In the blockchain, contracts may be lost but are never forgotten. Over 1,500,000 Ethereum smart contracts have been created on the blockchain but under 7,000 unique contracts have value today. An even smaller fraction of those have source code to analyze. Old contracts have been purged from the world computer's working memory but they can be reconstructed and analyzed. When a contract's purpose is fulfilled, the owner typically triggers a self-destruct switch that removes code and state. These steps are similar to what an attacker would do after hijacking a contract. Is it likely the self-destruct was intentional or performed by a trusted third party? Or was it a hack or fraud? By investigating the transactions leading up to the termination of a binary-only contract, we can determine if there was an attack. After identifying an attacker, we can find patterns that lead to a possible motive by carefully examining their other transactions.
This presentation will introduce Ethereum smart contracts, explain how to reverse engineer binary-only contracts, describe common classes of vulnerabilities, and then show how to investigate attacks on contracts by demonstrating new tools that re-process blockchain ledger data, recreate contracts with state, and analyze suspect transactions using traces and heuristics.
Bitcoin protocol for developerBitcoin Protocol for DevelopersParadigma Digital
Introducción de Alberto Gómez al protocolo de Bitcoin y al lenguaje Bitcoin Scripting, el cual permite desarrollar características y comportamiento sobre el dinero y las transferencias de valor.
Everybody nowadays talks about the blockchain and how it could empower a new and incredible range of applications. But what it's stored inside a block and what is suitable for?
What is worth to store in and what is better to store outside?
In this webinar, we will take a look at Bitcoin and Ethereum blockchains, and read some blocks and transactions using a mix open-source libraries and web-based explorers.
Discover more at http://blog.zigolab.it
Session ID: SFO17-309
Session Name: Secure storage updates - SFO17-309
Speaker: Jens Wiklander - Jerome Forissier
Track: Security
★ Session Summary ★
The last release of OP-TEE includes big updates to secure storage. Integrity protection is improved and the entire secure storage space is saved as one snapshot on each update.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/sfo17/sfo17-309/
Presentation:
Video:
---------------------------------------------------
★ Event Details ★
Linaro Connect San Francisco 2017 (SFO17)
25-29 September 2017
Hyatt Regency San Francisco Airport
---------------------------------------------------
Keyword:
http://www.linaro.org
http://connect.linaro.org
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://twitter.com/linaroorg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
Simon Stratton from Safebear hosted a workshop on building a blockchain using hyper ledger. If you are interested in programming or building a simple block chain this presentation is for you.
HKG18-402 - Build secure key management services in OP-TEELinaro
Session ID: HKG18-402
Session Name: HKG18-402 - Build secure key management services in OP-TEE
Speaker: Etienne Carriere
Track: Security
★ Session Summary ★
The session presents an initiative to build secure key management services in the OP-TEE project. Based on OP-TEE services (persistent storage, cryptography, time, etc) one could build a trusted application of store and use secure keys. An open source implementation for generic key services could be of interest. However there are many client APIs defined in the ecosystem which is a matter of concern for standardization of such services. The session will open a discussion on this and presents the current choice of the PKCS#11 Cryptoki. There can be lot of key attributes and cryptographic schemes to be supported. The session will present the current plans (starting from AES flavors) and what is currently missing in the OP-TEE (as certificate support, bootloader support). This session aims at getting feedback from the community on this topic, discuss about expected services and client APIs.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-402/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-402.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-402.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Security
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
Bitcoin protocol for developerBitcoin Protocol for DevelopersParadigma Digital
Introducción de Alberto Gómez al protocolo de Bitcoin y al lenguaje Bitcoin Scripting, el cual permite desarrollar características y comportamiento sobre el dinero y las transferencias de valor.
Everybody nowadays talks about the blockchain and how it could empower a new and incredible range of applications. But what it's stored inside a block and what is suitable for?
What is worth to store in and what is better to store outside?
In this webinar, we will take a look at Bitcoin and Ethereum blockchains, and read some blocks and transactions using a mix open-source libraries and web-based explorers.
