Next Page: 10000


[Stewart Baker] Sandworm and the GRU's global intifada

[Episode 286 of the Cyberlaw Podcast] This episode is a wide-ranging interview with Andy Greenberg, author of Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers. The book contains plenty of original reporting, served up with journalistic flair. It digs deep into some of the most startling and destructive cyberattacks of recent years, from two dangerous attacks on Ukraine's power grid, to the multibillion-dollar NotPetya, and then to a sophisticated but largely failed effort to bring down the Seoul Olympics and pin the blame on North Korea. Apart from sophisticated coding and irresponsibly indiscriminate targeting, all these episodes have one thing in common. They are all the work of Russia's GRU. Andy persuasively sets out the attribution and then asks what kind of corporate culture supports such adventurism – and whether there is a strategic vision behind the GRU's attacks. The interview convinced me at least…

“Is your startup idea taken?” and why we love X for Y startups

Hacker News - ??Above: Michelle Rial (follow her at @TheRialMichelle), then working at Buzzfeed, posted this hilarious infographic with all the "X for Y" ideas. Here's the original article. I had a quick laugh, of course. But then seeing this infographic made me think through some deeper things: What are "X for Y" companies and why do they ?

Backdoor Could Be Used On Microsoft SQL Without Detection

If you haven't heard of Skip-2.0 yet, prepare to be dismayed. Security researchers have recently discovered an undocumented (until now) backdoor designed for Microsoft SQL servers. It will allow a hacker working ...

Thackery Australian Shepherd Puppy Male (American Listed) $50

Thackery is 1 of the Hocus Pocus litter, fostered in Alabama and seeking a Florida foster or adopter so he can go on transport. Please note that these pups must be fostered in pairs or more. These pups are between 12-15 weeks and expected to be large adults. They will require homes with securely, physically fenced yards that can accommodate large dogs, and herding breed and/or livestock guardian breed experience is preferred. These pups are up-to-date on age-appropriate preventives and vaccines, and micro chipped. They will go home on spay/neuter contracts, and when proof of alteration is received within the specified timeframe, $50 of their adoption donation can be refunded. Adoption and foster applications can be found at


Commentaires sur Journal du hacker et francophonie par Carl Chenet

Merci ! Je corrige.

Commentaires sur Journal du hacker et francophonie par Yves

Bel article, et beau travail de recherche, bravo. Attention, petite coquille pour OSM : OpenStreetMap s’écrit sans « s » final (mnémo : il n’y a qu’une seule carte). Bonne continuation.

Komentar di AI 4D Kamis oleh naenggolan


Komentar di CB 1D-AI 3D-OFF 2D Kamis oleh naenggolan


Komentar di CB 1D Kamis oleh naenggolan


How Transparent Should Government Be After a Cyberattack?


Atlanta was one of the first major cities hit, waylaid by a costly ransomware attack. As headlines about what happened continued in the months to come, similar incidents besieged other government agencies across the country. There was Baltimore. There was the Colorado Department of Transportation, twice. There were half a dozen small cities in Massachusetts. There was Albany, N.Y.

In the past 18 months or so, cyberattacks on government have accelerated. Experts say this is an evolution wherein bad actors have moved from targeting individuals at random, to going after governments, school districts, companies, and other institutions, which often have more to lose and are thereby more lucrative. Another factor in the recent acceleration is that many of these entities have been traditionally underfunded in the realm of cybersecurity.

As such, public-sector IT leaders have begun to view a successful cyberattack as a matter of when, not if. Essentially, regardless of how well-prepared government is, a breach is still coming, and so a larger onus is now being placed on response, specifically on best practices for the aftermath of a cyberattack. Within this conversation, however, a major point of tension has arisen — transparency.

A question local government leaders must grapple with is this: How transparent should government be after a cyberattack? Should they tell citizens everything, or should they downplay incidents altogether, obscuring details under the assumption that any information on their vulnerabilities can and will be used against them?

It’s a complicated debate, and with this wave of cybercrime showing little sign of slowing, finding answers has become imperative.

Being as transparent as possible with citizens has evolved as of late, fueled by technology that enables easier sharing of data as well as more convenient lines of communication between government and the citizens it serves. 

There is, perhaps, a growing expectation that local government should tell residents everything, provided it doesn’t infringe on the privacy of others. But what about emergency situations like cyberattacks?

In March, Albany was hit by a cyberattack on a Saturday. Thanks to an alert about the breach, the city had most major systems up and running again by Monday, except for getting birth, death and marriage certificates. City offices were closed Monday morning, though, as the city worked to ensure a full recovery.

Albany Mayor Kathy Sheehan was open with information throughout, announcing via social media that an attack had occurred the same day she found out. On Sunday, she again took to social media to let residents know city officials had been working to prevent any interruptions in government service. Then on Monday, the city let residents know when it was open again.

It all seems innocent enough, but at a recent breakfast roundtable discussion about cybersecurity and cities, hosted during the CityLab DC summit, Sheehan said not everyone in City Hall agreed with that open approach.

“Our CIO would have preferred saying nothing at all,” Sheehan told a collection of other elected officials and IT leaders, the majority of whom had similar anecdotes to share.

Other CIOs in attendance agreed with the stance, or at least the desire to be able to maintain silence. But Sheehan felt obligated as an elected official to let the public know all that she could about what was happening. Moreover, she said her CIO and the rest of the IT staff had “done a phenomenal job” and she wanted the public to know that as well.

The reason for advocating silence, however, is in part a concern that a larger cybersecurity target will be put on local governments, and that bad actors will see detailed news of a successful defense as a challenge. Another layer is that releasing detailed information will help bad actors find a new vulnerability to exploit. Cyberattacks are, after all, a crime, and so some of the details will always be sensitive.

Brian Nussbaum, who is a fellow with New America’s Cybersecurity Initiative and an assistant professor of cybersecurity at the University of Albany, said a balance must be struck between giving citizens necessary info and obscuring the scope of defenses and recovery, noting that “it’s possible to describe in general what’s being done without being specific about what’s being done.”

Sometimes, Nussbaum added, public organizations withhold information not in the name of secrecy, but rather because they are still sorting out “second order effects,” which basically means assessing the problem and understanding the damage. For organizations like government or public health systems, which keep private data subject to regulations, this is paramount. 

