Show filters Hide filters

Refine your search

Publication Year
Organisation found in the video
1-20 out of 20 results
Change view
  • Sort by:
23:20 FOSS4G, Open Source Geospatial Foundation (OSGeo) English 2013

A New GIS Toolbox For Integrating Massive Heterogeneous GIS Data For Land Use Change Analysis

Agricultural land use in Germany and related impacts on the environment and the use of natural resources are key research topics at the Thünen-Institute of Rural Studies. As spatial context is essential for the analysis of causal connections, GIS data regarding all necessary information was gathered during different research projects and prepared for processing in a database. In particular, the Integrated Administration and Control System, which was available for certain project purposes for several Federal Laender and years, serves as a very detailed data source for agricultural land use. We use different Open Source GIS software like PostgreSQL/PostGIS, GRASS and QuantumGIS for geoprocessing, supplemented with the proprietary ESRI product ArcGIS. After introducing the used input data and the general processing approach, this paper presents a selection of geoprocessing routines for which Open Source GIS software was used. As an exemplary 'use case' for the conclusions from the consecutive statistical analysis, we summarize impacts of increased biogas production on agricultural land use change highlighting the trend in biogas maize cultivation and the conversion of permanent grassland to agricultural cropland.
  • Published: 2013
  • Publisher: FOSS4G, Open Source Geospatial Foundation (OSGeo)
  • Language: English
25:28 FOSSGIS e.V. German 2016

Transit-Routing und OSM

Der Kurzvortrag zum intermodalem Rad/Fuss/ÖNPV-Routing auf der letztjährigen FOSSGIS in Münster konnte nur kurz darstellen, was sich am Markt für Transit-Routing tut bzw. nicht tut, was für Fehler die verfügbaren Lösungen machen und welche Anwendungsfälle sich damit nicht realisieren lassen. Kurz darauf hat dasselbe Thema, temporär erweitert um Fernverkehrsdaten, den Preis in der Kategorie „Usability“ beim ersten Deutsche Bahn Hackathon gewonnen. Dieser Vortrag knüpft daran an und geht einen Schritt weiter: Systeme aus OSM und unfreien Transit-Daten sind nicht mehr ungewöhnlich, gleichzeitig tut sich was in Richtung freie Transit-Daten. Wie sieht die Killer-App aus, die aus solchen Daten wächst, und was wird OSM ausser dem Wegenetz dazu beitragen? Welche weiteren Verkehrsdienstleistungen werden enthalten sein? Dieser Vortrag kann diese Fragen nicht wirklich beantworten. Aber er kann deutlich machen, dass bessere Informationssyteme den nicht-individuellen Verkehr stärken und einen Beitrag zum Klimaschutz und zur Lebensqualität in urbanen Gebieten leisten können.
  • Published: 2016
  • Publisher: FOSSGIS e.V.
  • Language: German
59:36 Free and Open Source software Conference (FrOSCon) e.V. German 2014

I Love Logging

Als Weiterführung vom letzten Jahr, werden in diesem Vortrag einige funktionierende Lösungsvorschläge aufgezeigt und natürlich auch die neuen Funktionen der großen Log-Tools des letzten Jahres betrachtet.
  • Published: 2014
  • Publisher: Free and Open Source software Conference (FrOSCon) e.V.
  • Language: German
45:08 Chaos Computer Club e.V. English 2017

SCADA - Gateway to (s)hell

Small gateways connect all kinds of fieldbusses to IP systems. This talk will look at the (in)security of those gateways, starting with simple vulnerabilities, and then deep diving into reverse-engineering the firmware and breaking the encryption of firmware upgrades. The found vulnerabilities will then be demonstrated live on a portable SCADA system.
  • Published: 2017
  • Publisher: Chaos Computer Club e.V.
  • Language: English
1:00:13 Free and Open Source software Conference (FrOSCon) e.V. German 2016

