSG) integration. This issue will manifest itself when administrators perform an in-service software upgrade to Software Release 4.2(1)SV1(5.2) from Software Release 4.2(1)SV1(5.1a) or earlier. After the software upgrade, a bug in Software Release 4.2(1)SV1(5.2) could cause all the virtual Ethernet ports on the Virtual Ethernet Modules (VEM) of the Cisco Nexus 1000V Series Switch to stay in No-Policy pass-through mode because a valid VSG license is not actively installed. As a result, the VEMs no longer use a configured Cisco VSG; therefore, the virtual machines (VM) are not firewalled and traffic is not inspected by the VSG.
-
-
17:00
»
SecuriTeam
Ubuntu Software Properties is prone to a security-bypass vulnerability.
-
-
17:00
»
SecuriTeam
LAN Messenger is prone to a cross-site scripting vulnerability.
-
-
21:47
»
SecDocs
Authors:
Cedric Bail Nicolas Boulay Yann Guidon Tags:
technology Event:
Chaos Communication Congress 19th (19C3) 2002 Abstract: F-CPU is not dead : it is stable since 2000 and some source code exists. The VHDL tool chain problems are slowly solved and new software is written : the goal of designing a microprocessor only with Free Software is not utopic anymore. Some french F-CPU contributors will present a few architectural aspects, some code examples and the available (incomplete) software suite.
-
5:59
»
Hack a Day
By now most Hackaday readers should be familiar with this year’s latest advance in software defined radio. With a simple USB TV tuner dongle, it’s possible to receive FM broadcasts, GPS data from satellites, and even telemetry from aircraft flying overhead. There is one limitation to this setup, though: it’s receive only. Hacker extraordinaire [Michael Ossmann] is [...]
-
-
21:30
»
SecDocs
Authors:
Felix 'FX' Lindner Tags:
embedded Event:
Chaos Communication Congress 19th (19C3) 2002 Abstract: The speech covers design issues and software vulnerabilities in embedded systems. The exploitation of design failures will be presented using HP network printers as an example - including getting access up to the point where the printer becomes an attack platform itself. Additionally, exploitation of software vulnerabilities will be covered by presenting a tutorial to write exploits for Cisco IOS. Methods and source code for Cisco Router exploits will be shown.
-
-
15:01
»
Hack a Day
This Android device can recognize faces and move to keep them in frame. It’s a proof of concept that uses commonly available parts and software packages. The original motivation for the project was [Dan O's] inclination to give the OpenCV software a try. OpenCV is an Open Source Computer Vision package that takes on the [...]
-
8:00
»
Hack a Day
[Dimitri] sent in a project he’s been working on that implements a Java Virtual Machine purely in C, and is easily portable between microcontrollers such as the AVRs and PICs we normally see, ARM devices, and even the lowly 386. Before going into the ‘how’, [Dimitri] first covers why he wanted to run Java bytecode [...]
-
-
21:51
»
SecDocs
Authors:
Tom Parker Tags:
malware Stuxnet Event:
Black Hat DC 2011 Abstract: + EMAIL + RSS + TWITTER + FACEBOOK + LINKED.IN // briefers Itzhak Avraham Ryan Barnett Dionysus Blazakis Tom Brennan Andrew Case Sean Coyne Adrian Crenshaw Neil Daswani Bruno Goncalves de Oliveira Mariano Nunez Di Croce Michael Eddington Marc Eisenbarth Chris Gates Giovanni Gola Cassio Goldschmidt Joe Grand Chris Hadnagy Rob Havelt Vincenzo Iozzo Franklin D. Kramer Jon Larimer Tarjei Mandt Eric Michaud Laurent Oudot Tom Parker David Perez Jose Pico Alexander Polyakov Thomas Roth Jordan Santarsieri Jamie Schwettmann Val Smith Angelos Stavrou Matthieu Suiche Bryan Sullivan Zhaohui Wang Matthew Weeks Ralf-Philipp Weinmann Dino Dai Zovi Black Hat DC 2011 //Briefings Hyatt Regency Crystal City training: jan.16 - 17 | briefings: jan.18 - 19 ( MEDIA LEGEND ) [White Paper] white paper document [Presentation] presentation [WWW-Archives] source material Keynote Speaker // Franklin D. Kramer Day 1 Keynote - Cyber Conflicts: Challenging the Future ABSTRACT TBA //BIO: Franklin D. Kramer Itzhak Avraham Popping Shell on A(ndroid)RM Devices The attendees will gain knowledge on how to exploit ARM buffer overflows, use Ret2ZP attack and will demo a vulnerable application that is in current Android and can be used for remote attacks(!). Also, We'll cover the problems with native/mixed code debugging, issues with current implementations of Androids and how ARM exploits can be used if better security prevention techniques is being implied (like XN bit - same as NX bit on X86). [White Paper] [Presentation] //BIO: Itzhak Avraham Ryan Barnett XSS Street-Fight: The Only Rule Is There Are No Rules Defending web applications from Cross-Site Scripting (XSS) attacks is extremely challenging, especially when the application's code can not be updated to fix the issue. This presentation will provide a walk-through of various XSS attack/defense/evasion lessons learned by Trustwave's SpiderLabs Research Team while working with commercial WAF customers, as well as, by receiving thousands of attacks against our public ModSecurity demonstration page. We will highlight cutting-edge XSS protection methods that are external to the web application's code such as Defensive Javascript Content Injection. [White Paper] [Presentation] //BIO: Ryan Barnett Dionysus Blazakis The Apple Sandbox Despite the never ending proclamations of the end of memory corruption vulnerabilities, modern software still falls to exploits that target these bugs. Current operating systems incorporate a battery of exploit mitigations making life significantly more complex for attackers. Additionally, developers are becoming increasingly aware of the security implications of previously idiomatic code. Leading software publishers are teaching defensive coding techniques and have adopted an offensive mindset for product testing. Unfortunately, a single vulnerability can still provide the attacker the leverage needed to gain entry. Security researchers have disclosed multiple ways to render the mitigations ineffective (under the right circumstances) -- imagine what techniques are not public. One bug can still "ruin your day". In this presentation, I describe the architecture and implementation of the Apple XNU Sandbox framework (previously codenamed "Seatbelt"). This framework is used to contain App Store applications on iOS and some server applications on OS X. I will give you a complete tour of the Sandbox internals, most of which are in closed source modules (kernel extensions and dynamic libraries). This information is useful for auditors or exploit developers attempting to escape the sandbox and for developers or defenders attempting to secure their applications. I will also release an automated profile decompiler to extract a human readable policy definition from a compiled profile inside the kernel (iOS kernelcache or OS X). By the end of the presentation, you will have a working understanding of the entire access control system from policy definition to sandbox initialization to the kernel's policy enforcement. [White Paper] [Presentation] [Source] //BIO: Dionysus Blazakis Tom Brennan, Ryan Barnett Checkmate with Denial of Service Denial-Of-Service is an attempt to make a computer resource unavailable to its intended users and is not new. In recent history April 2009, government and financial sites in the U.S. and South Korea were attacked by DDOS and were brought offline for days. This incident followed the Georgian DDOS attacks in 2008 and Estonian DDOS attacks in 2007. Common attack methods include systems infected with malware that are controlled and all connect to the target host at the same time using Layer 4 (Transport) which are already addressed by anti-DDOS solutions when employed. In 2009 a lethal form of Layer 7 (Application) attack techniques were being examined by Wong Onn Chee of OWASP Foundation Singapore and in 2010 together with Tom Brennan of OWASP Foundation presented the findings publicly for the first time with code samples. Tom Brennan will walk through the history and details of how this lethal HTTP POST DOS technique works, interesting findings in the protocol and the challenges in defending critical infrastructure against targeted attacks and demonstrate and release his open-source tool that can be used to test your own production systems -- or render others useless with the touch of a button from a single laptop. [Presentation] //BIO: Tom Brennan //BIO: Ryan Barnett Andrew Case De-Anonymizing Live CDs through Physical Memory Analysis Traditional digital forensics encompasses the examination of data from an offline or “dead” source such as a disk image. Since the filesystem is intact on these images, a number of forensics techniques are available for analysis such as file and metadata examination, timelining, deleted file recovery, indexing, and searching. Live CDs present a large problem for this forensics model though as they run solely in RAM and do not interact with the local disk. This removes the ability to perform an orderly examination since the filesystem is no longer readily available and putting random pages of data into context can be very difficult for in-depth investigations. In order to solve this problem, we present a number of techniques that allow for complete recovery of a live CD’s in-memory filesystem and partial recovery of its previously deleted contents. We also present memory analysis of the popular Tor application as it is used by a number of live CDs in an attempt to keep network communications encrypted and anonymous. [White Paper] [Presentation] //BIO: Andrew Case Sean Coyne The Getaway: Methods and Defenses for Data Exfiltration There are several stages to a successful cyber attack. The most crucial of which is also the least discussed: data theft. Cyber criminals, insider threats, advanced persistent threats; every attacker has ways to get into your network and find what they want. While there are several tools, methods and strategies to combat intruders, once they’ve made off with your data there is no getting it back, the game is over. MANDIANT’s consultants regularly respond to incidents where data, intellectual property even money is being stolen from victim organizations. During this presentation we will take a look at some of the advanced methods of stealing data that we have recently encountered in the field, including: preparing and cleaning staging areas, avoiding DLP/traffic scanning products and how attackers use a victim’s own infrastructure and architecture against them. We will discuss why these tricks work and what, if anything, can be done to stop them. Whether it be financial information, intellectual property, or personally identifiable information; the most valuable thing on your network is the data. Intruders may get in, but until they get out with what they came for the game’s not over. [White Paper] [Presentation] //BIO: Sean Coyne Adrian Crenshaw Identifying the true IP/Network identity of I2P service hosts This paper will present research into services hosted internally on the I2P anonymity network, especially I2P hosted websites known as eepSites, and how the true identity of the Internet host providing the service may be identified via information leaks on the application layer. By knowing the identity of the Internet host providing the service, the anonymity set of the person or group that administrates the service can be greatly reduced. The core aim of this paper will be to test the anonymity provided by I2P for hosting eepSites, focusing primarily on the application layer and mistakes administrators and developers may make that could expose a service provider’s identity or reduce the anonymity set they are part of. We will show attacks based on the intersection of I2P users hosting eepSites on public IPs with virtual hosting, the use of common web application vulnerabilities to reveal the IP of an eepSite, as well as general information that can be collected concerning the nodes participating in the I2P anonymity network. [White Paper] [Presentation] //BIO: Adrian Crenshaw Neil Daswani Malware Distribution via Widgetization of the Web The Web 2.0 transformation has in part involved many sites using third-party widgets. We present the "widgetized web graph" showing the structure of high traffic web sites from the standpoint of widgets, show how web-based malware and scareware is propagated via such widgets, and provide data on how a mass web-based malware attack can take place against the Quantcast 1000 web sites via widgets. [White Paper] //BIO: Neil Daswani Mariano Nunez Di Croce Your crown jewels online: Attacks to SAP Web Applications "SAP platforms are only accessible internally". You may have heard that several times. While that was true in many organizations more than a decade ago, the current situation is completely different: driven by modern business requirements, SAP systems are getting more and more connected to the Internet. This scenario drastically increases the universe of possible attackers, as remote malicious parties can try to compromise the organization's SAP platform in order to perform espionage, sabotage and fraud attacks. SAP provides different Web interfaces, such as the Enterprise Portal, the Internet Communication Manager (ICM) and the Internet Transaction Server (ITS). These components feature their own security models and technical infrastructures, which may be prone to specific security vulnerabilities. If exploited, your business crown jewels can end up in the hands of cyber criminals. Through many live demos, this talk will explain how remote attackers may compromise the security of different SAP Web components and what you can do to avoid it. In particular, an authentication-bypass vulnerability affecting "hardened" SAP Enterprise Portal implementations will be detailed. [White Paper] [Presentation] //BIO: Mariano Nunez Di Croce Mariano Nunez Di Croce, Jordan Santarsieri WORKSHOP - Cyber-attacks to SAP platforms: The Insider Threat How would a malicious insider exploit vulnerabilities in your SAP environment to get hold of your most sensitive business data? Which are the chances of him being successful? What can you do to stop him? If you are looking for answers to these questions, you should consider attending this workshop. By joining us in this session, you will: Learn how to detect some of the existing threats *yourself* using Bizploit, the first opensource ERP Penetration Testing framework. Watch several *live* demos to understand how successful exploitations can result in espionage, sabotage and fraud attacks to your organization. Find out how you can *protect yourself from the detected risks*, improving the security of your platform. Discover the *latest outcome* from the Onapsis Research Labs, focused on the hot "ERP security" topic. You do not require any previous SAP knowledge to attend this event. Take-aways: Copy of Bizploit, presentation slides and new knowledge! //BIO: Mariano Nunez Di Croce //BIO: Jordan Santarsieri Michael Eddington WORKSHOP - Peach Fuzzing Join us for look at fuzzing with Peach and the Peach extension HotFuzz. Peach is the most widely used fuzzer across a wide range of security professionals including: security researchers, consultants, and corporate security teams. This workshop will provide a solid look at Peach, how it works and a jump-start on its usage. Additionally, we will demonstrate the usage of HotFuzz an extension of Peach that is able to “automatically” fuzz known network protocols by acting as a “fuzzing proxy.” Attendees with laptops and correct software can follow along with the demonstrations to get a more “hands on” feel to how Peach and HotFuzz work. //BIO: Michael Eddington Marc Eisenbarth Active Exploitation Detection Security professionals have a massive number of acronyms at their disposal: IPS, VA, VM, SIEM, NBAD, and more. This talk is about a tool that resists classification by these acronyms. The goal of Active Exploitation Detection (AED) is to actively monitor and identify compromise of arbitrary, remote systems with the express intent to discover novel exploitation methods, track down elusive zero-day details, compile a list of known-compromised hosts, and most importantly get into the mind of today’s cyber criminals. Simplistically, AED correlates changes visible to the remote monitoring system with external stimuli such as software patch schedules and security media sources in order to gain unique insight into the security threat landscape on an Internet scale. AED is a framework which is driven by arbitrary pluggable modules that must provide four high level implementations, namely port scanning, application identification via static and dynamic methods, and a data mining engine. The primary goal of this talk is to both present findings that trend the threat landscape of the Internet as a whole, and the tool itself, which is a means to introduce the audience to a number of best-of-breed open-source tools which have been integrated into this project. [White Paper] [Presentation] //BIO: Marc Eisenbarth Chris Gates Attacking Oracle Web Applications With Metasploit In 2009, Metasploit released a suite of auxiliary modules targeting oracle databases and attacking them via the TNS listener. This year lets beat up on...errr security test Oracle but do it over HTTP/HTTPS. Rather than relying on developers to write bad code lets see what we can do with default content and various unpatched Oracle middleware servers that you’ll commonly run into on penetration tests. We’ll also re-implement the TNS attack against the isqlplus web portal with Metasploit auxiliary modules. [White Paper] [Presentation] //BIO: Chris Gates Cassio Goldschmidt Responsibility for the Harm and Risk of Software Security Flaws Who is responsible for the harm and risk of security flaws? The advent of worldwide networks such as the internet made software security (or the lack of software security) became a problem of international proportions. There are no mathematical/statistical risk models available today to assess networked systems with interdependent failures. Without this tool, decision-makers are bound to overinvest in activities that don’t generate the desired return on investment or under invest on mitigations, risking dreadful consequences. Experience suggests that no party is solely responsible for the harm and risk of software security flaws but a model of partial responsibility can only emerge once the duties and motivations of all parties are examine and understood. State of the art practices in software development won’t guarantee products free of flaws. The infinite principles of mathematics are not properly implemented in modern computer hardware without having to truncate numbers and calculations. Many of the most common operating systems, network protocols and programming languages used today were first conceived without the basic principles of security in mind. Compromises are made to maintain compatibility of newer versions of these systems with previous versions. Evolving software inherits all flaws and risks that are present in this layered and interdependent solution. Lastly, there are no formal ways to prove software correctness using neither mathematics nor definitive authority to assert the absence of vulnerabilities. The slightest coding error can lead to a fatal flaw. Without a doubt, vulnerabilities in software applications will continue to be part of our daily lives for years to come. Decisions made by adopters such as whether to install a patch, upgrade a system or employed insecure configurations create externalities that have implications on the security of other systems. Proper cyber hygiene and education are vital to stop the proliferation of computer worms, viruses and botnets. Furthermore, end users, corporations and large governments directly influence software vendors’ decisions to invest on security by