I knew that my principal cryptography professor Gilles Zémor was a GO player.
Which is pretty amazing in itself :)
But this keeps going on.
I have an algebra class this semester, and I'm trying to understand Berlekamp's algorithm. Trying to find videos on youtube about him I discover that he is as well a go player! And doing researches about the game at that! So cool :D
I've been planning to code my next web project with Ruby on Rails.
But two languages have also been catching my attention. Go and Rust.
And today, I ran into two wonderful websites:
Those websites are so pretty that it just makes me want to read them! Great complement to learnXinYminutes.
Now I just have to find a project to code with these languages =)
chr13 has posted a nice finding on how to DDoS a website thanks to services like facebook and google.
It's actually pretty simple!
You just create notes with img
tags, facebook will crawl the website to cache the picture.
In his example he writes a thousand img tags per notes, opens all the notes from several browsers.
<img src=http://targetname/file?r=1></img>
<img src=http://targetname/file?r=2></img>
..
<img src=http://targetname/file?r=1000></img>
Thousands of get request are sent to a single server in a couple of seconds. Total number of facebook servers accessing in parallel is 100+.
The funny thought of facebook DDoSing itself crossed my mind. Interestingly someone else's also and chr13 answered that he hadn't tried:
It’s against the bug bounty rules to do this, hence one has to be careful here. I was only using browsers at first just because of that.
I wanted a recall on how masquerade worked in NAT, and I wanted a fast recall.
What's better than a picture? Nothing of course :D
source
If you read this blog, you know that recently I gave a talk on bitcoins.
I also gave a talk on whitebox cryptography last week.
One part of giving a talk that a lot of people tend to overlook is making good slides.
I've always used Powerpoint for that, but for my last talk on whitebox cryptography I had two other persons on my team. Powerpoint was not an option if we were all working on the same file. LaTeX is the solution.
It's a real text file so you can use a revision control system like git, it's constant in its layout. You configure it at the beginning of the file and then you don't have to worry about it later.
We also had a fight (we were tired) on what theme to used. I went for no theme at all. Because everything else is visual noise.
Here's a great article from Zach Holman on the subject. If you ask me, and I'm not saying my slides are perfect, there are way too many crappy slides out there!
Symposium sur la sécurité des technologies de l'information et des communications is a 2 day con about security. Entrance is 260€ or 60€ if you're a student, still quite expensive, there seems to be a way of getting a free pass: analyzing a usb trace and extracting a mail from it.
Here's the trace.
translation:
Hello,
here's a usb trace I got from plugging my brand new android to my personnal air-gapped computer.
I'm suspecting that a malware is on my phone. Could you check?
So where do I start...
The Lundum Dare is starting in a bit less than 10 hours.
Ludum Dare is an Online Game Jam event where people from around the world create a game in a weekend.
You have 48 hours to produce something good! In what language? I used to watch notch do it in java, but apparently you can do it in whatever language you like.
To reach more participants, web entries are best (Flash, Unity, Flixel, Flashpunk, HTML, etc). They’re quick to start playing, and cross platform.
I need to get into Unity a lot more to get into that kind of contest. Every year I'm telling myself "next year I'll do the lundum dare"....
I can't stop coding this thing. What I've done today:
- This is the query I'm using in google now :
[your search] mp3 -facebook -youtube -soundcloud -last.fm -amazon -dailymotion -bleep
- I'm now parsing google and the following links with jQuery:
$(body).find('a')
and then looking for good links with a regex. This is so much more quicker!
- There is still a part that is taking some time though, it's the metadata fetching. I still have to get every mp3 independently and download enough bits to learn its metadatas...
But it is working quite well as it is!
EDIT: I'm now fetching the metadata in parallel and it's super fast! I've also fixed a ton.