The document discusses the differences between /dev/random and /dev/urandom on Linux. It notes that both draw from the same entropy pool and cryptographic strength random number generation process. However, /dev/random aims to track available entropy and may block when it perceives levels to be low, while /dev/urandom will always return bytes from the pool without blocking. The document argues this blocking behavior of /dev/random is useless as entropy does not actually decrease over time. It notes major cryptographic systems rely on the assumption that output from a cryptographically secure pseudorandom number generator like /dev/urandom remains unpredictable, and blocking could undermine security or introduce side channels. Therefore, /dev/urandom is considered sufficient
Defcon 20 stamp out hash corruption crack all the thingsclaudijd
This is the presentation that @reynolds and @claudijd presented at DEFCON, which demonstrates how password extraction tools yield corrupted hashes, how the flaw was identified and the fix.
Defcon 20 stamp out hash corruption crack all the thingsclaudijd
This is the presentation that @reynolds and @claudijd presented at DEFCON, which demonstrates how password extraction tools yield corrupted hashes, how the flaw was identified and the fix.
Web technologies are evolving at such a frenetic pace that it becomes almost mandatory to learn on your own. A lot of us still depend on other people to do this learning for us, and we tend to use their answers to solve our everyday problems.
Inconsistent implementations, rapidly evolving specs, questionable performance impacts and maintenance implications mean we cannot always depend on others for answers but must involve ourselves actively in the process of developing specifications for new Web technologies. But how do we go about it?
There are some simple rituals we can all do, which can have us be better-informed and also better inform the people and groups who are most directly involved in the development of new Web technologies.
Ведущие: Дмитрий Частухин и Дмитрий Юдин
Бла-бла-бла SAP. Бла-бла-бла крупные компании. Бла-бла-бла взлом на миллионы долларов. Вот так обычно начинается любой доклад о SAP. Но в этот раз все будет по-другому. Давненько не было рассказов о жестокой эксплуатации и необычных уязвимостях. Пришло время пуститься во все тяжкие! Докладчики расскажут (и покажут), как получить полный контроль над системой, используя ряд незначительных уязвимостей в службах SAP.
This talk will cover how powerfull are buffer overflows, how weak are mitigations against them, why are buffer overflows still possible in those days, how generic are they, and example how useful is turn race conditions to buffer overflow. Race conditions are nice example for that, because they are one of the hardest to find and on of the easiest to make. example is on Linux kernel (droids included), but talk will be keeped for buffer overflows in general (mainly for windows & Linux kernel)
LinuxCon Europe, 2014. Video: https://www.youtube.com/watch?v=SN7Z0eCn0VY . There are many performance tools nowadays for Linux, but how do they all fit together, and when do we use them? This talk summarizes the three types of performance tools: observability, benchmarking, and tuning, providing a tour of what exists and why they exist. Advanced tools including those based on tracepoints, kprobes, and uprobes are also included: perf_events, ktap, SystemTap, LTTng, and sysdig. You'll gain a good understanding of the performance tools landscape, knowing what to reach for to get the most out of your systems.
Если нашлась одна ошибка — есть и другие. Один способ выявить «наследуемые» у...Positive Hack Days
Ведущий: Асука Накадзима (Asuka Nakajima)
Практика повторного использования исходного кода позволяет сократить расходы на разработку программного обеспечения. Тем не менее, если в оригинальном исходном коде кроется уязвимость, она будет перенесена и в новое приложение. Докладчик расскажет о необычном способе обнаружения «наследуемых» уязвимостей в бинарных файлах без необходимости обращаться к исходному коду или символьным файлам.
Reverse Engineering the TomTom Runner pt. 2Luis Grangeia
Second presentation of my research into reverse engineering a TomTom Runner GPS watch. In this I explain how I got running code inside an unfamiliar device and proceeded to bypass its security measures and extract firmware keys and code from the device.
More details on my personal blog, at http://grangeia.io
Presented in October 2015 at "Confraria de Segurança da Informação" in Lisbon
Web technologies are evolving at such a frenetic pace that it becomes almost mandatory to learn on your own. A lot of us still depend on other people to do this learning for us, and we tend to use their answers to solve our everyday problems.
Inconsistent implementations, rapidly evolving specs, questionable performance impacts and maintenance implications mean we cannot always depend on others for answers but must involve ourselves actively in the process of developing specifications for new Web technologies. But how do we go about it?
