Codecamp Iasi 2013 - Playing buggy
Bogdan Alecu presents some real world examples of bugs, specially the ones related to mobile security
For more info go to www.m-sec.net
Iasi code camp 20 april 2013 playing buggy-bogdan-alecuCodecamp Romania
This document summarizes a presentation about security issues in mobile applications. It discusses how developers, testers, and users can contribute to bugs, provides real-world examples of bugs like vulnerabilities in IP address checking and SMS message handling, and demonstrates attacks. It also addresses privacy concerns like what user data apps send and where it is stored, and promotes writing secure code, thorough testing, and considering attacks from skilled researchers.
The document provides a list of criteria for selecting a camcorder. It lists features such as low light mode, optical and digital zoom, HDMI and AV outputs, full HD 1080p recording, H.264 video capture, built-in memory, USB port, color night view, image stabilization, external microphone jack, rechargeable battery or AC power, infrared night vision, built-in LED video light, support for SD/SDHC/SDXC memory cards up to 32GB/64GB, 2.7-3 inch widescreen LCD, compatibility with Eye-Fi memory cards, built-in WiFi, recording in AVCHD or MP4 formats, smart auto and face detection features, time-
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive function. Exercise causes chemical changes in the brain that may help protect against developing mental illness and improve symptoms for those who already suffer from conditions like anxiety and depression.
The document discusses security issues related to mobile devices. It provides general information about SMS and its threats, including spam, spoofing, and notifications. It also covers WAP, WAP Push, and intercepting data traffic. Proper configuration of devices and awareness of potential threats can help improve security.
Elementary procedures for Circuit-Switched (CS) Call Control (CC) in 3GPPLouis K. H. Kuo
The document provides an overview of elementary procedures for circuit-switched call control in 3GPP networks. It describes the background of related protocol layers and planes. Call control manages call establishment, clearing, information, and miscellaneous procedures. The main call types are mobile-originated, mobile-terminated, and network-initiated mobile-originated calls. Standard L3 messages follow specific formats and structures, and the call state is represented by state diagrams and message flow diagrams.
The impact of innovation on travel and tourism industries (World Travel Marke...Brian Solis
From the impact of Pokemon Go on Silicon Valley to artificial intelligence, futurist Brian Solis talks to Mathew Parsons of World Travel Market about the future of travel, tourism and hospitality.
We’re all trying to find that idea or spark that will turn a good project into a great project. Creativity plays a huge role in the outcome of our work. Harnessing the power of collaboration and open source, we can make great strides towards excellence. Not just for designers, this talk can be applicable to many different roles – even development. In this talk, Seasoned Creative Director Sara Cannon is going to share some secrets about creative methodology, collaboration, and the strong role that open source can play in our work.
Reuters: Pictures of the Year 2016 (Part 2)maditabalnco
This document contains 20 photos from news events around the world between January and November 2016. The photos show international events like the US presidential election, the conflict in Ukraine, the migrant crisis in Europe, the Rio Olympics, and more. They also depict human interest stories and natural phenomena from various countries.
Iasi code camp 20 april 2013 playing buggy-bogdan-alecuCodecamp Romania
This document summarizes a presentation about security issues in mobile applications. It discusses how developers, testers, and users can contribute to bugs, provides real-world examples of bugs like vulnerabilities in IP address checking and SMS message handling, and demonstrates attacks. It also addresses privacy concerns like what user data apps send and where it is stored, and promotes writing secure code, thorough testing, and considering attacks from skilled researchers.
The document provides a list of criteria for selecting a camcorder. It lists features such as low light mode, optical and digital zoom, HDMI and AV outputs, full HD 1080p recording, H.264 video capture, built-in memory, USB port, color night view, image stabilization, external microphone jack, rechargeable battery or AC power, infrared night vision, built-in LED video light, support for SD/SDHC/SDXC memory cards up to 32GB/64GB, 2.7-3 inch widescreen LCD, compatibility with Eye-Fi memory cards, built-in WiFi, recording in AVCHD or MP4 formats, smart auto and face detection features, time-
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive function. Exercise causes chemical changes in the brain that may help protect against developing mental illness and improve symptoms for those who already suffer from conditions like anxiety and depression.
The document discusses security issues related to mobile devices. It provides general information about SMS and its threats, including spam, spoofing, and notifications. It also covers WAP, WAP Push, and intercepting data traffic. Proper configuration of devices and awareness of potential threats can help improve security.