voting with their money every time software is purchased or pirated. Security researchers largely influence the overall state of software security depending on the approach taken to disclose findings. While many believe full disclosure practices helped the software industry to advance security in the past, several of the most devastating computer worms were created by borrowing from information detailed by researcher’s full disclosure. Both incentives and penalties were created for security researchers: a number of stories of vendors suing security researchers are available in the press. Some countries enacted laws banning the use and development of “hacking tools”. At the same time, companies such as iDefense promoted the creation of a market for security vulnerabilities providing rewards that are larger than a year’s worth of salary for a software practitioner in countries such as China and India. Effective policy and standards can serve as leverage to fix the problem either by providing incentives or penalties. Attempts such PCI created a perverse incentive that diverted decision makers’ goals to compliance instead of security. Stiff mandates and ineffective laws have been observed internationally. Given the fast pace of the industry, laws to combat software vulnerabilities may become obsolete before they are enacted. Alternatively, the government can use its own buying power to encourage adoption of good security standards. One example of this is the Federal Desktop Core Configuration (FDCC). The proposed presentation is based on the research done by Cassio Goldschmidt, Sr. Manager at Symantec Corporation; Melissa J. Dark, Professor & Assistant Dean Department of Computer and Information Technology Purdue University and Hina Chaudhry, PhD. Candidate at Purdue University and is reflection of the role of each player involved in the software lifecycle and the incentives (and disincentives) they have to perform the task, the network effects of their actions and the results on the state of software security. The full text is available as a chapter of Information Assurance & Security Ethics (ISBN: 978-1-61692-245-0, hardcover. ISBN: 978-1-61692-246-7, ebook). [White Paper] [Presentation] //BIO: Cassio Goldschmidt Joe Grand WORKSHOP - Hardware Reverse Engineering: Access, Analyze, and Defeat Electronics are embedded into nearly everything we use. Hardware products are being relied on for security-related applications and are inherently trusted, though many are completely susceptible to compromise. In this workshop, Joe will discuss the hardware hacking and reverse engineering processes, and then provide an open lab environment for you to probe, analyze, and hack. Joe will bring a variety of products to tinker with, though attendees are heavily encouraged to bring their own pieces of hardware to explore. Basic tools and electronics test/measurement equipment will be provided. You'll leave the workshop with new skills, ideas for further attacks, and maybe even some defeated hardware. [Presentation] //BIO: Joe Grand Chris Hadnagy WORKSHOP: How to Hack Large Companies and Make Millions Offensive Security wants to take you on a non-stop thrill ride through an actual hack. From Information Gathering, Social Engineering and Client Side Exploitation we will show you complete and total domination of the target. This session will showcase the skills that are taught in Offensive Security’s world-renowned Pentesting With BackTrack course as well as our Penetration Testing services. Our goal is raise awareness of the real world threats that exist in corporate business today. [Presentation] //BIO: Chris Hadnagy Rob Havelt, Bruno Goncalves de Oliveira Hacking the Fast Lane: security issues with 802.11p, DSRC, and WAVE The new 802.11p standard aims to provide reliable wireless communication for vehicular environments. The P802.11p specification defines functions and services required by Wireless Access in Vehicular Environments (WAVE) conformant stations to operate in varying environments and exchange messages either without having to join a BSS or within a BSS, and defines the WAVE signaling technique and interface functions that are controlled by the 802.11 MAC. Wireless telecommunications and information exchange between roadside and vehicle systems present some interesting security implications. This talk will present an analysis of the 802.11p 5.9 GHz band Wireless Access in Vehicular Environments (WAVE) / Dedicated Short Range Communications (DSRC), Medium Access Control (MAC), and Physical Layer (PHY) Specifications of this protocol. We will present methods of analyzing network communications (GNU Radio/USRP, firmware modifications, etc.), and potential security issues in the implementation of the protocol in practical environments such as in toll road implementations, telematics systems, and other implementations. [White Paper] //BIO: Rob Havelt //BIO: Bruno Goncalves de Oliveira Vincenzo Iozzo, Giovanni Gola Stale pointers are the new black Memory corruption bugs such as dangling pointers, double frees and uninitialized memory are some of the open issues in application security. Finding dangling pointers and similar vulnerabilities in large code bases it's arguably more difficult than overflows because of the complexity and heterogeneity of applications memory management. Fuzzing has been proved to be an effective method for finding such bugs in browsers and other similar COTS applications, nonetheless it's not uncommon to see bugs found by fuzzers burned after a short period of time because of multiple rediscovery of the same vulnerabilities. In this talk the challenges of finding such bugs with static analysis and the results we got will be discussed, specifically we will explore the algorithms and techniques borrowed from program analysis and graph theory that can be employed to achieve our goal. We will also discuss what improvements can be made in order to increase precision and reduce the number of false positives. [Presentation] //BIO: Vincenzo Iozzo //BIO: Giovanni Gola Jon Larimer Beyond AutoRun: Exploiting software vulnerabilities with removable storage Malware has been using the AutoRun functionality in Windows for years to spread through removable storage devices. That feature is easy to disable, but the Stuxnet worm was able to spread through USB drives by exploiting a vulnerability in Windows. In this talk, I’ll examine different ways that attackers can abuse operating system functionality to execute malicious payloads from USB mass storage devices without relying on AutoRun. There’s a lot of code that runs between the USB drivers themselves and the desktop software that renders icons and thumbnails for documents, providing security researchers and hackers with a rich set of targets to exploit. Since the normal exploit payloads of remote shells aren’t totally useful when performing an attack locally from a USB drive, we’ll look at alternative payloads that can give attackers immediate access to the system. To show that these vulnerabilities aren’t just limited Windows systems, I’ll provide a demonstration showing how I can unlock a locked Linux desktop system just by inserting a USB thumb drive into the PC. [White Paper] [Presentation] //BIO: Jon Larimer Tarjei Mandt Kernel Pool Exploitation on Windows 7 In Windows 7, Microsoft introduced safe unlinking to the kernel pool to address the growing number of vulnerabilities affecting the Windows kernel. Prior to removing an entry from a doubly-linked list, safe unlinking aims to detect memory corruption by validating the pointers to adjacent list entries. Hence, an attacker cannot easily leverage generic "write 4" techniques in exploiting pool overflows or other pool corruption vulnerabilities. In this talk, we show that in spite of the efforts made to remove generic exploit vectors, Windows 7 is still susceptible to generic kernel pool attacks. In particular, we show that the pool allocator may under certain conditions fail to safely unlink free list entries, thus allowing an attacker to corrupt arbitrary memory. In order to thwart the presented attacks, we conclusively propose ways to further harden and enhance the security of the kernel pool. [White Paper] [Presentation] //BIO: Tarjei Mandt Laurent Oudot Inglourious Hackerds: Targeting Web Clients This talk will propose to look at technical security issues related to multiple Internet Web Clients. While such tools are used to crawl the Net and retrieve information, there might exist many scenarios where evil attackers can abuse them. By studying the protocols (HTTP, etc), and by doing some kind of fuzzing operations, we will show how TEHTRI-Security was able to find multiple security issues on many handled devices and workstations. The offensive concepts explained during this talk, will show many different tricks, like how evil attackers can become anonymous and create cover channels based on web clients, or like how to own or crash most famous current web clients and devices. [White Paper] [Presentation] //BIO: Laurent Oudot Tom Parker Stuxnet Redux: Malware Attribution & Lessons Learned Recent incidents commonly thought to be linked to state sponsored activities have given rise to much discussion over the reliability of technical analysis as a source for adversary attribution - specifically in regards to what is commonly termed as the Advanced Persistent Threat (or APT). We now live in a world where the reverse engineering of a malicious binary, or analysis of a compromised host may very well play into a world-changing decision, such as whether a country should declare war on another - or indeed, whether it is no longer viable for a large, multinational corporation to continue doing business in a given part of the globe. Of perhaps most note - stuxnet has dominated much of the information security media since it's public acknowledgment in June 2010. Multiple schools of thought have emerged, casting speculation over the identities of those responsible for the authorship and operalization of what some suggest is the most advanced piece of malware observed in the public domain. Nation state? Organized crime? Disgruntled vendor employee? This talk will take a close look at what we really know about this mysterious culmination of bits, closely analyzing some of the popular hypothesis, and identify others which have perhaps not drawn as much momentum. As a basis for our analysis, we will discuss in depth the merits and demerits of technical analysis; demonstrating ways in which various techniques including static binary analysis and memory forensics may be utilized to build a granular profile of the adversary, and where the same techniques may fall short. The presentation will discuss detailed characterization matrix that can be leveraged to assess and even automate assessment of multiple aspects of the adversary (such as motive, technical skill, technological research resources) that may all play into the way in which we respond to an incident, or reposition ourselves to handle a specific threat over in long term. Finally, we will review what lessons we can learn from stuxnet - to further attribution related research efforts, and ways in which we might adjust our security posture when it comes to protecting our nations most critical assets.
-
21:51
»
SecDocs
Authors:
Tom Parker Tags:
malware Stuxnet Event:
Black Hat DC 2011 Abstract: + EMAIL + RSS + TWITTER + FACEBOOK + LINKED.IN // briefers Itzhak Avraham Ryan Barnett Dionysus Blazakis Tom Brennan Andrew Case Sean Coyne Adrian Crenshaw Neil Daswani Bruno Goncalves de Oliveira Mariano Nunez Di Croce Michael Eddington Marc Eisenbarth Chris Gates Giovanni Gola Cassio Goldschmidt Joe Grand Chris Hadnagy Rob Havelt Vincenzo Iozzo Franklin D. Kramer Jon Larimer Tarjei Mandt Eric Michaud Laurent Oudot Tom Parker David Perez Jose Pico Alexander Polyakov Thomas Roth Jordan Santarsieri Jamie Schwettmann Val Smith Angelos Stavrou Matthieu Suiche Bryan Sullivan Zhaohui Wang Matthew Weeks Ralf-Philipp Weinmann Dino Dai Zovi Black Hat DC 2011 //Briefings Hyatt Regency Crystal City training: jan.16 - 17 | briefings: jan.18 - 19 ( MEDIA LEGEND ) [White Paper] white paper document [Presentation] presentation [WWW-Archives] source material Keynote Speaker // Franklin D. Kramer Day 1 Keynote - Cyber Conflicts: Challenging the Future ABSTRACT TBA //BIO: Franklin D. Kramer Itzhak Avraham Popping Shell on A(ndroid)RM Devices The attendees will gain knowledge on how to exploit ARM buffer overflows, use Ret2ZP attack and will demo a vulnerable application that is in current Android and can be used for remote attacks(!). Also, We'll cover the problems with native/mixed code debugging, issues with current implementations of Androids and how ARM exploits can be used if better security prevention techniques is being implied (like XN bit - same as NX bit on X86). [White Paper] [Presentation] //BIO: Itzhak Avraham Ryan Barnett XSS Street-Fight: The Only Rule Is There Are No Rules Defending web applications from Cross-Site Scripting (XSS) attacks is extremely challenging, especially when the application's code can not be updated to fix the issue. This presentation will provide a walk-through of various XSS attack/defense/evasion lessons learned by Trustwave's SpiderLabs Research Team while working with commercial WAF customers, as well as, by receiving thousands of attacks against our public ModSecurity demonstration page. We will highlight cutting-edge XSS protection methods that are external to the web application's code such as Defensive Javascript Content Injection. [White Paper] [Presentation] //BIO: Ryan Barnett Dionysus Blazakis The Apple Sandbox Despite the never ending proclamations of the end of memory corruption vulnerabilities, modern software still falls to exploits that target these bugs. Current operating systems incorporate a battery of exploit mitigations making life significantly more complex for attackers. Additionally, developers are becoming increasingly aware of the security implications of previously idiomatic code. Leading software publishers are teaching defensive coding techniques and have adopted an offensive mindset for product testing. Unfortunately, a single vulnerability can still provide the attacker the leverage needed to gain entry. Security researchers have disclosed multiple ways to render the mitigations ineffective (under the right circumstances) -- imagine what techniques are not public. One bug can still "ruin your day". In this presentation, I describe the architecture and implementation of the Apple XNU Sandbox framework (previously codenamed "Seatbelt"). This framework is used to contain App Store applications on iOS and some server applications on OS X. I will give you a complete tour of the Sandbox internals, most of which are in closed source modules (kernel extensions and dynamic libraries). This information is useful for auditors or exploit developers attempting to escape the sandbox and for developers or defenders attempting to secure their applications. I will also release an automated profile decompiler to extract a human readable policy definition from a compiled profile inside the kernel (iOS kernelcache or OS X). By the end of the presentation, you will have a working understanding of the entire access control system from policy definition to sandbox initialization to the kernel's policy enforcement. [White Paper] [Presentation] [Source] //BIO: Dionysus Blazakis Tom Brennan, Ryan Barnett Checkmate with Denial of Service Denial-Of-Service is an attempt to make a computer resource unavailable to its intended users and is not new. In recent history April 2009, government and financial sites in the U.S. and South Korea were attacked by DDOS and were brought offline for days. This incident followed the Georgian DDOS attacks in 2008 and Estonian DDOS attacks in 2007. Common attack methods include systems infected with malware that are controlled and all connect to the target host at the same time using Layer 4 (Transport) which are already addressed by anti-DDOS solutions when employed. In 2009 a lethal form of Layer 7 (Application) attack techniques were being examined by Wong Onn Chee of OWASP Foundation Singapore and in 2010 together with Tom Brennan of OWASP Foundation presented the findings publicly for the first time with code samples. Tom Brennan will walk through the history and details of how this lethal HTTP POST DOS technique works, interesting findings in the protocol and the challenges in defending critical infrastructure against targeted attacks and demonstrate and release his open-source tool that can be used to test your own production systems -- or render others useless with the touch of a button from a single laptop. [Presentation] //BIO: Tom Brennan //BIO: Ryan Barnett Andrew Case De-Anonymizing Live CDs through Physical Memory Analysis Traditional digital forensics encompasses the examination of data from an offline or “dead” source such as a disk image. Since the filesystem is intact on these images, a number of forensics techniques are available for analysis such as file and metadata examination, timelining, deleted file recovery, indexing, and searching. Live CDs present a large problem for this forensics model though as they run solely in RAM and do not interact with the local disk. This removes the ability to perform an orderly examination since the filesystem is no longer readily available and putting random pages of data into context can be very difficult for in-depth investigations. In order to solve this problem, we present a number of techniques that allow for complete recovery of a live CD’s in-memory filesystem and partial recovery of its previously deleted contents. We also present memory analysis of the popular Tor application as it is used by a number of live CDs in an attempt to keep network communications encrypted and anonymous. [White Paper] [Presentation] //BIO: Andrew Case Sean Coyne The Getaway: Methods and Defenses for Data Exfiltration There are several stages to a successful cyber attack. The most crucial of which is also the least discussed: data theft. Cyber criminals, insider threats, advanced persistent threats; every attacker has ways to get into your network and find what they want. While there are several tools, methods and strategies to combat intruders, once they’ve made off with your data there is no getting it back, the game is over. MANDIANT’s consultants regularly respond to incidents where data, intellectual property even money is being stolen from victim organizations. During this presentation we will take a look at some of the advanced methods of stealing data that we have recently encountered in the field, including: preparing and cleaning staging areas, avoiding DLP/traffic scanning products and how attackers use a victim’s own infrastructure and architecture against them. We will discuss why these tricks work and what, if anything, can be done to stop them. Whether it be financial information, intellectual property, or personally identifiable information; the most valuable thing on your network is the data. Intruders may get in, but until they get out with what they came for the game’s not over. [White Paper] [Presentation] //BIO: Sean Coyne Adrian Crenshaw Identifying the true IP/Network identity of I2P service hosts This paper will present research into services hosted internally on the I2P anonymity network, especially I2P hosted websites known as eepSites, and how the true identity of the Internet host providing the service may be identified via information leaks on the application layer. By knowing the identity of the Internet host providing the service, the anonymity set of the person or group that administrates the service can be greatly reduced. The core aim of this paper will be to test the anonymity provided by I2P for hosting eepSites, focusing primarily on the application layer and mistakes administrators and developers may make