all your family secrets belong to us worrisome security
play

All your family secrets belong to us - Worrisome security issues in - PowerPoint PPT Presentation

Nov 03, 2022 •272 likes •1.84k views

All your family secrets belong to us - Worrisome security issues in tracker apps Siegfried Rasthofer | Fraunhofer SIT, Germany Stephan Huber | Fraunhofer SIT, Germany DefCon26, August 11 th 2018 Who are we? Stephan Siegfried Security

  1. Agenda § Motivation § Background Information § Client-Side Authorization § Client-Side and Communication Vulnerabilities § Server-Side Vulnerabilities § Responsible Disclosure Process § Summary 47

  2. Mitm Attack DATA DATA tracking provider (back-end/cloud) user/app 48

  3. Mitm Attack DATA DATA tracking provider (back-end/cloud) user/app 49

  4. Mitm Attack DATA DATA tracking provider (back-end/cloud) user/app 50

  5. Mitm Attack DATA DATA tracking provider (back-end/cloud) user/app 51

  6. Mitm + Bad Crypto + Obfuscation ?? 52

  7. Mitm + Bad Crypto + Obfuscation ?? user@example.com secure123 53

  8. Mitm + Bad Crypto + Obfuscation http ://s9.***********.com/login/?aaa... GET /login/?aaa=Bi9srqo&nch=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& tnd=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 54

  9. Mitm + Bad Crypto + Obfuscation GET /login/? aaa=Bi9srqo& 1. nch=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& tnd=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 user@example.com secure123 55

  10. Mitm + Bad Crypto + Obfuscation GET /login/? aaa=Bi9srqo& 1. nch=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& tnd=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 GET /login/? ssp=CFF1CxQoaQcoLWoRaQ%3D%3D%0A& 2. eml=4hBWVqJg4D& mix=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A HTTP/1.1 user@example.com secure123 56

  11. Mitm + Bad Crypto + Obfuscation GET /login/? aaa=Bi9srqo& 1. nch=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& tnd=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 GET /login/? ssp=CFF1CxQoaQcoLWoRaQ%3D%3D%0A& 2. eml=4hBWVqJg4D& mix=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A HTTP/1.1 user@example.com GET /login/? secure123 psw=-ZI-WQe& 3. amr=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& rma=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 57

  12. Mitm + Bad Crypto + Obfuscation GET /login/? aaa=Bi9srqo& 1. nch=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& tnd=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 GET /login/? ssp=CFF1CxQoaQcoLWoRaQ%3D%3D%0A& 2. eml=4hBWVqJg4D& mix=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A HTTP/1.1 user@example.com GET /login/? secure123 psw=-ZI-WQe& 3. amr=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& rma=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 GET /login/? aaa=ZTZrO& 4. mag=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& df=CFF1CxQoaQcoLWoRaQ%3D%3D%0A& data=5JFJzgYW_ HTTP/1.1 58

  13. Mitm + Bad Crypto + Obfuscation GET /login/? aaa=Bi9srqo& 1. nch=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& tnd=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 GET /login/? ssp=CFF1CxQoaQcoLWoRaQ%3D%3D%0A& 2. eml=4hBWVqJg4D& mix=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A HTTP/1.1 user@example.com GET /login/? secure123 psw=-ZI-WQe& 3. amr=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& rma=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 GET /login/? aaa=ZTZrO& 4. mag=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& df=CFF1CxQoaQcoLWoRaQ%3D%3D%0A& data=5JFJzgYW_ HTTP/1.1 59

  14. Mitm + Bad Crypto + Obfuscation GET /login/? aaa=Bi9srqo& 1. nch=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& tnd=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 GET /login/? ssp=CFF1CxQoaQcoLWoRaQ%3D%3D%0A& 2. eml=4hBWVqJg4D& mix=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A HTTP/1.1 user@example.com GET /login/? secure123 psw=-ZI-WQe& 3. amr=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& rma=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 GET /login/? aaa=ZTZrO& 4. mag=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& df=CFF1CxQoaQcoLWoRaQ%3D%3D%0A& data=5JFJzgYW_ HTTP/1.1 60