Elementary procedures for Circuit-Switched (CS) Call Control (CC) in 3GPPLouis K. H. Kuo
The document provides an overview of elementary procedures for circuit-switched call control in 3GPP networks. It describes the background of related protocol layers and planes. Call control manages call establishment, clearing, information, and miscellaneous procedures. The main call types are mobile-originated, mobile-terminated, and network-initiated mobile-originated calls. Standard L3 messages follow specific formats and structures, and the call state is represented by state diagrams and message flow diagrams.
The impact of innovation on travel and tourism industries (World Travel Marke...Brian Solis
From the impact of Pokemon Go on Silicon Valley to artificial intelligence, futurist Brian Solis talks to Mathew Parsons of World Travel Market about the future of travel, tourism and hospitality.
We’re all trying to find that idea or spark that will turn a good project into a great project. Creativity plays a huge role in the outcome of our work. Harnessing the power of collaboration and open source, we can make great strides towards excellence. Not just for designers, this talk can be applicable to many different roles – even development. In this talk, Seasoned Creative Director Sara Cannon is going to share some secrets about creative methodology, collaboration, and the strong role that open source can play in our work.
Reuters: Pictures of the Year 2016 (Part 2)maditabalnco
This document contains 20 photos from news events around the world between January and November 2016. The photos show international events like the US presidential election, the conflict in Ukraine, the migrant crisis in Europe, the Rio Olympics, and more. They also depict human interest stories and natural phenomena from various countries.
Gadgetbridge, a free and open source project, has existed since 2015 to allow wearable device customers to use their hardware without being tied to the online services of the manufacturers.
The small but very focused and capable technical community working on the basic functionalities such as retrieving the various data from the wearables (detected activities, sleep, pulse per minute, peripheral oxygen saturation, ...) lacks the expertise on specialised algorithms that could help to perform advanced analysis/diagnostics.
The goal of this talk is to explore a potential collaboration between our communities: Gadgetbridge provides local-only support for an extensive list of wearable devices and a community of engineers and privacy minded users, Data4SmartHealth might contribute advanced algorithms and AI on edge devices.
PhoneGap is an open source framework that allows developers to build mobile apps using HTML, CSS, and JavaScript. It works by wrapping web applications in wrappers for each mobile operating system so they can access native device APIs and app stores. Key features include access to device capabilities like the camera, geolocation, contacts and more. It supports building apps for Android, iOS, BlackBerry and other platforms.
JS Fest 2019. Sebastian Golasch. The Universal Serial WebJSFestUA
As a web developer it´s easy to feel intimidated by the world of hardware hacking and the physical web, we have to leave our comfort zone and need to get familiar with a completely new development environment. But not anymore, thanks to wonderful possibilities that the WebUSB Api brings to our browsers.
In this talk I will give an intro to the endless wonders we can encounter in the hardware world through our browser windows. Aside from leaerning the basics of USB and serial port communication, we´ll paint on USB displays, live tweet to receipt printers, control an Arduino, steal data from Android phones and many more… The only limit is your imagination.
A tale of the Neo900 project about the obstacles on its way to achieve The Ultimate Private Phone.
What are the threats for smartphone user's privacy? How to deal with them? Is it possible to make a phone that will protect us so well that it will let us forget about privacy at all?
The talk has been given via videoconference on 2014-11-29 at OpenPhoenux Hard- and Software Workshop 2014 in Garching, Munich.
Recording: https://www.youtube.com/watch?v=ahPFCFooBv0&list=PL-s0IumBit8Mofxj0Fn2kH6RB9VtnKS4K
Mobile networks: exploiting HTTP headers and data traffic - DefCamp 2012DefCamp
This document summarizes a presentation about exploiting HTTP headers and data traffic on mobile networks. The presentation discusses how mobile operators identify users for billing purposes using HTTP headers containing phone numbers. It describes finding the relevant headers through research and testing various operators. Methods explored for spoofing these headers include modifying browser user-agent strings and HTTP headers to impersonate other users both within and outside the target network. The document cautions that the demonstrations are only examples and outlines responsible disclosure efforts.
The document outlines the agenda for a meetup on developing wearable technology applications. The agenda includes presentations on Myo, Oculus Rift, Kiwi Move and other products. It also discusses connecting wearable apps to Bluemix and using Node-RED for building IoT flows. The document provides an overview of different wearable devices, their programming languages and potential use cases. It promotes connecting the devices to IBM Cloud services like Cloudant and Bluemix for building applications.