Discover more at http://blog.zigolab.it
Session ID: SFO17-309
Session Name: Secure storage updates - SFO17-309
Speaker: Jens Wiklander - Jerome Forissier
Track: Security
★ Session Summary ★
The last release of OP-TEE includes big updates to secure storage. Integrity protection is improved and the entire secure storage space is saved as one snapshot on each update.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/sfo17/sfo17-309/
Presentation:
Video:
---------------------------------------------------
★ Event Details ★
Linaro Connect San Francisco 2017 (SFO17)
25-29 September 2017
Hyatt Regency San Francisco Airport
---------------------------------------------------
Keyword:
http://www.linaro.org
http://connect.linaro.org
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://twitter.com/linaroorg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
Simon Stratton from Safebear hosted a workshop on building a blockchain using hyper ledger. If you are interested in programming or building a simple block chain this presentation is for you.
HKG18-402 - Build secure key management services in OP-TEELinaro
Session ID: HKG18-402
Session Name: HKG18-402 - Build secure key management services in OP-TEE
Speaker: Etienne Carriere
Track: Security
★ Session Summary ★
The session presents an initiative to build secure key management services in the OP-TEE project. Based on OP-TEE services (persistent storage, cryptography, time, etc) one could build a trusted application of store and use secure keys. An open source implementation for generic key services could be of interest. However there are many client APIs defined in the ecosystem which is a matter of concern for standardization of such services. The session will open a discussion on this and presents the current choice of the PKCS#11 Cryptoki. There can be lot of key attributes and cryptographic schemes to be supported. The session will present the current plans (starting from AES flavors) and what is currently missing in the OP-TEE (as certificate support, bootloader support). This session aims at getting feedback from the community on this topic, discuss about expected services and client APIs.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-402/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-402.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-402.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Security
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
EclipseCon Europe 2017 - Taming complex chip designs with beautiful diagramsTitouan Vervack
Presentation about the journey towards creating generated graphical views and a Graphics Configuration DSL. Tells the story from digital design by hand, up to graphical editors, textual editors and graphically assisted textual editors.
EclipseCon France 2017 - Xtending Our Vhdl Xtext Formatter With The Formatter...Titouan Vervack
Presentation about the journey towards creating a new formatter with Xtext's new formatter2 API. Highlights the migration plan, problems, and our experience with the new API.
Session ID: SFO17-TR02
Session Name: Upstreaming 101
- SFO17-TR02
Speaker: Daniel Lezcano
Track:
★ Session Summary ★
Introduction to the mechanics and norms of upstreaming
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/sfo17/sfo17-tr02/
Presentation:
Video:
---------------------------------------------------
★ Event Details ★
Linaro Connect San Francisco 2017 (SFO17)
25-29 September 2017
Hyatt Regency San Francisco Airport
---------------------------------------------------
Keyword:
http://www.linaro.org
http://connect.linaro.org
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://twitter.com/linaroorg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
A database trigger is a stored procedure that is executed when specific actions occur within a database. Triggers fit perfectly on a relational schema (foreign keys) and are implemented as a built-in functionality on popular relational database like MySQL.
MongoDB does not have any support for triggers, mainly due to the lack of support for foreign keys. Even if it usually considered an antipattern, there are use cases in MongoDB that benefit from a partially-relational schema. The lack of triggers is an obstacle for a partially-relational schema but there can be workarounds for simulating trigger behavior.
This presentation will guide you through different ways to implement triggers in MongoDB. We will cover the topics streams, tailable cursors, and hooks. We will demonstrate coding examples for each topic and we will explain pros and cons of each implementation.
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)Svetlin Nakov
Cryptography for Java Developers
Hashes, MAC, Key Derivation, Encrypting Passwords, Symmetric Ciphers & AES, Digital Signatures & ECDSA
About the Speaker
What is Cryptography?