Nussbaum, however, was optimistic that more answers about transparency after a cyberattack will emerge as this particular challenge matures. As cybersecurity defenses, response plans and general knowledge evolves in the public sector, so too will best practices around what information to share with the public.

This is also far from a new tension within government.

“This is not an unusual problem in the abstract,” Nussbaum said. “Elected officials who are accountable to citizens often have impulses to do things that people in the business line don’t have the same incentives to want to do, because they are not directly talking to the citizens in the same way. I don’t think this is a problem that’s unique to local government cybersecurity, but rather a problem for government writ large.”

Gary Brantley, the Atlanta CIO, continues to oversee that city’s cybersecurity in the wake of its recovery. Also in attendance at CityLab DC, Brantley said his goal is always to share as much information as he can without compromising operations or inciting fear. One thing that gets lost, he added, is just how common failed attacks are.

“These attacks are widely unsuccessful,” Brantley said, “and that’s one thing we don’t talk about.”


How to Safely Shop Online This Holiday Season


The moment Halloween ended, the nation entered an earlier-than-ever holiday shopping season online that has already begun and won’t end until early January, 2020.

Why begin the holiday shopping season so early this year?

Since the Thanksgiving holiday weekend arrives late in 2019, Black Friday and Cyber Monday deals are already arriving with retailers launching a blur of discounts to try and make up for the perceived lost shopping days - when compared to the early Thanksgiving holiday weekend in 2018.

For example, CNET highlighted these Black Friday and Cyber Monday deals that actually start on November 7. Others have already begun.

USA Today revealed deals from Bed Bath & Beyond as well as Kohls deals.

Forbes provided these deals from Walmart, Best Buy and more. While Fox News proclaimed: “Black Friday is 3 weeks away right? Nope, it's here now.”

As I was doing research for this article, I learned that Black Friday has become a global event, with big sales as far away as China. Indeed, the Google analytics show worldwide holiday shopping trends that are complex, unique by industry and country. Overall, big increases are expected in search traffic – with some industries doubling. In the US, retailers see an 80 percent increase in their search traffic throughout November.

And the sales forecast news is generally very good for retailers according to Inc. Magazine:

“Cyber Monday is expected to pull in $9.4 billion this year, a $1.5 billion increase from last year's online sales tally for the Monday after Thanksgiving. The real detail retailers need to know? Thirty percent of all sales made this Cyber Monday, which falls on December 2, will likely be made in the four-hour window of 7 to 11 p.m. Pacific time.

That's according to Adobe Analytics' Holiday Forecast 2019, which analyzed data on trillions of visits, products, and transaction data from U.S. retail websites. Adobe also surveyed more than 1,000 U.S. consumers in October as a companion to its findings.

The report notes that retailer conversion rates, which measure the number of people who visit a website and then make a purchase, are predicted to double during the four-hour surge in sales. Adobe says these ‘golden hours of retail’ are due to ‘deal FOMO,’ or the fear of missing out on last-minute deals near the end of the day.”

Beyond Black Friday and Cyber Monday: A Wider Holiday Sales Trend?

And taking a big step back there are several significant trends developing as we head into the 2020s. While Black Friday sales within stores remain a robust and huge part of holiday shopping, a new cybermania is emerging which extends well beyond Cyber Monday. (We may even need a new name – any ideas?)

CNBC recently reported that Cyber Monday will excite shoppers more than Black Friday. Here are some highlights:

Deloitte finds 53 percent of people will rely on Cyber Monday for discounts, while 44 percent say they’re planning to snag promotions on Black Friday this year. Deloitte’s annual holiday study also finds shoppers are expected to spend $1,496 per household this holiday season. The bulk of spending, or $596, is going toward experiences like travel and dining out.

Business Insider offers this very helpful piece which answers the frequent question: Is Black Friday or Cyber Monday Better (for sales)? Here’s an excerpt:

“A good rule of thumb is that Black Friday is a better time to buy newer, big-ticket items. It's also the best day to shop in stores. Cyber Monday is a better day to shop for tech deals and smaller gifts. You'll also see slightly better discounts online.

For items you're likely to buy once a year or less, you'll probably find better discounts on Black Friday. Anything you'd buy as a gift will likely see better discounts on Cyber Monday.”  

Online Safety and Security First

But regardless of when you go online to do your Christmas shopping this holiday season, there remain some tips that can help you stay safe and secure - beyond the frequent calls to change your profile password (or not use the same password) at websites.

To begin, a bit of history. This topic is certainly not new, and many of the themes and basic questions are the same as a decade ago. You don’t want to get disciplined at work for violating policy, so be sure to know what’s allowed and what isn’t allowed.

I find it interesting to look back to where we have been, and compare behaviors to office life today with articles and blogs from a decade ago on Cyber Monday.  

Here are a few relevant examples from the past:

CSO Magazine: Encourage Cyber Monday or Grinch.exe? and Cyber Monday & Redefining Acceptable Use – Again

Government Technology Magazine: Web Sites Struggle on Black Friday: Cyber Monday is Next and Cyber Monday: Are you shopping from work?

Nevertheless, most organizations have loosened their holiday shopping policies and now permit employees (even government employees) to shop at appropriate times over the holiday season on work computers (usually during breaks).

So here are some of my favorite tips to help whether at home or work:

1.  Avoid Sites With Poor Security Practices –

“Don’t gamble with your identity. Stay away from retail sites with lackadaisical security practices. Two key practices stand out in particular: SSL certificates and Verisign domain protection.

SSL is an encryption protocol that renders it much more difficult (though not impossible) for bad actors to steal payment card information and other personal data during the payment process. Look for “https” at the beginning of the site’s URL. You should never enter payment card information on non-“https” pages, period.

Verisign provides site administrators with a modicum of protection against hacking attacks and malware. Like SSL, it’s not foolproof, but it helps. Sites without Verisign protection are vulnerable to man-in-the-middle attacks, spoofing, and other types of cybercrime.

If you don’t already, consider using a web browser that can identify potentially compromised websites. …”

2. – Offers ten basic safety tips for online and offline life. Here’s one that important:

“Use a credit card for your online purchases versus other payment methods. Almost all credit cards have fraud protection, meaning if there is a data breach and your card’s information is taken, you won’t be held responsible for any of the charges. If you are involved in a fraud situation, your credit card provider will handle this and send you a new credit card. The same courtesies may not be extended from other online payment methods like an electronic transfer from your bank account.”

