«
Expand/Collapse
28 items tagged "canada"
Related tags:
vulnerability note [+],
qualikom [+],
inc [+],
canada inc [+],
call for papers [+],
chaos communication congress [+],
papers [+],
montreal [+],
hacks [+],
call [+],
war [+],
united states [+],
sql injection [+],
russia [+],
north america [+],
greenland [+],
earth [+],
denmark [+],
control [+],
cms [+],
arctic [+],
vancouver bc canada [+],
vancouver [+],
toronto [+],
rec [+],
quebec [+],
pst [+],
privacy security [+],
privacy [+],
montreal quebec canada [+],
montreal canada [+],
conference [+],
cansecwest [+],
canada march [+],
winnipeg canada [+],
winnipeg [+],
vending machine [+],
usa [+],
two spaces [+],
transportation [+],
tool [+],
tim vidas [+],
target canada [+],
target [+],
summit [+],
steven j. murdoch tags [+],
stereoscope [+],
sony ericsson [+],
sony [+],
smart card payments [+],
skullspace [+],
site [+],
signs [+],
signal [+],
sign [+],
refuse [+],
random book [+],
plastic banknotes [+],
plastic [+],
pin [+],
pedal [+],
nova scotia canada [+],
nova scotia [+],
moves [+],
moncton nb canada [+],
moncton [+],
misc [+],
mech eng [+],
matt [+],
malware [+],
machine [+],
mac [+],
lot [+],
launches [+],
jammed [+],
james [+],
internet treaty [+],
internet [+],
hydrofoil [+],
hub city [+],
home [+],
hackerspace [+],
hackers [+],
hackaday [+],
garage door opener [+],
garage [+],
fraud [+],
europe [+],
etching [+],
ericsson [+],
emv [+],
drive shaft [+],
door [+],
dalai lama visit [+],
copper clad board [+],
copper [+],
cold winters [+],
city [+],
chip [+],
chaos computer club [+],
chaos [+],
card [+],
canada tibet committee [+],
canada site [+],
buying a book [+],
book [+],
blinkm [+],
blinkenlights [+],
bilbio mat [+],
badness [+],
assentworks [+],
arduino [+],
Wireless [+],
Hackerspaces [+]
-
-
14:01
»
Hack a Day
You’ll find this used book vending machine at The Monkey’s Paw in Toronto, Canada. For two Loonies you can buy a random book from the machine’s hopper. Silly? Absolutely. But as you can see from the video after the break, the act of buying a book this way is a lot of fun, and we [...]
-
-
12:01
»
Hack a Day
The signs on the front door might be a little small, but the space which AssentWorks and Skullspace inhabit is anything but. [Matt] takes us on a tour of the Winnipeg, Canada makerspace and hackerspace. The two spaces occupy one floor of the building but are partitioned for different purposes. AssentWorks, which is called a [...]
-
-
4:30
»
Hack a Day
Etching your own PCBs from copper clad board is nothing new, but the ability to make your own circuit boards at home is so useful it should be part of every maker’s repertoire of skills. The folks over at Hub City Labs in Moncton, NB, Canada put together a workshop covering the basics of home PCB manufacturing, [...]
-
-
13:36
»
SecDocs
Tags:
social Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Russia, Canada, the United States and Denmark are each pushing for more control and access to the resources of the Arctic. In the balance hangs the future of an entire ecosystem and our planet. In August of 2007, a Russian submarine planted a flag under water claiming more territory on the sea bed of the arctic for Russia. Back home they were welcomed as heros, like cosmonauts returning from the moon. In the boardrooms of the state owned oil company, executives were already salivating about the alleged oil and gas reserves that lay untapped below their chunk of the arctic. Meanwhile in North America, similar salivating is taking place, as both Canada and the United States send military and civilian ships to claim their piece of the alleged pie. In between there's Greenland, administered by the Danes, who also realize there's money to made and national pride at stake. But what about the people of the earth? The communities, the ecosystem, both in the arctic and throughout the globe... What will happen to them if the Arctic meltrush goes into full throttle? This talk is about the new cold war, where nations and corporations carve up one of the most important regions on earth and fight amongst themselves for control.. for money.. for power. And as the melt-rush goes forward, citizens of the world are left in the dark about just what plans their governments have and what is at stake for every living thing on earth.