  15. Mitm + Bad Crypto + Obfuscation 'k', 'c', '#', 'a', 'p', 'p', '#', 'k', 'e', 'y', '#' 61

  16. Mitm + Bad Crypto + Obfuscation @ user@example.com 'k', 'c', '#', 'a', 'p', 'p', '#', 'k', 'e', 'y', '#' XOR Base64 DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ== 62

  17. Mitm + Bad Crypto + Obfuscation @ user@example.com 'k', 'c', '#', 'a', 'p', 'p', '#', 'k', 'e', 'y', '#' XOR {nl, bhf, mag, bdt, qac, trn, amr, mix, nch} + “=“ + Random() Base64 nch = DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A mix = DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A amr = DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A mag = DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A 63

  18. Mitm + Bad Crypto + Obfuscation @ ******** secure123 user@example.com 'k', 'c', '#', 'a', 'p', 'p', '#', 'k', 'e', 'y', '#' XOR XOR {df, ssp, fgh, drt, tnd, rfb, rma, vwe, hac} {nl, bhf, mag, bdt, qac, trn, amr, mix, nch} + “=“ Base64 + + + Random() Random() Base64 “=“ nch = DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A CFF1CxQoaQcoLWoRaQ%3D%3D%0A = tnd mix = DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A CFF1CxQoaQcoLWoRaQ%3D%3D%0A = ssp amr = DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A CFF1CxQoaQcoLWoRaQ%3D%3D%0A = rma mag = DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A CFF1CxQoaQcoLWoRaQ%3D%3D%0A = df 64

  19. Mitm + Bad Crypto + Obfuscation decode Base64 decode Base64 DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ== CFF1CxQoaQcoLWoRaQ== 65

  20. Mitm + Bad Crypto + Obfuscation @ ******** secure123 user@example.com 'k', 'c', '#', 'a', 'p', 'p', '#', 'k', 'e', 'y', '#' XOR XOR decode Base64 decode Base64 DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ== CFF1CxQoaQcoLWoRaQ== 66

  21. Mitm + Bad Crypto + Obfuscation GET /login/? @ aaa =Bi9srqo& nch=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& tnd=CFF1CxQoaQcoLWoRaQ%3D%3D%0A ******** data =5JFJzgYW_ HTTP/1.1 + “=“ + GenerateRandomString() Random() {usr, psw, uid, data, eml, pss, foo, clmn, count, nam, srv, answ, aaa } 67

  22. 68

  23. Correct Secure Communication § Use https via TLS 1.2 or TLS 1.3 § Valid server certificate 69

  24. Correct Secure Communication § Use https via TLS 1.2 or TLS 1.3 § Valid server certificate § Implementation in Android: Kotlin: Java: URL url = new URL(" https ://wikipedia.org"); val url = URL(" https ://wikipedia.org") URLConnection urlConnection = url.openConnection(); val urlConnection: URLConnection = url.openConnection() https://developer.android.com/training/articles/security-ssl#java 70

  25. “Authentication“ 71

  26. “Authentication“ … Message message = new Message(); try { Class.forName("com.mysql.jdbc.Driver"); Connection con = DriverManager. getConnection( ); try { … 72

  27. “Authentication“ … Message message = new Message(); try { Class.forName("com.mysql.jdbc.Driver"); Connection con = DriverManager. getConnection(" jdbc:mysql://mysql.r*****************r.mobi/r*************06 ", "r*************06" , " t**********b "); try { … 73

  28. “Authentication“ … Message message = new Message(); try { Class.forName("com.mysql.jdbc.Driver"); Connection con = DriverManager. getConnection(" jdbc:mysql://mysql.r*****************r.mobi/r*************06 ", "r*************06" , " t**********b "); try { … database address username 74

  29. “Authentication“ … Message message = new Message(); try { Class.forName("com.mysql.jdbc.Driver"); Connection con = DriverManager. getConnection(" jdbc:mysql://mysql.r*****************r.mobi/r*************06 ", "r*************06" , " t**********b "); try { … database address username password 75

  30. “Authentication“ § MySQL Database with following table scheme: Field Type Null Key Default Extra nome varchar(50) NO NULL email varchar(30) NO NULL latitude varchar(30) NO NULL longitude varchar(30) NO NULL data varchar(30) NO NULL hora varchar(30) NO NULL codrenavam varchar(30) NO NULL placa Varchar(30) NO PRI NULL 76

  31. “Authentication“ … Message message = new Message(); try { Class.forName("com.mysql.jdbc.Driver"); Connection con = DriverManager. getConnection(" jdbc:mysql://mysql.r*****************r.mobi/r*************06 ", "r*************06" , " t**********b "); try { … database address username password All in all we had access to over 860.000 location data of different users, distributed over the whole world. 77

  32. Is that all ? 78

  33. Prepared Statement? WTF! … Message message = new Message(); try { Class.forName("com.mysql.jdbc.Driver"); Connection con = DriverManager. getConnection("jdbc:mysql://mysql.r*****************r.mobi/r*************06", "r*************06", "t**********b"); try { PreparedStatement prest = con.prepareStatement("insert rastreadorpessoal values(?)"); 79

  34. Prepared Statement? WTF! … Message message = new Message(); try { Class.forName("com.mysql.jdbc.Driver"); Connection con = DriverManager. getConnection("jdbc:mysql://mysql.r*****************r.mobi/r*************06", "r*************06", "t**********b"); try { PreparedStatement prest = con.prepareStatement("insert rastreadorpessoal values(?)"); prest.executeUpdate(" insert into rastreadorpessoal values ('" + this.atributos.getNome() + "', '" + this.atributos.getEmail() + "', '" + this.atributos.getLatitudeStr() + "', '" + this.atributos.getLongitudeStr() + "', '" + this.atributos.getDataBancoStr() + "', '" + this.atributos.getHoraBancoStr() + "', '" + this.atributos.getRenavam() + "', '" + this.atributos.getPlaca() + "')"); prest.close(); con.close(); … 80

  35. Prepared Statement? WTF! … Message message = new Message(); try { Class.forName("com.mysql.jdbc.Driver"); Connection con = DriverManager. getConnection("jdbc:mysql://mysql.r*****************r.mobi/r*************06", "r*************06", "t**********b"); try { PreparedStatement prest = con.prepareStatement("insert rastreadorpessoal values(?)"); prest.executeUpdate(" insert into rastreadorpessoal values ('" + this.atributos.getNome() + "', '" + this.atributos.getEmail() + "', '" + this.atributos.getLatitudeStr() + "', '" + this.atributos.getLongitudeStr() + "', '" + this.atributos.getDataBancoStr() + "', '" + this.atributos.getHoraBancoStr() + "', '" + this.atributos.getRenavam() + "', '" + this.atributos.getPlaca() + "')"); prest.close(); con.close(); … 81

  36. Stupid ! 82

  37. Agenda § Motivation § Background Information § Client-Side Authorization § Client-Side and Communication Vulnerabilities § Server-Side Vulnerabilities § Responsible Disclosure Process § Summary 83

  38. 101 1. Authentication Process 2. Authorization Process Observer 84

  39. WTF-States of Server-Side Vulnerabilties 85

  40. ”That‘s a feature” 86

  41. Not a Bug it‘s a Feature § Web service provides public access to user tracks, allow all by default 87

  42. Not a Bug it‘s a Feature § Web service provides public access to user tracks, allow all by default 88

  43. Not a Bug it‘s a Feature https://www.greenalp.com/realtimetracker/index.php?viewuser=USERNAME 89

  44. Demo Time ! 90

  45. Is that all ? 91

  46. Public Webinterface 92

  47. Authentication – What? 93

  48. Part1: Who Needs Authentication? http ://***********g.azurewebsites.net/trackapplochistory.aspx? userid =********& childid =2***** ***0& currentdate =07/12/2017 94

  49. Part1: Who Needs Authentication? nothing new http ://***********g.azurewebsites.net/trackapplochistory.aspx? userid =********& childid =2***** ***0& currentdate =07/12/2017 95

  50. Part1: Who Needs Authentication? nothing new your user id http ://***********g.azurewebsites.net/trackapplochistory.aspx? userid =********& childid =2***** ***0& currentdate =07/12/2017 96

  51. Part1: Who Needs Authentication? nothing new your user id http ://***********g.azurewebsites.net/trackapplochistory.aspx? userid =********& childid =2***** ***0& currentdate =07/12/2017 id of the person to track 97

  52. Part1: Who Needs Authentication? nothing new your user id http ://***********g.azurewebsites.net/trackapplochistory.aspx? userid =********& childid =2***** ***0& currentdate =07/12/2017 id of the person to track requested date 98

  53. Part1: Who Needs Authentication? Response for http://***********g.azurewebsites.net/... 07:47 PM*49.8715330929084,8.639047788304 attacker 07:52 PM*49.8731935027927,8.63498598738923 tracker back-end 07:53 PM*49.871533247265,8.63904788614738 … List of the complete track 99

  54. Part1: Who Needs Authentication? 100

Recommend

BELONG A family support programme promoting a sense of belonging for black & minority ethnic

BELONG A family support programme promoting a sense of belonging for black & minority ethnic

BELONG A family support programme promoting a sense of belonging for black & minority ethnic children through: Cultural Confidence & Competence Anti-Bullying & Anti-Racial Bullying Education BELONG Beginnings

301 views • 18 slides
All Your Cluster-Grids Are Belong to Us: Monitoring the (in)Security of Infrastructure Monitoring

All Your Cluster-Grids Are Belong to Us: Monitoring the (in)Security of Infrastructure Monitoring

All Your Cluster-Grids Are Belong to Us: Monitoring the (in)Security of Infrastructure Monitoring Systems Andrei Costin EURECOM, France 1 st Workshop on Security & Privacy in the Cloud (SPC) 30 Sep 2015, Florence Italy Agenda

640 views • 63 slides
Whispered Secrets Eleanor McHugh Whispered Secrets @feyeleanor http://leanpub.com/GoNotebook

Whispered Secrets Eleanor McHugh Whispered Secrets @feyeleanor http://leanpub.com/GoNotebook

Whispered Secrets Eleanor McHugh Whispered Secrets @feyeleanor http://leanpub.com/GoNotebook we all have secrets and these secrets matter to us thats what makes them secrets software should keep our secrets some secrets are awful

1k views • 75 slides
Five Secrets to Building a Security Culture WWW.ISECOM.ORG Secret #1 You are NOT designed by

Five Secrets to Building a Security Culture WWW.ISECOM.ORG Secret #1 You are NOT designed by

Five Secrets to Building a Security Culture WWW.ISECOM.ORG Secret #1 You are NOT designed by default to be security aware. You are not aware or in control of your thoughts. You are a bag of hormones and disease making wants and needs.

259 views • 9 slides
Hunting crypto secrets in SAP systems Martin Gallo, Product Owner/Security Researcher AGENDA

Hunting crypto secrets in SAP systems Martin Gallo, Product Owner/Security Researcher AGENDA

Hunting crypto secrets in SAP systems Martin Gallo, Product Owner/Security Researcher AGENDA Problem definition Cryptographic material Personal Security Environment (PSE) SSO credentials (cred_v2) Local Protection Store (LPS)

1.18k views • 62 slides
All your GPS Trackers belong to Us 1 Who we are Pierre Barre, Lead Security Researcher,

All your GPS Trackers belong to Us 1 Who we are Pierre Barre, Lead Security Researcher,

All your GPS Trackers belong to Us 1 Who we are Pierre Barre, Lead Security Researcher, Mobile and Telecom Lab Chaouki Kasmi, Lab Director, Mobile and Telecom Lab Eiman Al Shehhi, Security Researcher, Mobile and Telecom Lab The

469 views • 25 slides
All Your Cloud Are Belong to Us Hunting Compromise in Azure Nate Warfield Microsoft Security

All Your Cloud Are Belong to Us Hunting Compromise in Azure Nate Warfield Microsoft Security

All Your Cloud Are Belong to Us Hunting Compromise in Azure Nate Warfield Microsoft Security Response Center The opinions expressed are my own and do not necessarily reflect those of Microsoft Corporation. Whoami: Nate Warfield (@dk_effect)

506 views • 24 slides
Presentation Secrets Presentation Secrets Filesize: 9.28 MB Reviews Reviews Just no phrases to

Presentation Secrets Presentation Secrets Filesize: 9.28 MB Reviews Reviews Just no phrases to

NAHPXXJI6KNA Book ^ Presentation Secrets Presentation Secrets Presentation Secrets Filesize: 9.28 MB Reviews Reviews Just no phrases to describe. It typically does not price an excessive amount of. It is extremely difficult to leave it before

260 views • 3 slides
Apache Security Secrets: Revealed for ApacheCon 2002, Las Vegas Mark J Cox revision 1

Apache Security Secrets: Revealed for ApacheCon 2002, Las Vegas Mark J Cox revision 1

Apache Security Secrets: Revealed for ApacheCon 2002, Las Vegas Mark J Cox revision 1 www.awe.com/mark/apcon2002 Quick Introduction Who am I? Why do you care? What is Security Response Why do we need it? Red Hat, Apache,

551 views • 51 slides
The Logic of Secrets LAMAS 2020, 8 May 2020 Thomas gotnes University of Bergen, Norway

The Logic of Secrets LAMAS 2020, 8 May 2020 Thomas gotnes University of Bergen, Norway

The Logic of Secrets LAMAS 2020, 8 May 2020 Thomas gotnes University of Bergen, Norway Southwest University (SWU), China Zuojun Xiong, SWU Yuzhi Zhang, SWU Secrets Of fundamental importance in, e.g., safety and security cryptography

747 views • 47 slides
Decrypting All Users' Secrets and PFX Passwords Paula Januszkiewicz CQURE: CEO, Penetration

Decrypting All Users' Secrets and PFX Passwords Paula Januszkiewicz CQURE: CEO, Penetration

DPAPI and DPAPI-NG: Decrypting All Users' Secrets and PFX Passwords Paula Januszkiewicz CQURE: CEO, Penetration Tester / Security Expert CQURE Academy: Trainer MVP: Enterprise Security, MCT Microsoft: Regional Director www.cqureacademy.com

615 views • 27 slides
Secrets and Lies Secrets and Lies a summary traversal of Bruce Schneier a summary traversal of

Secrets and Lies Secrets and Lies a summary traversal of Bruce Schneier a summary traversal of

Secrets and Lies Secrets and Lies a summary traversal of Bruce Schneier a summary traversal of Bruce Schneier s book s book David Morgan Page 1 Page 1 Complexity is the worst enemy of security. Trajectory of our industry Trajectory

392 views • 28 slides
Presentation Secrets Presentation Secrets Filesize: 8.11 MB Reviews Reviews It is really an

Presentation Secrets Presentation Secrets Filesize: 8.11 MB Reviews Reviews It is really an

XUECRQXNRXVS Book Presentation Secrets Presentation Secrets Presentation Secrets Filesize: 8.11 MB Reviews Reviews It is really an remarkable book which i have ever go through. It can be writter in simple terms and not difficult to

343 views • 3 slides
Password-Based Cryptography: Strong Security from Weak Secrets Anja Lehmann IBM Research

Password-Based Cryptography: Strong Security from Weak Secrets Anja Lehmann IBM Research

Password-Based Cryptography: Strong Security from Weak Secrets Anja Lehmann IBM Research Zurich based on joint work with Jan Camenisch, Anna Lysyanskaya & Gregory Neven ROADMAP Password-Based Authentication How to make password

1.43k views • 43 slides
Seven Secrets to Building a Successful Business Introductions The Seven Secrets to Building a

Seven Secrets to Building a Successful Business Introductions The Seven Secrets to Building a

Seven Secrets to Building a Successful Business Introductions The Seven Secrets to Building a Successful Business The Essential Tools Incredible Offer!!! Todays Agenda Just for attending you get Copy of the Presentation Link to the

698 views • 56 slides
All your packets are belong to us Attacking backbone technologies Daniel Mende & Enno Rey

All your packets are belong to us Attacking backbone technologies Daniel Mende & Enno Rey