Cryptography in Java – APIs and Libraries
Hashes, MAC Codes and Key Derivation (KDF)
Encrypting Passwords: from Plaintext to Argon2
Symmetric Encryption: AES (KDF + Block Modes + IV + MAC)
Digital Signatures, Elliptic Curves, ECDSA, EdDSA
Live demos and code examples: https://github.com/nakov/Java-Cryptography-Examples
Video (in Bulgarian language): https://youtu.be/ZG3BLXWVwJM
Blog: https://nakov.com/blog/2019/01/26/cryptography-for-java-developers-nakov-at-jprofessionals-jan-2019/
Best practices to build secure smart contractsGautam Anand
- Quick update in blockchain tech space
- Comparision between tech
- Security in Blockchain (Focusing on ETH Solidity attack vectors)
- Design patterns
- 2 Popular hacks (Case study)
Ryan Stortz & Sophia D'Antoine - “EVM2VEC: Bug Discovery in Smart Contracts”Hacken_Ecosystem
Sophia D'Antoine and Ryan Stortz on the topic “EVM2VEC: Bug Discovery in Smart Contracts”
HackIT is an annual cybersecurity conference that gathers the best technical researchers and top players in the cybersecurity industry to explore cutting-edge technologies together. In 2018, HackIT focused on the use of blockchain technology.
Join our community:
Website - https://hacken.live/hackit-slideshare
Twitter - https://hacken.live/twitter_hackit
Facebook - https://hacken.live/facebook_hackit
Instagram - https://hacken.live/instagram_hackit
Reddit - https://hacken.live/reddit
Telegram community - https://hacken.live/tg-hackit
Ethereum is an open software platform based on blockchain technology that enables developers to
build and deploy decentralized applications.
Ethereum is a distributed public blockchain network.
While the Bitcoin blockchain is used to track ownership of digital currency (bitcoins), the Ethereum
blockchain focuses on running the programming code of any decentralized application.
Ether is a cryptocurrency whose blockchain is generated by the Ethereum platform. Ether can be
transferred between accounts and used to compensate participant mining nodes for computations
performed.
ArcBlock Technical Learning Series introduces Smart Contracts.
During this technical learning session, ArcBlock Engineers take a deep drive into Smart Contracts and introduce critical concepts and functionality to make smart contracts work.
https://www.arcblock.io
During this training, ArcBlock also looks key processes and best practices for developers on how to create, maintain and work with Smart Contracts. Finally, ArcBlock looks at its own use cases and provides several examples demonstrating the concepts and features shown during the training
Writing an Ostinato Protocol Builder [FOSDEM 2021]pstavirs
How to add more protocols to the Ostinato traffic generator.
While the Ostinato traffic generator can import, edit and replay packets from PCAP files, most users prefer to craft packets from scratch using the Ostinato GUI which has support for common protocols out of the box. To add more protocols quickly and easily, Ostinato has a Protocol Builder framework using which new protocols can be added.
In this talk, Ostinato creator Srivats P shows you how to add a new protocol using this framework.
Augusta is a blockchain technology company, focused on building innovative products using blockchain, AI, Blockchain Testing as a Service and smart contracts. The company designs and develops independent intellectual property blockchain powered enterprise solutions in auditing, supply chain, healthcare, gaming, human identity, financial, medical marijuana and other industries.
We have built/ building end-to-end blockchain solutions, including audit, healthcare, supply chain and restricted agricultural industries.
Blockchain, cryptography and tokens — NYC Bar presentationPaperchain
Concise version of presentation delivered at the NYC Bar Association.
Overview of blockchains, how cryptography works on blockchains and the difference between cryptocurrencies and tokens.
EclipseCon Europe 2017 - Taming complex chip designs with beautiful diagramsTitouan Vervack
Presentation about the journey towards creating generated graphical views and a Graphics Configuration DSL. Tells the story from digital design by hand, up to graphical editors, textual editors and graphically assisted textual editors.
EclipseCon France 2017 - Xtending Our Vhdl Xtext Formatter With The Formatter...Titouan Vervack
Presentation about the journey towards creating a new formatter with Xtext's new formatter2 API. Highlights the migration plan, problems, and our experience with the new API.
Session ID: SFO17-TR02
Session Name: Upstreaming 101
- SFO17-TR02
Speaker: Daniel Lezcano
Track:
★ Session Summary ★
Introduction to the mechanics and norms of upstreaming
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/sfo17/sfo17-tr02/
Presentation:
Video:
---------------------------------------------------
★ Event Details ★
Linaro Connect San Francisco 2017 (SFO17)
25-29 September 2017
Hyatt Regency San Francisco Airport
---------------------------------------------------
Keyword:
http://www.linaro.org
http://connect.linaro.org
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://twitter.com/linaroorg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
A database trigger is a stored procedure that is executed when specific actions occur within a database. Triggers fit perfectly on a relational schema (foreign keys) and are implemented as a built-in functionality on popular relational database like MySQL.
