This document discusses challenges and responses related to geospatial representation of data for vulnerability assessments. It addresses issues such as data sources, geographic distribution of data, and indicators. Regarding data sources, it emphasizes using open source data for transparency and combining multiple datasets. For geographic distribution, it recommends gridded data over national-level data when possible. It also provides examples of adjusting national data and handling composite indicators. Overall, the responses focus on transparency, validation of adjusted data, and ensuring indicators are not duplicated across layers.
Presentation from my talk at the Royal Geographical Society about the communication from the field. Different satellite networks, data compression and mailing clients to use for communicating from remote expeditions.
Hardware Hacking Chronicles: IoT Hacking for Offence and DefenceFatih Ozavci
Enterprise companies are using consumer and IoT devices to complete (or expand) their services such as broadband, IPTV, media streaming, satellite, voice and 3G/4G services. Although the devices are owned by the service providers, subscribers have limited (or full) access to them with service agreements. In addition to that, some of consumer devices also have roles on corporate communications, environment security or employee services. Consumer devices are located at subscriber premises; therefore, the traditional security testing approach only covers backend services security, not the devices.
Consumer and IoT devices are susceptible to hardware hacking based attacks such as firmware dumping, re-flashing with a custom firmware, and getting low level access using the physical management interfaces such as SPI, JTAG and UART. Low level access obtained can be used to modify device behaviours or their initial states. This helps attackers to debug consumer devices and operator services, to find new vulnerabilities, and to obtain the device configuration which may contain credentials for the service infrastructure.
Embedded device and hardware hacking is a rising skill set for penetration testers. It is required to understand targeted attacks which may include hardware implants, modified hardware attacking their own infrastructure or compromised devices that target the human factor. Some of advanced testing examples to be discussed are preparing a custom hardware for persistent access during a red teaming exercise, preparing a compromised consumer device for human factor pen-testing, attacking TR-069 services of a provider using smart home modems or altering the security controls of a device to abuse the service.
The presentation focuses on how the existing security testing techniques should be evolved with hardware and IoT hacking, and how service providers can make their infrastructure secure for cutting-edge attacks. Essential hardware hacking information, identifying and using physical management interfaces, hardware hacking toolset, well-known hardware attacks and hardware testing procedure will be presented in a road map for consumer devices security testing. Also a security testing approach will be explained to develop new security testing services and to improve existing ones such as red teaming, human factor pen-testing and infrastructure pen-testing.
Today’s satellite navigation systems rely on constellations of satellites operating in medium earth orbits in several orbital planes. Each satellite broadcasts a signal containing orbital data and the precise time at which the signal was broadcast. The precise time is generated by a very accurate atomic clock on board the satellite. A satellite navigation receiver is able to determine its position very accurately from this information, if it is receiving signals from four or more satellites simultaneously. There are two types of satellite navigation system currently deployed – Regional Satellite Systems (RSS) or Global Navigation Satellite Systems (GNSS).
A cyber attack on the GNSS system could exploit the RF channels used by Receivers for GNSS signal reception, alternatively it could also (at least as easily) exploit the channel used by a Positioning, Navigation and Timing (PNT) system to report its position.
Once it is understood that the evolution of GNSS threats does not only have clear parallels with the way that IP threats have evolved, but shares many of the features of a connected network, it can be seen that many of the lessons learned by the Information Security community apply equally as well to the GNSS community.
DEF CON 23: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simplex ...Synack
DEF CON 23
Recently there have been several highly publicized talks about satellite hacking. However, most only touch on the theoretical rather than demonstrate actual vulnerabilities and real world attack scenarios. This talk will demystify some of the technologies behind satellite communications and do what no one has done before - take the audience step-by-step from reverse engineering to exploitation of the GlobalStar simplex satcom protocol and demonstrate a full blown signals intelligence collection and spoofing capability. I will also demonstrate how an attacker might simulate critical conditions in satellite connected SCADA systems.