that could expose a service provider’s identity or reduce the anonymity set they are part of. We will show attacks based on the intersection of I2P users hosting eepSites on public IPs with virtual hosting, the use of common web application vulnerabilities to reveal the IP of an eepSite, as well as general information that can be collected concerning the nodes participating in the I2P anonymity network. [White Paper] [Presentation] //BIO: Adrian Crenshaw Neil Daswani Malware Distribution via Widgetization of the Web The Web 2.0 transformation has in part involved many sites using third-party widgets. We present the "widgetized web graph" showing the structure of high traffic web sites from the standpoint of widgets, show how web-based malware and scareware is propagated via such widgets, and provide data on how a mass web-based malware attack can take place against the Quantcast 1000 web sites via widgets. [White Paper] //BIO: Neil Daswani Mariano Nunez Di Croce Your crown jewels online: Attacks to SAP Web Applications "SAP platforms are only accessible internally". You may have heard that several times. While that was true in many organizations more than a decade ago, the current situation is completely different: driven by modern business requirements, SAP systems are getting more and more connected to the Internet. This scenario drastically increases the universe of possible attackers, as remote malicious parties can try to compromise the organization's SAP platform in order to perform espionage, sabotage and fraud attacks. SAP provides different Web interfaces, such as the Enterprise Portal, the Internet Communication Manager (ICM) and the Internet Transaction Server (ITS). These components feature their own security models and technical infrastructures, which may be prone to specific security vulnerabilities. If exploited, your business crown jewels can end up in the hands of cyber criminals. Through many live demos, this talk will explain how remote attackers may compromise the security of different SAP Web components and what you can do to avoid it. In particular, an authentication-bypass vulnerability affecting "hardened" SAP Enterprise Portal implementations will be detailed. [White Paper] [Presentation] //BIO: Mariano Nunez Di Croce Mariano Nunez Di Croce, Jordan Santarsieri WORKSHOP - Cyber-attacks to SAP platforms: The Insider Threat How would a malicious insider exploit vulnerabilities in your SAP environment to get hold of your most sensitive business data? Which are the chances of him being successful? What can you do to stop him? If you are looking for answers to these questions, you should consider attending this workshop. By joining us in this session, you will: Learn how to detect some of the existing threats *yourself* using Bizploit, the first opensource ERP Penetration Testing framework. Watch several *live* demos to understand how successful exploitations can result in espionage, sabotage and fraud attacks to your organization. Find out how you can *protect yourself from the detected risks*, improving the security of your platform. Discover the *latest outcome* from the Onapsis Research Labs, focused on the hot "ERP security" topic. You do not require any previous SAP knowledge to attend this event. Take-aways: Copy of Bizploit, presentation slides and new knowledge! //BIO: Mariano Nunez Di Croce //BIO: Jordan Santarsieri Michael Eddington WORKSHOP - Peach Fuzzing Join us for look at fuzzing with Peach and the Peach extension HotFuzz. Peach is the most widely used fuzzer across a wide range of security professionals including: security researchers, consultants, and corporate security teams. This workshop will provide a solid look at Peach, how it works and a jump-start on its usage. Additionally, we will demonstrate the usage of HotFuzz an extension of Peach that is able to “automatically” fuzz known network protocols by acting as a “fuzzing proxy.” Attendees with laptops and correct software can follow along with the demonstrations to get a more “hands on” feel to how Peach and HotFuzz work. //BIO: Michael Eddington Marc Eisenbarth Active Exploitation Detection Security professionals have a massive number of acronyms at their disposal: IPS, VA, VM, SIEM, NBAD, and more. This talk is about a tool that resists classification by these acronyms. The goal of Active Exploitation Detection (AED) is to actively monitor and identify compromise of arbitrary, remote systems with the express intent to discover novel exploitation methods, track down elusive zero-day details, compile a list of known-compromised hosts, and most importantly get into the mind of today’s cyber criminals. Simplistically, AED correlates changes visible to the remote monitoring system with external stimuli such as software patch schedules and security media sources in order to gain unique insight into the security threat landscape on an Internet scale. AED is a framework which is driven by arbitrary pluggable modules that must provide four high level implementations, namely port scanning, application identification via static and dynamic methods, and a data mining engine. The primary goal of this talk is to both present findings that trend the threat landscape of the Internet as a whole, and the tool itself, which is a means to introduce the audience to a number of best-of-breed open-source tools which have been integrated into this project. [White Paper] [Presentation] //BIO: Marc Eisenbarth Chris Gates Attacking Oracle Web Applications With Metasploit In 2009, Metasploit released a suite of auxiliary modules targeting oracle databases and attacking them via the TNS listener. This year lets beat up on...errr security test Oracle but do it over HTTP/HTTPS. Rather than relying on developers to write bad code lets see what we can do with default content and various unpatched Oracle middleware servers that you’ll commonly run into on penetration tests. We’ll also re-implement the TNS attack against the isqlplus web portal with Metasploit auxiliary modules. [White Paper] [Presentation] //BIO: Chris Gates Cassio Goldschmidt Responsibility for the Harm and Risk of Software Security Flaws Who is responsible for the harm and risk of security flaws? The advent of worldwide networks such as the internet made software security (or the lack of software security) became a problem of international proportions. There are no mathematical/statistical risk models available today to assess networked systems with interdependent failures. Without this tool, decision-makers are bound to overinvest in activities that don’t generate the desired return on investment or under invest on mitigations, risking dreadful consequences. Experience suggests that no party is solely responsible for the harm and risk of software security flaws but a model of partial responsibility can only emerge once the duties and motivations of all parties are examine and understood. State of the art practices in software development won’t guarantee products free of flaws. The infinite principles of mathematics are not properly implemented in modern computer hardware without having to truncate numbers and calculations. Many of the most common operating systems, network protocols and programming languages used today were first conceived without the basic principles of security in mind. Compromises are made to maintain compatibility of newer versions of these systems with previous versions. Evolving software inherits all flaws and risks that are present in this layered and interdependent solution. Lastly, there are no formal ways to prove software correctness using neither mathematics nor definitive authority to assert the absence of vulnerabilities. The slightest coding error can lead to a fatal flaw. Without a doubt, vulnerabilities in software applications will continue to be part of our daily lives for years to come. Decisions made by adopters such as whether to install a patch, upgrade a system or employed insecure configurations create externalities that have implications on the security of other systems. Proper cyber hygiene and education are vital to stop the proliferation of computer worms, viruses and botnets. Furthermore, end users, corporations and large governments directly influence software vendors’ decisions to invest on security by voting with their money every time software is purchased or pirated. Security researchers largely influence the overall state of software security depending on the approach taken to disclose findings. While many believe full disclosure practices helped the software industry to advance security in the past, several of the most devastating computer worms were created by borrowing from information detailed by researcher’s full disclosure. Both incentives and penalties were created for security researchers: a number of stories of vendors suing security researchers are available in the press. Some countries enacted laws banning the use and development of “hacking tools”. At the same time, companies such as iDefense promoted the creation of a market for security vulnerabilities providing rewards that are larger than a year’s worth of salary for a software practitioner in countries such as China and India. Effective policy and standards can serve as leverage to fix the problem either by providing incentives or penalties. Attempts such PCI created a perverse incentive that diverted decision makers’ goals to compliance instead of security. Stiff mandates and ineffective laws have been observed internationally. Given the fast pace of the industry, laws to combat software vulnerabilities may become obsolete before they are enacted. Alternatively, the government can use its own buying power to encourage adoption of good security standards. One example of this is the Federal Desktop Core Configuration (FDCC). The proposed presentation is based on the research done by Cassio Goldschmidt, Sr. Manager at Symantec Corporation; Melissa J. Dark, Professor & Assistant Dean Department of Computer and Information Technology Purdue University and Hina Chaudhry, PhD. Candidate at Purdue University and is reflection of the role of each player involved in the software lifecycle and the incentives (and disincentives) they have to perform the task, the network effects of their actions and the results on the state of software security. The full text is available as a chapter of Information Assurance & Security Ethics (ISBN: 978-1-61692-245-0, hardcover. ISBN: 978-1-61692-246-7, ebook). [White Paper] [Presentation] //BIO: Cassio Goldschmidt Joe Grand WORKSHOP - Hardware Reverse Engineering: Access, Analyze, and Defeat Electronics are embedded into nearly everything we use. Hardware products are being relied on for security-related applications and are inherently trusted, though many are completely susceptible to compromise. In this workshop, Joe will discuss the hardware hacking and reverse engineering processes, and then provide an open lab environment for you to probe, analyze, and hack. Joe will bring a variety of products to tinker with, though attendees are heavily encouraged to bring their own pieces of hardware to explore. Basic tools and electronics test/measurement equipment will be provided. You'll leave the workshop with new skills, ideas for further attacks, and maybe even some defeated hardware. [Presentation] //BIO: Joe Grand Chris Hadnagy WORKSHOP: How to Hack Large Companies and Make Millions Offensive Security wants to take you on a non-stop thrill ride through an actual hack. From Information Gathering, Social Engineering and Client Side Exploitation we will show you complete and total domination of the target. This session will showcase the skills that are taught in Offensive Security’s world-renowned Pentesting With BackTrack course as well as our Penetration Testing services. Our goal is raise awareness of the real world threats that exist in corporate business today. [Presentation] //BIO: Chris Hadnagy Rob Havelt, Bruno Goncalves de Oliveira Hacking the Fast Lane: security issues with 802.11p, DSRC, and WAVE The new 802.11p standard aims to provide reliable wireless communication for vehicular environments. The P802.11p specification defines functions and services required by Wireless Access in Vehicular Environments (WAVE) conformant stations to operate in varying environments and exchange messages either without having to join a BSS or within a BSS, and defines the WAVE signaling technique and interface functions that are controlled by the 802.11 MAC. Wireless telecommunications and information exchange between roadside and vehicle systems present some interesting security implications. This talk will present an analysis of the 802.11p 5.9 GHz band Wireless Access in Vehicular Environments (WAVE) / Dedicated Short Range Communications (DSRC), Medium Access Control (MAC), and Physical Layer (PHY) Specifications of this protocol. We will present methods of analyzing network communications (GNU Radio/USRP, firmware modifications, etc.), and potential security issues in the implementation of the protocol in practical environments such as in toll road implementations, telematics systems, and other implementations. [White Paper] //BIO: Rob Havelt //BIO: Bruno Goncalves de Oliveira Vincenzo Iozzo, Giovanni Gola Stale pointers are the new black Memory corruption bugs such as dangling pointers, double frees and uninitialized memory are some of the open issues in application security. Finding dangling pointers and similar vulnerabilities in large code bases it's arguably more difficult than overflows because of the complexity and heterogeneity of applications memory management. Fuzzing has been proved to be an effective method for finding such bugs in browsers and other similar COTS applications, nonetheless it's not uncommon to see bugs found by fuzzers burned after a short period of time because of multiple rediscovery of the same vulnerabilities. In this talk the challenges of finding such bugs with static analysis and the results we got will be discussed, specifically we will explore the algorithms and techniques borrowed from program analysis and graph theory that can be employed to achieve our goal. We will also discuss what improvements can be made in order to increase precision and reduce the number of false positives. [Presentation] //BIO: Vincenzo Iozzo //BIO: Giovanni Gola Jon Larimer Beyond AutoRun: Exploiting software vulnerabilities with removable storage Malware has been using the AutoRun functionality in Windows for years to spread through removable storage devices. That feature is easy to disable, but the Stuxnet worm was able to spread through USB drives by exploiting a vulnerability in Windows. In this talk, I’ll examine different ways that attackers can abuse operating system functionality to execute malicious payloads from USB mass storage devices without relying on AutoRun. There’s a lot of code that runs between the USB drivers themselves and the desktop software that renders icons and thumbnails for documents, providing security researchers and hackers with a rich set of targets to exploit. Since the normal exploit payloads of remote shells aren’t totally useful when performing an attack locally from a USB drive, we’ll look at alternative payloads that can give attackers immediate access to the system. To show that these vulnerabilities aren’t just limited Windows systems, I’ll provide a demonstration showing how I can unlock a locked Linux desktop system just by inserting a USB thumb drive into the PC. [White Paper] [Presentation] //BIO: Jon Larimer Tarjei Mandt Kernel Pool Exploitation on Windows 7 In Windows 7, Microsoft introduced safe unlinking to the kernel pool to address the growing number of vulnerabilities affecting the Windows kernel. Prior to removing an entry from a doubly-linked list, safe unlinking aims to detect memory corruption by validating the pointers to adjacent list entries. Hence, an attacker cannot easily leverage generic "write 4" techniques in exploiting pool overflows or other pool corruption vulnerabilities. In this talk, we show that in spite of the efforts made to remove generic exploit vectors, Windows 7 is still susceptible to generic kernel pool attacks. In particular, we show that the pool allocator may under certain conditions fail to safely unlink free list entries, thus allowing an attacker to corrupt arbitrary memory. In order to thwart the presented attacks, we conclusively propose ways to further harden and enhance the security of the kernel pool. [White Paper] [Presentation] //BIO: Tarjei Mandt Laurent Oudot Inglourious Hackerds: Targeting Web Clients This talk will propose to look at technical security issues related to multiple Internet Web Clients. While such tools are used to crawl the Net and retrieve information, there might exist many scenarios where evil attackers can abuse them. By studying the protocols (HTTP, etc), and by doing some kind of fuzzing operations, we will show how TEHTRI-Security was able to find multiple security issues on many handled devices and workstations. The offensive concepts explained during this talk, will show many different tricks, like how evil attackers can become anonymous and create cover channels based on web clients, or like how to own or crash most famous current web clients and devices. [White Paper] [Presentation] //BIO: Laurent Oudot Tom Parker Stuxnet Redux: Malware Attribution & Lessons Learned Recent incidents commonly thought to be linked to state sponsored activities have given rise to much discussion over the reliability of technical analysis as a source for adversary attribution - specifically in regards to what is commonly termed as the Advanced Persistent Threat (or APT). We now live in a world where the reverse engineering of a malicious binary, or analysis of a compromised host may very well play into a world-changing decision, such as whether a country should declare war on another - or indeed, whether it is no longer viable for a large, multinational corporation to continue doing business in a given part of the globe. Of perhaps most note - stuxnet has dominated much of the information security media since it's public acknowledgment in June 2010. Multiple schools of thought have emerged, casting speculation over the identities of those responsible for the authorship and operalization of what some suggest is the most advanced piece of malware observed in the public domain. Nation state? Organized crime? Disgruntled vendor employee? This talk will take a close look at what we really know about this mysterious culmination of bits, closely analyzing some of the popular hypothesis, and identify others which have perhaps not drawn as much momentum. As a basis for our analysis, we will discuss in depth the merits and demerits of technical analysis; demonstrating ways in which various techniques including static binary analysis and memory forensics may be utilized to build a granular profile of the adversary, and where the same techniques may fall short. The presentation will discuss detailed characterization matrix that can be leveraged to assess and even automate assessment of multiple aspects of the adversary (such as motive, technical skill, technological research resources) that may all play into the way in which we respond to an incident, or reposition ourselves to handle a specific threat over in long term. Finally, we will review what lessons we can learn from stuxnet - to further attribution related research efforts, and ways in which we might adjust our security posture when it comes to protecting our nations most critical assets.
-
-
8:07
»
Hack a Day
Even though the world of software defined radio started out as a Linux-only endeavor, several recent software releases have put the ball fully into the court of OS X users. [hpux735]‘s new Cocoa Radio release provides a (nearly) fully functional software defined radio for anyone with a USB TV tuner and a mac. Earlier this week, we [...]
