What Accessibility Has to do with Security
Accessibility of digital content is a hugely misunderstood issue. Programmers and content developers tend to view it as a distraction or a special interest concern. Accessibility advocates fail to describe […]
Hash-Flooding DOS Reloaded
At 28C3, Klink and Waelde showed that a number of technologies (PHP, ASP.NET, Ruby, Java, Python, etc.) were vulnerable to the decade-old hash-flooding DoS attacks. The vulnerability was then often […]
Rambling Walk Through an EMV Transaction
With Visa and Mastercard pushing for EMV (http://www.emvco.com, aka “chip and pin”) rollout in the United States, the uptake of contactless payment and the use of mobile NFC wallets, the […]
Writing a Thumbdrive from Scratch
Prototyping Active Disk Antiforensics This action-packed lecture presents the inner workings of the author’s from-scratch implementation of a USB Mass Storage disk in user-land Python, along with some embarrassing bugs […]
How I Met Your Pointer
Hijacking Client Software for Fuzz and Profit An approach to the problem of fuzzing proprietary protocols will be shown, focusing on network protocols and native software. In the course of […]
Romantic Hackers
Keats, Wordsworth and Total Surveillance In 1791, the political reformer Jeremy Bentham theorized the Panopticon, whose design promised to allow a single Inspector to surveil (exercise “inspective force” over) large […]
Lessons Learned on Electronic Napkins
On the Way to Free(ing) Education Massive open online courses are the vogue of the season when it comes to discussing the future of university-level education. But we’re only starting […]
Russia’s Surveillance State
Privacy International, Agentura.Ru, the Russian secret services watchdog, and Citizen Lab have joined forces to launch a new project entitled ‘Russia’s Surveillance State’. The aims of the project are to […]
Long Live the Protocoletariat!
We’re winning! The future looks like network politics! Wait, what the hell are network politics and how do they work? Is that like the Pirate Party, or the IETF, or […]
Let Me Answer That For You
Adventures in Mobile Paging In the last years, mobile security and specifically GSM has been attacked in many different ways. It was demonstrated how to sniff and crack traffic, how […]
