October 2015 Casual Connect Tel Aviv talk about how hackers cheat and change their score in mobile games, and how you as the developer can try to prevent it to some extent.
Victory VoIP is widely considered the most effective on-premise volunteer phone bank technology. On any given day in the election season thousands of volunteers simultaneously making calls on Victory VoIP phones. Feature rich, reliable, integrated and proven are why more Republican consultants choose Victory VoIP. - See more at: http://victorysolutions.us
Victory Cloud gives you the power to deliver automated recorded messages (also known as Robocalls) for a candidate, elected official, organization or PAC. See more at: http://victorysolutions.us/
Victory VoIP is widely considered the most effective on-premise volunteer phone bank technology. On any given day in the election season thousands of volunteers simultaneously making calls on Victory VoIP phones. Feature rich, reliable, integrated and proven are why more Republican consultants choose Victory VoIP. - See more at: http://victorysolutions.us
Victory Cloud gives you the power to deliver automated recorded messages (also known as Robocalls) for a candidate, elected official, organization or PAC. See more at: http://victorysolutions.us/
queremos mostrar a los mediums un tipo de personas que tienen la capacidad de hacer contactos con seres del mas allá,pero esta tecnica tambien tienen muchas clases y muchos riesgos.
Aqui vamos a explicar el ectoplasma que es una materia de color plasma que sale por las cabidades del cuerpo cuando el medium excede habeces el contacto con el mas alla.
Ponencia realizada en el entorno de la XXIV Escuela de Verano organizada por los Centros de Educación Secundaria y Formación Profesional EFA de España.
Der Reiseveranstalter opernreisen.com organisiert eine Musikreise in die Stadt Bregenz am Bodensee. Neben vielen Kultur-Highlights erleben Sie Puccinis "Turandot" auf der berühmten Seebühne und ein Konzert der Wiener Symphoniker im Bregenzer Festspielhaus. Alle Details zur Busreise, Karten und Reiseablauf finden Sie in diesem Flyer.
Folleto informativo sobre el trabajo de la Fundación Amparo y Justicia (versión en español).
Amparo y Justicia da ayuda legal, psicológica y asistencial a familias que han perdido un hijo víctima de abuso sexual y trabaja en disminuir la victimización secundaria en la Justicia
Keith Nurcombe, Global Director of Telehealth and Telefonica and Managing Director for O2 Health, O2 UK, will be chairing the M-Health Focus Day at this year’s M2M Forum Europe. Here’s what he had to say about the industry today and tomorrow…
La Clase Emprendedora por Carlos Barrabés. Conferencia orgnizada por EOI y FE...FENA Business School
Carlos Barrabés a ofrecido en Gijón el 22 de febrero una conferencia que llevaba por nombre "La Clase Emprendedora" enmarcada dentro de la jornada Innovación para Emprendedores organizada por EOI y FENA Business School
What CS Class Didn't Teach About TestingCamille Bell
Computer Science classes don't teach testing. Testing is as critical to software engineering as writing code. Here I show what CS programs should have taught, but didn't.
queremos mostrar a los mediums un tipo de personas que tienen la capacidad de hacer contactos con seres del mas allá,pero esta tecnica tambien tienen muchas clases y muchos riesgos.
Aqui vamos a explicar el ectoplasma que es una materia de color plasma que sale por las cabidades del cuerpo cuando el medium excede habeces el contacto con el mas alla.
Ponencia realizada en el entorno de la XXIV Escuela de Verano organizada por los Centros de Educación Secundaria y Formación Profesional EFA de España.
Der Reiseveranstalter opernreisen.com organisiert eine Musikreise in die Stadt Bregenz am Bodensee. Neben vielen Kultur-Highlights erleben Sie Puccinis "Turandot" auf der berühmten Seebühne und ein Konzert der Wiener Symphoniker im Bregenzer Festspielhaus. Alle Details zur Busreise, Karten und Reiseablauf finden Sie in diesem Flyer.
Folleto informativo sobre el trabajo de la Fundación Amparo y Justicia (versión en español).
Amparo y Justicia da ayuda legal, psicológica y asistencial a familias que han perdido un hijo víctima de abuso sexual y trabaja en disminuir la victimización secundaria en la Justicia
Keith Nurcombe, Global Director of Telehealth and Telefonica and Managing Director for O2 Health, O2 UK, will be chairing the M-Health Focus Day at this year’s M2M Forum Europe. Here’s what he had to say about the industry today and tomorrow…
La Clase Emprendedora por Carlos Barrabés. Conferencia orgnizada por EOI y FE...FENA Business School
Carlos Barrabés a ofrecido en Gijón el 22 de febrero una conferencia que llevaba por nombre "La Clase Emprendedora" enmarcada dentro de la jornada Innovación para Emprendedores organizada por EOI y FENA Business School
What CS Class Didn't Teach About TestingCamille Bell
Computer Science classes don't teach testing. Testing is as critical to software engineering as writing code. Here I show what CS programs should have taught, but didn't.