There are some simple rituals we can all do, which can have us be better-informed and also better inform the people and groups who are most directly involved in the development of new Web technologies.
Ведущие: Дмитрий Частухин и Дмитрий Юдин
Бла-бла-бла SAP. Бла-бла-бла крупные компании. Бла-бла-бла взлом на миллионы долларов. Вот так обычно начинается любой доклад о SAP. Но в этот раз все будет по-другому. Давненько не было рассказов о жестокой эксплуатации и необычных уязвимостях. Пришло время пуститься во все тяжкие! Докладчики расскажут (и покажут), как получить полный контроль над системой, используя ряд незначительных уязвимостей в службах SAP.
This talk will cover how powerfull are buffer overflows, how weak are mitigations against them, why are buffer overflows still possible in those days, how generic are they, and example how useful is turn race conditions to buffer overflow. Race conditions are nice example for that, because they are one of the hardest to find and on of the easiest to make. example is on Linux kernel (droids included), but talk will be keeped for buffer overflows in general (mainly for windows & Linux kernel)
LinuxCon Europe, 2014. Video: https://www.youtube.com/watch?v=SN7Z0eCn0VY . There are many performance tools nowadays for Linux, but how do they all fit together, and when do we use them? This talk summarizes the three types of performance tools: observability, benchmarking, and tuning, providing a tour of what exists and why they exist. Advanced tools including those based on tracepoints, kprobes, and uprobes are also included: perf_events, ktap, SystemTap, LTTng, and sysdig. You'll gain a good understanding of the performance tools landscape, knowing what to reach for to get the most out of your systems.
Если нашлась одна ошибка — есть и другие. Один способ выявить «наследуемые» у...Positive Hack Days
Ведущий: Асука Накадзима (Asuka Nakajima)
Практика повторного использования исходного кода позволяет сократить расходы на разработку программного обеспечения. Тем не менее, если в оригинальном исходном коде кроется уязвимость, она будет перенесена и в новое приложение. Докладчик расскажет о необычном способе обнаружения «наследуемых» уязвимостей в бинарных файлах без необходимости обращаться к исходному коду или символьным файлам.
Reverse Engineering the TomTom Runner pt. 2Luis Grangeia
Second presentation of my research into reverse engineering a TomTom Runner GPS watch. In this I explain how I got running code inside an unfamiliar device and proceeded to bypass its security measures and extract firmware keys and code from the device.
More details on my personal blog, at http://grangeia.io
Presented in October 2015 at "Confraria de Segurança da Informação" in Lisbon
APNIC Senior Security Specialist Adli Wahid presented on the APNIC Honeynet Project, interesting observations, mitigation and multistakeholder collaboration at Threat Con 2021, held online from 8 to 11 September 2021.
Linux 4.x Tracing: Performance Analysis with bcc/BPFBrendan Gregg
Talk about bcc/eBPF for SCALE15x (2017) by Brendan Gregg. "BPF (Berkeley Packet Filter) has been enhanced in the Linux 4.x series and now powers a large collection of performance analysis and observability tools ready for you to use, included in the bcc (BPF Complier Collection) open source project. BPF nowadays can do system tracing, software defined networks, and kernel fast path: much more than just filtering packets! This talk will focus on the bcc/BPF tools for performance analysis, which make use of other built in Linux capabilities: dynamic tracing (kprobes and uprobes) and static tracing (tracepoints and USDT). There are now bcc tools for measuring latency distributions for file system I/O and run queue latency, printing details of storage device I/O and TCP retransmits, investigating blocked stack traces and memory leaks, and a whole lot more. These lead to performance wins large and small, especially when instrumenting areas that previously had zero visibility. Tracing superpowers have finally arrived, built in to Linux."
Performance Wins with BPF: Getting StartedBrendan Gregg
Keynote by Brendan Gregg for the eBPF summit, 2020. How to get started finding performance wins using the BPF (eBPF) technology. This short talk covers the quickest and easiest way to find performance wins using BPF observability tools on Linux.
USENIX ATC 2017 Performance Superpowers with Enhanced BPFBrendan Gregg
Talk for USENIX ATC 2017 by Brendan Gregg
"The Berkeley Packet Filter (BPF) in Linux has been enhanced in very recent versions to do much more than just filter packets, and has become a hot area of operating systems innovation, with much more yet to be discovered. BPF is a sandboxed virtual machine that runs user-level defined programs in kernel context, and is part of many kernels. The Linux enhancements allow it to run custom programs on other events, including kernel- and user-level dynamic tracing (kprobes and uprobes), static tracing (tracepoints), and hardware events. This is finding uses for the generation of new performance analysis tools, network acceleration technologies, and security intrusion detection systems.
