Show filters Hide filters

Refine your search

Publication Year
Organisation found in the video
1-26 out of 26 results
Change view
  • Sort by:
42:06 Hacktivity English 2015

Why Nation-State Malwares Target Telco Networks: Dissection Technical Capabilities of Regin and Its Counterparts

The recent research in malware analysis suggests state actors allegedly use cyber espionage campaigns against GSM networks. Analysis of state-sponsored malwares such as Flame, Duqu, Uruborus and the Regin revealed that these were designed to sustain long-term intelligence-gathering operations by remaining under the radar. Antivirus companies made a great job in revealing technical details of the attack campaigns, however, they have almost exclusively focused on the executables or the memory dump of the infected systems - the research hasn't been simulated in a real environment. In this talk, we are going to break down the Regin framework stages from a reverse engineering perspective - kernel driver infection scheme, virtual file system and its encryption scheme, kernel mode manager- while analyzing its behaviors on a GSM network and making technical comparison of its counterparts - such as TDL4, Uruborus, Duqu2.
  • Published: 2015
  • Publisher: Hacktivity
  • Language: English
1:17:04 Institut des Hautes Études Scientifiques (IHÉS) English 2015

Quantum Mechanics in the Sky

  • Published: 2015
  • Publisher: Institut des Hautes Études Scientifiques (IHÉS)
  • Language: English
1:00:47 PGCon - PostgreSQL Conference for Users and Developers, Andrea Ross English 2012

On snakes and elephants

Using Python with and in PostgreSQL Python is one of the most popular application programming languages and there's a plethora of PostgreSQL libraries and utilities for Python. This talk will try to give an overview of the contemporary Python-PostgreSQL landscape in a way that's useful both for Python programmers starting on a PostgreSQL project and DBAs dealing with what those programmers wrote. We'll try cover a slightly opinionated selection of libraries, frameworks and technologies and give some recommendations. The richeness of the environment is sometimes confusing. Python people starting with PostgreSQL often don't know which driver or ORM library should they be using. Sometimes they're not aware of all the things PostgreSQL can offer to a Python programmer and the tools available. On the other hand, DBAs sometimes need to debug Python programs (mis)using their database and PostgreSQL-savvy people join or consult on projects written in Python and need to have at least a basic understanding of how Python works, particularily on the database connection front. We'll try to make both of these groups a bit more comfortable when dealing with the other. The talk will cover available drivers, focusing especially on psycopg2 and some of its lesser-known features and ORM libraries, focusing mainly on SQLAlchemy. We'll also discuss PL/PythonU, the possibilities it opens, along with some best practices and caveats.
  • Published: 2012
  • Publisher: PGCon - PostgreSQL Conference for Users and Developers, Andrea Ross
  • Language: English
49:46 PGCon - PostgreSQL Conference for Users and Developers, Andrea Ross English 2015

pg shard: Shard and Scale Out PostgreSQL

PostgreSQL extension to scale out real-time reads and writes pg shard is an open source sharding extension for PostgreSQL. It shards PostgreSQL tables for horizontal scale, and replicates them for high availability. The extension also seamlessly distributes SQL statements, without requiring any changes to the application layer. pg shard addresses many NoSQL use-cases, and becomes more powerful with the new JSONB data type. Further, the extension leverages the rich analytic capabilities in PostgreSQL, and enables real-time analytics for big data sets. In this talk, we first summarize challenges in distributed systems associated with scaling out databases. We then describe "logical sharding", and discuss how it helps overcome these challenges. Next, we show how pg shard uses hook APIs, such as the planner and executor hooks, to make PostgreSQL a powerful distributed database. We then cover example customer use-cases, and conclude with a futuristic demo: a distributed table with JSONB fields, backed by a dynamically changing row and columnar store. pg shard is an open source sharding extension for PostgreSQL. It shards PostgreSQL tables for horizontal scale, and replicates them for high availability. The extension also seamlessly distributes SQL statements, without requiring any changes to the application layer. pg shard addresses many NoSQL use-cases, and becomes more powerful with the new JSONB data type. Further, the extension leverages the rich analytic capabilities in PostgreSQL, and enables real-time analytics for big data sets. In this talk, we first summarize challenges in distributed systems: dynamically scaling a cluster when new machines are added or old ones fail, and distributed consistency semantics in the face of failures. We then describe "logical sharding", and show how it helps overcome these challenges. We also discuss this idea's application to Postgres. Next, we show how pg shard uses hook APIs, such as the planner and executor hooks, to make PostgreSQL a powerful distributed database. We then cover example customer use-cases, and conclude with a futuristic demo: a distributed table with JSONB fields, backed by a dynamically changing row and columnar store.
  • Published: 2015
  • Publisher: PGCon - PostgreSQL Conference for Users and Developers, Andrea Ross
  • Language: English
40:19 EuroPython English 2015

Python microservices on PaaS done right

Michał Bultrowicz - Python microservices on PaaS done right Lately, there's a lot of talk about microservices but not enough concrete examples and case studies. I want to change that by showing: - how thinking in PaaS terms can lead to robust and scalable designs; - what infrastructure and automation you need to set up to go along smoothly; - how to get real time metrics of your apps; - what makes Python good for microservices; - what is Python's performance relative to some alternatives. **Prerequisites for the talk:** - some experience with web development in Python; - basic knowledge of RESTful web services.
  • Published: 2015
  • Publisher: EuroPython
  • Language: English
55:38 Confreaks, LLC English 2015

Deploy and Manage Ruby on Rails Apps on AWS

In this hands-on lab, we will get you started with running your Rails applications on AWS. Starting with a simple sample application, we will walk you through deploying to AWS, then enhancing your application with features from the AWS SDK for Ruby's Rails plugin.
  • Published: 2015
  • Publisher: Confreaks, LLC
  • Language: English
19:56 Confreaks, LLC English 2017

​Recurring Background Jobs with Sidekiq-scheduler

When background job processing needs arise, Sidekiq is the de facto choice. It's a great tool which has been around for years, but it doesn't provide recurring job processing out of the box. sidekiq-scheduler fills that gap, it's a Sidekiq extension to run background jobs in a recurring manner. 
In this talk, we'll cover how sidekiq-scheduler does its job, different use cases, challenges when running on distributed environments, its future, how we distribute capacity over open source initiatives, and as a bonus, how to write your own Sidekiq extensions.
  • Published: 2017
  • Publisher: Confreaks, LLC
  • Language: English
43:09 DjangoCon US English 2014

Digging Into Django's Migrations

An in-depth look at Django's new migrations framework, explaining the component architecture, highlighting issues with multiple database backends, and showing how management commands typically get routed through the software.
  • Published: 2014
  • Publisher: DjangoCon US
  • Language: English
23:35 re:publica English 2013

Autonomous web apps with Sockethub

As the major social network vendors increase their customer lock-in, and the open social web platform alternatives continue to be dispersed and re-invent the wheel, we're faced with many different, mostly non-interoperable platforms, protocols and APIs to choose from.Developers must spend their time picking and choosing protocols and APIs to integrate into their applications, banking on the increased lock-in of their chosen platforms to ensure the applications' relevance and longevity. Open-source application developers, are either limited by what they can realize completely in the browser, or faced with tying their application to backend servers to carry out parts of the functionality, or store user data.
  • Published: 2013
  • Publisher: re:publica
  • Language: English
59:16 EuroPython English 2017

EPS General Assembly

EPS General Assembly [EuroPython 2017 - EuroPython session - 2017-07-13 - PythonAnywhere Room] [Rimini, Italy] This is where the EuroPython Society (EPS) board gives its reports, resolutions are passed and the EPS members can vote in a new EPS board
  • Published: 2017
  • Publisher: EuroPython
  • Language: English
26:14 EuroPython English 2017

OpenAPI development with Python

OpenAPI development with Python [EuroPython 2017 - Talk - 2017-07-11 - PythonAnywhere Room] [Rimini, Italy] Goal After this session, audiences will get - Basic knowledge of OpenAPI (Swagger) - Ecosystem of OpenAPI(Swagger) and tools related to Python and knowledge to make use of them in their own projects Audience (1) This talk is for: - Developers who are creating or using API services such as web applications, mobile applications and all other kinds of applications (2) Audience will be expected to have (prerequisite): - Basic knowledge of development with API (REST and others) - Basic knowledge of Python Outline Introduction (3min) Agenda of this talk Myself introduction OpenAPI(Swagger) introduction and basics (8min) What is OpenAPI and what is the relation with Swagger? (5min) Comparison with other frameworks for APIs (3min) api blueprint, json schema and .. OpenAPI ecosystem and tools (8min) OpenAPI(Swagger) core tools (4min) Swagger editor, Swagger codegen and Swagger UI OpenAPI tools related to Python (4min) Some tools for python api development with OpenAPI Actual case study with OpenAPI and Python (8min) Introduce our projects with OpenAPI, Python and other program (like Angular, Typescript and so on) and explain how swagger is well working in our company Recap and Conclusion (2min
  • Published: 2017
  • Publisher: EuroPython
  • Language: English
23:04 Confreaks, LLC English 2016

Cross-Pollinating Communities: We All Win

You may have heard the quote, "Good artists copy, great artists steal." Ember's origins were inspired by Cocoa. Ember has taken many cues from Rails, the biggest coming in the form of strong framework conventions. In 1.13, Ember's rendering engine was rewritten based on concepts pioneered by React. Instead of writing their own cli from the ground up, Angular has embraced ember-cli. Let's examine past and future benefits of sharing ideas, and what it means for our favorite framework and our industry as a whole.
  • Published: 2016
  • Publisher: Confreaks, LLC
  • Language: English
47:37 re:publica English 2014

National Final of Telekom Innovation Contest

On May 7th, the first 10 national finalists of Telekom Innovation Contest will present their ideas live on stage. More than 300 ideas from 39 countries were submitted in the global contest powered by Telekom Innovation Laboratories, host of Lange Nacht der Startups, hub:raum, Kitchen Budapest and further national companies of Deutsche Telekom. The German final will kick-off a series of national finals all over Europe. The team which wins at re:publica will compete in the Champions Pitch in June.
  • Published: 2014
  • Publisher: re:publica
  • Language: English
57:44 REcon English 2016

How Do I Crack Satellite and Cable Pay TV?

Follow the steps taken to crack a conditional access and scrambling system used in millions of TV set-top-boxes across North America. From circuit board to chemical decapsulation, optical ROM extraction, glitching, and reverse engineering custom hardware cryptographic features. This talk describes the techniques used to breach the security of satellite and cable TV systems that have remained secure after 15+ years in use. Topics include: chemical decapsulation and delayering of ICs in acids, microphotography and optical bit extraction of ROM, binary analysis using IDA and homebrew CPU simulators, datalogging and injection of SPI and serial TS data, designing and using a voltage glitcher, extracting secret keys from RAM of a battery-backed IC, analyzing hardware-based crypto customizations, studying undocumented hardware peripherals, MPEG transport streams and non-DVB-standards, QPSK demodulation, interleaving, randomization, FEC of OOB (out-of-band) cable data. The result is knowledge of the transport stream scrambling modes and knowledge of the conditional access system used to deliver keys. Strong and weak points are identified, advanced security features implemented nearly 20 years ago are compared to modern security designs. A softcam is designed and tested using free software, working for cable and satellite TV.
  • Published: 2016
  • Publisher: REcon
  • Language: English
52:30 re:publica English 2016

#HEALTHAPPSCOMBAT

"Health apps, add real value? True or Fake – Join us in this exciting session where top influencers on mobile health will ‘fight’ to reveal the truth about this outstanding trend. Health apps are hot, moreover, they are a powerful market, the past years, an enormous increase in the number of available health-related applications (apps) has occurred, there are more than 165,000 mHealth apps in a market worth 489m. However, little is still known regarding the effectiveness and risks of these applications."
  • Published: 2016
  • Publisher: re:publica
  • Language: English
1:01:55 Free and Open Source software Conference (FrOSCon) e.V. German 2017

PostgreSQL in der Praxis

Seit der Einführung von nativer Replikation mit Version 9.0 im Jahr 2010 hat PostgreSQL mit jeder neuen Version Verbesserungen und weitere Möglichkeiten bei der Replikation im Speziellen als auch in anderen Bereichen im Allgemeinen erhalten. Durch die traditionell umfangreiche Abdeckung von SQL-Features und Anbindungen an verschiedene Programmiersprachen, das inzwischen eingeführte Erweiterungs-System sowie die Zusammenarbeit mit externen Projekten ist heutzutage ein stabiler, performanter und auch hochverfügbarer Betrieb von Unternehmens-kritischen Datenbanken möglich.
  • Published: 2017
  • Publisher: Free and Open Source software Conference (FrOSCon) e.V.
  • Language: German
29:35 FOSDEM VZW English 2014

Swimming with chum in shark infested waters

A talk on engaging the F/OSS community and the lessons learned in the many releases after GNOME 3. Discuss measures we took to engage community, the effect of social media in the modern age, and lessons for others who also release software. Bad news travel fast, ugly news travel even faster. The world was not the same when GNOME released 2.0, and in today's world you need to know how to engage with the community, apply damage control when needed, and understand how information propagates through social media and to create an effective message. This talk is about the key lessons we learned when releasing GNOME 3.0 and subsequent releases after and discuss possible solutions, or the measures we have used to help reduce friction with the community.
  • Published: 2014
  • Publisher: FOSDEM VZW
  • Language: English
29:48 FOSS4G, Open Source Geospatial Foundation (OSGeo) English 2014

Running Your Own Rendering Infrastructure

In addition to hosting the popular OSM-base Toner, Watercolor, and Terrain tile sets, Stamen incorporates custom cartography into much of our client work. This is a behind-the-scenes walkthrough covering the evolution of our rendering infrastructure and the peripheral services that help to make our work unique. Topics covered include the image processing used for Watercolor and Map Stack, raster manipulation for Terrain, Surging Seas, and the Chesapeake Bay Program, as well as the use of vector tiles (for both OSM and other data) to support Pinterest and future work.
  • Published: 2014
  • Publisher: FOSS4G, Open Source Geospatial Foundation (OSGeo)
  • Language: English
39:18 Confreaks, LLC English 2016

From Zero to API Hero: Consuming APIs like a Pro

Just like there’s an app for that, there’s an API for that! But not all APIs are created equal, and some APIs are harder to work with than others. In this talk, I will walk through some common gotchas developers encounter when consuming a 3rd party API. I will explain why it’s important to familiarize yourself with the API you’re consuming prior to coding, as well as share tools to help you get acquainted with an API much faster. Lastly, I will go over debugging and testing the API you’re consuming, because testing is not just for the provider of the API!
  • Published: 2016
  • Publisher: Confreaks, LLC
  • Language: English
1:09:42 FOSSGIS e.V. German 2018

Erfahrungen und Aussichten bei OpenNRW

  • Published: 2018
  • Publisher: FOSSGIS e.V.
  • Language: German
35:37 Confreaks, LLC English 2017

Don't get Distracted

In 2011, with a team of interns at a Department of Defense contractor, I created a Wi-Fi geolocation app to locate hotspots. It could find the location in 3D space of every hotspot near you in seconds. We made formulas to model signal strength and probable distances. We used machine learning to optimize completion time and accuracy. I was so caught up in the details that it took me months to see it would be used to kill people. What do we do when we discover that we're building something immoral or unethical? How can we think through the uses of our software to avoid this problem entirely?
  • Published: 2017
  • Publisher: Confreaks, LLC
  • Language: English
34:08 DEF CON English 2016

A Monitor Darkly: Reversing and Exploiting Ubiquitous OSD Controllers

There are multiple x86 processors in your monitor! OSD, or on-screen-display controllers are ubiquitous components in nearly all modern monitors. OSDs are typically used to generate simple menus on the monitor, allowing the user to change settings like brightness, contrast and input source. However, OSDs are effectively independent general-purpose computers that can: read the content of the screen, change arbitrary pixel values, and execute arbitrary code supplied through numerous control channels. We demonstrate multiple methods of loading and executing arbitrary code in a modern monitor and discuss the security implication of this novel attack vector. We also present a thorough analysis of an OSD system used in common Dell monitors and discuss attack scenarios ranging from active screen content manipulation and screen content snooping to active data exfiltration using Funtenna-like techniques. We demonstrate a multi-stage monitor implant capable of loading arbitrary code and data encoded in specially crafted images and documents through active monitor snooping. This code infiltration technique can be implemented through a single pixel, or through subtle variations of a large number of pixels. We discuss a step-by-step walk-through of our hardware and software reverse-analysis process of the Dell monitor. We present three demonstrations of monitoring exploitation to show active screen snooping, active screen content manipulation and covert data exfiltration using Funtenna. Lastly, we discuss realistic attack delivery mechanisms, show a prototype implementation of our attack using the USB Armory and outline potential attack mitigation options. We will release sample code related to this attack prior to the presentation date. Bio: Dr. Ang Cui is the Founder and Chief Scientist of Red Balloon Security. Dr. Cui received his PhD from Columbia University in 2015. His doctoral dissertation, titled “Embedded System Security: A Software-based Approach”, focused exclusively on scientific inquiries concerning the exploitation and defense embedded systems. And has focused on developing new technologies to defend embedded systems against exploitation. During the course of his research, he has uncovered a number of serious vulnerabilities within ubiquitous embedded devices like Cisco routers, HP printers and Cisco IP phones. Dr. Cui is also the author of FRAK and the inventor of Software Symbiotic technology. And has received various awards on his work on reverse engineering commercial devices and is also the recipient of the Symantec Graduate Fellowship and was selected as a DARPA Riser in 2015. Latin Kataria is a Principal Research Scientist at Red Balloon Security. His research focus is on the defense and exploitation of embedded devices. Latin earned his master’s degree from Columbia University and a bachelor’s degree from Delhi College of Engineering. Previously, he has worked as a System Software Developer at NVIDIA and as an Associate Software Engineer at Mcafee. Francois Charbonneau is a embedded security researcher who spent the better part of his career working for the Canadian government until he got lost and wondered into New York City. He now works as a research scientist for Red Balloon Security where he lives a happy life, trying to make the world a more secure place, one embedded device at a time.
  • Published: 2016
  • Publisher: DEF CON
  • Language: English
41:12 Chaos Computer Club e.V. English 2017

Portals, dynamic permissions in Flatpak

Desktop application sandboxing is quite different than traditional container isolation, learn how flatpak does it, using the concept of portals.
  • Published: 2017
  • Publisher: Chaos Computer Club e.V.
  • Language: English
22:06 FOSDEM VZW English 2018

Ceph & ELK

  • Published: 2018
  • Publisher: FOSDEM VZW
  • Language: English
1:16:39 FOSS4G, Open Source Geospatial Foundation (OSGeo) English 2018

Panel Session: Human Evolution, Ethics and Open Source Mapping

Moderator: Maurits van der Vlugt Panelists: Hannah Dormido, Adam Steer, Serryn Eagleson
  • Published: 2018
  • Publisher: FOSS4G, Open Source Geospatial Foundation (OSGeo)
  • Language: English
1:31:43 DEF CON English 2018

DEF CON 26 Closing Ceremonies

  • Published: 2018
  • Publisher: DEF CON
  • Language: English
out of 1 pages
Loading...
Feedback

Timings

  194 ms - page object
  119 ms - search
    8 ms - highlighting
    0 ms - highlighting/32631
    1 ms - highlighting/32824
    1 ms - highlighting/41201
    1 ms - highlighting/20556
    2 ms - highlighting/37760
    3 ms - highlighting/40853
    3 ms - highlighting/39746
    2 ms - highlighting/37941
    6 ms - highlighting/36185
    2 ms - highlighting/36216
    3 ms - highlighting/32310
    2 ms - highlighting/32744
    2 ms - highlighting/31516
    2 ms - highlighting/33804
    2 ms - highlighting/18849
    1 ms - highlighting/31281
    3 ms - highlighting/33751
    0 ms - highlighting/31602
    1 ms - highlighting/33533
    1 ms - highlighting/16400
    3 ms - highlighting/19028
    1 ms - highlighting/34692
    4 ms - highlighting/33283
    2 ms - highlighting/19139
    1 ms - highlighting/20164
    3 ms - highlighting/30657

Version

AV-Portal 3.8.0 (dec2fe8b0ce2e718d55d6f23ab68f0b2424a1f3f)