3. State Farm – Offers tips for in the store, in your car and online. Here are their online tips:

Stick to retailers you know and preferably, have shopped with before. Research a business you haven’t purchased from before by checking customer reviews or complaints with the Better Business Bureau. Never commit to a deal that seems too good to be true. Refrain from using pubic Wi-Fi to make purchases, or use a VPN to avoid hackers intercepting your information. Check a webpage’s security by looking for the lock icon in the URL field, and making sure the URL starts with “https”, not just “http”. The “s” means the site is safer and more secure.

Final Thought

One thing to keep in mind is that many people have heard these tips before, but let their guard down over the holidays when rushing for an online deal that is about to expire. Also, people will go places they don’t normally go this time of year to save on presents or get the best deal.

So even if you think you know all of this, double-check to make sure that everyone in your family (and in your office) is following best practices.

Happy shopping.


UN-Finished Stories

HackerFox44 / 7 pages
SO!! Description changed again!! How'd that happen I wonder? Nah, just thought the last one was too 'half-arsed'. BUT!! Read this book and tell me if you want more! Cuz my sad little heart wants love. (NOT L.o.V.e! YA DINGUS!) Stories I wrote i...

North Korean hackers targeted Tamil Nadu Nuclear plant, top nuclear scientists: South Korean intel group

South Korea based Issue Makers Lab has shared “evidence” online claiming that the malware attack on Tamil Nadu’s Kudankulam Nuclear Power Plant was done from N Korea which allowed hackers to contact anyone in India’s nuclear energy sector. As per IML, Pyongyang is interested in the thorium-based nuclear power in which India is a world leader.

CyberWeek 2019: la gastronomía gana protagonismo

Hasta el domingo 10 de noviembre, de la mano de su propuesta "Delivery Hackers", Pedidos Ya ofrece descuentos reales en grandes cadenas

Manual Hacker Rp75

Manual Hacker Rp75

Çinli hackerlar parmak izi okuyucusunu 20 dakikada kırdı

Çinli hackerlar, akıllı telefonlardaki biyometrik güvenlik sistemlerini sadece 20 dakika içerisinde geçebilen bir yöntem geliştirdi.

Hackers de Corea del Norte roban 2 mil millones de dólares de bancos

Las Naciones Unidas realizaron un detallado informe de cómo el régimen de Kim Jong-un destinó a sus ciberpiratas a cometer delitos en todo el mundo. Los fondos fueron canalizados a su programa de armas nucleares. Kim Jong-Un lo hizo de nuevo. Esta vez la revelación fue hecha nada menos que por las Naciones Unidas (ONU). Corea del Norte ha dominado la piratería de los sistemas financieros antiguos y nuevos para canalizar miles de millones de dólares a su programa de armas nucleares, según un nuevo informe del organismo internacional. Los agentes norcoreanos han acumulado alrededor de USD 2.000 millonesrobando dinero de instituciones financieras […]

Enabled by $$ & gerrymandering, Bucky's little dictators get bolder

3:40 p.n. update: GOP State Sen. fires Ag secretary, because it can.

A year ago Thursday I called Wisconsin's GOP legislative leaders "little dictators" as they put their secretly-crafted power-grabbing bills on a fast-track to the defeated Walker's veto-free signature.

Their Machiavellian, rule-changing mission? 

Stripping traditional authority from the duly-elected Democratic Gov, Tony Evers and AG Josh Kaul - - and keeping Wisconsin a one-party safe haven for:

Big business and the corporate donor class;

Special interests;

Fecal pollution;

Self-serving and unsustainable Foxconning;

* GOP 'principles' like voter suppression, rock-bottom minimum wages, dangerous, road-builder-friendly highway expansion instead of transit ;

* And, above all, Donald Trump's re-election.

Scott Walker says he will chair Trump's Wisconsin re-election campaign
Fitzgerald aligns with Trump when announcing Congressional bid
The Journal Sentinel today updates this out-in-this-open putrid partisanship: 
Wisconsin Senate to reject Gov. Tony Evers' ag secretary and try to limit his vetoes
Wisc Sen. Scott Fitzgerald.jpg
WI GOP Sen. Majority Leader Scott Fitzgerald can ride his hostility towards Democratic office-holders to a Congressional win and closer proximity to a) key funders, and b) Congressional and lobbying power-brokers like Mitch McConnell who spent years boxing-in Barack Obama with a repetitive strategy of "no" and related partisan hackery.


Video: 11 loistavaa niksiä koiraasi varten

Koiranomistajat, nämä niksit ovat teitä varten. Vinkit videolla on kerännyt HouseholdHacker. Nämä vinkit ovat varmasti koiranomistajien mieleen; niissä on keinoja siihen miten tehdä kotitekoisia herkkuja koiralle, miten valmistaa itse koiralle leluja, miten pitää koira viileänä kuumina kesäpäiviä ja jopa neuvo siihen, miten rakentaa itse automaattinen vesikulho. Katso video yllä! Jaa tämä artikkeli toiselle naiselle

ONU : la Corée du Nord formerait de jeunes hackers aux attaques cryptos


Corée du Nord hackers

Des rapports de l’ONU indiquent que la Corée du Nord aurait recruté des jeunes pour devenir hackers en cryptos, comme le rapporte le média Chosun repris par Cryptonews. Ce n’est pas la première accusation de ce type à l’encontre du pays, qui semble déterminé à utiliser les crypto-actifs afin de contourner les sanctions et financer son développement.

Des cryptos dans les biberons des hackers nord-coréens

L’information vient de plusieurs rapports du Comité des sanctions contre la République populaire démocratique de Corée (RPDC) à l’ONU, qui ont été analysés par le membre du Parlement sud-coréen Cho Won-Jin. Selon ces derniers, le gouvernement nord-coréen identifie des enfants ayant montré un talent particulier pour l’informatique, et les sélectionne afin qu’ils deviennent des « cyber-agents ». Ils forment alors une unité spéciale, dont le but est d’attaquer des sites et espaces de stockages dédiés aux crypto-actifs.

