Blog-o-Mix
Face - detect,track,recognize,extract features,learn emotions,character animation.
AthCon3 2012 - Overview
AthCon3 (2012) was a pleasant surprise - Kris and Kyp and their crew did a great job putting it all together so nicely!
It was a very technical, 1-track 2-day conference in Athens, or better said in a very nice green&quiet country club right outside of Athens.
I have been surprised also by the following facts:
- the audience was mostly young professionals
- the number of attendees was pretty impressive for a hacker/security scene which is not much advertising itself
- the audience definitely featured a pool of both raw and polished talent which could be a gold mine for headhunters
#hitb2012ams - Overview
What can be more fun and crazier than Amsterdam? That’s right - HTIB2012 in Amsterdam 
!
It is over now and I would like to take this opportunity to thank the reviewers and the organizers for providing the chance to meet them and meet other cool presenters and the extraordinary audience!
Special thanks to Dhillon, @fish_, Yuri, Amy - you guys&gals rock!
Harvesting and Collecting Voice Conference Bridges, Passwords, Pins, Access, Codes
Harvesting and Collecting Voice Conference Bridges, Passwords, Pins, Access, Codes
Sadly, BlackHat 2012 US and DefCon20 refused this short/fast/lightning talk.
Here are the slides for “Harvesting and Collecting Voice Conference Bridges, Passwords, Pins, Access, Codes”.
Here is the CFP submission:
Code:
---------------------------------- | |
Detailed Outline | |
---------------------------------- | |
| |
In this talk, I will try to present: | |
- what are voice bridges (though, I bet everyone used voice conferencing at least once in their lifetime) | |
- various pieces and techniques of the voice bridges harvesting and processing puzzle | |
- what are the possible tools and how to make use of various tools at hand | |
- various ideas on how to (partially) automate all of this for a fast, semi-automated and distributed intelligence gathering | |
| |
I will try to summarize with a few hints which can perhaps make life more secure | |
| |
---------------------------------- | |
Abstract | |
---------------------------------- | |
| |
Voice conferencing is a core platform making enterprises more efficient and driving them forward. | |
Voice conferencing is usually outsource to 3rd party providers and can be implemented/managed in-house. | |
| |
No matter how it's being implemented, the security of the data exchanged over the conference lines represents a concern for the enterprises. This is why security PINs are being used. | |
| |
However, the importance of these security details (like conference ID and conference PIN) is not very well understood and this is one can find these kind of details floating around - on the web, in details of shared/open calendars of Exchange/AD, etc. |
Enjoy!
Securely yours,
Andrei
Electronic part of "how condoms are made" - NaN is not encouraging at all
Electronic part of “how condoms are made” - NaN is not encouraging at all
Youtube is great at suggesting sometimes meaningless or totally unrelated (definitely these are random psy experiments or sneaky product placements 
)) ). Nevertheless, the following one was fun and entertaining, especially from a hacking perspective.
It’s called “How BILLY BOY condoms are made". The part which amused me most is this:
- in condoms, one especially would appreciate their certainty characteristic, i.e. it should be certain with a high degree of confidence that it will not fail
- production line computer and electronic testing system however, produces very uncertain-looking results, as shown in the screenshot - NaN or non-a-number is not a very encouraging result or measurement…
- even if the computer was turned on just for the marketing TV shooting, this kind of sloppy mistakes make you wonder about the entire quality of the production software and chain
- happy “safe NaN sex”
- perhaps a new brand “Billy Boy NaN - special for geeks” would be an option
Have a pleasant learning experience here - “How BILLY BOY condoms are made":
[XRX12-005] ... and how it relates to ACSA-2011-03, ACSA-2012-01, ACSA-2012-13
UPDATE: You can subscribe to postscript-sec@andreicostin.com for notifications and tools & PoC releases.
Small updates on the Xerox security front.
Few days back Xerox issued its Security Bulletin XRX12-005 and the P49 security patch.
zveriu_biz 
686769 
Ads
Blog-o-Mix
Mixing all blogs into a single access point.
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|---|---|---|---|---|---|
| << < | > >> | |||||
| 1 | ||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 | ||||||
Friends
Categories
Blog-o-Mix
Life through my eyes...
- Cyprus notes (13)
- Language (2)
- English (19)
- Multi-Lingual (9)
- Romanian (18)
- Russian (4)
- News (15)
- Sports (0)
- Basketball (0)
- Cycling (0)
- Jobbing (0)
- Litrbol (1)
- Paintball (1)
- Thoughts (42)
- Travel (7)
Cognitive and Scientific Brainology
- ACSA (10)
- AskAmit (12)
- Conference (35)
- DailySpammer (11)
- Fun (8)
- In real life (8)
- On the web (22)
- GSM (2)
- Hardware (12)
- RFID (1)
- Security (6)
- Software (28)
Addicted to the links? This is your place!
- Audio (16)
- Fun (50)
- General (10)
- Genres (0)
- Cartoon (2)
- MusicVideo (2)
- TV Shows (4)
- Hardware (0)
- Language (2)
- Software (1)
- Video (13)
- GoogleVideo (1)
- RuTube (1)
- YouTube (41)
Polyglotism
Archives
- October 2012 (1)
- September 2012 (2)
- August 2012 (1)
- July 2012 (2)
- June 2012 (27)
- May 2012 (3)
- April 2012 (1)
- March 2012 (6)
- February 2012 (2)
- January 2012 (3)
- November 2011 (4)
- September 2011 (3)
- More...
Misc
XML Feeds
What is RSS?