Getting started with IoT with only your Laptop - July 2019 - Digital LincolnPeter Gallagher
Slides from my IoT with only your Laptop talk at Digital Lincoln - July 2019.
I take attendees through some great online simulators for IoT kit. Showing how to really reduce the barrier to entry to the IoT World.
Note: Download to experience the GIF Goodness!
This document summarizes technology news from January 2012. It discusses the introduction of ultrabooks as slim laptops to compete with tablets and smartphones. It also covers the new Thunderbolt and 802.11ac WiFi standards that enable faster data transfer speeds. Several new networked devices are highlighted, including smart home products. Color e-readers using Mirasol and e-ink displays are previewed. Security issues like the Zappos data breach and vulnerabilities in WiFi Protected Setup are addressed. The stalling of the controversial Stop Online Piracy Act is also noted.
Getting started with IoT with only your Laptop - March 2019 - DDD NorthPeter Gallagher
Slides from my talk at DDD North - March 2019.
I take attendees through some great online simulators for IoT kit. Showing how to really reduce the barrier to entry to the IoT World.
Note: Download to experience the GIF Goodness!
Introduction google glass en - rev 20 - codemotionCodemotion
The document discusses Google Glass, including its technical specifications, how it works, programming options using the Mirror API and GDK, the Glass Explorer program, and the speaker's thoughts after using Glass for 1.5 years. Some key points covered include the capabilities of Glass, how it is controlled through voice commands and gestures, and development options for creating Glassware applications either on a server or directly on the device.
Getting started with IoT with only your Laptop - March 2019 - IoT LeedsPeter Gallagher
Slides from my talk at IoT Leeds - March 2019.
I take attendees through some great online simulators for IoT kit. Showing how to really reduce the barrier to entry to the IoT World.
Note: Download to experience the GIF Goodness!
The Web of Things - The story of a browser escaping into the physical world
A deep dive into the world of Web USB, the Serial port protocol & everything in-between.
JavaScript is finding its way further and further out of the browser. Only a couple of years ago, if someone had said they wanted to build robots only using JS you'd think they were crazy. Having tried it at the time those naysayers were correct - it was a disaster.
Recently, particularly as a result of the nodebots project, JS Robotics has started to come of age and it's now possible to build simple robots using JavaScript for the majority of the stack - everything from control and sensing to motors to lights, AI and computer vision.
This talk will give an overview of what's currently possible, where the current gotchas are, how to get started and have some interactive elements that can be played with during or after the session.
Andrew is a creator & destroyer of things that combine mobile web, ubicomp and lots of data. Sometime programmer, interaction researcher & CTO @ JBA.
Be Responsive meetup / Melbourne Geek Night Crossover night
September 2014
AstriCon 2015: WebRTC: How it Works, and How it BreaksMojo Lingo
WebRTC is an exciting new technology, perhaps the most exciting thing to happen to voice communication since the invention of Voice over IP. With WebRTC, we are no longer limited to a disjointed communication experience with poor quality audio on antiquated networks. Now we have the ability to put high-definition audio and video where it will have the most impact: right in line with the business processes that benefit the most from it.
This session will present an overview of how WebRTC works, reviewing both the network services that support it and the user-facing software that delivers it. We will look at how Asterisk can be used to give WebRTC additional capabilities that aren’t possible with browsers alone, and how to deploy Asterisk to get the most out of this powerful combination.
As with all new technology, however, there are rough edges. In the final part of this presentation, we will look at the common ways that WebRTC can break down, from technical deployment problems to user interface and design issues. These lessons are drawn from real-world experience deploying WebRTC over the last 3 years and multiple applications that are in production today.
Getting started with IoT with only your Laptop - February 2019 - Lancs Tech T...Peter Gallagher
The document is a presentation about getting started with IoT using only a laptop. It discusses various hardware options like the BBC micro:bit, Arduino Uno, MXChip AZ3166 and Raspberry Pi that can be programmed from a laptop. It also provides links to software like Microsoft MakeCode, TinkerCAD and emulators that allow prototyping IoT projects without physical hardware. An example IoT application of monitoring cow health is presented. The presentation aims to excite and encourage attendees to start building their own IoT projects.