La Corée du Nord conduirait ces raids afin de dérober des fonds et utiliserait principalement des techniques de « spearfishing » (hameçonnage ciblé), depuis au moins 2016. Il semblerait que les cibles favorites de cette unité spéciale soient les exchanges de cryptos sud-coréens, à cause de leur sécurité qui peut laisser à désirer.

Dissimuler les traces d’effraction

Si cette histoire paraît déjà rocambolesque, elle ne s’arrête cependant pas là. Toujours selon le média Chosun, il semblerait que la Corée du Nord ait également établi une entreprise blockchain à Hong Kong, qui servirait uniquement de façade afin de procéder au blanchiment des fonds ainsi dérobés. L’entreprise, Marine China, n’aurait qu’un seul investisseur.

Les cryptodevises volées seraient déplacées entre un grand nombre d’adresses, situées dans plusieurs pays différents, afin de couvrir les traces et éviter d’attirer l’attention de potentiels enquêteurs. Ce sont plus de 5 000 transactions qui auraient ainsi été effectuées. Cela permettrait au pays de continuer à se financer, tout en évitant les sanctions financières américaines qui pèsent actuellement sur son économie.

Ce rapport coïncide en tout cas avec d’autres informations qui avaient déjà été révélées il y a quelques mois. On apprenait ainsi en août que le pays aurait attaqué des exchanges afin de financer son programme d’armement. Ce sont deux milliards de dollars qui auraient ainsi été dérobés. L’information a bien sûr été niée par la RPDC, un mois plus tard. Ce qui est sûr, c’est que le pays s’intéresse fortement aux monnaies virtuelles. En septembre, on apprenait ainsi que l’État travaillait à sa propre cryptodevise, qui serait similaire au Bitcoin.


Marine Debelloir

Intriguée par le Bitcoin depuis plusieurs années, Marine s'est prise de passion pour les crypto-monnaies et les technologies novatrices qu'elles créent. Elle aime dénicher les infos les plus croustillantes pour aider à démocratiser ce passionnant univers.

facebook-cryptoast twitter-soothsayerdataProfil linkedin


How To Make Money From Home Fast

source Blog Defender 2018 OTO Secure your WP blog from hackers, 36+ step by step tutorial videos, 2 Premium Plugins and full developer rights...9 Shares In The MTC Coop - ...

Defending the Perimeter Isn’t Enough on Election Hacking


Defending the Perimeter Isn’t Enough on Election Hacking(Bloomberg Opinion) -- The U.S. is now just a year from the 2020 presidential election. In 2016, we saw foreign interests influence the outcome of a presidential race when Russian hackers infiltrated the computer networks of officials in both parties, and then selectively disseminated the emails of Democrats. Is the nation in better shape to counter such threats this time around?It doesn’t look like it.For example, Microsoft recently reported an attack by Iranian hackers on the emails of current and former U.S. government officials, journalists covering political campaigns, and accounts associated with a presidential campaign. There is reason to believe that the attack, which consisted of more than 2,700 attempts on targeted email accounts, was backed by the Iranian government.According to security researchers and intelligence officials, hackers from Russia and North Korea have also begun targeting organizations that work closely with 2020 presidential candidates.Foreign enemies continue to see U.S. elections as an opportunity to subvert the will of the American people and exert control over our governance at the highest level. This most recent Iranian attack is a reminder that both political organizations and private enterprises face significant cybersecurity risks.Unfortunately, the legacy electoral systems most voters and organizations rely on do not offer sufficient protection in the modern digital landscape. When facing nation-state adversaries with billions in funding and information resources to rival the U.S. National Security Agency, Americans have to think beyond the popular two-factor authentication protocols. We need to protect not only the voting systems themselves, but the email, file-sharing and other communication systems of ancillary campaign groups, local officials and plenty more.What can we do to defend ourselves better? In my military and cyber experience, the operating principle is that the sophisticated attacker will eventually find a way through any perimeter defense. As supreme allied commander of NATO in the late 2000s, I pushed to strengthen the alliance’s nascent Cyber Defense Center in Tallinn, Estonia — but saw firsthand how easily Russian hackers penetrated our digital perimeter.Protections must be designed so that even if the attacker succeeds in getting to the target, the target remains safe. To do so, we need to think in terms of four core principles for secure communication systems that will be resilient to the inevitable breach.First, systems must employ end-to-end encryption. (Disclosure: I serve on the board of an information-security firm, Preveil Llc.) If we assume that attackers will be able to exploit vulnerabilities in server software or the defense mechanisms that guard it, then the only way to keep information secure is to make sure that it’s never exposed, even while on the server. With end-to-end encryption, data is only accessible to the sender and the recipient — it isn’t accessible en route to the server or on the server. Even if the server is compromised, the data is not. Think of this as the difference between working in an Ebola environment in a body suit, which will eventually weaken at the seams, and being vaccinated against the disease. The perimeter defense is far from worthless, but the vaccine — the internal protection — is vastly better. A second concern is the vulnerability of anything in the system that becomes a juicy target. While end-to-end encryption eliminates the server as a single entity that can be compromised, if the system has administrators with global access, a high-yield single target for attackers remains. To solve this problem, access to large amounts of sensitive user data should be granted only after being approved by several trusted individuals. Similar to the systems used for nuclear-launch codes, encryption cryptography can break up individual user keys into fragments that are distributed among multiple people. Therefore, administrative access to users’ accounts is achieved only when all key shards are present, so there is no single administrator who attackers can compromise to gain access.Third, it’s time to do away with passwords. According to the report of the 2019 Verizon data breach investigations, 80% of hacking-related breaches involve compromised and weak credentials. Rather than depending on fallible passwords, secure communication systems should now grant account access using a private encryption key. A 256-bit encryption key has a lot of different possible combinations of characters — nearly 10 to the 78th power, the same as the number of atoms in the universe — and is not crackable with existing computational power. Because the key is stored only on the user’s physical device, remote access isn’t possible.Finally, it is important to protect the most sensitive communications from socially engineered phishing and spoofing attacks. Traditional digital communications provide an opening for impostors to trick users into clicking on dangerous links or leaking information. When only known users are able to communicate with each other about an organization’s most confidential information, that risk of “lookalike” accounts is eliminated. The strongest security systems don’t depend on users to be perfect, or to always exercise good judgment. They make sure that data is safe even when humans are flawed. Getting at this “insider threat” is crucial.Security is a serious matter for organizations of all types, not just political parties during an election season. Organizations should rethink their security preparedness with a deeper understanding of the adversaries’ capabilities. They need to make the shift to secure systems modeled around these four core principles — including adopting ready-to-use encrypted communications systems for email and file-sharing.Between now and Nov. 3, 2020, there should be few higher priorities than improving security to stop hackers and foreign powers from threatening American democracy itself.To contact the author of this story: James Stavridis at jstavridis@bloomberg.netTo contact the editor responsible for this story: Tobin Harshaw at tharshaw@bloomberg.netThis column does not necessarily reflect the opinion of the editorial board or Bloomberg LP and its owners.James Stavridis is a Bloomberg Opinion columnist. He is a retired U.S. Navy admiral and former supreme allied commander of NATO, and dean emeritus of the Fletcher School of Law and Diplomacy at Tufts University. He is also an operating executive consultant at the Carlyle Group and chairs the board of counselors at McLarty Associates.For more articles like this, please visit us at©2019 Bloomberg L.P.