-
6:45
»
SecDocs
Authors:
Cassio Goldschmidt Tags:
vulnerability Event:
Black Hat DC 2011 Abstract: Who is responsible for the harm and risk of security flaws? The advent of worldwide networks such as the internet made software security (or the lack of software security) became a problem of international proportions. There are no mathematical/statistical risk models available today to assess networked systems with interdependent failures. Without this tool, decision-makers are bound to overinvest in activities that don’t generate the desired return on investment or under invest on mitigations, risking dreadful consequences. Experience suggests that no party is solely responsible for the harm and risk of software security flaws but a model of partial responsibility can only emerge once the duties and motivations of all parties are examine and understood. State of the art practices in software development won’t guarantee products free of flaws. The infinite principles of mathematics are not properly implemented in modern computer hardware without having to truncate numbers and calculations. Many of the most common operating systems, network protocols and programming languages used today were first conceived without the basic principles of security in mind. Compromises are made to maintain compatibility of newer versions of these systems with previous versions. Evolving software inherits all flaws and risks that are present in this layered and interdependent solution. Lastly, there are no formal ways to prove software correctness using neither mathematics nor definitive authority to assert the absence of vulnerabilities. The slightest coding error can lead to a fatal flaw. Without a doubt, vulnerabilities in software applications will continue to be part of our daily lives for years to come. Decisions made by adopters such as whether to install a patch, upgrade a system or employed insecure configurations create externalities that have implications on the security of other systems. Proper cyber hygiene and education are vital to stop the proliferation of computer worms, viruses and botnets. Furthermore, end users, corporations and large governments directly influence software vendors’ decisions to invest on security by voting with their money every time software is purchased or pirated. Security researchers largely influence the overall state of software security depending on the approach taken to disclose findings. While many believe full disclosure practices helped the software industry to advance security in the past, several of the most devastating computer worms were created by borrowing from information detailed by researcher’s full disclosure. Both incentives and penalties were created for security researchers: a number of stories of vendors suing security researchers are available in the press. Some countries enacted laws banning the use and development of “hacking tools”. At the same time, companies such as iDefense promoted the creation of a market for security vulnerabilities providing rewards that are larger than a year’s worth of salary for a software practitioner in countries such as China and India. Effective policy and standards can serve as leverage to fix the problem either by providing incentives or penalties. Attempts such PCI created a perverse incentive that diverted decision makers’ goals to compliance instead of security. Stiff mandates and ineffective laws have been observed internationally. Given the fast pace of the industry, laws to combat software vulnerabilities may become obsolete before they are enacted. Alternatively, the government can use its own buying power to encourage adoption of good security standards. One example of this is the Federal Desktop Core Configuration (FDCC). The proposed presentation is based on the research done by Cassio Goldschmidt, Sr. Manager at Symantec Corporation; Melissa J. Dark, Professor & Assistant Dean Department of Computer and Information Technology Purdue University and Hina Chaudhry, PhD. Candidate at Purdue University and is reflection of the role of each player involved in the software lifecycle and the incentives (and disincentives) they have to perform the task, the network effects of their actions and the results on the state of software security.
-
6:45
»
SecDocs
Authors:
Cassio Goldschmidt Tags:
vulnerability Event:
Black Hat DC 2011 Abstract: Who is responsible for the harm and risk of security flaws? The advent of worldwide networks such as the internet made software security (or the lack of software security) became a problem of international proportions. There are no mathematical/statistical risk models available today to assess networked systems with interdependent failures. Without this tool, decision-makers are bound to overinvest in activities that don’t generate the desired return on investment or under invest on mitigations, risking dreadful consequences. Experience suggests that no party is solely responsible for the harm and risk of software security flaws but a model of partial responsibility can only emerge once the duties and motivations of all parties are examine and understood. State of the art practices in software development won’t guarantee products free of flaws. The infinite principles of mathematics are not properly implemented in modern computer hardware without having to truncate numbers and calculations. Many of the most common operating systems, network protocols and programming languages used today were first conceived without the basic principles of security in mind. Compromises are made to maintain compatibility of newer versions of these systems with previous versions. Evolving software inherits all flaws and risks that are present in this layered and interdependent solution. Lastly, there are no formal ways to prove software correctness using neither mathematics nor definitive authority to assert the absence of vulnerabilities. The slightest coding error can lead to a fatal flaw. Without a doubt, vulnerabilities in software applications will continue to be part of our daily lives for years to come. Decisions made by adopters such as whether to install a patch, upgrade a system or employed insecure configurations create externalities that have implications on the security of other systems. Proper cyber hygiene and education are vital to stop the proliferation of computer worms, viruses and botnets. Furthermore, end users, corporations and large governments directly influence software vendors’ decisions to invest on security by voting with their money every time software is purchased or pirated. Security researchers largely influence the overall state of software security depending on the approach taken to disclose findings. While many believe full disclosure practices helped the software industry to advance security in the past, several of the most devastating computer worms were created by borrowing from information detailed by researcher’s full disclosure. Both incentives and penalties were created for security researchers: a number of stories of vendors suing security researchers are available in the press. Some countries enacted laws banning the use and development of “hacking tools”. At the same time, companies such as iDefense promoted the creation of a market for security vulnerabilities providing rewards that are larger than a year’s worth of salary for a software practitioner in countries such as China and India. Effective policy and standards can serve as leverage to fix the problem either by providing incentives or penalties. Attempts such PCI created a perverse incentive that diverted decision makers’ goals to compliance instead of security. Stiff mandates and ineffective laws have been observed internationally. Given the fast pace of the industry, laws to combat software vulnerabilities may become obsolete before they are enacted. Alternatively, the government can use its own buying power to encourage adoption of good security standards. One example of this is the Federal Desktop Core Configuration (FDCC). The proposed presentation is based on the research done by Cassio Goldschmidt, Sr. Manager at Symantec Corporation; Melissa J. Dark, Professor & Assistant Dean Department of Computer and Information Technology Purdue University and Hina Chaudhry, PhD. Candidate at Purdue University and is reflection of the role of each player involved in the software lifecycle and the incentives (and disincentives) they have to perform the task, the network effects of their actions and the results on the state of software security.
-
-
7:00
»
Hack a Day
The Free Sofware Foundation, the very same organization responsible for the GNU General Public License and open source advocacy on the part of the Free Software stalwart [Richard Stallman], has certified its first piece of hardware as Respecting Your Freedom. This new certification goes far beyond the goals of Open Source Hardware. In addition to providing documentation, schematics, and [...]
-
-
4:00
»
Hack a Day
Many have tried to put together an easy package for running software defined radio packages on the Mac. Not many have succeeded the way [Elias]‘ port of the gqrx SDR package has. It’s simply the easiest way to get a software defined radio up and running on the mac. gqrx is a front end for the [...]
-
-
14:01
»
Hack a Day
[Andrew] picked up a handful of these big STC 8051 chips for a song and dance. The problem he has with them is the clunky VB6 programming software that only wants to run on a Windows box. He buckled down and wrote his own programming software called stcdude. As you have probably guessed, it’s meant [...]
-
8:00
»
Hack a Day
When programming a microcontroller to do your bidding, you only have two choices. You could write your code in a proper language such as C and cross-compile your source into a piece of firmware easily understood by a micro. Alternatively, your could load an interpreter on your microcontroller and write code via a serial connection. Interpreters [...]
-
-
9:41
»
SecDocs
Authors:
Josef Spillner Tags:
Linux Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Overview about the young and still developing Free Software scene in South and Latin America (mostly Brazil), ways to achieve independence of existing structures, and some specific projects. While in Germany people still talk about the ongoing partial migration in Munich, which is mostly in the hands of only few companies, other places have advanced some more already: where interested citizens are part of IT migrations in both companies and organizations. Not only is this a cultural difference, but also gives all hackers the possibility to block decisions heading the wrong way, and to integrate their own perspective.
-
9:41
»
SecDocs
Authors:
Josef Spillner Tags:
Linux Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Overview about the young and still developing Free Software scene in South and Latin America (mostly Brazil), ways to achieve independence of existing structures, and some specific projects. While in Germany people still talk about the ongoing partial migration in Munich, which is mostly in the hands of only few companies, other places have advanced some more already: where interested citizens are part of IT migrations in both companies and organizations. Not only is this a cultural difference, but also gives all hackers the possibility to block decisions heading the wrong way, and to integrate their own perspective.
-
9:41
»
SecDocs
Authors:
Josef Spillner Tags:
Linux Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Overview about the young and still developing Free Software scene in South and Latin America (mostly Brazil), ways to achieve independence of existing structures, and some specific projects. While in Germany people still talk about the ongoing partial migration in Munich, which is mostly in the hands of only few companies, other places have advanced some more already: where interested citizens are part of IT migrations in both companies and organizations. Not only is this a cultural difference, but also gives all hackers the possibility to block decisions heading the wrong way, and to integrate their own perspective.
-
9:41
»
SecDocs
Authors:
Josef Spillner Tags:
Linux Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Overview about the young and still developing Free Software scene in South and Latin America (mostly Brazil), ways to achieve independence of existing structures, and some specific projects. While in Germany people still talk about the ongoing partial migration in Munich, which is mostly in the hands of only few companies, other places have advanced some more already: where interested citizens are part of IT migrations in both companies and organizations. Not only is this a cultural difference, but also gives all hackers the possibility to block decisions heading the wrong way, and to integrate their own perspective.
-
-
21:54
»
SecDocs
Authors:
Klaus Schleisiek Tags:
embedded Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: A presentation of the public-domain "uCore" written in VHDL that can be used by the "Core Aided Programmer" to realise systems in FPGAs. Its architecture, its hardware/software co-design approach, its prototyping board and its software development environment. Systems on a Chip, initially reserved to the ASIC community and big money, can now be carried out on an FPGA basis by small enterprises. Processor kernels programmed in VHDL or Verilog meet the operating system interface programmed in C. The "Core Aided Programmer" is able to tune the hardware/software interface towards simplicity, understandability and energy efficiency without having to struggle with (un)known bugs. "uCore" is a processor kernel based on Forth. It has a data and a return stack and separate program and data memories. Its transputerish "prefix" code structure makes the data word width independent from its 8 bit code width and therefore, its data width can be set by one VHDL constant, and it can be interrupted after each instruction. Because of its stacks, no registers need to be saved on interrupts. It has an innovative exception mechanism, which makes API code easier to read and therefore, more reliable. A 32-bit instantiation fits into 1/3 of the by now "small" XC2S200 (Xilinx) or EP1C6 (Altera).
-
-
21:36
»
SecDocs
Authors:
Hubert Feyrer Tags:
technology Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Have you tried installing a certain package on (say) Linux, Solaris, MacOS X, MS Windows and NetBSD at the same time? The pkgsrc system allows doing so by a simple "make install" instead of knowing lots of details. The presentation discusses the problems when installing open source on Unix(like) systems and identifies specific areas that need attention, and how they manifest in various architectures of open source systems today, leading from a rather simple layered theory to a complex graph in reality, which requires environmental considerations like demands for flexibility and maintainability when addressed. The pkgsrc system is introduced as a possible solution, which can be used to install software easily from source independent of your operating system. A general overview of the pkgsrc system is given followed by an user-oriented example on how to bootstrap it and compile packages on a Linux system. with a special emphasis of working without root privileges. Operation of the pkgsrc system is described next, with details on the install process and an overview of available packages. Last, details on how a package is constructed are outlined, including dependency handling. The presentation is intended for users of all Unix(like) systems that need to maintain and update software on a regular base and across various platforms, emphasizing the cross-platform nature of pkgsrc, which includes Linux, FreeBSD, OpenBSD, MacOS X, Solaris, Irix and even MS Windows. Developers working on other package systems will get an overview of how things are done in NetBSD, which is very close to the FreeBSD and OpenBSD ports system as well as the Gentoo portage system.
-
21:36
»
SecDocs
Authors:
Hubert Feyrer Tags:
technology Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Have you tried installing a certain package on (say) Linux, Solaris, MacOS X, MS Windows and NetBSD at the same time? The pkgsrc system allows doing so by a simple "make install" instead of knowing lots of details. The presentation discusses the problems when installing open source on Unix(like) systems and identifies specific areas that need attention, and how they manifest in various architectures of open source systems today, leading from a rather simple layered theory to a complex graph in reality, which requires environmental considerations like demands for flexibility and maintainability when addressed. The pkgsrc system is introduced as a possible solution, which can be used to install software easily from source independent of your operating system. A general overview of the pkgsrc system is given followed by an user-oriented example on how to bootstrap it and compile packages on a Linux system. with a special emphasis of working without root privileges. Operation of the pkgsrc system is described next, with details on the install process and an overview of available packages. Last, details on how a package is constructed are outlined, including dependency handling. The presentation is intended for users of all Unix(like) systems that need to maintain and update software on a regular base and across various platforms, emphasizing the cross-platform nature of pkgsrc, which includes Linux, FreeBSD, OpenBSD, MacOS X, Solaris, Irix and even MS Windows. Developers working on other package systems will get an overview of how things are done in NetBSD, which is very close to the FreeBSD and OpenBSD ports system as well as the Gentoo portage system.
-
21:36
»
SecDocs
Authors:
Hubert Feyrer Tags:
technology Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Have you tried installing a certain package on (say) Linux, Solaris, MacOS X, MS Windows and NetBSD at the same time? The pkgsrc system allows doing so by a simple "make install" instead of knowing lots of details. The presentation discusses the problems when installing open source on Unix(like) systems and identifies specific areas that need attention, and how they manifest in various architectures of open source systems today, leading from a rather simple layered theory to a complex graph in reality, which requires environmental considerations like demands for flexibility and maintainability when addressed. The pkgsrc system is introduced as a possible solution, which can be used to install software easily from source independent of your operating system. A general overview of the pkgsrc system is given followed by an user-oriented example on how to bootstrap it and compile packages on a Linux system. with a special emphasis of working without root privileges. Operation of the pkgsrc system is described next, with details on the install process and an overview of available packages. Last, details on how a package is constructed are outlined, including dependency handling. The presentation is intended for users of all Unix(like) systems that need to maintain and update software on a regular base and across various platforms, emphasizing the cross-platform nature of pkgsrc, which includes Linux, FreeBSD, OpenBSD, MacOS X, Solaris, Irix and even MS Windows. Developers working on other package systems will get an overview of how things are done in NetBSD, which is very close to the FreeBSD and OpenBSD ports system as well as the Gentoo portage system.
-
-
15:29
»
SecDocs
Authors:
Steven J. Murdoch Tags:
security Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: This talk examines the similarities between computer security and optical document security. Also we describe our work on reverse engineering anti-counterfeiting measures, included in much modern graphics software, and discuss its impact on Open Source. Co-Author: Ben Laurie Since January 2004, many major graphics software and hardware manufacturers have included anti-counterfeiting measures in their products (including Adobe Photoshop, JASC Paint Shop Pro, HP Printers and Canon scanners). The feature operates by detecting characteristics of banknotes and preventing a suspicious image from being processed. The software is developed by the G10 Central Bank Counterfeit Deterrence Group and provided to manufacturers as a compiled library. No details of the what features the system detects are publicly available, and it has been established that it does not use the same counterfeit-deterrence technique used in colour photocopiers. Firstly the lecture will include background information on existing counterfeit deterrence systems, designed to prevent currency being copied on conventional printing equipment. This will move on to the more modern techniques, developed in reaction to the widespread deployment of high-quality digital printing hardware. Also the field of digital watermarking will be introduced and its relationship to counterfeit deterrence discussed. The lecture will cover the progress of a project to understand the currency detection feature, and reverse engineer it. This includes conventional reverse-engineering techniques such as disassembly and dynamic code analysis, but it will also describe application specific tools, such as black box digital watermark benchmarking. Finally, proposed EU legislation will make the inclusion of such a system mandatory, so the consequences on Free and open source software will be discussed. These are in addition to conventional DRM problems such as prevention of legal manipulation of currency images, and other problems specific to counterfeit deterrence.
-
15:29
»
SecDocs
Authors:
Steven J. Murdoch Tags:
security Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: This talk examines the similarities between computer security and optical document security. Also we describe our work on reverse engineering anti-counterfeiting measures, included in much modern graphics software, and discuss its impact on Open Source. Co-Author: Ben Laurie Since January 2004, many major graphics software and hardware manufacturers have included anti-counterfeiting measures in their products (including Adobe Photoshop, JASC Paint Shop Pro, HP Printers and Canon scanners). The feature operates by detecting characteristics of banknotes and preventing a suspicious image from being processed. The software is developed by the G10 Central Bank Counterfeit Deterrence Group and provided to manufacturers as a compiled library. No details of the what features the system detects are publicly available, and it has been established that it does not use the same counterfeit-deterrence technique used in colour photocopiers. Firstly the lecture will include background information on existing counterfeit deterrence systems, designed to prevent currency being copied on conventional printing equipment. This will move on to the more modern techniques, developed in reaction to the widespread deployment of high-quality digital printing hardware. Also the field of digital watermarking will be introduced and its relationship to counterfeit deterrence discussed. The lecture will cover the progress of a project to understand the currency detection feature, and reverse engineer it. This includes conventional reverse-engineering techniques such as disassembly and dynamic code analysis, but it will also describe application specific tools, such as black box digital watermark benchmarking. Finally, proposed EU legislation will make the inclusion of such a system mandatory, so the consequences on Free and open source software will be discussed. These are in addition to conventional DRM problems such as prevention of legal manipulation of currency images, and other problems specific to counterfeit deterrence.
