BU
подозреваю в долине такие же движения
*сдержался, чтобы не начать флуд*
Size: a a a
2020 May 15
Б
*сдержался, чтобы не начать флуд*
так пятница
ЗБ
так пятница
So what ? Офтоп и флуд не приветствется
BU
Можно перейти в @fl2600 и поболтать там про мамкин биохакинг, микродозы и прочие утехи сколковцев
BU
Ребят, все всех любят, просто группа про железо, а не биохакинг) Зафод вообще няшка, только у него социоабстиненция
N
Ребят, все всех любят, просто группа про железо, а не биохакинг) Зафод вообще няшка, только у него социоабстиненция
Ну вот я тоже не пойму как это связали
2020 May 16
ЗБ
Riscure Fault Injection Crash Course
Track 1: The introduction. Delivers the essential information about hardware security. We talk about Side Channel Analysis and Fault Injection from business point of view. Everything you need to know to assess the threat of hardware attacks and apply to your development. Presented by Bartek Gedrojc, Senior Director at Riscure.
https://www.riscure.com/riscure-fault-injection-crash-course-track-one/
Track 2: Riscure Solutions. Although we provide a general overview Riscure solutions in Track 1, this set of four presentations provides an in-depth look at Riscure Inspector and Riscure Tools in general. After evaluating the problem, these presentations talk about the solution. Presented by Erwin in't Veld, Product Manager and head of development at Riscure.
https://www.riscure.com/riscure-fault-injection-crash-course-track-two/
Track 3: Security Research. In this track we analyze the threat of hardware attacks in general and Fault Injection in particular, from a research perspective. Useful to further assess the threat of hardware flaws. If you are more interested in the research perspective, this is the track for you. Presented by Marc Witteman, CEO at Riscure, and Rafael Boix Carpi, principal security researcher.
https://www.riscure.com/riscure-fault-injection-crash-course-track-three/
Track 1: The introduction. Delivers the essential information about hardware security. We talk about Side Channel Analysis and Fault Injection from business point of view. Everything you need to know to assess the threat of hardware attacks and apply to your development. Presented by Bartek Gedrojc, Senior Director at Riscure.
https://www.riscure.com/riscure-fault-injection-crash-course-track-one/
Track 2: Riscure Solutions. Although we provide a general overview Riscure solutions in Track 1, this set of four presentations provides an in-depth look at Riscure Inspector and Riscure Tools in general. After evaluating the problem, these presentations talk about the solution. Presented by Erwin in't Veld, Product Manager and head of development at Riscure.
https://www.riscure.com/riscure-fault-injection-crash-course-track-two/
Track 3: Security Research. In this track we analyze the threat of hardware attacks in general and Fault Injection in particular, from a research perspective. Useful to further assess the threat of hardware flaws. If you are more interested in the research perspective, this is the track for you. Presented by Marc Witteman, CEO at Riscure, and Rafael Boix Carpi, principal security researcher.
https://www.riscure.com/riscure-fault-injection-crash-course-track-three/
AW
Рафа - крутой мужик, советую послушать
ЗБ
BIAS: Bluetooth Impersonation AttackS
Bluetooth (BR/EDR) is a pervasive technology for wireless communication used by billions of devices. The Bluetooth standard includes a legacy authentication procedure and a secure authentication procedure, allowing devices to authenticate to each other using a long term key. Those procedures are used during pairing and secure connection establishment to prevent impersonation attacks. In this paper, we show that the Bluetooth specification contains vulnerabilities enabling to perform impersonation attacks during secure connection establishment. Such vulnerabilities include the lack of mandatory mutual authentication, overly permissive role switching, and an authentication procedure downgrade. We describe each vulnerability in detail, and we exploit them to design, implement, and evaluate master and slave impersonation attacks on both the legacy authentication procedure and the secure authentication procedure. We refer to our attacks as Bluetooth Impersonation AttackS (BIAS).
Our attacks are standard compliant, and are therefore effective against any standard compliant Bluetooth device regardless the Bluetooth version, the security mode (e.g., Secure Connections), the device manufacturer, and the implementation details. Our attacks are stealthy because the Bluetooth standard does not require to notify end users about the outcome of an authentication procedure, or the lack of mutual authentication. To confirm that the BIAS attacks are practical, we successfully conduct them against 31 Bluetooth devices (28 unique Bluetooth chips) from major hardware and software vendors, implementing all the major Bluetooth versions, including Apple, Qualcomm, Intel, Cypress, Broadcom, Samsung, and CSR.
https://www.youtube.com/watch?v=fASGU7Og5_4
https://francozappa.github.io/about-bias/publication/antonioli-20-bias/antonioli-20-bias.pdf
Bluetooth (BR/EDR) is a pervasive technology for wireless communication used by billions of devices. The Bluetooth standard includes a legacy authentication procedure and a secure authentication procedure, allowing devices to authenticate to each other using a long term key. Those procedures are used during pairing and secure connection establishment to prevent impersonation attacks. In this paper, we show that the Bluetooth specification contains vulnerabilities enabling to perform impersonation attacks during secure connection establishment. Such vulnerabilities include the lack of mandatory mutual authentication, overly permissive role switching, and an authentication procedure downgrade. We describe each vulnerability in detail, and we exploit them to design, implement, and evaluate master and slave impersonation attacks on both the legacy authentication procedure and the secure authentication procedure. We refer to our attacks as Bluetooth Impersonation AttackS (BIAS).
Our attacks are standard compliant, and are therefore effective against any standard compliant Bluetooth device regardless the Bluetooth version, the security mode (e.g., Secure Connections), the device manufacturer, and the implementation details. Our attacks are stealthy because the Bluetooth standard does not require to notify end users about the outcome of an authentication procedure, or the lack of mutual authentication. To confirm that the BIAS attacks are practical, we successfully conduct them against 31 Bluetooth devices (28 unique Bluetooth chips) from major hardware and software vendors, implementing all the major Bluetooth versions, including Apple, Qualcomm, Intel, Cypress, Broadcom, Samsung, and CSR.
https://www.youtube.com/watch?v=fASGU7Og5_4
https://francozappa.github.io/about-bias/publication/antonioli-20-bias/antonioli-20-bias.pdf
ЗБ
Ыы как раз программу смотрел, жаль открытых стримов нет :(
AW
Ыы как раз программу смотрел, жаль открытых стримов нет :(