-
13:34
»
SecDocs
Tags:
social Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Russia, Canada, the United States and Denmark are each pushing for more control and access to the resources of the Arctic. In the balance hangs the future of an entire ecosystem and our planet. In August of 2007, a Russian submarine planted a flag under water claiming more territory on the sea bed of the arctic for Russia. Back home they were welcomed as heros, like cosmonauts returning from the moon. In the boardrooms of the state owned oil company, executives were already salivating about the alleged oil and gas reserves that lay untapped below their chunk of the arctic. Meanwhile in North America, similar salivating is taking place, as both Canada and the United States send military and civilian ships to claim their piece of the alleged pie. In between there's Greenland, administered by the Danes, who also realize there's money to made and national pride at stake. But what about the people of the earth? The communities, the ecosystem, both in the arctic and throughout the globe... What will happen to them if the Arctic meltrush goes into full throttle? This talk is about the new cold war, where nations and corporations carve up one of the most important regions on earth and fight amongst themselves for control.. for money.. for power. And as the melt-rush goes forward, citizens of the world are left in the dark about just what plans their governments have and what is at stake for every living thing on earth.
-
13:33
»
SecDocs
Tags:
social Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Russia, Canada, the United States and Denmark are each pushing for more control and access to the resources of the Arctic. In the balance hangs the future of an entire ecosystem and our planet. In August of 2007, a Russian submarine planted a flag under water claiming more territory on the sea bed of the arctic for Russia. Back home they were welcomed as heros, like cosmonauts returning from the moon. In the boardrooms of the state owned oil company, executives were already salivating about the alleged oil and gas reserves that lay untapped below their chunk of the arctic. Meanwhile in North America, similar salivating is taking place, as both Canada and the United States send military and civilian ships to claim their piece of the alleged pie. In between there's Greenland, administered by the Danes, who also realize there's money to made and national pride at stake. But what about the people of the earth? The communities, the ecosystem, both in the arctic and throughout the globe... What will happen to them if the Arctic meltrush goes into full throttle? This talk is about the new cold war, where nations and corporations carve up one of the most important regions on earth and fight amongst themselves for control.. for money.. for power. And as the melt-rush goes forward, citizens of the world are left in the dark about just what plans their governments have and what is at stake for every living thing on earth.
-
-
21:36
»
SecDocs
Authors:
Tim Vidas Tags:
engineering fun Event:
Chaos Communication Congress 25th (25C3) 2008 Abstract: Blinkenlights Stereoscope is the new light installation of Project Blinkenlights, a group that originated form the Chaos Computer Club in 2001. Stereoscope targeted the City Hall in Toronto, Canada and was the biggest and most interactive installation of the group so far. The talk provides insight into how it worked and what technology had been developed to make it all happen.
