Since the end of 2011, HTC allows unlocking its Smartphones' bootloaders. Before that, HTC controlled every updates and packages that were installed on their devices. Users can now unlock their device manually in order to install any installation image (commonly called "ROM" in Android jargon) on their Smartphone. This article describes the internal aspects behind this unlock procedure.
Blog of the SOGETI / ESEC R&D Lab
Some feedback from the 28C3 conference
cedric » Tuesday 17 January 2012, 18:19 - Conferences
Here is a summary of the talks I attended during CCC. The talks were given in 3 simultaneous tracks, so some choices had to be made. All in all, this is one of the best conferences I attended and I can only recommend it. The slides will be made available little by little. The live video streaming and the video downloads, ready only a few days later, are excellent resources to watch.
Retours sur le 28C3
cedric » Tuesday 17 January 2012, 18:18 - Conferences
Voilà un résumé des conférences auxquelles j'ai assisté. Les planches seront rendues disponibles au fur et à mesure. Les conférences sont réparties sur 3 salles en simultané, il a donc fallu faire des choix. Globalement, c'est une des meilleures conférences auxquelles j'ai pu assister, je ne peux donc que la recommander. Leur système de streaming vidéo en direct et la mise à disposition des vidéos juste quelques jours après l'évenement sont remarquables.
iOS 5 data protection updates
jean » Friday 14 October 2011, 14:36 - Reverse engineering
iOS 5 was released this week, and introduced some changes to the data protection features we described at HITB Amsterdam. This post highlights the updates made since iOS 4.
Hack.lu CTF 2011 Write-up : Scotty's last signal
jj » Tuesday 27 September 2011, 12:42 - Conferences
Another writeup for the excellent Hack.lu 2001 Capture The Flag contest.
This one was very unusual, based on a patched NES rom of Super Mario Bros 1.
This one was very unusual, based on a patched NES rom of Super Mario Bros 1.
Scotty's last signal
You might have heard about Montgomery Scott, the legendary chief engineer of the U.S.S. Enterprise. What you probably did not know is his passion for Video Games - especially really old classics. We recently lost contact with his transport shuttle and we think you should examine this old game file we recently recieved because he might have just put a message into there. This would make sense if he could not send a fully blown Space-Unicode message signal to avoid attracting any Borg ships in the sector... (Borg usually are very bad at video games)
His passion for Beaming and Warping might be of interest for your analysis.
Hack.lu CTF 2011 Write-up : FluxScience
JB » Monday 26 September 2011, 12:09 - Conferences
This was probably one of the most entertaining challenges of this CTF. A file data.flux is provided. The goal is to analyze a Windows binary to be able to decrypt this file.
A few informations are given:
Thanks to a former employee of FluxScience (one of our competitors), we managed to get hands on some important files which might help us revealing company secrets. Attached you will find the files. The employee who provided them got fired. You might be lucky and find his account still working: FLUX-38B273DD75860083-0B3DD6B02EC5B9B1-4AFFBAC2EB8B4D17 He might not have the necessary permission to decrypt the personal data data.flux. he stole them from his boss, _GLaDOS_. Would you mind helping us by finding their company secret?
Hack.lu CTF 2011 Write-up : Romulan Business Network
guillaume » Thursday 22 September 2011, 19:05 - Conferences
Once again, we participated in the Capture-The-Flag event organized by the FluxFingers team at Hack.lu. Just like last year's CTF, the challenges were fun and original, and we finished up first after 48 hours of rude competition. The challenge here consisted in a little PDF crackme to solve. I will explain how I got through it using Origami and a standalone JavaScript VM like V8.
The undocumented password validation algorithm of Adobe Reader X
guillaume » Wednesday 14 September 2011, 12:25 - Reverse engineering
Someone recently sent me an email about troubles when opening in Origami encrypted PDF documents produced by Acrobat Pro X. At first I thought it was a bug, but while looking in the data of the document I noticed two unusual things: the specified PDF version was Extension Level 8 and the revision level of the cryptographic handler was 6. However at this time, the latest published specification by Adobe is the Extension Level 5, and it makes no mention about a revision 6 of the security handler.
After some quick researchs, it appears that the specifications for this PDF version have not been released by Adobe, but are yet implemented in Adobe Reader X. This undocumented version makes use of a new password validation algorithm when opening encrypted documents.
« previous entries - page 1 of 14