This document provides an overview of Google Glass. It discusses what Google Glass is, its key components and technologies, how it works, its main features and functions. The document also outlines the advantages and disadvantages of Google Glass, as well as its future applications and scope. It concludes that Google Glass is a pioneering wearable technology that has the potential to revolutionize mobile computing despite current limitations.
This document discusses how embedded devices with cellular connectivity and GPS capabilities could potentially be exploited and used to track individuals without their consent. It describes how an attacker could send commands via SMS to intercept location data from compromised tracking devices. It also explains how an attacker could potentially impersonate targets by spoofing location data responses over HTTP. The document recommends ways for companies to better secure such devices, such as using encrypted communications and restricting device access.
Sumedt Jitpukdebodin explains paper hacking, which involves creating malicious QR codes that, when scanned, exploit vulnerabilities on mobile devices. The process involves:
1. Creating evil websites that exploit Android and iPhone vulnerabilities or perform phishing.
2. Mapping the evil sites online using services like DyDNS and NoIP.
3. Generating QR codes linked to the evil sites using free online or mobile apps.
4. Socially engineering people into scanning the QR codes, such as at events or on social media.
5. When scanned, the QR codes redirect devices to the evil sites to carry out exploits or phishing depending on the device type. The goal is
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Gadgetbridge, a free and open source project, has existed since 2015 to allow wearable device customers to use their hardware without being tied to the online services of the manufacturers.
The small but very focused and capable technical community working on the basic functionalities such as retrieving the various data from the wearables (detected activities, sleep, pulse per minute, peripheral oxygen saturation, ...) lacks the expertise on specialised algorithms that could help to perform advanced analysis/diagnostics.
The goal of this talk is to explore a potential collaboration between our communities: Gadgetbridge provides local-only support for an extensive list of wearable devices and a community of engineers and privacy minded users, Data4SmartHealth might contribute advanced algorithms and AI on edge devices.
PhoneGap is an open source framework that allows developers to build mobile apps using HTML, CSS, and JavaScript. It works by wrapping web applications in wrappers for each mobile operating system so they can access native device APIs and app stores. Key features include access to device capabilities like the camera, geolocation, contacts and more. It supports building apps for Android, iOS, BlackBerry and other platforms.
JS Fest 2019. Sebastian Golasch. The Universal Serial WebJSFestUA
As a web developer it´s easy to feel intimidated by the world of hardware hacking and the physical web, we have to leave our comfort zone and need to get familiar with a completely new development environment. But not anymore, thanks to wonderful possibilities that the WebUSB Api brings to our browsers.
In this talk I will give an intro to the endless wonders we can encounter in the hardware world through our browser windows. Aside from leaerning the basics of USB and serial port communication, we´ll paint on USB displays, live tweet to receipt printers, control an Arduino, steal data from Android phones and many more… The only limit is your imagination.
A tale of the Neo900 project about the obstacles on its way to achieve The Ultimate Private Phone.
What are the threats for smartphone user's privacy? How to deal with them? Is it possible to make a phone that will protect us so well that it will let us forget about privacy at all?
The talk has been given via videoconference on 2014-11-29 at OpenPhoenux Hard- and Software Workshop 2014 in Garching, Munich.
Recording: https://www.youtube.com/watch?v=ahPFCFooBv0&list=PL-s0IumBit8Mofxj0Fn2kH6RB9VtnKS4K
Mobile networks: exploiting HTTP headers and data traffic - DefCamp 2012DefCamp
This document summarizes a presentation about exploiting HTTP headers and data traffic on mobile networks. The presentation discusses how mobile operators identify users for billing purposes using HTTP headers containing phone numbers. It describes finding the relevant headers through research and testing various operators. Methods explored for spoofing these headers include modifying browser user-agent strings and HTTP headers to impersonate other users both within and outside the target network. The document cautions that the demonstrations are only examples and outlines responsible disclosure efforts.
The document outlines the agenda for a meetup on developing wearable technology applications. The agenda includes presentations on Myo, Oculus Rift, Kiwi Move and other products. It also discusses connecting wearable apps to Bluemix and using Node-RED for building IoT flows. The document provides an overview of different wearable devices, their programming languages and potential use cases. It promotes connecting the devices to IBM Cloud services like Cloudant and Bluemix for building applications.
Getting started with IoT with only your Laptop - July 2019 - Digital LincolnPeter Gallagher
Slides from my IoT with only your Laptop talk at Digital Lincoln - July 2019.
I take attendees through some great online simulators for IoT kit. Showing how to really reduce the barrier to entry to the IoT World.