In recent years, Globalstar has gained popularity with the introduction of its consumer focused SPOT asset-tracking solutions. During the session, I’ll deconstruct the transmitters used in these (and commercial) solutions and reveal design and implementation flaws that result in the ability to intercept, spoof, falsify, and intelligently jam communications. Due to design tradeoffs these vulnerabilities are realistically unpatchable and put millions of devices, critical infrastructure, emergency services, and high value assets at risk.
Colby Moore is Synack's Manager of Special Activities. He works on the oddball and difficult problems that no one else knows how to tackle and strives to embrace the attacker mindset during all engagements. He is a former employee of VRL and has identified countless 0day vulnerabilities in embedded systems and major applications. In his spare time you will find him focusing on that sweet spot where hardware and software meet, usually resulting in very interesting consequences.
UN GGIM AS - Cross Border Geospatial Data Sharing Between Arab StatesErik Van Der Zee
Presentation for United Nations GGIM for Arab States Regional Committee 5th Plenary Meeting in Muscat, Sultanate of Oman on 19th – 21st February 2018 about Supra-National Geospatial Collaboration between Arab League countries
This is most benificial for the First year Engineering students.This presentation consists of videos and many applications of GIS. The processes and the other parts of GIS is also nicely explained.
The use of spatial data in policy development and reviewIIED
These slides, presented by Sarah Darrah from the UN Environment Programme World Conservation Monitoring Centre at the Mainstreaming biodiversity workshop in Sogakope, Ghana, in November 2016, look at how spatial data can be used as a tool to support mainstreaming.
Darrah acknowledges that lack of access to data, and a lack of expertise in using spatial data, can be barriers to using this information for mainstreaming, but where there are existing research and data collection programmes and exchange of information between institutions, then spatial information can be a valuable.
She illustrates this using an example from the Lake Victoria basin, looking at the potential impacts of agricultural development on biodiversity.
More information: www.iied.org/nbsaps
Sumit Dugar, Practical Action Consulting | Nepal Session | SotM Asia 2017Kathmandu Living Labs
State of the Map Asia (SotM-Asia) is the annual regional conference of OpenStreetMap (OSM) organized by OSM communities in Asia. First SotM-Asia was organized in Jakarta, Indonesia in 2015, and the second was organized in Manila, Philippines in 2016. This year’s conference, third in the series, was organized in Kathmandu, Nepal on September 23 – 24, 2017 at Park Village Resort, Budhanilkantha, Kathmandu, Nepal.
We brought nearly 200 Open Mapping enthusiasts from Asia and beyond to this year’s SotM-Asia. The event provided an opportunity to share knowledge and experience among mappers; expand their network; and generate ideas to expand map coverage and effective use of OSM data in Asian continent. We chose ‘from creation to use of OSM data’ as the theme of this year’s conference, emphasizing on the effective use of OSM data. We also brought together a government panel from four different countries in this year’s SotM-Asia. We believe this event will deepen the bond and enhance collaboration among OSM communities across Asia.
More information about the conference can be found on: http://stateofthemap.asia.
Presentation from my talk at the Royal Geographical Society about the communication from the field. Different satellite networks, data compression and mailing clients to use for communicating from remote expeditions.
Hardware Hacking Chronicles: IoT Hacking for Offence and DefenceFatih Ozavci
Enterprise companies are using consumer and IoT devices to complete (or expand) their services such as broadband, IPTV, media streaming, satellite, voice and 3G/4G services. Although the devices are owned by the service providers, subscribers have limited (or full) access to them with service agreements. In addition to that, some of consumer devices also have roles on corporate communications, environment security or employee services. Consumer devices are located at subscriber premises; therefore, the traditional security testing approach only covers backend services security, not the devices.
Consumer and IoT devices are susceptible to hardware hacking based attacks such as firmware dumping, re-flashing with a custom firmware, and getting low level access using the physical management interfaces such as SPI, JTAG and UART. Low level access obtained can be used to modify device behaviours or their initial states. This helps attackers to debug consumer devices and operator services, to find new vulnerabilities, and to obtain the device configuration which may contain credentials for the service infrastructure.