Seena Zandipour Crowned HTNG’s First Hackathon Winner


CHICAGO (February 7, 2019) – Seena Zandipour won a first-place title and $3,000 prize for the internal dashboard he developed at HTNG’s hackathon.

HTNG’s first hackathon, Hack the Night, took place on January 25-27 at the Plug and Play Technology Center in Sunnyvale, CA. This event brought together over 50 hackers and fostered collaborative participation from 13 teams.

Hack the Night challenged participants to take guest data and create an innovative tool that leverages this information and ultimately benefits the company’s staff, guests, or both.

Zandipour created an internal dashboard for concierges and front of house staff which gathers data from local event organizers, and then creates augmented and personalized recommendations for guests based on the rich guest profile that was available through Oracle Hospitality's OPERA Cloud platform. In addition to the dashboard, the concierge can provide a physical copy of recommendations in a leaflet that customers can easily carry.

“I travel a lot and like to go to music festivals, but what makes me uncomfortable is that I never know what the scene is going to be like,” Zandipour says. “That’s definitely what I tapped into as inspiration for my idea."

Seetha Ramakrishna Madamsetti and Haoyand Li won second place at Hack the Night. Their solution alerts hotel staff to begin preparation for guests’ arrivals based on their proximity to the property. Third place winners, Luyanda Mdanda and Pasquale Ranieri, created a marketing segmentation tool which monitors purchases to create future spending recommendations.

Title Sponsor, Oracle Hospitality, and Diamond Sponsors, Hapi and Poynt, provided their APIs as well as mentors for participants to work with. Commenting on the success of solutions from the event, Mike Ferrier, Vice President of Oracle Hospitality states, “It was amazing to see the teams bring creative ideas to life over a weekend!  Using technology to anticipate guest needs and provide personalized, memorable, and sharable experiences are primary goals of the contemporary hotelier. Several of the participants’ ideas demonstrated how new technologies such as AI and data science could be used to predict and fulfill guest needs based on guest preferences, past stay data and guest buying behavior.”




About Hospitality Technology Next Generation (HTNG)

The premier technology solutions association in the hospitality industry, HTNG is a self-funded, nonprofit organization with members from hospitality companies, technology vendors to hospitality, consultants, media and academic experts. HTNG's members participate in focused workgroups to bring to market open solution sets addressing specific business problems. HTNG fosters the selection and adoption of existing open standards and also develops new open standards to meet the needs of the global hospitality industry.

Currently more than 400 corporate and individual members from across this spectrum, including world leading hospitality companies and technology vendors, are active HTNG participants. HTNG's Board of Governors, consisting of 24 top IT leaders from hospitality companies around the world, itself has technology responsible for over 3 million guest rooms and world-leading venues. HTNG publishes workgroup proceedings, drafts and specifications for all HTNG members as soon as they are created, encouraging rapid and broad adoption. HTNG releases specifications into the public domain as soon as they are ratified by the workgroups. For more information, visit


About Oracle Hospitality

Oracle Hospitality brings over 40 years of experience in providing technology solutions to independent hoteliers, global and regional chains, gaming, and cruise lines. We provide hardware, software, and services that allow our customers to act on rich data insights that deliver personalized guest experiences, maximize profitability and encourage long-term loyalty. Our solutions include platforms for property management, point-of-sale, distribution, reporting and analytics all delivered from the cloud to lower IT cost and maximize business agility. Oracle Hospitality’s OPERA is recognized globally as the leading property management platform and continues to serve as a foundation for industry innovation. For more information about Oracle Hospitality, please visit 


Hackers can control your smart speakers by shooting laser beams at them

Hackers were able to open garage doors and start cars by simply pointing a laser at devices with voice assistants.

Týna a Bzuk - Případ ujetejch robotů [Liam O'Donnel / Bambook]

Blíží se Mistrovství bojových robotů, ale Mazákov děsí tajemný hacker zvaný Kodex.

Microsoft launches Visual Studio Online


#241 — November 6, 2019

Read on the Web

Covering the week's news in software development, infrastructure, ops, platforms, and performance.

Recursive Sans and Mono: A Free Variable Type Family — This is a new ‘highly-flexible’ type family that takes advantage of variable font tech to let you pick the right style along five different axes. It’s pretty clever, well demonstrated, and very suitable for presenting data, code, or to be used in documentation and UIs.

Arrow Type

Microsoft Launches Visual Studio Online — It’s basically a collaborative version of VS Code that runs in the browser letting you develop from anywhere in a cloud-based environment. This isn’t a new idea but it’s great to see Microsoft’s might behind such an effort.

Visual Studio

Top CI Pipeline Best Practices — At the center of a good CI/CD setup is a well-designed CI pipeline. If your team is adopting CI, or your work involves building or improving CI pipeline, this best practices guide is for you. sponsor

You Can't Submit an Electron 6 (or 7) App to the Mac App Store? — Electron is a popular cross-platform app development toolkit maintained by GitHub. The bad news? It uses Chromium which uses several ‘private’ Apple APIs and Apple aren’t keen on accepting apps that use them for a variety of reasons.

David Costa

Dart 2.6: Now with Native Executable Compilation — Dart began life as a Google built, typed language that compiled to JavaScript but is now a somewhat broader project. The latest version includes a new dart2native tool for compiling Dart apps to self-contained, native executables for Windows, macOS, and Linux.