Note: Download to experience the GIF Goodness!
This document summarizes technology news from January 2012. It discusses the introduction of ultrabooks as slim laptops to compete with tablets and smartphones. It also covers the new Thunderbolt and 802.11ac WiFi standards that enable faster data transfer speeds. Several new networked devices are highlighted, including smart home products. Color e-readers using Mirasol and e-ink displays are previewed. Security issues like the Zappos data breach and vulnerabilities in WiFi Protected Setup are addressed. The stalling of the controversial Stop Online Piracy Act is also noted.
Getting started with IoT with only your Laptop - March 2019 - DDD NorthPeter Gallagher
Slides from my talk at DDD North - March 2019.
I take attendees through some great online simulators for IoT kit. Showing how to really reduce the barrier to entry to the IoT World.
Note: Download to experience the GIF Goodness!
Introduction google glass en - rev 20 - codemotionCodemotion
The document discusses Google Glass, including its technical specifications, how it works, programming options using the Mirror API and GDK, the Glass Explorer program, and the speaker's thoughts after using Glass for 1.5 years. Some key points covered include the capabilities of Glass, how it is controlled through voice commands and gestures, and development options for creating Glassware applications either on a server or directly on the device.
Getting started with IoT with only your Laptop - March 2019 - IoT LeedsPeter Gallagher
Slides from my talk at IoT Leeds - March 2019.
I take attendees through some great online simulators for IoT kit. Showing how to really reduce the barrier to entry to the IoT World.
Note: Download to experience the GIF Goodness!
The Web of Things - The story of a browser escaping into the physical world
A deep dive into the world of Web USB, the Serial port protocol & everything in-between.
JavaScript is finding its way further and further out of the browser. Only a couple of years ago, if someone had said they wanted to build robots only using JS you'd think they were crazy. Having tried it at the time those naysayers were correct - it was a disaster.
Recently, particularly as a result of the nodebots project, JS Robotics has started to come of age and it's now possible to build simple robots using JavaScript for the majority of the stack - everything from control and sensing to motors to lights, AI and computer vision.
This talk will give an overview of what's currently possible, where the current gotchas are, how to get started and have some interactive elements that can be played with during or after the session.
Andrew is a creator & destroyer of things that combine mobile web, ubicomp and lots of data. Sometime programmer, interaction researcher & CTO @ JBA.
Be Responsive meetup / Melbourne Geek Night Crossover night
September 2014
AstriCon 2015: WebRTC: How it Works, and How it BreaksMojo Lingo
WebRTC is an exciting new technology, perhaps the most exciting thing to happen to voice communication since the invention of Voice over IP. With WebRTC, we are no longer limited to a disjointed communication experience with poor quality audio on antiquated networks. Now we have the ability to put high-definition audio and video where it will have the most impact: right in line with the business processes that benefit the most from it.
This session will present an overview of how WebRTC works, reviewing both the network services that support it and the user-facing software that delivers it. We will look at how Asterisk can be used to give WebRTC additional capabilities that aren’t possible with browsers alone, and how to deploy Asterisk to get the most out of this powerful combination.
As with all new technology, however, there are rough edges. In the final part of this presentation, we will look at the common ways that WebRTC can break down, from technical deployment problems to user interface and design issues. These lessons are drawn from real-world experience deploying WebRTC over the last 3 years and multiple applications that are in production today.
Getting started with IoT with only your Laptop - February 2019 - Lancs Tech T...Peter Gallagher
The document is a presentation about getting started with IoT using only a laptop. It discusses various hardware options like the BBC micro:bit, Arduino Uno, MXChip AZ3166 and Raspberry Pi that can be programmed from a laptop. It also provides links to software like Microsoft MakeCode, TinkerCAD and emulators that allow prototyping IoT projects without physical hardware. An example IoT application of monitoring cow health is presented. The presentation aims to excite and encourage attendees to start building their own IoT projects.
This document provides an overview of Google Glass. It discusses what Google Glass is, its key components and technologies, how it works, its main features and functions. The document also outlines the advantages and disadvantages of Google Glass, as well as its future applications and scope. It concludes that Google Glass is a pioneering wearable technology that has the potential to revolutionize mobile computing despite current limitations.