Embedded device and hardware hacking is a rising skill set for penetration testers. It is required to understand targeted attacks which may include hardware implants, modified hardware attacking their own infrastructure or compromised devices that target the human factor. Some of advanced testing examples to be discussed are preparing a custom hardware for persistent access during a red teaming exercise, preparing a compromised consumer device for human factor pen-testing, attacking TR-069 services of a provider using smart home modems or altering the security controls of a device to abuse the service.
The presentation focuses on how the existing security testing techniques should be evolved with hardware and IoT hacking, and how service providers can make their infrastructure secure for cutting-edge attacks. Essential hardware hacking information, identifying and using physical management interfaces, hardware hacking toolset, well-known hardware attacks and hardware testing procedure will be presented in a road map for consumer devices security testing. Also a security testing approach will be explained to develop new security testing services and to improve existing ones such as red teaming, human factor pen-testing and infrastructure pen-testing.
Today’s satellite navigation systems rely on constellations of satellites operating in medium earth orbits in several orbital planes. Each satellite broadcasts a signal containing orbital data and the precise time at which the signal was broadcast. The precise time is generated by a very accurate atomic clock on board the satellite. A satellite navigation receiver is able to determine its position very accurately from this information, if it is receiving signals from four or more satellites simultaneously. There are two types of satellite navigation system currently deployed – Regional Satellite Systems (RSS) or Global Navigation Satellite Systems (GNSS).
A cyber attack on the GNSS system could exploit the RF channels used by Receivers for GNSS signal reception, alternatively it could also (at least as easily) exploit the channel used by a Positioning, Navigation and Timing (PNT) system to report its position.
Once it is understood that the evolution of GNSS threats does not only have clear parallels with the way that IP threats have evolved, but shares many of the features of a connected network, it can be seen that many of the lessons learned by the Information Security community apply equally as well to the GNSS community.
DEF CON 23: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simplex ...Synack
DEF CON 23
Recently there have been several highly publicized talks about satellite hacking. However, most only touch on the theoretical rather than demonstrate actual vulnerabilities and real world attack scenarios. This talk will demystify some of the technologies behind satellite communications and do what no one has done before - take the audience step-by-step from reverse engineering to exploitation of the GlobalStar simplex satcom protocol and demonstrate a full blown signals intelligence collection and spoofing capability. I will also demonstrate how an attacker might simulate critical conditions in satellite connected SCADA systems.
In recent years, Globalstar has gained popularity with the introduction of its consumer focused SPOT asset-tracking solutions. During the session, I’ll deconstruct the transmitters used in these (and commercial) solutions and reveal design and implementation flaws that result in the ability to intercept, spoof, falsify, and intelligently jam communications. Due to design tradeoffs these vulnerabilities are realistically unpatchable and put millions of devices, critical infrastructure, emergency services, and high value assets at risk.
Colby Moore is Synack's Manager of Special Activities. He works on the oddball and difficult problems that no one else knows how to tackle and strives to embrace the attacker mindset during all engagements. He is a former employee of VRL and has identified countless 0day vulnerabilities in embedded systems and major applications. In his spare time you will find him focusing on that sweet spot where hardware and software meet, usually resulting in very interesting consequences.
UN GGIM AS - Cross Border Geospatial Data Sharing Between Arab StatesErik Van Der Zee
Presentation for United Nations GGIM for Arab States Regional Committee 5th Plenary Meeting in Muscat, Sultanate of Oman on 19th – 21st February 2018 about Supra-National Geospatial Collaboration between Arab League countries
This is most benificial for the First year Engineering students.This presentation consists of videos and many applications of GIS. The processes and the other parts of GIS is also nicely explained.
The use of spatial data in policy development and reviewIIED
These slides, presented by Sarah Darrah from the UN Environment Programme World Conservation Monitoring Centre at the Mainstreaming biodiversity workshop in Sogakope, Ghana, in November 2016, look at how spatial data can be used as a tool to support mainstreaming.
Darrah acknowledges that lack of access to data, and a lack of expertise in using spatial data, can be barriers to using this information for mainstreaming, but where there are existing research and data collection programmes and exchange of information between institutions, then spatial information can be a valuable.