-
-
17:02
»
Packet Storm Security Advisories
Cisco Security Advisory - Cisco IOS Software and Cisco IOS XE Software contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. An attacker could exploit this vulnerability by sending a crafted request to an affected device that has the DHCP version 6 (DHCPv6) server feature enabled, causing a reload. Cisco has released free software updates that address this vulnerability.
-
17:02
»
Packet Storm Security Recent Files
Cisco Security Advisory - Cisco IOS Software and Cisco IOS XE Software contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. An attacker could exploit this vulnerability by sending a crafted request to an affected device that has the DHCP version 6 (DHCPv6) server feature enabled, causing a reload. Cisco has released free software updates that address this vulnerability.
-
17:02
»
Packet Storm Security Misc. Files
Cisco Security Advisory - Cisco IOS Software and Cisco IOS XE Software contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. An attacker could exploit this vulnerability by sending a crafted request to an affected device that has the DHCP version 6 (DHCPv6) server feature enabled, causing a reload. Cisco has released free software updates that address this vulnerability.
-
16:59
»
Packet Storm Security Advisories
Cisco Security Advisory - Cisco IOS Software contains a queue wedge vulnerability that can be triggered when processing IP tunneled packets. Only Cisco IOS Software running on the Cisco 10000 Series router has been demonstrated to be affected. Successful exploitation of this vulnerability may prevent traffic from transiting the affected interfaces. Cisco has released free software updates that addresses this vulnerability. There are no workarounds for this vulnerability.
-
16:59
»
Packet Storm Security Recent Files
Cisco Security Advisory - Cisco IOS Software contains a queue wedge vulnerability that can be triggered when processing IP tunneled packets. Only Cisco IOS Software running on the Cisco 10000 Series router has been demonstrated to be affected. Successful exploitation of this vulnerability may prevent traffic from transiting the affected interfaces. Cisco has released free software updates that addresses this vulnerability. There are no workarounds for this vulnerability.
-
16:59
»
Packet Storm Security Misc. Files
Cisco Security Advisory - Cisco IOS Software contains a queue wedge vulnerability that can be triggered when processing IP tunneled packets. Only Cisco IOS Software running on the Cisco 10000 Series router has been demonstrated to be affected. Successful exploitation of this vulnerability may prevent traffic from transiting the affected interfaces. Cisco has released free software updates that addresses this vulnerability. There are no workarounds for this vulnerability.
-
16:54
»
Packet Storm Security Advisories
Cisco Security Advisory - The Cisco IOS Software Network Address Translation (NAT) feature contains two denial of service (DoS) vulnerabilities in the translation of IP packets. The vulnerabilities are caused when packets in transit on the vulnerable device require translation. Cisco has released free software updates that address these vulnerabilities.
-
16:54
»
Packet Storm Security Recent Files
Cisco Security Advisory - The Cisco IOS Software Network Address Translation (NAT) feature contains two denial of service (DoS) vulnerabilities in the translation of IP packets. The vulnerabilities are caused when packets in transit on the vulnerable device require translation. Cisco has released free software updates that address these vulnerabilities.
-
16:54
»
Packet Storm Security Misc. Files
Cisco Security Advisory - The Cisco IOS Software Network Address Translation (NAT) feature contains two denial of service (DoS) vulnerabilities in the translation of IP packets. The vulnerabilities are caused when packets in transit on the vulnerable device require translation. Cisco has released free software updates that address these vulnerabilities.
-
16:50
»
Packet Storm Security Advisories
Cisco Security Advisory - Cisco IOS Software contains a vulnerability in the Intrusion Prevention System (IPS) feature that could allow an unauthenticated, remote attacker to cause a reload of an affected device if specific Cisco IOS IPS configurations exist. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
-
16:50
»
Packet Storm Security Recent Files
Cisco Security Advisory - Cisco IOS Software contains a vulnerability in the Intrusion Prevention System (IPS) feature that could allow an unauthenticated, remote attacker to cause a reload of an affected device if specific Cisco IOS IPS configurations exist. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
-
16:50
»
Packet Storm Security Misc. Files
Cisco Security Advisory - Cisco IOS Software contains a vulnerability in the Intrusion Prevention System (IPS) feature that could allow an unauthenticated, remote attacker to cause a reload of an affected device if specific Cisco IOS IPS configurations exist. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
-
16:50
»
Packet Storm Security Advisories
Cisco Security Advisory - A vulnerability exists in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause an affected device to reload. Affected devices must be configured to process SIP messages and for pass-through of Session Description Protocol (SDP) for this vulnerability to be exploitable. Cisco has released free software updates that address this vulnerability. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerability.
-
16:50
»
Packet Storm Security Recent Files
Cisco Security Advisory - A vulnerability exists in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause an affected device to reload. Affected devices must be configured to process SIP messages and for pass-through of Session Description Protocol (SDP) for this vulnerability to be exploitable. Cisco has released free software updates that address this vulnerability. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerability.
-
16:50
»
Packet Storm Security Misc. Files
Cisco Security Advisory - A vulnerability exists in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause an affected device to reload. Affected devices must be configured to process SIP messages and for pass-through of Session Description Protocol (SDP) for this vulnerability to be exploitable. Cisco has released free software updates that address this vulnerability. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerability.
-
-
21:54
»
SecDocs
Authors:
Meike Richter Tags:
technology Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: What has software to do with development policy? A lot. Software is not only about code, it is about rights, control, transparency, freedom and power. Poorly educated people with little financial resources, mostly located in the Southern hemisphere, have little chance to have access to information and communication technologies (ICTs) and to the Internet. Since the mid-1990s, the so-called digital divide appeared on the political agenda. By providing access to ICTs, it is hoped to promote economical, political and social development as well. This lecture explains the digital divide and its implications and gives an overview of the different positions within the discourse. There are three different modes of argumentation: the optimists claiming the new ICTs could strengthen the voice of the poor and developing nations and of marginalized groups; sceptics who believe that new technology alone will make little difference; and pessimists who emphasize that digital technologies will further exacerbate the existing North-South divide. So far, the choice of the software model has hardly played a role in digital development policy. Proprietary architectures are the rule. Only in recent time, the nature of code becomes an issue. E.g., the country of Brazil is going pro-Linux. Free/Open Source Software has a lot of advantages for poor and developing nations: it offers access to knowledge and information engineering skills of the most developed countries, it promotes technological independence and it is for free. So how come that GNU/Linux is not being used all over the place? Why is Brazil's approach towards free code something completely new? This lecture explains why software becomes an increasingly important political issue.
-
21:54
»
SecDocs
Authors:
Meike Richter Tags:
technology Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: What has software to do with development policy? A lot. Software is not only about code, it is about rights, control, transparency, freedom and power. Poorly educated people with little financial resources, mostly located in the Southern hemisphere, have little chance to have access to information and communication technologies (ICTs) and to the Internet. Since the mid-1990s, the so-called digital divide appeared on the political agenda. By providing access to ICTs, it is hoped to promote economical, political and social development as well. This lecture explains the digital divide and its implications and gives an overview of the different positions within the discourse. There are three different modes of argumentation: the optimists claiming the new ICTs could strengthen the voice of the poor and developing nations and of marginalized groups; sceptics who believe that new technology alone will make little difference; and pessimists who emphasize that digital technologies will further exacerbate the existing North-South divide. So far, the choice of the software model has hardly played a role in digital development policy. Proprietary architectures are the rule. Only in recent time, the nature of code becomes an issue. E.g., the country of Brazil is going pro-Linux. Free/Open Source Software has a lot of advantages for poor and developing nations: it offers access to knowledge and information engineering skills of the most developed countries, it promotes technological independence and it is for free. So how come that GNU/Linux is not being used all over the place? Why is Brazil's approach towards free code something completely new? This lecture explains why software becomes an increasingly important political issue.
-
-
21:46
»
SecDocs
Authors:
Meike Richter Tags:
technology Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: What has software to do with development policy? A lot. Software is not only about code, it is about rights, control, transparency, freedom and power. Poorly educated people with little financial resources, mostly located in the Southern hemisphere, have little chance to have access to information and communication technologies (ICTs) and to the Internet. Since the mid-1990s, the so-called digital divide appeared on the political agenda. By providing access to ICTs, it is hoped to promote economical, political and social development as well. This lecture explains the digital divide and its implications and gives an overview of the different positions within the discourse. There are three different modes of argumentation: the optimists claiming the new ICTs could strengthen the voice of the poor and developing nations and of marginalized groups; sceptics who believe that new technology alone will make little difference; and pessimists who emphasize that digital technologies will further exacerbate the existing North-South divide. So far, the choice of the software model has hardly played a role in digital development policy. Proprietary architectures are the rule. Only in recent time, the nature of code becomes an issue. E.g., the country of Brazil is going pro-Linux. Free/Open Source Software has a lot of advantages for poor and developing nations: it offers access to knowledge and information engineering skills of the most developed countries, it promotes technological independence and it is for free. So how come that GNU/Linux is not being used all over the place? Why is Brazil's approach towards free code something completely new? This lecture explains why software becomes an increasingly important political issue.
-
-
21:43
»
SecDocs
Authors:
Felix Erkinger Tags:
virtualization Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: Modern virtualization technics are changing the point of view used to build software and its infrastructure. Explaining the techniques used in cutting edge virtualization software, this talk gives an introspection how virtualization is solving design issues in heterogenos computing environments. This lecture will give a basic introduction in the area of virtualization techniques, covering partitioning kernels, para- and full virtualization, hybrid technics, its design and implications, using opensource software like xen, qemu, linux-vserver and others. Starting with an explanation of commonly used terms, the lecture is going to cover the design of current state of the art virtualization software. Finally it explains the benefits of virtualization technics in modern software and system developement, and why virtualization is going to change software development radically.
-
-
21:39
»
SecDocs
Authors:
Felix Erkinger Tags:
virtualization Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: Modern virtualization technics are changing the point of view used to build software and its infrastructure. Explaining the techniques used in cutting edge virtualization software, this talk gives an introspection how virtualization is solving design issues in heterogenos computing environments. This lecture will give a basic introduction in the area of virtualization techniques, covering partitioning kernels, para- and full virtualization, hybrid technics, its design and implications, using opensource software like xen, qemu, linux-vserver and others. Starting with an explanation of commonly used terms, the lecture is going to cover the design of current state of the art virtualization software. Finally it explains the benefits of virtualization technics in modern software and system developement, and why virtualization is going to change software development radically.
-
21:39
»
SecDocs
Authors:
Felix Erkinger Tags:
virtualization Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: Modern virtualization technics are changing the point of view used to build software and its infrastructure. Explaining the techniques used in cutting edge virtualization software, this talk gives an introspection how virtualization is solving design issues in heterogenos computing environments. This lecture will give a basic introduction in the area of virtualization techniques, covering partitioning kernels, para- and full virtualization, hybrid technics, its design and implications, using opensource software like xen, qemu, linux-vserver and others. Starting with an explanation of commonly used terms, the lecture is going to cover the design of current state of the art virtualization software. Finally it explains the benefits of virtualization technics in modern software and system developement, and why virtualization is going to change software development radically.
-
6:24
»
SecDocs
Authors:
Sandro Gaycken Tags:
technology Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: The mode of production in free software development is often being described as anarchical. Despite this attribution seems not initially intended in any fundamental political sense, this sense starts to transfuse the discussions. This invites to a closer look at the reference: what it is, what it's not and what it could be. And once viewed from general anarchist theory and the anarchist theory of technology, any political relation seems to vanish. But despite this first stance, a demonstrative value can still be obtained as soon as some critical remarks are acknowledged and some developmental frames would be changed. The term „anarchism“ has been used frequently when free software development has been described. It was meant to grasp two main notions of the phenomenon: first, the open, unguided and non-monopolized mode of technological development and second, the seemingly anti-capitalist aspect of its free propagation. Although the term first appeared to be intended largely to discredit free software development – as a part of the usual warmongering –, it soon took a positive connotation as many anarchist hackers embraced it as fitting and as the free software idea proved to be exceedingly more successful and accepted among users. Thus meanwhile, it transgresses its old territory of rhethoric warfare into a mode of identification and a topic on its own, seemingly placing the free software debate onto a more general political ground. But this is not quite legitimate. The use of the term in the debate was largely introduced in its colloquial sense which stems from the public image of anarchy. And that is quite far from what anarchist theory actually is about. Thus the question arises how fitting the term actually is, if free software development is viewed from anarchist theory. To investigate this, one has to accredit two possible points of view. First, free software would have to be judged as a technology from the anarchist theory of technology. This reveals that the revolt happens only within another technology which is not so free and quite ambivalent, namely computers. Second, apart from the resulting technology, free software could be judged as a pure developmental method. But as such, it can soon be demonstrated how it is bracketed by the ideological frameworks of capitalism and authority, thus reproducing and proliferating both. It follows that the use of the term „anarchism“, contrary to the fact that it is now intended more openly in its political notion, is more of a fashion, a linguistic reinvention of capitalism and authority. Free software appears to be just slightly more political than any other chunk of consumer electronics and the culture it proposes is not as free and counter-capitalistic as it is held to be. But this judgement doesn't have to be the end of it. Something politically valuable can still be drawn from the developmental method if it can be stripped of its ideological framings and thus placed on a more genuine anarchical turf. In that case, one can render the core argument against intellectual property conceptions, addressing the case of a highly creative, boosted productivity in free software development, into an argument – attached to a case study – for the developmental potential of an anarchical society in general. With this developmental argument transitively enlarged into an argument for anarchism, the case of free software could receive an outstanding political importance. It could factually prove that leadership and financial interest are not only not essential to production, research or development, but also hindering those, thus hindering the development of human faculties in general. Free Software and Anarchism - does this compute?
-
6:24
»
SecDocs
Authors:
Sandro Gaycken Tags:
technology Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: The mode of production in free software development is often being described as anarchical. Despite this attribution seems not initially intended in any fundamental political sense, this sense starts to transfuse the discussions. This invites to a closer look at the reference: what it is, what it's not and what it could be. And once viewed from general anarchist theory and the anarchist theory of technology, any political relation seems to vanish. But despite this first stance, a demonstrative value can still be obtained as soon as some critical remarks are acknowledged and some developmental frames would be changed. The term „anarchism“ has been used frequently when free software development has been described. It was meant to grasp two main notions of the phenomenon: first, the open, unguided and non-monopolized mode of technological development and second, the seemingly anti-capitalist aspect of its free propagation. Although the term first appeared to be intended largely to discredit free software development – as a part of the usual warmongering –, it soon took a positive connotation as many anarchist hackers embraced it as fitting and as the free software idea proved to be exceedingly more successful and accepted among users. Thus meanwhile, it transgresses its old territory of rhethoric warfare into a mode of identification and a topic on its own, seemingly placing the free software debate onto a more general political ground. But this is not quite legitimate. The use of the term in the debate was largely introduced in its colloquial sense which stems from the public image of anarchy. And that is quite far from what anarchist theory actually is about. Thus the question arises how fitting the term actually is, if free software development is viewed from anarchist theory. To investigate this, one has to accredit two possible points of view. First, free software would have to be judged as a technology from the anarchist theory of technology. This reveals that the revolt happens only within another technology which is not so free and quite ambivalent, namely computers. Second, apart from the resulting technology, free software could be judged as a pure developmental method. But as such, it can soon be demonstrated how it is bracketed by the ideological frameworks of capitalism and authority, thus reproducing and proliferating both. It follows that the use of the term „anarchism“, contrary to the fact that it is now intended more openly in its political notion, is more of a fashion, a linguistic reinvention of capitalism and authority. Free software appears to be just slightly more political than any other chunk of consumer electronics and the culture it proposes is not as free and counter-capitalistic as it is held to be. But this judgement doesn't have to be the end of it. Something politically valuable can still be drawn from the developmental method if it can be stripped of its ideological framings and thus placed on a more genuine anarchical turf. In that case, one can render the core argument against intellectual property conceptions, addressing the case of a highly creative, boosted productivity in free software development, into an argument – attached to a case study – for the developmental potential of an anarchical society in general. With this developmental argument transitively enlarged into an argument for anarchism, the case of free software could receive an outstanding political importance. It could factually prove that leadership and financial interest are not only not essential to production, research or development, but also hindering those, thus hindering the development of human faculties in general. Free Software and Anarchism - does this compute?