This talk will explain the BPF enhancements, then discuss the new performance observability tools that are in use and being created, especially from the BPF compiler collection (bcc) open source project. These tools provide new insights for file system and storage performance, CPU scheduler performance, TCP performance, and much more. This is a major turning point for Linux systems engineering, as custom advanced performance instrumentation can be used safely in production environments, powering a new generation of tools and visualizations.
Because these BPF enhancements are only in very recent Linux (such as Linux 4.9), most companies are not yet running new enough kernels to be exploring BPF yet. This will change in the next year or two, as companies including Netflix upgrade their kernels. This talk will give you a head start on this growing technology, and also discuss areas of future work and unsolved problems."
Nsd, il tuo compagno di viaggio quando Domino va in crashFabio Pignatti
Come leggere e trarre utili informazioni dall'analisi di un NSD in caso di crash o hang del server Domino. Alcuni casi pratici ed un tool utile in fase di analisi. - Dominopoint Day 2008
Analyzing OS X Systems Performance with the USE MethodBrendan Gregg
Talk for MacIT 2014. This talk is about systems performance on OS X, and introduces the USE Method to check for common performance bottlenecks and errors. This methodology can be used by beginners and experts alike, and begins by constructing a checklist of the questions we’d like to ask of the system, before reaching for tools to answer them. The focus is resources: CPUs, GPUs, memory capacity, network interfaces, storage devices, controllers, interconnects, as well as some software resources such as mutex locks. These areas are investigated by a wide variety of tools, including vm_stat, iostat, netstat, top, latency, the DTrace scripts in /usr/bin (which were written by Brendan), custom DTrace scripts, Instruments, and more. This is a tour of the tools needed to solve our performance needs, rather than understanding tools just because they exist. This talk will make you aware of many areas of OS X that you can investigate, which will be especially useful for the time when you need to get to the bottom of a performance issue.
This will walk you through the installation of a Cassandra (1.2) node on an Ubuntu (12.04) server.
It will teach you to configure LVM, XFS, /var/lib/cassandra/data and /var/lib/cassandra/commitlog directories.
It will also teach you how to install OpsCenter (FREE) from Datastax to help manage it all.
This was based on a talk given at the Toronto Cassandra Meetup on August 7th, 2013 by myself, Victor Anjos.
OSNoise Tracer: Who Is Stealing My CPU Time?ScyllaDB
In the context of high-performance computing (HPC), the Operating System Noise (osnoise) refers to the interference experienced by an application due to activities inside the operating system. In the context of Linux, NMIs, IRQs, softirqs, and any other system thread can cause noise to the application. Moreover, hardware-related jobs can also cause noise, for example, via SMIs.
HPC users and developers that care about every microsecond stolen by the OS need not only a precise way to measure the osnoise but mainly to figure out who is stealing cpu time so that they can pursue the perfect tune of the system. These users and developers are the inspiration of Linux's osnoise tracer.
The osnoise tracer runs an in-kernel loop measuring how much time is available. It does it with preemption, softirq and IRQs enabled, thus allowing all the sources of osnoise during its execution. The osnoise tracer takes note of the entry and exit point of any source of interferences. When the noise happens without any interference from the operating system level, the tracer can safely point to a hardware-related noise. In this way, osnoise can account for any source of interference. The osnoise tracer also adds new kernel tracepoints that auxiliaries the user to point to the culprits of the noise in a precise and intuitive way.
At the end of a period, the osnoise tracer prints the sum of all noise, the max single noise, the percentage of CPU available for the thread, and the counters for the noise sources, serving as a benchmark tool.
MeetBSDCA 2014 Performance Analysis for BSD, by Brendan Gregg. A tour of five relevant topics: observability tools, methodologies, benchmarking, profiling, and tracing. Tools summarized include pmcstat and DTrace.
Similar to Filippo, Plain simple reality of entropy (20)
Understanding User Behavior with Google Analytics.pdfSEO Article Boost
Unlocking the full potential of Google Analytics is crucial for understanding and optimizing your website’s performance. This guide dives deep into the essential aspects of Google Analytics, from analyzing traffic sources to understanding user demographics and tracking user engagement.