She illustrates this using an example from the Lake Victoria basin, looking at the potential impacts of agricultural development on biodiversity.
More information: www.iied.org/nbsaps
Sumit Dugar, Practical Action Consulting | Nepal Session | SotM Asia 2017Kathmandu Living Labs
State of the Map Asia (SotM-Asia) is the annual regional conference of OpenStreetMap (OSM) organized by OSM communities in Asia. First SotM-Asia was organized in Jakarta, Indonesia in 2015, and the second was organized in Manila, Philippines in 2016. This year’s conference, third in the series, was organized in Kathmandu, Nepal on September 23 – 24, 2017 at Park Village Resort, Budhanilkantha, Kathmandu, Nepal.
We brought nearly 200 Open Mapping enthusiasts from Asia and beyond to this year’s SotM-Asia. The event provided an opportunity to share knowledge and experience among mappers; expand their network; and generate ideas to expand map coverage and effective use of OSM data in Asian continent. We chose ‘from creation to use of OSM data’ as the theme of this year’s conference, emphasizing on the effective use of OSM data. We also brought together a government panel from four different countries in this year’s SotM-Asia. We believe this event will deepen the bond and enhance collaboration among OSM communities across Asia.
More information about the conference can be found on: http://stateofthemap.asia.
Taskin urdpfichapter7-. Urban and regional development plans formulatio and ...smilingqueen2
URDPFI, which stands for Urban and Regional Development Plans Formulation and Implementation, provides guidelines intended to streamline the planning process for urban and regional development in India. Chapter 7 of the URDPFI Guidelines focuses on data collection, survey methodologies, analysis, projections, and mapping essential for urban planning.
This chapter describes various techniques for collecting and processing data that planners need to create effective urban development plans. It includes simplified methods for conducting surveys, analyzing collected data, and using this information to make informed projections and mapping decisions. The chapter emphasizes the importance of having accurate and comprehensive data to support the formulation of regional and urban development plans [[❞]](http://cdn.cseindia.org/userfiles/URDPFI.pdf#:~:text=URL%3A%20http%3A%2F%2Fcdn.cseindia.org%2Fuserfiles%2FURDPFI.pdf%0AVisible%3A%200%25%20) [[❞]](https://mohua.gov.in/cms/urdpfi-guidelines.php).
For more detailed information, you can refer to the [URDPFI Guidelines document](http://cdn.cseindia.org/userfiles/URDPFI.pdf) [[❞]](http://cdn.cseindia.org/userfiles/URDPFI.pdf#:~:text=URL%3A%20http%3A%2F%2Fcdn.cseindia.org%2Fuserfiles%2FURDPFI.pdf%0AVisible%3A%200%25%20).
GIS projects can be loaded onto mobile devices with the users' location live projected onto the project through the use of software platforms such as ArcGIS field maps.
Navigating projects (43:18)
Builders can actively map out and locate themselves during the construction phase of the project, which allows for more efficient project navigation. Builders can also make coordinate specific notes if necessary during construction.
More after construction support (44:11):
For farmers and landscape owners:
• Farmers can have their own field map of their irrigation systems.
o Easily navigate the irrigation design.
o Make coordinate specific pinpoints of any damage or breaks in the irrigation system.
o Can send harvesters and planters to specific locations.
o Can track harvest / planting progress by map.
• Landscape owners can have their own generated irrigation schedules to avoid overwatering and underwatering.
Paolo GAMBA1, Helen CROWLEY2, Nicole KELLER2
1Dipartimento di Ingegneria Industriale e dell'Informazione, University of Pavia, Italy; 2GEM Foundation, Italy
1. Economic And Social Commission For Western Asia
GEOSPATIAL REPRESENTATION OF DATA
FOR THE VULNERABILITY ASSESSMENT
Issues for Discussion
Nanor Momjian
GIS Expert
WRS - SDPD
Sixth Expert Group Meeting
08/12/2014
Cairo, Egypt