-
6:24
»
SecDocs
Authors:
Sandro Gaycken Tags:
technology Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: The mode of production in free software development is often being described as anarchical. Despite this attribution seems not initially intended in any fundamental political sense, this sense starts to transfuse the discussions. This invites to a closer look at the reference: what it is, what it's not and what it could be. And once viewed from general anarchist theory and the anarchist theory of technology, any political relation seems to vanish. But despite this first stance, a demonstrative value can still be obtained as soon as some critical remarks are acknowledged and some developmental frames would be changed. The term „anarchism“ has been used frequently when free software development has been described. It was meant to grasp two main notions of the phenomenon: first, the open, unguided and non-monopolized mode of technological development and second, the seemingly anti-capitalist aspect of its free propagation. Although the term first appeared to be intended largely to discredit free software development – as a part of the usual warmongering –, it soon took a positive connotation as many anarchist hackers embraced it as fitting and as the free software idea proved to be exceedingly more successful and accepted among users. Thus meanwhile, it transgresses its old territory of rhethoric warfare into a mode of identification and a topic on its own, seemingly placing the free software debate onto a more general political ground. But this is not quite legitimate. The use of the term in the debate was largely introduced in its colloquial sense which stems from the public image of anarchy. And that is quite far from what anarchist theory actually is about. Thus the question arises how fitting the term actually is, if free software development is viewed from anarchist theory. To investigate this, one has to accredit two possible points of view. First, free software would have to be judged as a technology from the anarchist theory of technology. This reveals that the revolt happens only within another technology which is not so free and quite ambivalent, namely computers. Second, apart from the resulting technology, free software could be judged as a pure developmental method. But as such, it can soon be demonstrated how it is bracketed by the ideological frameworks of capitalism and authority, thus reproducing and proliferating both. It follows that the use of the term „anarchism“, contrary to the fact that it is now intended more openly in its political notion, is more of a fashion, a linguistic reinvention of capitalism and authority. Free software appears to be just slightly more political than any other chunk of consumer electronics and the culture it proposes is not as free and counter-capitalistic as it is held to be. But this judgement doesn't have to be the end of it. Something politically valuable can still be drawn from the developmental method if it can be stripped of its ideological framings and thus placed on a more genuine anarchical turf. In that case, one can render the core argument against intellectual property conceptions, addressing the case of a highly creative, boosted productivity in free software development, into an argument – attached to a case study – for the developmental potential of an anarchical society in general. With this developmental argument transitively enlarged into an argument for anarchism, the case of free software could receive an outstanding political importance. It could factually prove that leadership and financial interest are not only not essential to production, research or development, but also hindering those, thus hindering the development of human faculties in general. Free Software and Anarchism - does this compute?
-
-
7:45
»
SecDocs
Authors:
Harald Welte Tags:
GSM phone Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: This presentation describes the progress of hacking and extending the Motorola series of Linux based Smartphones, with the ultimate goal to replace all proprietary applications with 100% free software. It's been two years since Motorola has released the first Linux Smartphone (A768). More recently, two new models were introduced, the A780 and the E680, the former even officially distributed in Germany and all over the EU. What's so special about a Linux based smartphone? It's special because the Linux kernel acts as an enabler for 3rd party hacks and 3rd party software, like it can be observed with the OpenWRT, OpenTom, NSLU2-Linux, OpenEmbedded, OpenZaurus and other similar projects. The author of this presentation has sucessfully obtained "telnet" access to an A780 cellphone, built a matching cross-compilation toolchain and installed various applications for debugging, such as busybox, iptables, nmap, lsof, strace, etc. While re-engineering efforts are still in a early stage, work is proceeding extremely fast, and important pieces such as the protocol between the PXA270 frontend processor and the ARM7TDMI GSM processor have already been partially re-engineered. The project is expected to progress significantly until 22C3.
-
7:45
»
SecDocs
Authors:
Harald Welte Tags:
GSM phone Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: This presentation describes the progress of hacking and extending the Motorola series of Linux based Smartphones, with the ultimate goal to replace all proprietary applications with 100% free software. It's been two years since Motorola has released the first Linux Smartphone (A768). More recently, two new models were introduced, the A780 and the E680, the former even officially distributed in Germany and all over the EU. What's so special about a Linux based smartphone? It's special because the Linux kernel acts as an enabler for 3rd party hacks and 3rd party software, like it can be observed with the OpenWRT, OpenTom, NSLU2-Linux, OpenEmbedded, OpenZaurus and other similar projects. The author of this presentation has sucessfully obtained "telnet" access to an A780 cellphone, built a matching cross-compilation toolchain and installed various applications for debugging, such as busybox, iptables, nmap, lsof, strace, etc. While re-engineering efforts are still in a early stage, work is proceeding extremely fast, and important pieces such as the protocol between the PXA270 frontend processor and the ARM7TDMI GSM processor have already been partially re-engineered. The project is expected to progress significantly until 22C3.
-
7:45
»
SecDocs
Authors:
Harald Welte Tags:
GSM phone Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: This presentation describes the progress of hacking and extending the Motorola series of Linux based Smartphones, with the ultimate goal to replace all proprietary applications with 100% free software. It's been two years since Motorola has released the first Linux Smartphone (A768). More recently, two new models were introduced, the A780 and the E680, the former even officially distributed in Germany and all over the EU. What's so special about a Linux based smartphone? It's special because the Linux kernel acts as an enabler for 3rd party hacks and 3rd party software, like it can be observed with the OpenWRT, OpenTom, NSLU2-Linux, OpenEmbedded, OpenZaurus and other similar projects. The author of this presentation has sucessfully obtained "telnet" access to an A780 cellphone, built a matching cross-compilation toolchain and installed various applications for debugging, such as busybox, iptables, nmap, lsof, strace, etc. While re-engineering efforts are still in a early stage, work is proceeding extremely fast, and important pieces such as the protocol between the PXA270 frontend processor and the ARM7TDMI GSM processor have already been partially re-engineered. The project is expected to progress significantly until 22C3.
-
-
9:12
»
SecDocs
Authors:
Dong-Joo Ha Ki-Chan Ahn Tags:
Nintendo Event:
AVTokyo 2010 Abstract: A large portion of people who possess a Gaming Console or a Smartphone are downloading paid software illegally from the web or p2p. Most of those people do not even give a second thought before installing the downloaded software, and merely just check that the application works. The sense of security here comes from the application's popularity and the fact that the application is working as advertised with no noticeable problems. The reason why people have this kind of false sense of security for Console Gaming systems or Mobile Devices is because they are not fully aware that malware can potentially bring the same devastating effects as that of a PC malware, and no one has published a reliable way to inject a malware to a legit software. However, the boundry of these devices and the PC is getting very thin due to the evolution of hardware, which makes these devices capable of bringing the same negative effects of PC malware. In this presentation, we will show how to inject code into binary for Nintendo Wii, and show a demo live action.
-
-
15:24
»
SecDocs
Authors:
Martin Vuagnoux Tags:
fuzzing Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: Automated vulnerability searching tools have led to a dramatic increase of the rate at which such flaws are discovered. One particular searching technique is fault injection – i.e. insertion of random data into input files, buffers or protocol packets, combined with a systematic monitoring of memory violations. Even if these tools allow to uncover a lot of vulnerabilities, they are still very primitive; despite their poor efficiency, they are useful because of the very high density of such vulnerabilities in modern software. This paper presents an innovative buffer overflow uncovering technique, which uses a more thorough and reliable approach. This technique, called "fuzzing by weighting attacks with markers", is a specialized kind of fault injection, which does not need source code or special compilation for the monitored program. As a proof of concept of the efficiency of this technique, a tool called Autodafé has been developed. It allows to detect automatically an impressive number of buffer overflow vulnerabilities.
-
10:30
»
SecDocs
Authors:
Martin Vuagnoux Tags:
fuzzing Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: Automated vulnerability searching tools have led to a dramatic increase of the rate at which such flaws are discovered. One particular searching technique is fault injection – i.e. insertion of random data into input files, buffers or protocol packets, combined with a systematic monitoring of memory violations. Even if these tools allow to uncover a lot of vulnerabilities, they are still very primitive; despite their poor efficiency, they are useful because of the very high density of such vulnerabilities in modern software. This paper presents an innovative buffer overflow uncovering technique, which uses a more thorough and reliable approach. This technique, called "fuzzing by weighting attacks with markers", is a specialized kind of fault injection, which does not need source code or special compilation for the monitored program. As a proof of concept of the efficiency of this technique, a tool called Autodafé has been developed. It allows to detect automatically an impressive number of buffer overflow vulnerabilities.
-
-
21:28
»
SecDocs
Authors:
André Rebentisch Tonnerre Lombard Tags:
law Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: Patent attorneys and a few large corporations advocate patent law as an appropriate protection tool for software development. Most economists, software professionals and SMEs disagree. They believe patent law does not serve market needs. This year the European Parliament rejected a 'Directive on the patentability of computer-implemented inventions'. However, as the European Patent Offices continues to grant them problems remain. Our expert panel with discuss further developments.
-
12:35
»
SecDocs
Authors:
André Rebentisch Tonnerre Lombard Tags:
law Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: Patent attorneys and a few large corporations advocate patent law as an appropriate protection tool for software development. Most economists, software professionals and SMEs disagree. They believe patent law does not serve market needs. This year the European Parliament rejected a 'Directive on the patentability of computer-implemented inventions'. However, as the European Patent Offices continues to grant them problems remain. Our expert panel with discuss further developments.
-
12:35
»
SecDocs
Authors:
André Rebentisch Tonnerre Lombard Tags:
law Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: Patent attorneys and a few large corporations advocate patent law as an appropriate protection tool for software development. Most economists, software professionals and SMEs disagree. They believe patent law does not serve market needs. This year the European Parliament rejected a 'Directive on the patentability of computer-implemented inventions'. However, as the European Patent Offices continues to grant them problems remain. Our expert panel with discuss further developments.
-
-
5:01
»
Hack a Day
We see projects here all the time that blend computing with the real world. Some people are naturally stronger on the mechanical end of things, whereas some are better with electronics or coding. All three specialities can be needed depending on your project. If your weakness lies in making a computer do your bidding, I [...]
-
-
21:43
»
SecDocs
Authors:
David Gustin Tags:
hardware hacking Event:
Chaos Communication Camp 2007 Abstract: How to build your own lab in your basement for engineering and reverse-engineering on a budget. Demystifying modern System On a Chip (SOC) Micro-Controllers for early hardware prototyping and software development. Practical reverse engineering; using your verification tools to reverse engineer and modify systems without source code. A presentation on getting started with embedded engineering. There is a lot to be said about the work area required for embedded engineering, what tools you will need and how to use them to accomplish useful tasks. An overview of hardware and software necessary to develop or reverse engineer embedded devices. As you will learn in this talk the tools are the same for both tasks. When you begin an embedded project of your own, what chips do you want to use? How do you go about prototyping your hardware? What methods should be considered before designing the system. Is your task better suited to multiple microcontrollers? Once you start writing code, how do you test it? Will your method of loading a binary into your final hardware differ? Do you need to write a bootloader? All these questions need to have answers to tackle an embedded project, we will be showing a variety of methods to solve these common questions. When reverse engineering a device, you need to figure out how it was put together. You need to get into the designer's head and figure out what methods were used to create the device. As you begin to answer these questions you can slowly unravel the device's secrets. We will show some techniques for reverse engineering embedded electronics and firmware and present a plethora of resources to start you off on your own journeys into this field.
-
12:22
»
SecDocs
Authors:
Lisa Thalheim Tags:
vulnerability Event:
Chaos Communication Camp 2007 Abstract: This lecture wants to make the audience a bit more familiar with a species of bugs that is not yet as boring and overfished as your vanilla buffer overflow: concurrency issues. Bring your debugger and some rubber gloves, because when investigating these beasts, you will need them. Concurrency of operation can be found in most larger software systems; think multi-threading, think UNIX signals, think asynchronous I/O operations, to give just a few hints. However, since concurrency always adds complexity in non-obvious ways, there are all kinds of things that it can make go wrong. Usually, this boils down to the violation of assumptions the system's developers have made - and violated assumptions have always been a hacker's best friend. After a brief introduction to what concurrency issues actually are, this presentation will show how to approach finding and exploiting these issues in software systems and highlight some of the challenges the nosy hacker faces in doing so. The presented material will be supported by examples from real-world software.
-
12:22
»
SecDocs
Authors:
Lisa Thalheim Tags:
vulnerability Event:
Chaos Communication Camp 2007 Abstract: This lecture wants to make the audience a bit more familiar with a species of bugs that is not yet as boring and overfished as your vanilla buffer overflow: concurrency issues. Bring your debugger and some rubber gloves, because when investigating these beasts, you will need them. Concurrency of operation can be found in most larger software systems; think multi-threading, think UNIX signals, think asynchronous I/O operations, to give just a few hints. However, since concurrency always adds complexity in non-obvious ways, there are all kinds of things that it can make go wrong. Usually, this boils down to the violation of assumptions the system's developers have made - and violated assumptions have always been a hacker's best friend. After a brief introduction to what concurrency issues actually are, this presentation will show how to approach finding and exploiting these issues in software systems and highlight some of the challenges the nosy hacker faces in doing so. The presented material will be supported by examples from real-world software.
-
-
21:49
»
SecDocs
Authors:
Sergio Alvarez Tags:
antivirus Event:
Chaos Communication Camp 2007 Abstract: Nowadays Antivirus Software are the larger defense deployed in corporations and final user desktops (mail servers, file servers, http and ftp internet gateways, workstations, etc) and their engines are reused in the IPSs that the same vendors develop. This talk will be about the findings and lessons learned while targeting the antivirus software that most of companies and users use. The talk will focus mainly in the type of bugs found (stack based buffer overflows, heap overflows, integer issues, uninitialized variables, traversals, etc) and the techniques used to find them.
-
21:49
»
SecDocs
Authors:
Sergio Alvarez Tags:
antivirus Event:
Chaos Communication Camp 2007 Abstract: Nowadays Antivirus Software are the larger defense deployed in corporations and final user desktops (mail servers, file servers, http and ftp internet gateways, workstations, etc) and their engines are reused in the IPSs that the same vendors develop. This talk will be about the findings and lessons learned while targeting the antivirus software that most of companies and users use. The talk will focus mainly in the type of bugs found (stack based buffer overflows, heap overflows, integer issues, uninitialized variables, traversals, etc) and the techniques used to find them.
-
-
12:07
»
SecDocs
Authors:
Erwin Erkinger Tags:
software development Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: The challenge of designing reliable is managed different in every industry. This lecture will give an overview how safety critical and reliable software is designed and produced in the area of aerospace industry and why this could also be interesting for other applications (like web-design) "The greatest of faults, I should say, is to be conscious of none. " - Thomas Carlyle It is the humans most valuable gift to be unprescise – as many new things would not be discovered otherwise. But for reliable (software) development this evolutionary gift turns to be a big challenge as the final product shall not contain any faults. This lecture is about preventing development faults on the example of the aerospace and automotive industry. Part one of this lecture is a basic introduction why reliability is an issue at all. It is obvious that a failure in the primary flight control will seriously endanger the live of people. But buried under functionality of a e.g. Web-application the criticality of these application cannot easily recognized. Often these application are not directly live threatening, but the loss of the income source also endangers lives (at least the quality). Part two will introduce the DO-178B standard with which the aerospace industry tries to handle the reliability challenge. The basic idea of this quality standard is very simple: “SW shall contain only functionality it has to”. To achieve this postulate the DO-178B specifies a series of processes and documents (which can be seen as artefacts of these processes). Of course some examples will illustrate this part. The last part will summarize the lecture and gives some ideas on the (re-)usage of the described methods for “classic” (non-safety critical) application.
-
12:07
»
SecDocs
Authors:
Erwin Erkinger Tags:
software development Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: The challenge of designing reliable is managed different in every industry. This lecture will give an overview how safety critical and reliable software is designed and produced in the area of aerospace industry and why this could also be interesting for other applications (like web-design) "The greatest of faults, I should say, is to be conscious of none. " - Thomas Carlyle It is the humans most valuable gift to be unprescise – as many new things would not be discovered otherwise. But for reliable (software) development this evolutionary gift turns to be a big challenge as the final product shall not contain any faults. This lecture is about preventing development faults on the example of the aerospace and automotive industry. Part one of this lecture is a basic introduction why reliability is an issue at all. It is obvious that a failure in the primary flight control will seriously endanger the live of people. But buried under functionality of a e.g. Web-application the criticality of these application cannot easily recognized. Often these application are not directly live threatening, but the loss of the income source also endangers lives (at least the quality). Part two will introduce the DO-178B standard with which the aerospace industry tries to handle the reliability challenge. The basic idea of this quality standard is very simple: “SW shall contain only functionality it has to”. To achieve this postulate the DO-178B specifies a series of processes and documents (which can be seen as artefacts of these processes). Of course some examples will illustrate this part. The last part will summarize the lecture and gives some ideas on the (re-)usage of the described methods for “classic” (non-safety critical) application.