Konferenzorganisation 101

Eine Konferenz zu organisieren ist viel Arbeit. In der IT Szene werden daher gerne Tools entwickelt, welche einen dabei unterstützen. Diese werden oft auch zu OS, jedoch nur selten bekannt. Ich möchte daher für alle (Neu-)Organisatoren einen Überblick über Tools geben, welche bei der FrOScon und anderen Konferenzen, zum Einsatz kommen und sich bewährt haben. Dieser Vortrag hat keinen Anspruch einen vollständigen Überblick zu geben.
  • Published: 2016
  • Publisher: Free and Open Source software Conference (FrOSCon) e.V.
  • Language: German
43:10 Free and Open Source software Conference (FrOSCon) e.V. German 2017

Sicheres Löschen von Daten auf SSDs

Um Daten auf Festplatten sicher zu löschen gibt es etablierte Programme und Vorgehensweisen. Bei SSDs sieht das gänzlich anders aus: Diese speichern die Daten auf ganz andere Weise und erzeugen im normalen Betrieb eigenständig Kopien. Eine ganze SSD zuverlässig zu löschen ist relativ einfach, selektiv einzelne Daten aus Partitionen oder Dateien sicher zu entfernen ist hingegen schwer. Der Vortrag stellt das Problem und den Unterschied zwischen SSDs und Festplatten vor und präsentiert eine Erweiterung für cryptsetup für Linux, mittels derer das in vielen Geräten vorhandene TPM-Modul genutzt wird um Daten aus einzelnen verschlüsselten Containern von SSDs sicher zu entfernen.
  • Published: 2017
  • Publisher: Free and Open Source software Conference (FrOSCon) e.V.
  • Language: German
31:05 Confreaks, LLC English 2016

Internships: Good for the Intern, Great for the Team

You might think that hiring interns is charity work. Your company is bringing on less-than-baked engineers and spending precious engineering resources to train them and bring them up to speed on your technologies. Surprise! Interns actually help your team, too. Running a successful internship program helps your team level up its teaching skills, discourages silos, and encourages writing maintainable code. I’ll talk about mistakes, successes, and specific processes to keep your team and interns productive, and you’ll leave this talk with plenty of fodder for hiring interns at your company.
  • Published: 2016
  • Publisher: Confreaks, LLC
  • Language: English
36:01 DEF CON English 2018

BLUE TEAM VILLAGE - Hacking Your Dev Job to Save the World: Where Programming and Hacking Meet

Have you wondered whether developers can play any significant role in the security world? Come hear from a diehard programmer and hacker who loves to break and loves to build, and learn how a regular programmer can make major contributions to security from the trenches. This presentation will dive into the intersection between development and security. You will learn about the SDL -- Secure Development Lifecycle, and why in the world a hacker would care about processes and procedures. You will learn how "processes" and "lifecycles" can be useful -- and how they can be a complete waste of time. Included are real world success stories of organizational hacking -- getting other engineers to change their practices -- and real world fail stories. Attendees will come away with knowledge of how development and security intersect, and how they can use their programming day job to save the world. If you are a developer who cares deeply about security, enjoys exploits, and wants to make the world a better place, this is for you.
  • Published: 2018
  • Publisher: DEF CON
  • Language: English
29:48 DEF CON English 2018

ICS VILLAGE - A CTF That Teaches: Challenging the Next Generation of ICS Ethical Hackers

  • Published: 2018
  • Publisher: DEF CON
  • Language: English
34:59 DEF CON English 2018

Outsmarting the Smart City

The term"smart city" evokes imagery of flying cars, shop windows that double as informational touchscreens, and other retro-futuristic fantasies of what the future may hold. Stepping away from the smart city fantasy, the reality is actually much more mundane. Many of these technologies have already quietly been deployed in cities across the world. In this talk, we examine the security of a cross-section of smart city devices currently in use today to reveal how deeply flawed they are and how the implications of these vulnerabilities could have serious consequences. In addition to discussing newly discovered pre-auth attacks against multiple smart city devices from different categories of smart city technology, this presentation will discuss methods for how to figure out what smart city tech a given city is using, the privacy implications of smart cities, the implications of successful attacks on smart city tech, and what the future of smart city tech may hold.
  • Published: 2018
  • Publisher: DEF CON
  • Language: English
13:11 DEF CON English 2018

ICS VILLAGE - A SOC in the Village

  • Published: 2018
  • Publisher: DEF CON
  • Language: English
51:01 DEF CON English 2018

Thru the Eyes of the Attacker: Designing Embedded Systems for ICS

In 2017 a malware framework dubbed TRITON (also referred to as TRISIS or HatMan) was discovered targeting a petrochemical plant in Saudi Arabia. TRITON was designed to compromise the Schneider Electric Triconex line of Safety Instrumented Systems (SIS), potentially in order to cause physical damage. TRITON is the most complex publicly known ICS attack framework to date and the first publicly known one to target safety controllers. While the functionality of the malware is understood, little is known about the complexity of developing such an implant. The goal of this talk is to provide the audience with a “through the eyes of the attacker” experience in designing advanced embedded systems exploits & implants for Industrial Control Systems (ICS). Attendees will learn about the background of the TRITON incident, the process of reverse-engineering and exploiting ICS devices and developing implants and OT payloads as part of a cyber-physical attack and will be provided with details on real-world ICS vulnerabilities and implant strategies. In the first part of the talk we will provide an introduction to ICS attacks in general and the TRITON incident in particular. We will outline the danger of TRITON being repurposed by copycats and estimate the complexity and development cost of such offensive ICS capabilities. In the second and third parts of the talk we will discuss the process of exploiting ICS devices to achieve code execution and developing ICS implants and OT payloads. We will discuss real-world ICS vulnerabilities and present several implant scenarios such as arbitrary code execution backdoors (as used in TRITON), pin configuration attacks, protocol handler hooking to spoof monitored signal values, suppressing interrupts & alarm functionality, preventing implant removal and control logic restoration and achieving cross-boot persistence. We will discuss several possible OT payload scenarios and how these could be implemented on ICS devices such as the Triconex safety controllers. In the final part of the talk we'll wrap up our assessment of the complexity & cost of developing offensive ICS capabilities such as the TRITON attack and offer recommendations to defenders and ICS vendors.
  • Published: 2018
  • Publisher: DEF CON
  • Language: English
1:00:58 Chaos Computer Club e.V. German 2015

Mythen der Elektronikentwicklung

Es gibt unzählige Möglichkeiten, ein Hardwareentwicklungsprojekt in den Sand zu setzen. Man muss nicht für alle davon selbst verantwortlich sein, um daraus zu lernen. Und nicht alles, was man irgendwo schon mal gehört hat, ist auch wirklich richtig.
  • Published: 2015
  • Publisher: Chaos Computer Club e.V.
  • Language: German
48:39 DEF CON English 2018

CAR HACKING VILLAGE - When CAN CANT

The Controller Area Network (CAN) bus has been mandated in all cars sold in the United States since 2008. But CAN is terrible in many unique and disturbing ways. CAN has served as a convenient punching bag for automotive security researches for a plethora of reasons, but all of the available analysis tools share a shortcoming. They invariably use a microcontroller with a built-in CAN peripheral that automatically takes care of the low-level (ISO layer 1 and 2) communication details, and ensures that the CAN peripheral plays nicely and behaves at those low levels. However, a good hardware hacker understands that the sole purpose of the electron is to be bent to our will, and breaking assumptions by making “That CANT happen!” happen is a surefire way to find bugs. CANT is a (partial) CAN bus peripheral implemented in software that allows security researchers to exercise the electrical bus-level error handling capability of CAN devices. The ability to selectively attack specific ECUs in a manner that is not detectable by automotive IDS/IPS systems (see ICS-ALERT-17-209-01) is invaluable to automotive security researchers as more automakers integrate advanced security measures into their vehicles.
  • Published: 2018
  • Publisher: DEF CON
  • Language: English
35:35 DEF CON English 2018

ICS VILLAGE - Behavior-Based Defense in ICS: Leveraging Minor Incidents to Protect Against Major Attacks

  • Published: 2018
  • Publisher: DEF CON
  • Language: English
51:11 FOSDEM VZW English 2014

How do we make "Qt on Mer" the solution of choice for device vendors?

Covering Mer's birth, the MeeGo years and how we now work in a truly collaborative and open project to make Mer productizable. Mer supports organizational collaboration; our vendor focus drove the design from the project structure through the architecture, the deliverables and the processes. We continuously ask "How will this decision affect vendors using our solution to make a product?" Mer delivers a world-class platform for building products: after all, it's an ultra-modern Linux stack with a strong upstream focus that partners with a world-class graphical framework; it rocks! I'll explain why "code is not enough"; what else we deliver and how we ensure that the code, policies and processes you tell your customers to use are up to the job. Then the details of Mer and QtCreator; how the cross-compilation and emulation works in the Mer SDK. Finally some future goals for Mer and our collaborators and a demonstration of some technology that is guaranteed to be of interest to people looking to build Qt products now, on hardware shipping today.
  • Published: 2014
  • Publisher: FOSDEM VZW
  • Language: English
46:39 Chaos Computer Club e.V. English 2015

Bugged Files

Certain file formats, like Microsoft Word and PDF, are known to have features that allow for outbound requests to be made when the file opens. Other file formats allow for similar interactions but are not well-known for allowing such functionality. In this talk, we explore various file formats and their ability to make outbound requests, as well as what that means from a security and privacy perspective. Most interestingly, these techniques are not built on mistakes, but intentional design decisions, meaning that they will not be fixed as bugs. From data loss prevention to de-anonymization to request forgery to NTLM credential capture, this presentation will explore what it means to have files that communicate to various endpoints when opened. "unicornFurnace"
  • Published: 2015
  • Publisher: Chaos Computer Club e.V.
  • Language: English
41:54 DEF CON English 2018

ICS VILLAGE - Analyzing VPNFilter

  • Published: 2018
  • Publisher: DEF CON
  • Language: English
2:21:33 DEF CON English 2018

BIO HACKING VILLAGE - DAY ONE

  • Published: 2018
  • Publisher: DEF CON
  • Language: English
1:28:25 DEF CON English 2018

ETHICS VILLAGE - Nations and Nationalism and Cyber Security

When talent comes from intelligence agencies, what masters do we server, who takes priority, and how can companies ensure providers are supporting their interests above past masters? And how have companies muddied the waters so that these questions are relevant in the first place? Some exploration of conflicting duties and possible responses.
  • Published: 2018
  • Publisher: DEF CON
  • Language: English
out of 1 pages
Loading...
Feedback

Timings

  154 ms - page object
  104 ms - search
    6 ms - highlighting
    1 ms - highlighting/38099
    2 ms - highlighting/31529
    3 ms - highlighting/20965
    4 ms - highlighting/38065
    3 ms - highlighting/39897
    5 ms - highlighting/39887
    1 ms - highlighting/39895
    3 ms - highlighting/15504
    3 ms - highlighting/40293
    3 ms - highlighting/32286
    2 ms - highlighting/19715
    2 ms - highlighting/39707
    6 ms - highlighting/39806
    2 ms - highlighting/39845
    4 ms - highlighting/39899
    0 ms - highlighting/39903
    1 ms - highlighting/39679
    2 ms - highlighting/34823
    2 ms - highlighting/32408
    2 ms - highlighting/39816

Version

AV-Portal 3.8.0 (dec2fe8b0ce2e718d55d6f23ab68f0b2424a1f3f)