MongoDB does not have any support for triggers, mainly due to the lack of support for foreign keys. Even if it usually considered an antipattern, there are use cases in MongoDB that benefit from a partially-relational schema. The lack of triggers is an obstacle for a partially-relational schema but there can be workarounds for simulating trigger behavior.
This presentation will guide you through different ways to implement triggers in MongoDB. We will cover the topics streams, tailable cursors, and hooks. We will demonstrate coding examples for each topic and we will explain pros and cons of each implementation.
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)Svetlin Nakov
Cryptography for Java Developers
Hashes, MAC, Key Derivation, Encrypting Passwords, Symmetric Ciphers & AES, Digital Signatures & ECDSA
About the Speaker
What is Cryptography?
Cryptography in Java – APIs and Libraries
Hashes, MAC Codes and Key Derivation (KDF)
Encrypting Passwords: from Plaintext to Argon2
Symmetric Encryption: AES (KDF + Block Modes + IV + MAC)
Digital Signatures, Elliptic Curves, ECDSA, EdDSA
Live demos and code examples: https://github.com/nakov/Java-Cryptography-Examples
Video (in Bulgarian language): https://youtu.be/ZG3BLXWVwJM
Blog: https://nakov.com/blog/2019/01/26/cryptography-for-java-developers-nakov-at-jprofessionals-jan-2019/
Best practices to build secure smart contractsGautam Anand
- Quick update in blockchain tech space
- Comparision between tech
- Security in Blockchain (Focusing on ETH Solidity attack vectors)
- Design patterns
- 2 Popular hacks (Case study)
Ryan Stortz & Sophia D'Antoine - “EVM2VEC: Bug Discovery in Smart Contracts”Hacken_Ecosystem
Sophia D'Antoine and Ryan Stortz on the topic “EVM2VEC: Bug Discovery in Smart Contracts”
HackIT is an annual cybersecurity conference that gathers the best technical researchers and top players in the cybersecurity industry to explore cutting-edge technologies together. In 2018, HackIT focused on the use of blockchain technology.
Join our community:
Website - https://hacken.live/hackit-slideshare
Twitter - https://hacken.live/twitter_hackit
Facebook - https://hacken.live/facebook_hackit
Instagram - https://hacken.live/instagram_hackit
Reddit - https://hacken.live/reddit
Telegram community - https://hacken.live/tg-hackit
Ethereum is an open software platform based on blockchain technology that enables developers to
build and deploy decentralized applications.
Ethereum is a distributed public blockchain network.
While the Bitcoin blockchain is used to track ownership of digital currency (bitcoins), the Ethereum
blockchain focuses on running the programming code of any decentralized application.
Ether is a cryptocurrency whose blockchain is generated by the Ethereum platform. Ether can be
transferred between accounts and used to compensate participant mining nodes for computations
performed.
ArcBlock Technical Learning Series introduces Smart Contracts.
During this technical learning session, ArcBlock Engineers take a deep drive into Smart Contracts and introduce critical concepts and functionality to make smart contracts work.
https://www.arcblock.io
During this training, ArcBlock also looks key processes and best practices for developers on how to create, maintain and work with Smart Contracts. Finally, ArcBlock looks at its own use cases and provides several examples demonstrating the concepts and features shown during the training
Writing an Ostinato Protocol Builder [FOSDEM 2021]pstavirs
How to add more protocols to the Ostinato traffic generator.
While the Ostinato traffic generator can import, edit and replay packets from PCAP files, most users prefer to craft packets from scratch using the Ostinato GUI which has support for common protocols out of the box. To add more protocols quickly and easily, Ostinato has a Protocol Builder framework using which new protocols can be added.
In this talk, Ostinato creator Srivats P shows you how to add a new protocol using this framework.
Augusta is a blockchain technology company, focused on building innovative products using blockchain, AI, Blockchain Testing as a Service and smart contracts. The company designs and develops independent intellectual property blockchain powered enterprise solutions in auditing, supply chain, healthcare, gaming, human identity, financial, medical marijuana and other industries.
