Archive for

intercepting secure communications black hat Abu Dhabi 2010

Abu Dhabi 2010 Training Session //Nov 8-9




This is a new and special training that covers both designing and attacking secure protocols. Attendees will learn the fundamentals of how to design a secure protocol, and be armed with the knowledge of how to evaluate the security of and discover weaknesses in existing protocols.

Attendees will walk away with everything they need to intercept several types of secure communication. Attendees will learn the fundamentals of how to design a secure protocol, and be armed with the knowledge of how to evaluate the security of and discover weaknesses in existing protocols.

This training will also cover tricks for attacking implementation vulnerabilities and holes in the glue between different protocols, which can allow for the interception of different types of secure traffic.


This training is both theoretical and practical, both academic and hacker-foo. The first day covers the design of secure protocols in depth, leaving students with a thorough understanding of how secure protocols are modeled, how the building blocks of cryptography can be combined to result in something secure, and how to look at secure protocols that others publish (from SSH to SSL to Tor to encrypted web cookies) with a critical eye. Concepts that are often tossed around such as IND-CCA, the birthday paradox, and authenticated encryption will be covered in detail.

The second day covers clever tricks for manipulating implementation vulnerabilities and holes in the glue between secure protocols. Participants will be able to practice different types of man-in-the-middle attacks, and different techniques for getting in the middle.


Anyone interested in designing or evaluating secure protocols, and anyone interested in tricks for intercepting secure communication — as well as those seeking to defend their networks from these attacks. Some existing basic knowledge of internet protocols will be useful to attendees.


Students are required to bring a laptop with a copy of VMWare Player.


Moxie Marlinspike is a fellow at the Institute For Disruptive Studies with over thirteen years of experience in attacking networks. He recently published the null-prefix attacks on X.509, the session-denial attacks against OCSP, and is the author of both sslsniff and sslstrip — the former of which was used by the MD5 Hash Collision team to deploy their rogue CA cert, and the latter of which continues to implement Moxie’s deadly “stripping” technique for rendering communication insecure. His tools have been featured in many publications including Hacking Exposed, Forbes Magazine, The Wall Street Journal, the New York Times, and Security Focus as well as on international TV.


International Docking System Standard

++++++++++++ +++++++++++++

The International Space Station (ISS) Multilateral Coordination Board (MCB) has approved for public release an International Docking System Standard (IDSS) which contains the information necessary to describe physical features and design loads of a standard docking interface.

Other (mentioned) or None (just free)

Image Gallery

Download: International Docking Standard

Thanks Everybody …. Am!n3s0fT


Auto Shutdown In linux

There are some times when you need to turn automatically your PC off, there can be a lot of examples when this is necessary.

I usually do this when I left some torrent downloading, let’s say some Linux isos to test a new Linux distribution, so I leave my PC downloading the ISO at office over the weekend, and program my PC to turn of, some two or three hours after the estimated time when the download is suppose do finish.

I do not have too much bandwidth so a whole DVD can take some 26 hours downloading. Specially because I limit the usages of bandwidth to 50% of the available to leave room for other tasks.

Well, let’s see how to do it.

sudo shutdown -h -P [hour]:[minutes]

This is only useful, if you need to shutdown the computer on the same day you are, or the next one, let’s suppose it is noon, and you want to shutdown your computer at 17 hours.

sudo shutdown -h -P 17:00

But if you need to shutdown your computer the day after tomorrow, or even later, use this commands.

sleep 2d 3h | poweroff

You need to run that command as root, or using sudo, but you need to be in thesudoers file, and not required to enter passwords.

That command is going to shutdown the computer after 2 days and 3 hours from now

source : http://www.go2linux.org

KDE 4.5.3 Is Released !

KDE has released a series of updates to the Plasma Desktop and Netbook workspaces, the KDE Applications and the KDE Platform. This update is the third in a series of monthly stabilization updates to the 4.5 series. 4.5.3 brings bugfixes and translation updates on top of KDE SC 4.5 series and is a recommended update for everyone running 4.5.2 or earlier versions. As the release only contains bugfixes and translation updates, it will be a safe and pleasant update for everyone. KDE SC 4 is already translated into more than 55 languages, with more to come.


To download source code or packages to install go to the 4.5.3 Info Page.

4.5.3 brings a number of improvements:

  • KSharedDataCache has cache invalidation bug fixed that caused stability when daylight saving time changed.
  • Icon overlays in Dolphin are now positioned correctly after adjusting the zoom level.
  • Okular, KDE’s universal document viewer has seen improvements in the DjVu and XPS backends.

The changelog lists more, if not all improvements since 4.5.2.

The KDE Plasma Netbook Workspace
The KDE Plasma Netbook Workspace

Note that the changelog is usually incomplete. For a complete list of changes that went into 4.5.3, you can browse the Subversion log. 4.5.3 also ships a more complete set of translations for many of the 55+ supported languages.

To find out more about the KDE 4.5 Workspace and Applications, please refer to the KDE SC 4.5.0KDE SC 4.4.0KDE SC 4.3.0,KDE SC 4.2.0KDE SC 4.1.0and KDE SC 4.0.0 release notes. 4.5.3 is a recommended update for everyone running KDE SC 4.5.2 or earlier versions.


KDE SC, including all its libraries and its applications, is available for free under Open Source licenses. KDE software can be obtained in source and various binary formats from http://download.kde.org or with any of the major GNU/Linux and UNIX systems shipping today.


Fedora14 “Laughlin” is released!

Announced today the release of Fedora 14 linux distribution code named  ‘Laughlin’. Fedora 14 includes several new features for developers, system administrators and open source enthusiasts.

Fedora 14’s feature list includes:

  • All-new debugging features for developers, such as support for dynamic/unplanned memory usage tracking and faster launch thanks to pre-generated indexes
  • Powerful remote and out-of-band management capabilities with Intelligent Platform Management Interface (IPMI) support
  • Framework software for Spice, a rapidly advancing infrastructure for full desktop virtualization
  • Updated images available for Amazon EC2, to test-drive the latest open source technologies in the cloud

Fedora 14 also features numerous desktop improvements that all users can see and experience including:

  • Faster processing time for picture files using the new and more efficient libjpeg-turbo library
  • Updated tech preview of the GNOME shell environment, part of the upcoming GNOME 3.0 release
  • A subset of new and innovative software from the MeeGo™ community for an enhanced experience on netbooks and small devices

Some of the many additional features in Fedora 14 include:

  • OpenSCAP, an open-source framework for the Security Content Automation Protocol, which provides a framework and approach to maintaining system security backed by NIST standards
  • Support for emergent programming languages like D, and refreshed versions of popular languages such as Python 2.7, Erlang R14, and the Rakudo Star implementation of Perl 6


A complete list of Fedora 14 features is available on the Fedora community’s release announcement.

More information about the release can be found in the official release announcement, in a press release from Red Hat and in the release notes. Fedora 14 is available to download for 32 and 64-bit systems from the project’s site.


November 2010
« Sep   Dec »


Error: Twitter did not respond. Please wait a few minutes and refresh this page.

  • 369,159 Visit !
%d bloggers like this: