1. Raising the BAR at NDSS 2018

    Just like every year, this year's NDSS was mid February in sunny (but not too warm) San Diego. To help cure the minimal 3 hour jetlag, I enjoyed a couple of morning runs with some of my colleagues -- if you want to get a workout done at a security conference …

    read more
  2. SyScan+360 in Seattle

    Just a couple of days after Oakland '17 I attended my next information security conference. This year, SyScan+360 was in Seattle and I used the time between Oakland and SyScan for a nice road trip from San Jose to Seattle. SyScan is not an academic but an industry conference …

    read more
  3. 33C3 CTF: Fun times

    pdfmaker (75 points)

    The first challenge I tried was pdfmaker. Surprisingly I spent way too much time on this simple starter challenge. I initially planned to use this challenge as a warm up but ended spending about 10 hours on it, mostly due to me overlooking simpler solutions that are …

    read more
  4. TUM CTF: boot2brainfuck

    According to the description, hxp provides us with a brainfuck (BF) execution service where we can send BF programs over netcat and execute them. To help, they provide us with a script that translated BF programs into a DOS, 16-bit COM executable.

    Now as a reminder, DOS COM executables are …

    read more
  5. AMD SEV attack surface: a tale of too much trust

    AMD recently announced the new Secure Encrypted Virtualization (SEV) extension that intends to protect virtual machines against compromised hypervisors/Virtual Machine Monitors (VMMs). An intended use-case of SEV is to protect a VM against a malicious cloud provider. All memory contents are encrypted and the cloud provider cannot recover any …

    read more

« Page 2 / 8 »