avatar  

From “you are crazy” to “why even?” are some of the things my friends in the computer science environment have told me when I started working with Haskell in general and security in particular. Answering in order, yes I’m crazy but not because of Haskell and well, there’s a reason why I chose to use Haskell for security. First of all, functional programming is the new black and probably more and more apps will be build using it. Choosing a pure functional language for security is not that crazy. On the other hand, the mathematical approaching Haskell has is very...

avatar  

cartel_jasyp

Las JASYP (Jornadas sobre Anonimato, Seguridad y Privacidad) son unas jornadas organizadas por Interferencias que pretende dar un espacio a todas aquellas personas con inquietudes sobre los problemas que encontramos en el día a día cada vez que usamos Internet o cualquier ordenador en general.

En este 2018 hemos lanzado la segunda edición de este evento, donde esperamos poder aprender mucho, aprovechar los días incluso más, y sacar partido del buen rollo que Granada siempre brinda en sus bares. La edición de este año tendrá lugar los días VIERNES 13 Y SÁBADO 14 DE ABRIL...

avatar  

For the ones who are not close to security related slang, Catch The Flag is an online hacking game that consist in hacking stego, web, network, etc in order to get passwords (the flags) and catch them all before the rest of the contestants. So through three days, I played one of those organized by my university, with a team mostly dedicated in Network and Forensic study. I won’t be explaining all the process here, but I want to point out all the tools I used (most of them brand new for me) for solving the problems.

avatar  

I’ve been quite in many things lately, which didn’t allow me to study all I wanted to. I’m mainly in two things, distributed ledger experiments and hardware. But I’ve had in mind a hacking experiment for quite a long time, and finally I decided to try it. It’s a Man In The Middle attack (or sniffing) over bluetooth connections using a python repository, I think I will omit for what I wanted to know that.

Anyway, what I want to do here is to catch a connection between two nodes using bluetooth....

avatar  

Mucho se ha hablado últimamente de las vulnerabilidades Spectre y Meltdown que se han encontrado recientemente en una gran cantidad de microprocesadores modernos (como el artículo de nuestro amigo Hartek de Follow The White Rabbit). Aunque estas vulnerabilidades han afectado a procesadores de todo tipo, hay una empresa que ha quedado especialmente señalada: Intel.

Intel (al igual que la mayoría de fabricantes) no te proporcionan una versión accesible del código del software que se ejecuta en el interior de su hardware y sin el que el mismo no puede funcionar, generalmente para esto se alegan “motivos de seguridad”....