We have built/ building end-to-end blockchain solutions, including audit, healthcare, supply chain and restricted agricultural industries.
Blockchain, cryptography and tokens — NYC Bar presentationPaperchain
Concise version of presentation delivered at the NYC Bar Association.
Overview of blockchains, how cryptography works on blockchains and the difference between cryptocurrencies and tokens.
ADRecon BH USA 2018 : Arsenal and DEF CON 26 Demo Labs Presentationprashant3535
Demo of ADRecon presented on 08th and 12th August at BlackHat USA 2018 Arsenal and DEF CON 26 Demo Labs.
https://www.blackhat.com/us-18/arsenal/schedule/index.html#adrecon-active-directory-recon-11912
https://www.defcon.org/html/defcon-26/dc-26-demolabs.html
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
Key Discussion Pointers:
1. Introduction to Data Privacy
- What is data privacy
- Privacy laws around the globe
- DPDPA Journey
2. Understanding the New Indian DPDPA 2023
- Objectives
- Principles of DPDPA
- Applicability
- Rights & Duties of Individuals
- Principals
- Legal implications/penalties
3. A practical approach to DPDPA compliance
- Personal data Inventory
- DPIA
- Risk treatment
It covers popular IaaS/PaaS attack vectors, list them, and map to other relevant projects such as STRIDE & MITRE. Security professionals can better understand what are the common attack vectors that are utilized in attacks, examples for previous events, and where they should focus their controls and security efforts.
Discuss Security Incidents & Business Use Case, Understanding Web 3 Pros
and Web 3 Cons. Prevention mechanism and how to make sure that it doesn’t happen to you?
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Priyanka Aash
Round Table Discussion On "Emerging New Threats And Top CISO Priorities In 2022"_ Bangalore
Date - 28 September, 2022. Decision Makers of different organizations joined this discussion and spoke on New Threats & Top CISO Priorities
Cloud Security: Limitations of Cloud Security Groups and Flow LogsPriyanka Aash
Cloud Security Groups are the firewalls of the cloud. They are built-in and provide basic access control functionality as part of the shared responsibility model. However, Cloud Security Groups do not provide the same protection or functionality that enterprises have come to expect with on-premises deployments. In this talk we will discuss the top cloud risks in 2020, why perimeters are a concept of the past and how in the world of no perimitiers do Cloud Security groups, the "Cloud FIrewalls", fit it. We will practically explore Cloud Security Group limitations across different cloud setups from a single vNet to multi-cloud
Most organizations have good enterprise-level security policies that define their approach to maintaining, improving, and securing their information and information systems. However, once the policies are signed by senior leadership and distributed throughout the organization, significant cybersecurity governance challenges remain. In this workshop I will explain the transforming organizational security to strengthen defenses and integrate cybersecurity with the overall approach toward security governance, risk management and compliance.
The Internet is home to seemingly infinite amounts of confidential and personal information. As a result of this mass storage of information, the system needs to be constantly updated and enforced to prevent hackers from retrieving such valuable and sensitive data. This increasing number of cyber-attacks has led to an increasing importance of Ethical Hacking. So Ethical hackers' job is to scan vulnerabilities and to find potential threats on a computer or networks. An ethical hacker finds the weakness or loopholes in a computer, web applications or network and reports them to the organization. It requires a thorough knowledge of Networks, web servers, computer viruses, SQL (Structured Query Language), cryptography, penetration testing, Attacks etc. In this session, you will learn all about ethical hacking. You will understand the what ethical hacking, Cyber- attacks, Tools and some hands-on demos. This session will also guide you with the various ethical hacking certifications available today.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
3. Cybersecurityresearchcompany - High-end security research with a real-
world attacker mentality to reduce risk and fortify code.
Security AssessmentsSecurity EngineeringSecurity Research
• We offer security auditing for code
and systems requiring extreme
robustness and niche system
expertise
• We offer custom engineering for
every stage of software creation,
from initial planning to enhancing
the security of completed works
• As a leading cybersecurity
research provider to DARPA, the
Army and the Navy – we create
and release open source research
tools
TrailofBits
4. 2018.08.06
Agenda
● Introduction to Ethereum, EVM, and Solidity
● Vulnerabilities and Reversing Tools
● Ethereum Node Software
● Blockchain Contract Trace Analysis
● Analyze Contract Deaths
7. 2018.08.06
Ethereum
● A blockchain based distributed ledger
● A “world computer” with “smart” contracts
● The 2nd largest cryptocurrency by valuation
● Mainnet started July 30 2015
https://coinmarketcap.com/currencies/ethereum/
9. 2018.08.06
Accounts and Transactions and Blocks
!→"→#
!→"$→%
!→"$→%→"$→%
• Account: !
• Contract: %
• 1 Ether (ETH) = 1018 Wei
• 21000 Wei per TX
• Contracts can call other
contracts
&
10. 2018.08.06
EVM: Ethereum Virtual Machine
● Big Endian stack machine
● ~185 opcodes
● Native data width is 256 bits
● Many instructions are similar
● PUSH1 – PUSH32
● DUP1 – DUP16
● SWAP1 – SWAP16
● Instructions have various gas cost
● ethervm.io or https://github.com/trailofbits/evm-opcodes
11. 2018.08.06
ABI and Address Spaces
● EVM is a Harvard architecture
● There are ~5 address spaces
● Storage and memory are 256-
bit address space
● All execution enters at
PC=0x0
● Jump destinations labeled
with JUMPDEST
● Functions dispatched based
on first 4 bytes in TX input
Code EVM, implements contract logic
Stack Limited to 32 elements
Call Data Invocation arguments
Memory Non-persistent storage, per tx
Storage Persistent storage
32. 2018.08.06
Geth and Parity
Geth - official implementation, runs 75% public nodes
Written in Go/LevelDB
Parity - alternate implementation, runs 15% public nodes
Written in Rust/RocksDB
Client Type Size Time Details
Full 100GB-1.5TB ~ Weeks to Forever Large SSD, can fetch any TX
Fast 50-200GB ~ Hours to Days SSD, Recent TX only
Light 50MB+ ~ Minutes to Hours HDD, Intended for “end user”
35. 2018.08.06
Client Operation Suggestions
● Have patience
● Troubleshoot with rm –rf and resync
● Use Linux
● Use the fastest SSDs you can afford
● Ethereum clients and web browsing don’t mix
43. 2018.08.06
Blockchain Data
Distributed Ledger != Distributed Database
Only a key/value store with list of blocks/transactions
No queryable structure
Ethereum is focused on recent transaction and current
state, not history
45. 2018.08.06
web3.js and web3.py
web3.js is official client library
● Many API changes between v0.20 and v1.0
web3.py is Python implementation of web3.js
● Version 4.0 switched to Python3.5+
Both communicate to Ethereum nodes via:
● IPC - use when local
● WebSockets - use when streaming events
● RPC - use in any other situation
46. 2018.08.06
Finding Contracts
for b in range(0, 6000000):
block = w.eth.getBlock(b, full_transactions=True)
for tx in block.transactions:
if tx['to'] == None:
r = w.eth.getTransactionReceipt(tx['hash'])
address = r['contractAddress']
if address:
code = w.eth.getCode(address)
if code == '0x' and r['status'] == 1:
saveContract(block, address, tx['input'])
63. 2018.08.06
Creator != selfdestruct destination
From trace, we know the destination of selfdestruct
Filter when this is not the original contract creator
630 contracts remaining
10 of these send ETH to address 0x0
66. 2018.08.06
Creator != selfdestruct transaction originator
159 contracts meet these conditions
25 contracts sent > 0.1 ETH
Only 16 contracts sent >= 1 ETH
71. Conclusion
If you are developing contracts:
● Understand and fix all warnings
● Add an Echidna test
● Write exhaustive positive/negative tests
● Perform an rigorous assessment
If you are a security researcher:
● Become a blockchain explorer
● Have patience
● Symbolically execute with Manticore
● Work with us
Contact
Jay Little, Principal Security Engineer
jay@trailofbits.com
@computerality
@trailofbits
www.trailofbits.com
github.com/trailofbits
blog.trailofbits.com
We’re Hiring!
Trail of Bits is hiring engineers and vulnerability
researchers who are excited about C++ code,
blockchain software, and smart contracts.