-
12:07
»
SecDocs
Authors:
Erwin Erkinger Tags:
software development Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: The challenge of designing reliable is managed different in every industry. This lecture will give an overview how safety critical and reliable software is designed and produced in the area of aerospace industry and why this could also be interesting for other applications (like web-design) "The greatest of faults, I should say, is to be conscious of none. " - Thomas Carlyle It is the humans most valuable gift to be unprescise – as many new things would not be discovered otherwise. But for reliable (software) development this evolutionary gift turns to be a big challenge as the final product shall not contain any faults. This lecture is about preventing development faults on the example of the aerospace and automotive industry. Part one of this lecture is a basic introduction why reliability is an issue at all. It is obvious that a failure in the primary flight control will seriously endanger the live of people. But buried under functionality of a e.g. Web-application the criticality of these application cannot easily recognized. Often these application are not directly live threatening, but the loss of the income source also endangers lives (at least the quality). Part two will introduce the DO-178B standard with which the aerospace industry tries to handle the reliability challenge. The basic idea of this quality standard is very simple: “SW shall contain only functionality it has to”. To achieve this postulate the DO-178B specifies a series of processes and documents (which can be seen as artefacts of these processes). Of course some examples will illustrate this part. The last part will summarize the lecture and gives some ideas on the (re-)usage of the described methods for “classic” (non-safety critical) application.
-
11:08
»
Hack a Day
Since his nerves were wracked by presenting his project to an absurdly large crowd at this year’s SIGGRAPH, [James] is finally ready to share his method of mixing fluids via optical tomography with a much larger audience: the readership of Hackaday. [James]‘ project focuses on the problem of modeling mixing liquids from a multi-camera setup. The [...]
-
-
6:01
»
Hack a Day
In case the Realtek RTL2832u-based USB TV tuner dongle isn’t useful enough, the folks behind a project to get a software defined GPS receiver off the ground successfully plotted GPS data in real-time with this very inexpensive radio. Previously, we’ve seen these dongles grab data from GPS satellites - useful if you’re building a GPS-based clock – [...]
-
-
17:00
»
SecuriTeam
Cisco IOS XR Software is prone to a denial-of-service vulnerability.
-
-
21:43
»
SecDocs
Authors:
Amit Singh Tags:
DRM Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Ever since Apple announced the x86 version of Mac OS X, people have been obsessed with running the operating system on non-Apple hardware. The media has given this topic more than its fair share of coverage, with nary a week going by without some discussion of the tussle between Apple and system attackers attempting to "crack" Mac OS X. Regardless of the periodic outcomes of such tussles (including the so-called hacker victories), widespread myths continue about what happens inside Mac OS X with respect to such protection. Moreover, the presence of trusted platform modules (TPMs) in newer Apple computer models only makes the situation more interesting--trusted hardware is perhaps one of the most untrusted (and misunderstood) entities on earth. In this talk, we will unravel some TPM mysteries and look at the architecture of Mac OS X relevant to software protection.
-
-
21:43
»
SecDocs
Authors:
Amit Singh Tags:
DRM Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Ever since Apple announced the x86 version of Mac OS X, people have been obsessed with running the operating system on non-Apple hardware. The media has given this topic more than its fair share of coverage, with nary a week going by without some discussion of the tussle between Apple and system attackers attempting to "crack" Mac OS X. Regardless of the periodic outcomes of such tussles (including the so-called hacker victories), widespread myths continue about what happens inside Mac OS X with respect to such protection. Moreover, the presence of trusted platform modules (TPMs) in newer Apple computer models only makes the situation more interesting--trusted hardware is perhaps one of the most untrusted (and misunderstood) entities on earth. In this talk, we will unravel some TPM mysteries and look at the architecture of Mac OS X relevant to software protection.
-
-
4:01
»
Hack a Day
Did you know it’s possible to write Javascript code without using any letters or numbers at all? Well, it’s not just Javascript, but that’s the language used in this demonstration. [Patricio Palladino] shows how code can be written using just eight characters, and all of them are punctuation marks. Typecasting is the name of the [...]
-
-
14:58
»
SecDocs
Authors:
Felix von Leitner Tags:
cryptography SSL Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Assembly language skills are a bonus, but not strictly required. This lecture will explain how software like OpenSSL and GnuPG do their arithmetic on 1024 bit numbers. This is not about how RSA works, or about how AES works. This is just about how to add and multiply big numbers. I will explain the algorithms, show some code, and give some timings. Everyone knows that RSA keys are typically 1024 bits and up, but computers only operate on 32-bit or 64-bit quantities at a time. How does software like OpenSSL or GnuPG then do arithmetic on those long numbers? This talk will show how it's done.
-
14:56
»
SecDocs
Authors:
Felix von Leitner Tags:
cryptography SSL Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Assembly language skills are a bonus, but not strictly required. This lecture will explain how software like OpenSSL and GnuPG do their arithmetic on 1024 bit numbers. This is not about how RSA works, or about how AES works. This is just about how to add and multiply big numbers. I will explain the algorithms, show some code, and give some timings. Everyone knows that RSA keys are typically 1024 bits and up, but computers only operate on 32-bit or 64-bit quantities at a time. How does software like OpenSSL or GnuPG then do arithmetic on those long numbers? This talk will show how it's done.
-
14:55
»
SecDocs
Authors:
Andreas Krennmair Tags:
network secure development Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: This talk describes a software system to securely execute predefined commands over an untrusted network, analyzes the potential attack vectors against this system and defines countermeasures to make it impossible for an attacker to use these attack vectors. This talk describes a software system to securely execute predefined commands over an untrusted network, using an authentication method and a measure of transport layer security. This software system - called "trapdoor2" - is used as an example to describe a number of ''state of the art'' programming techniques as countermeasures against potential attacks. Techniques that will be described and shown in detail in the presentation will be privilege separation, strict enforcement of the ''principle of least privileges'', preventing attacks against the used SSL/TLS implementation and defeating Denial of Service attacks by employing a simple yet efficient connection limiting algorithm.
-
14:53
»
SecDocs
Authors:
Andreas Krennmair Tags:
network secure development Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: This talk describes a software system to securely execute predefined commands over an untrusted network, analyzes the potential attack vectors against this system and defines countermeasures to make it impossible for an attacker to use these attack vectors. This talk describes a software system to securely execute predefined commands over an untrusted network, using an authentication method and a measure of transport layer security. This software system - called "trapdoor2" - is used as an example to describe a number of ''state of the art'' programming techniques as countermeasures against potential attacks. Techniques that will be described and shown in detail in the presentation will be privilege separation, strict enforcement of the ''principle of least privileges'', preventing attacks against the used SSL/TLS implementation and defeating Denial of Service attacks by employing a simple yet efficient connection limiting algorithm.
-
14:52
»
SecDocs
Authors:
Andreas Krennmair Tags:
network secure development Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: This talk describes a software system to securely execute predefined commands over an untrusted network, analyzes the potential attack vectors against this system and defines countermeasures to make it impossible for an attacker to use these attack vectors. This talk describes a software system to securely execute predefined commands over an untrusted network, using an authentication method and a measure of transport layer security. This software system - called "trapdoor2" - is used as an example to describe a number of ''state of the art'' programming techniques as countermeasures against potential attacks. Techniques that will be described and shown in detail in the presentation will be privilege separation, strict enforcement of the ''principle of least privileges'', preventing attacks against the used SSL/TLS implementation and defeating Denial of Service attacks by employing a simple yet efficient connection limiting algorithm.
-
-
11:51
»
SecDocs
Authors:
Atul Chitnis Tags:
technology Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: This talk is about the growth of Free Software in India. It includes an overview of how Free Software has spread not only within the industry but also with in the Government and Education. Includes examples of Indian innovation based on Free Software, including the Simputer. Atul Chitnis has promoted Free and Open Source Software (FOSS) and driven community initiatives in India since the mid 1990s. In this talk, he presents an overview of these activities, from pushing a million Linux CDs into the country via the PCQuest Linux Initiative, engaging the community with industry and government through participation in large scale events, to the founding of Asia's best known and most successful FOSS event series (FOSS.IN, formerly known as "Linux Bangalore"). He also presents samples of his current work, which includes the opening of technologies associated with the Simputer, whose future he now guides as part of his work at Geodesic Information Systems. His talk will include demonstrations of the technologies involved. Finally, he will explain some of the "social hacks" he has resorted to over the years to force the FOSS community, the Indian government and the industry to get talking to each other, and will summarize the direction and future of FOSS not only India but in Asia.
-
11:45
»
SecDocs
Authors:
Atul Chitnis Tags:
technology Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: This talk is about the growth of Free Software in India. It includes an overview of how Free Software has spread not only within the industry but also with in the Government and Education. Includes examples of Indian innovation based on Free Software, including the Simputer. Atul Chitnis has promoted Free and Open Source Software (FOSS) and driven community initiatives in India since the mid 1990s. In this talk, he presents an overview of these activities, from pushing a million Linux CDs into the country via the PCQuest Linux Initiative, engaging the community with industry and government through participation in large scale events, to the founding of Asia's best known and most successful FOSS event series (FOSS.IN, formerly known as "Linux Bangalore"). He also presents samples of his current work, which includes the opening of technologies associated with the Simputer, whose future he now guides as part of his work at Geodesic Information Systems. His talk will include demonstrations of the technologies involved. Finally, he will explain some of the "social hacks" he has resorted to over the years to force the FOSS community, the Indian government and the industry to get talking to each other, and will summarize the direction and future of FOSS not only India but in Asia.
-
11:45
»
SecDocs
Authors:
Atul Chitnis Tags:
technology Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: This talk is about the growth of Free Software in India. It includes an overview of how Free Software has spread not only within the industry but also with in the Government and Education. Includes examples of Indian innovation based on Free Software, including the Simputer. Atul Chitnis has promoted Free and Open Source Software (FOSS) and driven community initiatives in India since the mid 1990s. In this talk, he presents an overview of these activities, from pushing a million Linux CDs into the country via the PCQuest Linux Initiative, engaging the community with industry and government through participation in large scale events, to the founding of Asia's best known and most successful FOSS event series (FOSS.IN, formerly known as "Linux Bangalore"). He also presents samples of his current work, which includes the opening of technologies associated with the Simputer, whose future he now guides as part of his work at Geodesic Information Systems. His talk will include demonstrations of the technologies involved. Finally, he will explain some of the "social hacks" he has resorted to over the years to force the FOSS community, the Indian government and the industry to get talking to each other, and will summarize the direction and future of FOSS not only India but in Asia.
-
-
10:01
»
Hack a Day
There are plenty of drawbot projects out there, many of which come with their own special software in tow. While some of these packages are easier to use than others, [Dan Royer] is pretty sure he can do it better. Looking for a fun and engaging way to teach STEM subjects in schools across the [...]
-
-
12:46
»
SecDocs
Authors:
Corinna Habets Tags:
technology Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Prepare to be brainwashed! This talk wants you to switch from the developer's perspective to that of an average user to design better UIs. Let's face it, there's a lot of 'hard to use'-software out there. Worse, we're among those who program it. If we now consider that for average users the UI practically _is_ the application (i.e. as much as we may wish to, they don't care whether it's programmed well, only if they can use it) this is a catastrophe. Instead of empowering users, software often leaves them frustrated. This talk wants nothing less than to change your view on software and the way you develop it. The talk will introduce 'user-centered' design and show you how to: Know the user - Know the task - Act accordingly! Disclaimer: This presentation is neither about whether qt or fltk is better, nor about the fancying-up of GUIs.
-
12:33
»
SecDocs
Authors:
Corinna Habets Tags:
technology Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Prepare to be brainwashed! This talk wants you to switch from the developer's perspective to that of an average user to design better UIs. Let's face it, there's a lot of 'hard to use'-software out there. Worse, we're among those who program it. If we now consider that for average users the UI practically _is_ the application (i.e. as much as we may wish to, they don't care whether it's programmed well, only if they can use it) this is a catastrophe. Instead of empowering users, software often leaves them frustrated. This talk wants nothing less than to change your view on software and the way you develop it. The talk will introduce 'user-centered' design and show you how to: Know the user - Know the task - Act accordingly! Disclaimer: This presentation is neither about whether qt or fltk is better, nor about the fancying-up of GUIs.
-
12:33
»
SecDocs
Authors:
Corinna Habets Tags:
technology Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Prepare to be brainwashed! This talk wants you to switch from the developer's perspective to that of an average user to design better UIs. Let's face it, there's a lot of 'hard to use'-software out there. Worse, we're among those who program it. If we now consider that for average users the UI practically _is_ the application (i.e. as much as we may wish to, they don't care whether it's programmed well, only if they can use it) this is a catastrophe. Instead of empowering users, software often leaves them frustrated. This talk wants nothing less than to change your view on software and the way you develop it. The talk will introduce 'user-centered' design and show you how to: Know the user - Know the task - Act accordingly! Disclaimer: This presentation is neither about whether qt or fltk is better, nor about the fancying-up of GUIs.
-
12:32
»
SecDocs
Authors:
Corinna Habets Tags:
technology Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Prepare to be brainwashed! This talk wants you to switch from the developer's perspective to that of an average user to design better UIs. Let's face it, there's a lot of 'hard to use'-software out there. Worse, we're among those who program it. If we now consider that for average users the UI practically _is_ the application (i.e. as much as we may wish to, they don't care whether it's programmed well, only if they can use it) this is a catastrophe. Instead of empowering users, software often leaves them frustrated. This talk wants nothing less than to change your view on software and the way you develop it. The talk will introduce 'user-centered' design and show you how to: Know the user - Know the task - Act accordingly! Disclaimer: This presentation is neither about whether qt or fltk is better, nor about the fancying-up of GUIs.
-
-
6:01
»
Hack a Day
[Dave] noted that in a recent poll of FPGA developers, emacs was far and away the most popular VHDL and Verilog editor. There are a few reasons for this – namely, emacs comes with packages for editing your HDL of choice. For those of us not wanting to install (and learn) the emacs operating system, [...]
-
-
13:07
»
Hack a Day
It’s no secret that learning how to program is very hard, and teaching it doubly so, requiring the student to wrap their head around very unorthodox concepts. [Ubi de Feo] over at the Amsterdam tech collective Hello, Savants! has a unique solution for taking someone who knows nothing of programming and turning them into a computer aficionado capable of deftly [...]
-
5:01
»
Hack a Day
This piece of software called OmNomNom works with OpenSCAD to turn 2D images into 3D models. It’s literally a drag-and-drop process that renders almost instantly. Here the example is a QR code, which is perfect for the software since it’s a well-defined black and white outline in the source image. But the video after the [...]
-
-
21:34
»
SecDocs
Authors:
Olivier Cleynen Tags:
DRM Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Free or "Open-Source" software, and in particular Linux, is doing extremely well technically. However, it fails to secure a significant portion of the protected, lucrative software market, especially for end-users. Can Free Software finally make a full entry into our society? The main obstacles to overcoming the domination of proprietary software, most of them non-technical, require thinking outside of code-writing. "Overtaking Proprietary Software Without Writing Code" will relate experience gained from the activities of the GNU/Linux Matters non-profit, and provide some hands-on advice for community members, taking a handful of relevant examples. Pre-requisites are: A good understanding of the notion of Free/"open-source" Software and some of the main themes that surround it, such as DRM. There is no particular technical knowledge required.
-
21:34
»
SecDocs
Authors:
Olivier Cleynen Tags:
DRM Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Free or "Open-Source" software, and in particular Linux, is doing extremely well technically. However, it fails to secure a significant portion of the protected, lucrative software market, especially for end-users. Can Free Software finally make a full entry into our society? The main obstacles to overcoming the domination of proprietary software, most of them non-technical, require thinking outside of code-writing. "Overtaking Proprietary Software Without Writing Code" will relate experience gained from the activities of the GNU/Linux Matters non-profit, and provide some hands-on advice for community members, taking a handful of relevant examples. Pre-requisites are: A good understanding of the notion of Free/"open-source" Software and some of the main themes that surround it, such as DRM. There is no particular technical knowledge required.