Michael Thomsen

GitHub Sponsors Is Now Out of Beta in 30 Countries — GitHub launched its Sponsors program in beta several months ago as a way for open source developers to accept contributions for their work and projects more easily. It’s now generally available in 30 countries with hopefully more to follow.

Devon Zuegel (GitHub)

Quick bytes:

💻 Jobs

DevOps Engineer at X-Team (Remote) — Work with the world's leading brands, from anywhere. Travel the world while being part of the most energizing community of developers.


Find a Job Through Vettery — Vettery specializes in tech roles and is completely free for job seekers. Create a profile to get started.


📕 Tutorials and Stories

How Monzo Built Network Isolation for 1,500 Services — 1,500 services power Monzo, a British bank, and they want to keep them all as separate as possible so that no single bad actor can bring down their platform. Here’s the tale of how they’ve been working towards that goal.


A Comparison of Static Form Providers — A high level comparison of several providers who essentially provide the backend for your HTML forms.

Silvestar Bistrović

▶  An Illustrated Guide to OAuth and OpenID Connect — A 16 minute video rich with illustrations and diagrams.


Intelligent CI/CD with CircleCI: Test Splitting — Did you know that CircleCI can intelligently split tests to get you your test results faster?

CircleCI sponsor

▶  Writing Maintainable Code Documentation with Automated Tools and Transclusion — A 37 minute podcast conversation between Robby Russell and Ana Nelson, the creator of Dexy, a documentation writing tool.

Maintainable Podcast podcast

▶  Git is Hard but Time Traveling in Git Isn't — A lightning talk from React Conf 2019 that flies through some interesting Git features in a mere 6 minutes.

Monica Powell

Highlights from Git 2.24 — Take a look at some of the new features in the latest Git release including feature macros and a new way to ‘rewrite history’.


Create a Bookmarking Application with FaunaDB, Netlify and 11ty — Brings together FaunaDB’s serverless cloud database, the Netlify platform (which uses Lambda under the hood), and 11ty (a static site generator) to create a bookmark management site.

Bryan Robinson

File Systems Unfit As Distributed Storage Backends: Lessons From Ten Years of Ceph Evolution — You can’t help but be won over by a comment like “Ten years of hard-won lessons packed into just 17 pages makes this paper extremely good value for your time.”

the morning paper

An SQL Injection Tutorial for Beginners — This is not a tutorial for you to follow but more a look at what hackers will attempt to do to your systems, if you let them. The techniques used are sneaky and interesting.


🛠 Code and Tools

Stripe CLI: A Command Line Development Environment for Stripe Users — Stripe has become somewhat ubiquitous in the payment processing space and their focus on developers is pretty neat, not least in this new tool for building and testing integrations.

Tomer Elmalem

Mark Text: A Simple, Free Markdown Editor — Works on macOS, Windows, and Linux. Built in Node with Electron.

Luo Ran

Sell Your Managed Services and APIs to Millions of Developers

Manifold sponsor

Yumda: Yum Packages, but for AWS Lambda — Essentially a collection of AWS Lambda-ready binary packages that you can easily install. You can request new packages, build your own, or use the existing ones that include things like GraphicsMagick, OpenEXR, GCC, libpng, Ruby, TeX, and more.


K-Rail: A Workload Policy Enforcement Tool for Kubernetes — A webhook-based policy enforcement tool built in Go that lets you define policies in Go code too.


Gitql: A Git Query Language and Tool — Lets you query a git repository using a SQL-like syntax, e.g. select date, message from commits where date < '2014-04-10'

Claudson Oliveira


Reportáž z Biohacker Summit Helsinki 2019

 Cache Tento podcast je krátkou reportážou z toho ako to vyzerá na biohackerskej konferencii. Čo ľudia robia, o čom sú prednášky, diskusie, čo vystavujú a samozrejme ako vyzerá party :). Odkazy k podcastu: Úvod, update ku knihám, hack ekasa a ďalšie podcasty so mnou Moja kniha Hackni sa!Kniha Finančné sledovanie a crypto utópie (na […]

Great Hoggarty Diamond Thackeray William Makepeace

Great Hoggarty Diamond Thackeray William Makepeace

To Start As A Hacker English Edition

To Start As A Hacker English Edition

Welsh hockey duo Jacob Draper and Leah Wilkinson's GB Olympic dreams


Jacob Draper was barely out of nappies when a Welshman last represented Great Britain's hockey team at an Olympic Games. The now 21-year-old unsurprisingly does not remember David Hacker playing at ...