All your packets are belong to us Attacking backbone technologies Daniel Mende & Enno Rey {dmende, erey}@ernw.de Who we are Old-school network geeks. Working as security researchers for Germany based ERNW GmbH. Fiddling

630 views • 38 slides
Presentation Secrets Presentation Secrets Filesize: 3.61 MB Reviews Reviews This is basically

Presentation Secrets Presentation Secrets Filesize: 3.61 MB Reviews Reviews This is basically

NHHOGOEDX28F PDF Presentation Secrets Presentation Secrets Presentation Secrets Filesize: 3.61 MB Reviews Reviews This is basically the greatest pdf i have got go through right up until now. It normally fails to cost excessive. Once you

397 views • 3 slides
Apache Security Secrets: Revealed! (Again!) for ApacheCon 2003, Las Vegas Mark J Cox revision 3

Apache Security Secrets: Revealed! (Again!) for ApacheCon 2003, Las Vegas Mark J Cox revision 3

Apache Security Secrets: Revealed! (Again!) for ApacheCon 2003, Las Vegas Mark J Cox revision 3 www.awe.com/mark/apcon2003 Apache Apache web server Powers over half of the Internet web server infrastructure Mature project, over 7

890 views • 53 slides
Safecracker: Leaking Secrets through Compressed Caches Po-An Tsai, Andres Sanchez, Christopher

Safecracker: Leaking Secrets through Compressed Caches Po-An Tsai, Andres Sanchez, Christopher

Safecracker: Leaking Secrets through Compressed Caches Po-An Tsai, Andres Sanchez, Christopher Fletcher, and Daniel Sanchez ASPLOS 2020 Executive Summary 2 First security analysis of cache compression Executive Summary 2 First security

2.15k views • 89 slides
Unlocking the Secrets of Successful CHIP Implementation August 27, 2012 Allen Lomax, MPA

Unlocking the Secrets of Successful CHIP Implementation August 27, 2012 Allen Lomax, MPA

Unlocking the Secrets of Successful CHIP Implementation August 27, 2012 Allen Lomax, MPA Community Indicators Consortium Deborah Edwards, MHS, CSW Assistant Director of Personal Health Services Newark Department of Child and Family Well-Being

559 views • 28 slides
Polygon Filling Goal intensify the pixels that belong to the polygon Issues which pixels belong

Polygon Filling Goal intensify the pixels that belong to the polygon Issues which pixels belong

Polygon Filling Goal intensify the pixels that belong to the polygon Issues which pixels belong to the polygon Approach use a (horizontal) scan line that traverses the polygon intensify the pixels along the spans (the segments of

895 views • 50 slides
CONSUMER SECURITY PROFITABLE GROWTH SYNERGIES ACROSS SEGMENTS Privacy Family Connected home

CONSUMER SECURITY PROFITABLE GROWTH SYNERGIES ACROSS SEGMENTS Privacy Family Connected home

Kristian Jrnefelt, EVP, Consumer Cyber Security CONSUMER SECURITY PROFITABLE GROWTH SYNERGIES ACROSS SEGMENTS Privacy Family Connected home F-Secure Capital Markets Day 2017 CONSUMERS SECURITY NEEDS ARE GETTING BROADER PRIVACY FAMILY

268 views • 12 slides
1 Secrets to Successful Retreat Planning Your Questions/Goals What are some of your best camp

1 Secrets to Successful Retreat Planning Your Questions/Goals What are some of your best camp

Welcome Secrets to Successful Retreat Planning Secrets to Successful Retreat Planning Be still and know that I am God Psalm 46:10 Secrets to Successful Retreat Planning Welcome Introduction (Leave w/everything you need to create your

465 views • 12 slides
Three peaks, but which 2) Measure FT-IR > peaks belong to which molecule? Crosspeaks between

Three peaks, but which 2) Measure FT-IR > peaks belong to which molecule? Crosspeaks between

2D IR EXAMPLE COMPARISON WITH FT-IR 1) Take a mixture 1 IR mode + 2 IR modes of two compounds Three peaks, but which 2) Measure FT-IR > peaks belong to which molecule? Crosspeaks between vibrations mean they belong 3) Measure 2D

179 views • 7 slides

More recommend