This document discusses how embedded devices with cellular connectivity and GPS capabilities could potentially be exploited and used to track individuals without their consent. It describes how an attacker could send commands via SMS to intercept location data from compromised tracking devices. It also explains how an attacker could potentially impersonate targets by spoofing location data responses over HTTP. The document recommends ways for companies to better secure such devices, such as using encrypted communications and restricting device access.
Sumedt Jitpukdebodin explains paper hacking, which involves creating malicious QR codes that, when scanned, exploit vulnerabilities on mobile devices. The process involves:
1. Creating evil websites that exploit Android and iPhone vulnerabilities or perform phishing.
2. Mapping the evil sites online using services like DyDNS and NoIP.
3. Generating QR codes linked to the evil sites using free online or mobile apps.
4. Socially engineering people into scanning the QR codes, such as at events or on social media.
5. When scanned, the QR codes redirect devices to the evil sites to carry out exploits or phishing depending on the device type. The goal is
Similar to Bogdan Alecu: Playing buggy Codecamp (20)
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
OpenID AuthZEN Interop Read Out - AuthorizationDavid Brossard
During Identiverse 2024 and EIC 2024, members of the OpenID AuthZEN WG got together and demoed their authorization endpoints conforming to the AuthZEN API
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Things to Consider When Choosing a Website Developer for your Website | FODUUFODUU
Choosing the right website developer is crucial for your business. This article covers essential factors to consider, including experience, portfolio, technical skills, communication, pricing, reputation & reviews, cost and budget considerations and post-launch support. Make an informed decision to ensure your website meets your business goals.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxSitimaJohn
Ocean Lotus cyber threat actors represent a sophisticated, persistent, and politically motivated group that poses a significant risk to organizations and individuals in the Southeast Asian region. Their continuous evolution and adaptability underscore the need for robust cybersecurity measures and international cooperation to identify and mitigate the threats posed by such advanced persistent threat groups.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
Infrastructure Challenges in Scaling RAG with Custom AI modelsZilliz
Building Retrieval-Augmented Generation (RAG) systems with open-source and custom AI models is a complex task. This talk explores the challenges in productionizing RAG systems, including retrieval performance, response synthesis, and evaluation. We’ll discuss how to leverage open-source models like text embeddings, language models, and custom fine-tuned models to enhance RAG performance. Additionally, we’ll cover how BentoML can help orchestrate and scale these AI components efficiently, ensuring seamless deployment and management of RAG systems in the cloud.
4. About me
Bogdan ALECU
▪ Independent security researcher
▪ Sysadmin @ LEVI9
▪ Passionate about security, specially when it’s related to
mobile devices, CISSP, CEH, CISA,CCSP
▪ #infosec conferences: DeepSec, DefCamp, EUSecWest
▪ Started with NetMonitor, continued with VoIP and finally
GSM networks / mobile phones
▪ @msecnet / www.m-sec.net / alecu@m-sec.net
5. The buggy world
Bogdan ALECU
▪Developers
▪Testers
▪Customers
▪How do you test?
▪But is it enough?
17. The buggy world
Bogdan ALECU
▪ 20K application
▪ Two factor authentication
▪ ACL IP
▪ User authenticated automatically if …
… coming from the right internal IP
23. The buggy world
Bogdan ALECU
▪ Try accessing the website while pretending
to be browsing from your mobile device
▪ You would be surprised of the instant
access you get
▪ No luck? Try Googlebot!
▪ If your log shows a sensitive access being
made by GoogleBot, will you worry ?
30. The buggy world
Bogdan ALECU
▪Implementation gone wild
▪ How many of you use the Internet on
your mobile device?
▪ Do you know what DNS is?
31. The buggy world
Bogdan ALECU
Setup a VPN server on port 53, UDP (DNS
port)
… and connect to your server
… pass the traffic to the Internet
UNLIMITED
MOBILE DATA TRAFFIC!
42. Where does your data go?
Bogdan ALECU
▪Is the data securely transferred?
▪What info is the app sending?
▪When does it sends the info?
▪Does the app accept any certificate?
▪What is it stored locally?
43. Where does your data go?
Bogdan ALECU
▪Mallory gateway
http://intrepidusgroup.com/insight/
2010/12/mallory-and-me-setting-
up-a-mobile-mallory-gateway/
46. Call to action
Bogdan ALECU
▪ Don’t rely on thing that most users have no
idea how to check if your app is secure.
You might meet someone like me and it
will get ugly
▪ Write your code in a secure way
▪ Testers: learn how to really tests mobile
apps. It’s not all about the usage
experience!