MP3다운로드]/[뉴토익대비] NEW TOEIC - 뉴토익 답이보이는 실전모의고사 400제 1 (문제집+해설집+CD:1...구매가 중지됩니다. TOEIC 실전 모의고사/기출문제 문제집과 해설집을 분철할 수 있게 구성되어 있습니다... 영어어휘 기타서명 TOEIC Expressions 뉴토익 기출표현 총정리! 전자적 위치 및 접속 김, 리마... 실전 모의고사/기출문제 문제집과 해설집을 분철할 수 있게 구성되어 있습니다... 면밀히 분석하여 실제 토익문제와 최대한 유사하도록 내용을 구성하였다. 오랜 현장 강의의 노하우... mp3, 3회 실전문제 mp3 어학영어토익 시험 TOEIC 뉴토익 New Toeic 428.24 (2018 해커스 공무원) 단권화...해커스 어학연구소 공무원 유형별 영어 기출문제집., 어휘 & 생활영어 이동기 에스티유니타스 해커스... 기출을 분석하여 최신 경향을 반영하고, 신세대 취향에 맞추어 올컬러에 더 많은 삽화와 만화를 담아... 늦게” 나온 만큼 따끈따근한 최신 경향의 문제들을 만날 수 있을 뿐 아니라, 정기시험 기출 반영기간이 긴 만큼 문제의 질과 양, 대비법 분석은 날카롭고 동시에 풍부하다. 김대균의 뉴토익 해법과 감각을... 뉴토익 기출응용문제 8회+출제예상문제 7회분 720문제' 수록뉴토익 시행 이후 출제된 파트7 기출문제(2006년 5월~12월)를 반영한 기출응용문제 8회와 앞으로 출제가능성 높은 문제 7회분을 한 권에 담았다... 제공) 15,120 (18) ※ 반석출판사 홈페이지(에서 무료 동영상 강의 제공 뉴토익 기출문제를 면밀하게 분석(08년 11월~11년 3월, 총 30회분), 토익실전과 유사한 난이도를 반영한 이 책은... [기출문제] 2007년 1월 기출변형문제 (Part5, Part6) ~~~뉴토익 동영상 강좌~~~~ 단권화...해커스 어학연구소 공무원 유형별 영어 기출문제집., 어휘 & 생활영어 이동기 에스티유니타스 해커스... 필수라 할 수 있다. 해당 기출표현의 쓰임새를 잘 살펴 문제은행화 시켜서 고득점 전략을 세워보자. 토익...단어 영어어휘 기타서명 TOEIC Expressions 뉴토익 기출표현 총정리! 전자적 위치 및 접속 김, 리마... 시리즈로 뉴토익을 깔끔하게 끝낸다. 뉴토익 실전문제 파트 5 6의 특징! 보기만 봐도 답을 아는 기출변형문제는 이제 그만! 앞으로 출제 가능성 높은 어휘문제를 집중수록하여, 기존의 기출변형문제집과는 차별화... 토익은 내밥2 RC - Part 5,6,7 남재조, 박영광 저반석출판사(반석북스) 신경향 토익 테마별 공략 뉴토익 기출문제를 분석해 보면, 급격한 변화는 없으나 영어 시험의 흐름이 바뀌고 있음을 알 수 있다. 토익도... 기출응용문제 8회와 앞으로 출제가능성 높은 문제 7회분을 한 권에 담았다... lc /테잎 팝니다 해커스뉴토익lc삽니다(빨간책) 해커스 실전 엘,알 패키지로 사요,. (새책)뉴토익 .G-TELP.기출문제집 팝니다. 해커스 IBT 토플 VOCABULARY 와 READING 팝니다!! 샤프RD-7000MP팔아요 뉴)해커스lc... 428.076 해커스 토익 기출 보카 = Hackers TOEIC v... Cho, David (중국어... 만큼 문제의 질과 양, 대비법 분석은 날카롭고 동시에 풍부하다. 김대균의 뉴토익 해법과 감각을... 교재안내 교과과정 '해커스 토익 보카 : 뉴토익 기출어휘 30일 정복 ' | Total: 개 ter of IELTS Reading...Module Reading에 필요한 기본기 훈련에서부터 문제 유형별 공략 및 주제별 접근을 통한 문제 해결... 좋은 기회입니다...수업은 토익성적표의 abilities measured 분석, 기출문제 테스트 및 상담으로 현재 강약점 파악후... 이익훈 E?TOEIC 시리즈 최초의 본격 실전문제집. 단순한 기출변형에 그치지 않고 수년간 이어온 E?TOEIC...구성한 뉴토익 LC 800문제를 전격 공개한다. 뉴토익 실력 점검은 물론 뉴토익 단기 정복을 위한 전략... 책이 아닌가 싶습니다. 물론 ''기출문제''랄 것도 없는 뉴토익이라서 그런지는 모르지만... Reading...Module Reading에 필요한 기본기 훈련에서부터 문제 유형별 공략 및 주제별 접근을 통한 문제 해결... 않아서 중고급자들에게는 외면될 수 있겠다는 느낌이나 뉴토익 초급자에게는 단시간에 1000단어 어휘를 기출예문 및 문제등과 함께 익힐 수 있어 뉴토익 어휘에 대한 충분한 대비는 될거라는 생각입니다. 아래는... 800문제를 전격 공개한다. 뉴토익 실력 점검은 물론 뉴토익 단기 정복을 위한 전략... 분석(08년 11월~11년 3월, 총 30회분), 토익실전과 유사한 난이도를 반영한 이 책은... 채웠다. 뉴토익 파트7 DB를 분석한 출제예상문제 집중수록 - 2006년 5월 이후 뉴토익 정기시험... 파트 7 실전문제 15회분 720문제, 기출응용 8회+출제예상문제 7회 수록. 분류기호 428.076 언어 한국어 이티하우스에서 무료 mp3 강의를 제공하고 있습니다. 무료 동영상 강의, 가격 대비 문제 수, 따끈따근한 기출 문제의 반영 등, 모든 측면을 생각해 볼 때 현재 가장 추천할만한 뉴토익 알씨 기본서는 단연 이익훈... 파트7의 완전정복 - 이제 뉴토익 고득점의 관건은 파트7! 2006년 5월부터 출제된 뉴토익 파트7 기출응용문제를 꽉꽉 채웠다. 뉴토익 파트7 DB를 분석한 출제예상문제 집중수록 - 2006년 5월 이후 뉴토익 정기시험... L/C 실전 문제집』은 기출 문제에 가장 가까운 유형의 알짜배기 문제만을 뽑아 실 지은이 김지현... 가능성 높은 예상문제와 계속 변화하는 ETS의 출제경향을 고려한 문제들이 다량 수록되었다... 8년간의 뉴토익 기출 문제를 면밀하게 분석해서, 토익 실전과 유사한 난이도를 반영하였다. 실전문제 20... 해커스 IBT 토플 VOCABULARY 와 READING 팝니다!! 샤프RD-7000MP팔아요 뉴)해커스lc... 보카 3. 수퍼비 엘리트 토익 실전테스트 시리즈 1&2 위의 책들 테입 다 가지고 있고.. 모두... vs 2016 新 TOEIC 비교 지금이 현재 시행중인 뉴토익으로 높은 점수를 받을 수 있는 아주 좋은 기회입니다...수업은 토익성적표의 abilities measured 분석, 기출문제 테스트 및 상담으로 현재 강약점 파악후... LC 세트 (기본서 + 실전 문제집 + CD 1장) 이정선.김소영 지음 길벗이지톡 출간 19,800원 412 Page 뉴토익 기출을 분석하여 최신 경향을 반영하고, 신세대 취향에 맞추어 올컬러에 더 많은 삽화와 만화를 담아... 이지호 저넥서스 $37 $20.35(44%↓) 절판 실제 토익과 가장 유사한 문제로 구성새롭게 변한 뉴토익 기출문제를 면밀히 분석하여 실제 토익문제와 최대한 유사하도록 내용을 구성하였다. 오랜 현장 강의의 노하우... 보면, 급격한 변화는 없으나 영어 시험의 흐름이 바뀌고 있음을 알 수 있다. 토익도... 함께 익힐 수 있어 뉴토익 어휘에 대한 충분한 대비는 될거라는 생각입니다. 아래는... 뉴토익 파트 3,4에서 어려움을 겪는 수험생을 위하여 출간된 파트별 실전문제집으로, 기출변형문제뿐만 아니라 출제 가능성 높은 예상문제와 계속 변화하는 ETS의 출제경향을 고려한 문제들이 다량 수록되었다... 큰 특징이 없는, 정말 무난한 실전모의고사 겸 뉴토익 안내서란 생각입니다.사실 실전모의고사로서 보다는...두고 만든 책이 아닌가 싶습니다. 물론 ''기출문제''랄 것도 없는 뉴토익이라서 그런지는 모르지만... 기출변형문제는 이제 그만! 앞으로 출제 가능성 높은 어휘문제를 집중수록하여, 기존의 기출변형문제집과는 차별화... 정답표 ACTUAL TEST 01?20 ★별책★ 정답 및 해설 토익 파트 5, 6을 대비하는 실전문제집이다. 최근 8년간의 뉴토익 기출 문제를 면밀하게 분석해서, 토익 실전과 유사한 난이도를 반영하였다. 실전문제 20... 304 p.; 26 cm.+ 별책(해설집) 부록 1책. 총서사항 TOEIC 모질게 시리즈 ISBN 일반주기 뉴토익 파트 7 실전문제 15회분 720문제, 기출응용 8회+출제예상문제 7회 수록. 분류기호 428.076 언어 한국어 외국어 자료 기탄 이행시 이벤트 HotBlue 뉴토익 시대에도 암기는 필수 -뉴토익학습법 [기출문제] 2007년 1월 기출변형문제 (Part5, Part6) ~~~뉴토익 동영상 강좌~~~~ 서명/저자사항(Try again!)뉴토익 R/C 실전 문제집: 정답 & 해설집/ 안광모 지음. 안광모발행사항서울...으로 합본 발행. Part 5,6,7 428.076 해커스 토익 기출 보카 = Hackers TOEIC v... Cho, David (중국어... 등, 모든 측면을 생각해 볼 때 현재 가장 추천할만한 뉴토익 알씨 기본서는 단연 이익훈... G-TELP 관련 1. 업그레이드 레벨 3 2. 기출문제집 3. 실전모의고사 TOEIC관련 1. 헤커스 뉴토익 엘씨 2. 해커스 뉴토익 보카 3. 수퍼비 엘리트 토익 실전테스트 시리즈 1&2 위의 책들 테입 다 가지고 있고.. 모두... 고시/전문직 김지현 | 길벗이지톡 14 K 실전에 가장 가까운 문제를 명쾌한 해설로 끝내준다! 『Try again! 뉴토익 L/C 실전 문제집』은 기출 문제에 가장 가까운 유형의 알짜배기 문제만을 뽑아 실 지은이 김지현...