PDF version slides from our talk at Navaja Negra & Conecta CON 5th Edition: Destroying Router Security.
Authors:
- José Antonio Rodríguez García
- Álvaro Folgado Rueda
- Iván Sanz de Castro
The Hardcore Stuff I Hack:
This talk is going to give a run through of some of the technical challenges paul and his team have overcome over the years - in as much hardcore detail as possible
Using the Cloud for Mobile, Social, and Games - RightScale Compute 2013RightScale
Speaker: Ronnie Regev - Product Manager, RightScale
Many organizations get started in the cloud by developing new, fast-to-market, customer-facing applications. Often these are mobile, social, and gaming applications. We will talk about how to build a repeatable, cost-efficient, and scalable infrastructure platform to deliver a portfolio of mobile, social, and games apps.
DevOpsDays Baltimore 2017.
Product owners are under pressure from Marketing and Leadership to focus on features, while operability (availability, performance, monitoring, etc) are an afterthought to be bolted on later. Deployments fail, customers complain, and work isn't fun. How can DevOps reach out to Product?
People from a "Product background" often have zero technical experience, but find themselves needing to dictate the deliverables. Product owners are under great pressure from Marketing and Leadership to focus on "features" from a customer perspective; the so-called "non-functional requirements" often fall by the wayside. Operability - monitorabilty, recoverability, availability, performance, among other aspects - is difficult to bake into an application that was developed without such consideration.
This talk will present practical approaches to bridge-building between Ops and Product. Focusing especially on cross-functional Agile teams with leadership with little or no Ops background, we will explore whether "planning the work will result in the planned work being the work that is done." When working with a mixed team, doing development, deployment, incident response, and everything in support of that, such plans go off the rails. Methods of championing Ops needs while avoiding "the sky is falling" perceptions will be presented. What kinds of unplanned work exist? Are there steps we can take to convert unplanned work into planned work? How does work flow through the team? How does unplanned work disrupt the flow?
Product owners are under pressure from Marketing and Leadership to focus on features, while operability (availability, performance, monitoring, etc) are an afterthought to be bolted on later. Deployments fail, customers complain, and work isn't fun. How can DevOps reach out to Product?
People from a "Product background" often have zero technical experience, but find themselves needing to dictate the deliverables. Product owners are under great pressure from Marketing and Leadership to focus on "features" from a customer perspective; the so-called "non-functional requirements" often fall by the wayside. Operability - monitorabilty, recoverability, availability, performance, among other aspects - is difficult to bake into an application that was developed without such consideration.
This talk will present practical approaches to bridge-building between Ops and Product. Focusing especially on cross-functional Agile teams with leadership with little or no Ops background, we will explore whether "planning the work will result in the planned work being the work that is done." When working with a mixed team, doing development, deployment, incident response, and everything in support of that, such plans go off the rails. Methods of championing Ops needs while avoiding "the sky is falling" perceptions will be presented. What kinds of unplanned work exist? Are there steps we can take to convert unplanned work into planned work? How does work flow through the team? How does unplanned work disrupt the flow?
The DevOps movement, like its Agile predecessor, is focused on improving the communication and collaboration between the development and operations teams responsible for different aspects of an app throughout its lifecycle. While successful DevOps initiatives start and end with organizational and cultural change, there are also common practices that are enablers and/or tools used in support of DevOps. In this session you will learn about the DevOps practice of Continuous Delivery—releasing and deploying application changes as they are available, and not waiting for big, cumbersome roll-ups of new code. This session will focus on the practice of Continuous Delivery, while demonstrating a few tools that can make implementing Continuous Delivery easier, including tools for automated provisioning and release orchestration. If you are interested in implementing a DevOps initiative in your organization, then this session is a must-see.
Igniting the Spark: Building Online Services for Borderlands 2Jimmy Sieben
Gearbox built an online services platform named Spark for Borderlands 2. As this was an entirely new effort for Gearbox, we learned that building a service is quite different from building a game. Along the way, we shipped two beta releases in the original Borderlands to help us succeed. The genesis of Spark, key milestones and challenges in its creation, and post-mortem from launch are discussed. This talk will help others understand why we created Spark and also what it takes to launch an online service.