Traffic Sources Analysis:
Discover where your website traffic originates. By examining the Acquisition section, you can identify whether visitors come from organic search, paid campaigns, direct visits, social media, or referral links. This knowledge helps in refining marketing strategies and optimizing resource allocation.
User Demographics Insights:
Gain a comprehensive view of your audience by exploring demographic data in the Audience section. Understand age, gender, and interests to tailor your marketing strategies effectively. Leverage this information to create personalized content and improve user engagement and conversion rates.
Tracking User Engagement:
Learn how to measure user interaction with your site through key metrics like bounce rate, average session duration, and pages per session. Enhance user experience by analyzing engagement metrics and implementing strategies to keep visitors engaged.
Conversion Rate Optimization:
Understand the importance of conversion rates and how to track them using Google Analytics. Set up Goals, analyze conversion funnels, segment your audience, and employ A/B testing to optimize your website for higher conversions. Utilize ecommerce tracking and multi-channel funnels for a detailed view of your sales performance and marketing channel contributions.
Custom Reports and Dashboards:
Create custom reports and dashboards to visualize and interpret data relevant to your business goals. Use advanced filters, segments, and visualization options to gain deeper insights. Incorporate custom dimensions and metrics for tailored data analysis. Integrate external data sources to enrich your analytics and make well-informed decisions.
This guide is designed to help you harness the power of Google Analytics for making data-driven decisions that enhance website performance and achieve your digital marketing objectives. Whether you are looking to improve SEO, refine your social media strategy, or boost conversion rates, understanding and utilizing Google Analytics is essential for your success.
Instagram has become one of the most popular social media platforms, allowing people to share photos, videos, and stories with their followers. Sometimes, though, you might want to view someone's story without them knowing.
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
2.Cellular Networks_The final stage of connectivity is achieved by segmenting...JeyaPerumal1
A cellular network, frequently referred to as a mobile network, is a type of communication system that enables wireless communication between mobile devices. The final stage of connectivity is achieved by segmenting the comprehensive service area into several compact zones, each called a cell.
Italy Agriculture Equipment Market Outlook to 2027harveenkaur52
Agriculture and Animal Care
Ken Research has an expertise in Agriculture and Animal Care sector and offer vast collection of information related to all major aspects such as Agriculture equipment, Crop Protection, Seed, Agriculture Chemical, Fertilizers, Protected Cultivators, Palm Oil, Hybrid Seed, Animal Feed additives and many more.
Our continuous study and findings in agriculture sector provide better insights to companies dealing with related product and services, government and agriculture associations, researchers and students to well understand the present and expected scenario.
Our Animal care category provides solutions on Animal Healthcare and related products and services, including, animal feed additives, vaccination
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfFlorence Consulting
Quattordicesimo Meetup di Milano, tenutosi a Milano il 23 Maggio 2024 dalle ore 17:00 alle ore 18:30 in presenza e da remoto.
Abbiamo parlato di come Axpo Italia S.p.A. ha ridotto il technical debt migrando le proprie APIs da Mule 3.9 a Mule 4.4 passando anche da on-premises a CloudHub 1.0.
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Filippo, Plain simple reality of entropy
1. The plain simple reality
of entropy
Or how I learned to stop
worrying and love urandom
Filippo Valsorda
2. Filippo Valsorda
@FiloSottile
Cryptography and systems engineer at
Developer of the CloudFlare DNS server,
built its DNSSEC implementation
Often implement, teach or break
cryptography or security protocols
29. /dev/[u]random
The pool is mixed with unpredictable bytes from
various sources using a fast CRC-like hash
/*
* This function adds bytes into the entropy “pool".
* The pool is stirred with a primitive polynomial of the
* appropriate degree, and then twisted. We twist by three
* bits at a time because it's cheap to do so and helps
* slightly in the expected case where the entropy is
* concentrated in the low-order bits.