-
21:34
»
SecDocs
Authors:
Olivier Cleynen Tags:
DRM Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Free or "Open-Source" software, and in particular Linux, is doing extremely well technically. However, it fails to secure a significant portion of the protected, lucrative software market, especially for end-users. Can Free Software finally make a full entry into our society? The main obstacles to overcoming the domination of proprietary software, most of them non-technical, require thinking outside of code-writing. "Overtaking Proprietary Software Without Writing Code" will relate experience gained from the activities of the GNU/Linux Matters non-profit, and provide some hands-on advice for community members, taking a handful of relevant examples. Pre-requisites are: A good understanding of the notion of Free/"open-source" Software and some of the main themes that surround it, such as DRM. There is no particular technical knowledge required.
-
21:34
»
SecDocs
Authors:
Olivier Cleynen Tags:
DRM Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Free or "Open-Source" software, and in particular Linux, is doing extremely well technically. However, it fails to secure a significant portion of the protected, lucrative software market, especially for end-users. Can Free Software finally make a full entry into our society? The main obstacles to overcoming the domination of proprietary software, most of them non-technical, require thinking outside of code-writing. "Overtaking Proprietary Software Without Writing Code" will relate experience gained from the activities of the GNU/Linux Matters non-profit, and provide some hands-on advice for community members, taking a handful of relevant examples. Pre-requisites are: A good understanding of the notion of Free/"open-source" Software and some of the main themes that surround it, such as DRM. There is no particular technical knowledge required.
-
12:02
»
Hack a Day
Have you ever wondered what a Tumblr written by a psychotic robot would look like? Wonder no more, because [Lars] has that all figured out. A few years ago, [Lars] stumbled across lowbrow.com (now defunct, but mirrored here), an online confessional and bathroom wall meant to host people’s most private thoughts and actions anonymously. [Lars] wrote [...]
-
-
11:00
»
Hack a Day
[Gustaf] has been playing around with machine vision for a while and sent in his latest project in on our tip line. It’s a video based car radar system that can detect cars in a camera’s field of vision while cruising down the highway. Like [Gustaf]‘s previous experiments with machine vision where he got a computer to [...]
-
5:00
»
Hack a Day
[Notch], the guy behind Minecraft, is currently working on a new game called 0x10c. This game includes an in-game 16-bit computer called the DCPU that hearkens back to the 1980s microcomputers with really weird hardware architecture. [Benedek] thought it would be a great idea to turn his ThinkPad into a DCPU, so he wrote a bootable x86 [...]
-
-
18:11
»
Hack a Day
[regveg] was looking for a way to receive signals outside the normal 64-1700MHz range his TV tuner software defined radio dongle can get. After finding a few $100+ upconverters on the Internet, he stumbled across a DIY project that greatly expands the frequencies his RTLSDR can receive. [George]‘s upconverter uses heterodyning to increase the frequencies received by a [...]
-
-
21:56
»
SecDocs
Tags:
privacy Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: A presentation of a few successful campaigns in France lead by libre software activists for defending freedom in a digital world: bringing awareness of the politicians about the dangers of the EUCD transposition and DRM, and their economical, social and political impact and influencing the candidates at a presidential election to talk about Libre Software, software patents, DRM, etc. How did we do that? What have we learned? Maybe for political action too, sharing is a way of just doing it better.
-
21:56
»
SecDocs
Tags:
privacy Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: A presentation of a few successful campaigns in France lead by libre software activists for defending freedom in a digital world: bringing awareness of the politicians about the dangers of the EUCD transposition and DRM, and their economical, social and political impact and influencing the candidates at a presidential election to talk about Libre Software, software patents, DRM, etc. How did we do that? What have we learned? Maybe for political action too, sharing is a way of just doing it better.
-
12:01
»
Hack a Day
In the last few months, software defined radio has seen an explosion in popularity thanks to a small USB TV tuner dongle able to receive anything broadcast between 64 and 1700 MHz. It’s a very neat project that opens the door to a whole bunch of radio experimentations, but getting started in the SDR world can [...]
-
12:01
»
Hack a Day
In the last few months, software defined radio has seen an explosion in popularity thanks to a small USB TV tuner dongle able to receive anything broadcast between 64 and 1700 MHz. It’s a very neat project that opens the door to a whole bunch of radio experimentations, but getting started in the SDR world can [...]
-
-
6:01
»
Hack a Day
It seem [Balint] is becoming somewhat of a SDR guru around these parts; in the past few months, he’s gotten a USB TV tuner receiver working with GNU Radio, started a software defined radio tutorial YouTube channel, and even used this project to listen in on conversations between airplanes and air traffic control. This time, [...]
-
-
7:01
»
Hack a Day
Sometimes when you’re working on a problem, a solution is thrown right at your face. We found ourselves in this exact situation a few days ago while putting together Hackaday’s new retro edition; a way to select a random Hackaday article was needed and [Alexander van Teijlingen] of codepanel.net just handed us the solution. To grab [...]
-
10:01
»
Hack a Day
[Christina] has been working on a project she calls Magenta to put Darwin/BSD on top of Linux. What does that mean? Well, hopefully it’s the first step towards running iPhone/iPad apps on a Linux machine. Before you get too excited, there are a few caveats; Magenta only works on ARMv7 platforms, none of the fancy iOS [...]
-
-
14:59
»
SecDocs
Authors:
Greg Newby Tags:
management Event:
Chaos Communication Camp 2011 Abstract: What motivates people to create and freely distribute their works? This presentation will draw on personal experience, research literature, and existing communities of those who build and give away. Open source software, hardware, community building. The presenter will draw upon over 20 years experience with Project Gutenberg, as well as numerous other activities in which the focus is on building (things, software, communities, infrastructure) and giving them away (free and open source software, free literature, and physical artifacts). What motivates individuals to spend thousands of hours -- often in detriment to time spent with family, work, or other endeavors -- on activity which is primarily devoted to the well being of other people? Often, other people who are not personally known. Is there overlap in motivations for online communities versus volunteerism at the local level? Can such behaviors be learned? What motivates people to create and freely distribute their works? This presentation will draw on personal experience, research literature, and existing communities of those who build and give away. Open source software, hardware, community building. Characterizations of different types of motivations, levels and types of involvement, and outcomes will be made. Anomalies will be identified between individual values and targeted community outcomes, along with their sometimes disastrous impact on community identity-building or planning. Different leadership styles, and their impacts on emerging communities of contributors, will be compared. The presentation will draw some conclusions about how it might be possible to foster altruism in such communities, and to encourage increased interests in their outcomes. The audience will be asked to contribute their own experiences, especially advice about what works and what doesn't work to foster new member involvement. What are impediments to personal time investment, to sharing common goals, and to taking leadership roles? What lifecycles, governance structures, and other characteristics of successful projects (both large and small scale) can we learn from? We have seen hugely beneficial projects of all types where communities sprung up to support the building of things, software and ideas; we also have many examples of projects which did not seem to achieve their goals. How might future builders learn from these past experiences?
-
14:37
»
SecDocs
Authors:
Greg Newby Tags:
management Event:
Chaos Communication Camp 2011 Abstract: What motivates people to create and freely distribute their works? This presentation will draw on personal experience, research literature, and existing communities of those who build and give away. Open source software, hardware, community building. The presenter will draw upon over 20 years experience with Project Gutenberg, as well as numerous other activities in which the focus is on building (things, software, communities, infrastructure) and giving them away (free and open source software, free literature, and physical artifacts). What motivates individuals to spend thousands of hours -- often in detriment to time spent with family, work, or other endeavors -- on activity which is primarily devoted to the well being of other people? Often, other people who are not personally known. Is there overlap in motivations for online communities versus volunteerism at the local level? Can such behaviors be learned? What motivates people to create and freely distribute their works? This presentation will draw on personal experience, research literature, and existing communities of those who build and give away. Open source software, hardware, community building. Characterizations of different types of motivations, levels and types of involvement, and outcomes will be made. Anomalies will be identified between individual values and targeted community outcomes, along with their sometimes disastrous impact on community identity-building or planning. Different leadership styles, and their impacts on emerging communities of contributors, will be compared. The presentation will draw some conclusions about how it might be possible to foster altruism in such communities, and to encourage increased interests in their outcomes. The audience will be asked to contribute their own experiences, especially advice about what works and what doesn't work to foster new member involvement. What are impediments to personal time investment, to sharing common goals, and to taking leadership roles? What lifecycles, governance structures, and other characteristics of successful projects (both large and small scale) can we learn from? We have seen hugely beneficial projects of all types where communities sprung up to support the building of things, software and ideas; we also have many examples of projects which did not seem to achieve their goals. How might future builders learn from these past experiences?
-
-
13:36
»
SecDocs
Authors:
Marius Ciepluch Tags:
radio Event:
Chaos Communication Camp 2011 Abstract: Software Defined Radio defines a new approach to analyze signals with software. With the flexibility of software SDR literally opened a new spectrum of hacking. However the internals of Digital Signal Processing, especially from the perspective of informatics and computer science, are hard to explore. The lecture delivers a case-study on how to analyze 802.15.4 (alias Zigbee, as an easy protocol) with USRPs (modular popular hardware for SDR) on a real-time protocol (for send time verification, sniffing etc.). Furthermore internals on DSP will be explained - as simple as possible. The intent is to also give a non-academic start point and to seed motivation to explore more advanced projects (like osmocom*). So practically the lecture explains what a Software Spectrum Analyzer or a Software Oscilloscope does: from a Hacker's perspective. It gives insight into a USRP(2) internals and goes into programming C++ and Python with GNU Radio. All demo-analysis will remain within the ISM band. - No GSM/Tetra will be captured. It's about the SDR technology and its use-cases - for a clear and constructive adaption by the Hacker's community to assist interesting making projects (of home-automation devices using 802.15.4 e.g.). In many media articles - especially from last Chaos Congress - a misunderstanding can arise to reduce SDR to (GSM) attack scenarios while this is not the only/general use-case. The lecture however clearly aims to assist any intended understanding how the osmocom* implementations work - for example.
-
-
8:01
»
Hack a Day
Impressed by the recent advances in the software defined radio scene, [Jason] picked up a $20 USB TV tuner dongle to check out his local airwaves. Unfortunately, the antenna included with the little USB dongle is terrible at receiving any signal other than broadcast TV. [Jason] wanted to improve his reception, so he got some [...]
-
-
12:01
»
Hack a Day
A few months ago [Antti Palosaari] discovered cheap USB TV tuners could be used as a software-defined radio. Since then, we’ve seen these TV tuners receive signals from GPS satellites and even the signals between air traffic control and passenger aircraft. Like everything cool, Mac support for these drivers is slightly terrible so [hpux735] wrote his own [...]
-
-
21:50
»
SecDocs
Authors:
Adam Obeng Tags:
Tor privacy Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: The Internet began as state-sponsored anarchy, but it is now the tool of first resort for dissidents and propagandists alike. The poster-child project of the Free Software Movement runs on the authority of a single person; the rest clash over the very definition of the word 'free'. A company which pictured itself as smashing Big Brother is now seen as one of the perceived secretive and authoritarian in the industry; and for another, 'Don't Be Evil' is proving to be a challenging motto to live by. This talk aims to present a view of the societies of Internet from the perspective of political philosophy. Political philosophy is not politics, in the same way that computer science is not programming. It's not the politics about the Internet, but the politics *of* the Internet. Even so, events at any particular place or time just provide examples to be studied. Political philosophy is meta-politics, it's about the trends in politics and the theories we use to understand them. Real-world political systems have striking parallels in the evolution of the Internet: there was primitive anarchy before Eternal September, the era of walled gardens resembled that of Ancient Greek city-states, which were succeeded by more-or-less liberal regimes following the geographical territories of real-world governments. Because of its rapid evolution, mass participation, and highly complex human interaction, the Internet should be subjected to the sorts of questions that political philosophers ask. On the Internet, what is freedom? Do we have obligations to those in control? To each other? What rights do we have? What can we own? Once we know the way it is, we can ask how it should be...
-
-
21:36
»
SecDocs
Authors:
Harald Welte Steve Markgraf Tags:
GSM phone Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: In recent years, we have seen several Free Software projects implementing the network side of the GSM protocol. In 2010, OsmocomBB was started to create a free software implementation of the telephone-side. The OsmocomBB project is a Free Software implementation of the GSM protocol stack running on a mobile phone. For decades, the cellular industry comprised by cellphone chipset makers and network operators keep their hardware and system-level software as well as GSM protocol stack implementations closed. As a result, it was never possible to send arbitrary data at the lower levels of the GSM protocol stack. Existing phones only allow application-level data to be specified, such as SMS messages, IP over GPRS or circuit-switched data (CSD). Using OsmocomBB, the security researcher finally has a tool equivalent to an Ethernet card in the TCP/IP protocol world: A simple transceiver that will send arbitrary protocol messages to a GSM network.
-
-
5:01
»
Hack a Day
As a web developer and designer, [Victor] has a habit of putting a very nice ASCII signature in an HTML comment at the top of every web page he designs. He was inspired by seeing others do this, and this piqued his curiosity to see who else was doing this. His idea was to scan [...]
-
-
5:01
»
Hack a Day
An old book – the smell, the texture of the slowly rotting paper, and the smudges and margin notes accrued over decades – is one of the finer points in life taken for granted much too often. We’re bombarded with high precision vector typefaces all day, but [Dan]‘s Avería font is beautiful in its irregularity. [Dan] [...]
-
-
21:33
»
SecDocs
Authors:
Felix Gröbert Tags:
cryptography Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: In this talk I demonstrate our research and the implementation of methods to detect cryptographic algorithms and their parameters in software. Based on our observations on cryptographic code, I will point out several inherent characteristics to design signature-based and generic identification methods. Using dynamic binary instrumentation, we record instructions of a program during runtime and create a fine-grained trace. We implement a trace analysis tool, which also provides methods to reconstruct high-level information from a trace, for example control flow graphs or loops, to detect cryptographic algorithms and their parameters. With the results of this work, encrypted data, sent by a malicious program for example, may be decrypted and used by an analyst to gain further insight on the behavior of the analyzed binary executable. Applications include de-DRM'ing, security auditing, and malware C&C analysis. After the talk we will demonstrate the functionality with a ransomware which uses cryptographic primitives and release the implementation to the public.
-
21:33
»
SecDocs
Authors:
Felix Gröbert Tags:
cryptography Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: In this talk I demonstrate our research and the implementation of methods to detect cryptographic algorithms and their parameters in software. Based on our observations on cryptographic code, I will point out several inherent characteristics to design signature-based and generic identification methods. Using dynamic binary instrumentation, we record instructions of a program during runtime and create a fine-grained trace. We implement a trace analysis tool, which also provides methods to reconstruct high-level information from a trace, for example control flow graphs or loops, to detect cryptographic algorithms and their parameters. With the results of this work, encrypted data, sent by a malicious program for example, may be decrypted and used by an analyst to gain further insight on the behavior of the analyzed binary executable. Applications include de-DRM'ing, security auditing, and malware C&C analysis. After the talk we will demonstrate the functionality with a ransomware which uses cryptographic primitives and release the implementation to the public.
-
21:33
»
SecDocs
Authors:
Felix Gröbert Tags:
cryptography Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: In this talk I demonstrate our research and the implementation of methods to detect cryptographic algorithms and their parameters in software. Based on our observations on cryptographic code, I will point out several inherent characteristics to design signature-based and generic identification methods. Using dynamic binary instrumentation, we record instructions of a program during runtime and create a fine-grained trace. We implement a trace analysis tool, which also provides methods to reconstruct high-level information from a trace, for example control flow graphs or loops, to detect cryptographic algorithms and their parameters. With the results of this work, encrypted data, sent by a malicious program for example, may be decrypted and used by an analyst to gain further insight on the behavior of the analyzed binary executable. Applications include de-DRM'ing, security auditing, and malware C&C analysis. After the talk we will demonstrate the functionality with a ransomware which uses cryptographic primitives and release the implementation to the public.
-
-
13:01
»
Hack a Day
[notch], the mastermind behind Minecraft, is working on a new game. It’s called 0x10c (pronounced ‘trillek’, we think) and promises to teach an entire new generation the joys of assembly programming on a 1980s-era computer. The setup for the game is nerdy/awesome enough to make [Douglas Adams] blush; a ‘deep sleep core’ was invented in 1988 [...]
-
-
13:05
»
Hack a Day
Most of us have been faced with the anguish of being shot in the head repeatedly by 12-year-olds. There are also the times when we’re overjoyed by defeating the Mother Brain and making it out of the caverns of Zebes. If we wanted to scientifically quantify how happy, sad, or angry we are while playing video [...]