This will be a session to introduce the Manic Gaming Network. We have designed a multiplayer gaming platform which gives developers an easy way to incorporate Peer 2 Peer gaming into their app.
Will cover the following:
* today’s problems with developing a multiplayer solution, and solutions available “out of the box”
* walkthrough of Manic’s services available to the community of gamers and developers
* quick introduction to an API we’re releasing for our service
* game demo will be shown
* review of some sample code to help developers get started
Building a crm data strategy goals that boost business performance finalex_scrScribe Software Corp.
You need an integrated view of all your customer’s quotes and contracts in order to reduce risk, improve order quality and enhance the customer experience by supporting all business and customer needs.
This is a fun one! Learn how to hack up robots you can buy at a local toy store. You’ll see the methods used to take the video stream out of the robot and turn it into a format Flash likes. You’ll get the lowdown on how to send API commands to control the bot. We’ll show you how to connect it to alternative controllers and use ActionScript for some simple color detection on the video stream.
Similar to Cheaters Gonna Cheat - Battling Fake High Scores (20)
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Cheaters Gonna Cheat - Battling Fake High Scores
1. Cheaters Gonna Cheat
Battling Fake High Scores
Nataly Eliyahu
CASUAL CONNECT TEL AVIV
19 – 21 OCTOBER 2015Slide: 1/15
2. About Me
• Background in Security and
Reverse Engineering
• Army Service in Technology
Units
• Today - Freelance Game
Developer
• nataly@natalycreates.com
CASUAL CONNECT TEL AVIV
19 – 21 OCTOBER 2015Slide: 2/15
3. What we’ll talk about
• Back & forth between
developer and hacker
• Approaches and
considerations for a
developer
• Think like a hacker!
CASUAL CONNECT TEL AVIV
19 – 21 OCTOBER 2015Slide: 3/15
4. Step 1 – Naive Score Saving
Developer POV
• Save the score locally
• Use Player Preferences
Hacker POV
• Rooted phone
• Edit Preferences
CASUAL CONNECT TEL AVIV
19 – 21 OCTOBER 2015Slide: 4/15
6. Step 2 – Manipulate the Score
Developer POV
• Encode the score (base64 /
hex / custom encoding)
• Math manipulations
Hacker POV
• Blackboxing
• Guessing
• Find the Pattern
CASUAL CONNECT TEL AVIV
19 – 21 OCTOBER 2015Slide: 6/15
7. Step 3 – Encrypt the Score
Developer POV
• Encode the score (base64)
• Encrypt the score with a
secret key (a string)
• Use obfuscator on the
compiled apk
Hacker POV
• Decompile apk, rename
functions, organize code
• Find the encryption code -
see which algorithms is used
• Find the string for the
encryption key
• Decrypt and encrypt your own
scores
CASUAL CONNECT TEL AVIV
19 – 21 OCTOBER 2015Slide: 7/15
11. Step 4 – Non-standard encryption
Developer POV
• Encode the score (base64)
• Encrypt the score with a
secret key (a string)
• Change code of encryption
function to non-standard
implementation
Hacker POV
• Previous method fails! Score
isn’t saved correctly with your
script
• Read the encryption code
• Look for the differences from
the standard implementation
• Alternative – use dynamic
debugging
CASUAL CONNECT TEL AVIV
19 – 21 OCTOBER 2015Slide: 11/15
12. Step 5 – Server side
Developer POV
• Encode the score (base64)
• Call a function on the server
to encrypt and decrypt the
score
• Secret key is no longer in the
apk
• Always Online issue!
Hacker POV
• Attack the server, look for
loopholes
• Alternative - Use dynamic
debugging, change the score
in memory before it’s sent to
the server
CASUAL CONNECT TEL AVIV
19 – 21 OCTOBER 2015Slide: 12/15
13. The Heuristics Approach
• Recognize suspicious scores
• Is the score possible in the
amount of time the player played?
• Patterns in the score
• Send constant updates to server
about player status
CASUAL CONNECT TEL AVIV
19 – 21 OCTOBER 2015Slide: 13/15
14. To Sum Up
• With enough determination, the hacker
will always win
• If cheating at your game is really hard,
most people won’t bother
• Going always online helps makes it
much harder to cheat, but at a cost for
the majority of players
• Choose the most cost-effective solution
depending on your game
CASUAL CONNECT TEL AVIV
19 – 21 OCTOBER 2015Slide: 14/15
15. Questions?
Feel free to contact me!
nataly@natalycreates.com
Facebook: Nataly Eliyahu
Twitter: @NatalyEliyahu
Slides: bit.ly/1ORclQV
CASUAL CONNECT TEL AVIV
19 – 21 OCTOBER 2015Slide: 15/15