-
-
21:40
»
SecDocs
Authors:
Steven J. Murdoch Tags:
bank smart card Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: EMV is the dominant protocol used for smart card payments worldwide, with over 730 million cards in circulation. Known to bank customers as “Chip and PIN”, it is used in Europe; it is being introduced in Canada; and there is pressure from banks to introduce it in the USA too. EMV secures credit and debit card transactions by authenticating both the card and the customer presenting it through a combination of cryptographic authentication codes, digital signatures, and the entry of a PIN. In this paper we describe and demonstrate a protocol flaw which allows criminals to use a genuine card to make a payment without knowing the card’s PIN, and to remain undetected even when the merchant has an online connection to the banking network. The fraudster performs a man-in-the-middle attack to trick the terminal into believing the PIN verified correctly, while telling the issuing bank that no PIN was entered at all. The paper considers how the flaws arose, why they remained unknown despite EMV’s wide deployment for the best part of a decade, and how they might be fixed. Because we have found and validated a practical attack against the core functionality of EMV, we conclude that the protocol is broken. This failure is significant in the field of protocol design, and also has important public policy implications, in light of growing reports of fraud on stolen EMV cards. Frequently, banks deny such fraud victims a refund, asserting that a card cannot be used without the correct PIN, and concluding that the customer must be grossly negligent or lying. Our attack can explain a number of these cases, and exposes the need for further research to bridge the gap between the theoretical and practical security of bank payment systems. Smart cards have gradually replaced magnetic strip cards for point-of-sale and ATM transactions in many countries. The leading system, EMV (named after Europay, MasterCard, and Visa), has been deployed throughout most of Europe, and is currently being rolled out in Canada. As of early 2008, there were over 730 million EMV compliant smart cards in circulation worldwide. In EMV, customers authorize a credit or debit card transaction by inserting their card and entering a PIN into a point-of-sale terminal; the PIN is typically verified by the smart card chip, which is in turn authenticated to the terminal by a digital certificate. The transaction details are also authenticated by a cryptographic message authentication code (MAC), using a symmetric key shared between the payment card and the bank that issued the card to the customer (the issuer). EMV was heavily promoted under the “Chip and PIN” brand during its national rollout in the UK. The technology was advertised as a solution to increasing card fraud: a chip to prevent card counterfeiting, and a PIN to prevent abuse of stolen cards. Since its introduction in the UK the fraud landscape has changed significantly: lost and stolen card fraud is down, and counterfeit card fraud experienced a two year lull. But no type of fraud has been eliminated, and the overall fraud levels have actually risen (see Figure 1). The likely explanation for this is that EMV has simply moved fraud, not eliminated it. One goal of EMV was to externalise the costs of dispute from the issuing bank, in that if a disputed transaction has been authorised by a manuscript signature, it would be charged to the merchant, while if it had been authorised by a PIN then it would be charged to the customer. The net effect is that the banking industry, which was responsible for the design of the system, carries less liability for the fraud. The industry describes this as a ‘liability shift’. In the past few years, the UK media have reported numerous cases where cardholders’ complaints have been rejected by their bank and by government-approved mediators such as the Financial Ombudsman Service, using stock excuses such as ‘Your card was CHIP read and a PIN was used so you must have been negligent.’ Interestingly, an increasing number of complaints from believable witnesses indicate that their EMV cards were fraudulently used shortly after being stolen, despite there having been no possibility that the thief could have learned the PIN. In this paper, we describe a potential explanation. We have demonstrated how criminals can use stolen “Chip and PIN” (EMV) smart cards without knowing the PIN. Since “verified by PIN” – the essence of the system – does not work, we declare the Chip and PIN system to be broken.
-
-
5:01
»
Hack a Day
After reading a bicycle-powered hydrofoil build we posted a few days ago, [James] sent in the project that earned him an iron ring from Dalhousie University in Nova Scotia, Canada. It’s a pedal-powered hydrofoil made of carbon fiber and a Titanium drive shaft [James] and five other students in a mech eng senior design class [...]
-
-
7:04
»
Hack a Day
Calling Canada home, Hackaday reader [TheRafMan] has seen his share of bitterly cold winters. He also knows all too well how hard it is to get his cars started in the morning if somebody happens to leave the garage open. After the door was left open overnight for the second time this last winter, he [...]
-
-
4:22
»
Packet Storm Security Recent Files
The PST2011 International Conference on Privacy, Security and Trust (PST) is being held in Montreal, Quebec, Canada, July 19-21, 2011. PST2011 is the ninth such annual conference focusing on PST technologies. PST2011 provides a forum for researchers world-wide to unveil their latest work in privacy, security and trust and to show how this research can be used to enable innovation. This is the Call For Papers.
-
4:22
»
Packet Storm Security Misc. Files
The PST2011 International Conference on Privacy, Security and Trust (PST) is being held in Montreal, Quebec, Canada, July 19-21, 2011. PST2011 is the ninth such annual conference focusing on PST technologies. PST2011 provides a forum for researchers world-wide to unveil their latest work in privacy, security and trust and to show how this research can be used to enable innovation. This is the Call For Papers.
0day.today (was: 1337day, Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Wirevolution