Ez a blogposzt az utolsó egy három részes sorozatból mely a gépi tanulás adatvédelmi kockázatairól kíván közérthető nyelven egy átfogó képet nyújtani. Az első egy bevezető volt a gépi tanulás világába, a második a létező támadásokat ölelte át. Ebben a záró részben a lehetséges védekezéseket mutatjuk be.
Continue reading Gépi Tanulás & Személyes Adatok VédelmeGépi Tanulás & Személyes Adatok Támadása
Gépi Tanulás
Ez a blogposzt az első egy három részes sorozatból mely a gépi tanulás adatvédelmi kockázatairól kíván közérthető nyelven egy átfogó képet nyújtani. Ez az első egy bevezető a gépi tanulás világába. A következő a létező támadásokat fogja átölelni, míg az utolsó záró rész a lehetséges védekezéseket mutatja majd be.
c0r3dump @ VolgaCTF
VolgaCTF is one of the largest hacker competitions of the Russian Federation. This year, our one-year-old hacker team, c0r3dump, successfully qualified for the VolgaCTF Final by achieving the 16th place in the qualification round in March. The 9th VolgaCTF Final was held in Holiday Inn, Samara between September 17 (Tuesday) and September 20 (Friday). 19 teams were competing in the final, 3 Austrian, 1 Vietnamese, 14 Russian and 1 Hungarian. This was the first CTF final of “c0r3dump”.
Post-Quantum Cryptography: What and Why Needs to be Changed Soon?
This article was prepared in cooperation with Microsec Ltd. Check out their blog for more interesting readings!
In this post, we explain the impact of prospective quantum computers on current implementations of cryptographic primitives, including digital signatures. Continue reading Post-Quantum Cryptography: What and Why Needs to be Changed Soon?
Certificate Transparency – the current landscape in Hungary
This blog post was written by Márton Horváth who worked on implementing a monitor for Certificate Transparency logs in the context of his student semester project. As a proof-of-concept, he used the monitor he created to collect information about logged certificates issued in Hungary or issued to Hungarian web sites. This blog post contains the main findings of the analysis of those certificates. Continue reading Certificate Transparency – the current landscape in Hungary
Linux integrity monitoring on the Raspberry Pi
This blog post, written by István Telek, is the last post in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform. This last post describes how we implemented a very basic integrity monitoring function as a trusted application running in OP-TEE. Continue reading Linux integrity monitoring on the Raspberry Pi
Enabling WiFi and converting the Raspberry Pi into a WiFi AP
This blog post, written by Márton Juhász, is the fifth in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform. This post specifically will explain how to convert the Raspberry Pi into a WiFi access point such that it can perform some gateway-like functionality. First, we describe how to enable WiFi and then how to enable other software components to make the Pi an access point. Continue reading Enabling WiFi and converting the Raspberry Pi into a WiFi AP
OS hardening on the Raspberry Pi
This blog post, written by Márton Juhász, is the fourth in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform. Previous posts discussed building a custom Linux system with Buildroot, installing OP-TEE, and verified boot on the Raspberry Pi. This post will describe some OS hardening options you can use to reduce the attacks surface. Continue reading OS hardening on the Raspberry Pi
Verified boot on the Raspberry Pi
This blog post, written by István Telek, is the third post in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform. It describes how you can implement a verified boot process on the Raspberry pi. Continue reading Verified boot on the Raspberry Pi