*/
static void _mix_pool_bytes(struct entropy_store *r,
const void *in, int nbytes)
https://github.com/torvalds/linux/blob/85051e295/drivers/char/random.c
30. /dev/[u]random
Random numbers are generated by hashing the pool with SHA1
static void extract_buf(struct entropy_store *r, __u8 *out)
{
sha_init(hash.w);
/* Generate a hash across the pool, 16 words (512 bits) at a time */
for (i = 0; i < r->poolinfo->poolwords; i += 16)
sha_transform(hash.w, (__u8 *)(r->pool + i), workspace);
__mix_pool_bytes(r, hash.w, sizeof(hash.w));
hash.w[0] ^= hash.w[3];
hash.w[1] ^= hash.w[4];
hash.w[2] ^= rol32(hash.w[2], 16);
memcpy(out, &hash, EXTRACT_SIZE);
}
https://github.com/torvalds/linux/blob/85051e295/drivers/char/random.c
31. /dev/[u]random
/dev/random and /dev/urandom use the
same code, sizes and entropy sources
static ssize_t random_read(struct file *file,
char __user *buf, size_t nbytes, loff_t *ppos)
extract_entropy_user(&blocking_pool, buf, nbytes);
static ssize_t urandom_read(struct file *file,
char __user *buf, size_t nbytes, loff_t *ppos)
extract_entropy_user(&nonblocking_pool, buf, nbytes);
https://github.com/torvalds/linux/blob/85051e295/drivers/char/random.c
36. /dev/[u]random
If CSPRNG leaked secret bits:
• Stream ciphers wouldn’t work
• CTR wouldn’t work
• TLS wouldn’t work
• PGP wouldn’t work
Cryptography relies on this.
38. /dev/[u]random
/dev/urandom is safe for crypto
• Google’s BoringSSL uses it
• Python, Go, Ruby use it
• Sandstorm replaces /dev/random with it
• Cryptographers say so, too
• other OS don’t have /dev/random
40. /dev/[u]random
• You don’t need /dev/random
• You don’t need to keep measuring
your entropy pool
• You don’t need to “refill” the pool
(like haveged, etc.)
• Random numbers “quality” does not
decrease
43. Unseeded CSPRNG
Very early at boot, /dev/urandom
might not be seeded yet, predictable.
This is a Linux shortcoming. The OS
must save the entropy pool at poweroff.
Your distribution probably does already.
44. Unseeded CSPRNG
Very early at boot, /dev/urandom
might not be seeded yet, predictable.
This is a Linux shortcoming. The OS
must save the entropy pool at
poweroff.
Embedded devices often don’t.
46. Unseeded CSPRNG
A better API is now available: getrandom(2)
It’s equivalent to OpenBSD getentropy(2)
Behaves like urandom, but blocks at boot
until the pool is initialized
https://lwn.net/Articles/606552/
47. Unseeded CSPRNG
Userspace CSPRNG are more
dangerous: it’s easy to entirely
forget to seed them.
It happened:
http://android-developers.blogspot.it/
2013/08/some-securerandom-thoughts.html
49. Broken CSPRNG
Between 2006 and 2008, in Debian,
the OpenSSL CSPRNG was
crippled, seeding only with the PID.
All outputs, keys, etc. of anything
using it were easily predictable.
https://www.debian.org/security/2008/dsa-1571
53. Non-CS PRNG
MT19937 core is a state of 624 numbers,
and a function like this
def get_mt_random_number():
if index == 0: generate_numbers()
y = STATE[index]
y ^= y >> 11
y ^= (y << 7) & 0x9d2c5680
y ^= (y << 15) & 0xefc60000
y ^= y >> 18
index = (index + 1) % 624
return y
54. Non-CS PRNG
Given an output, it’s easy to reconstruct the
state number from which it was generated
def untemper(y):
x = y
for i in range(32 // 18):
y ^= x >> (18 * (i + 1))
for i in range(32 // 15):
y ^= (((y >> (i*15)) % (2**15)) << ((i+1)*15)) & 0xefc60000
for i in range(32 // 7):
y ^= (((y >> (i*7)) % (2**7)) << ((i+1)*7)) & 0x9d2c5680
x = y
for i in range(32 // 11):
y ^= x >> (11 * (i + 1))
return y
55. Non-CS PRNG
After seeing just 624 outputs, we can predict
all future outputs.
def untemper(y):
x = y
for i in range(32 // 18):
y ^= x >> (18 * (i + 1))
for i in range(32 // 15):
y ^= (((y >> (i*15)) % (2**15)) << ((i+1)*15)) & 0xefc60000
for i in range(32 // 7):
y ^= (((y >> (i*7)) % (2**7)) << ((i+1)*7)) & 0x9d2c5680
x = y
for i in range(32 // 11):
y ^= x >> (11 * (i + 1))
return y
56. To sum up:
Don’t use non-CS PRNG like MT.
You don’t need /dev/random.
Avoid userspace CSPRNG.
Use /dev/urandom