Realização do FLISOL 2015 no dia 25/04/2015 na sede da Produtora Colabor@tiva.PE


Oi pessoas,

sou novo por aqui e gostaria de ajudar com alguma coisa , tenho um pouco de experiência com sofware livre e secinfo . Sei que está bem em cima , mas qualquer coisa me avisem (:

Outra coisa, conheci o Oxente espaço hacker só agora , não sabia que estavam desenvolvendo nada parecido por aqui , depois do Mangue Hacker Clube , vocês tem reuniões semanais ? E o foco é em hardware / software ?




Network & Systems Administrator

Summary Description Installs, maintains and monitors the organization's applications, hardware, and operating system updates. Manages and maintains application, hardware, and operating systems to current and supported levels. Specifies, manages and maintains servers for services, security, patch updates, and supportability. Reviews and evaluates vendor products (software and hardware) and network equipment. Assists with maintenance, recommends and implements LAN/WAN and System security standards, policies and performance. Essential Duties Implement & maintain patch deployment to ensure minimal security exceptions Ensure antivirus patterns are updated and employed for workstation scanning Ensure operating systems are kept current with patches Implements security recommendations from Penetration Testing Recommends selection of Penetration Testing services Maintain compliance to most current regulatory cybersecurity requirements and recommendations Functional backup for Network Operations Manager Support and maintains network infrastructure Ensure all network infrastructure is current and can be supported by vendor Maintains patches and updates to Novell Maintain patches and updates to routers, switches, and communications Recommend network and system monitoring tools as necessary Perform systematic patches, updates, upgrades, testing and backup on network devices Functional backup for Systems Administrator, Client System Support, and Server Administration Supports and maintains client workstations, systems & server infrastructure Repair, upgrade, and maintain various workstation equipment and printers not covered by the Fiserv or HP agreements, to include; diagnosis of problems and repairs/installation of CD ROM's, network cards, disk drives, and wireless equipment Ensure workstations are kept current with regard to supportable life Ensure all workstations and server hardware can be supported by vendor Maintain current service agreements on all servers Maintain or replace servers and workstations so they are kept current with regard to supportable life Maintain adequate disk and RAM storage reserves on all systems and equipment Maintain core applications to most current supported levels (specifically including Fiserv applications) Familiarity with job schedulers, specifically UC4/Automatic Maintain software/operating system/hardware inventories and documentation Maintain Server & Application summaries on Help Desk wiki page Create and submit budget to address near End-of Life software, hardware, operating systems, and applications Communicate to End Users, Management, Application Analyst(s), Help Desk, and VP of MIS, ensuring awareness of planned updates- as prescribed in the application matrix from Fiserv & other vendors Proficiency in Change Management, Change Control, and documentation Ensures control and monitoring is performing per policy Effective liaison to support vendors, adequately representing WSFCU goals and strategic plans Complies with all federal, state, and organizational policies, procedures, and processes, including (but not limited to) the Bank Secrecy Act (BSA), Patriot Act, Office of Foreign Assets Control (OFAC) and robbery procedures Fulfill other related duties as assigned by the Vice President (MIS) or chain-of-command thereof Qualifications Education/Experience Bachelor's Degree in Computer Science or related field and/or three (3) years combination of related experience Microsoft, Cisco, Ethical Hacker, and/or Linux/UNIX certifications recommended Tests/Certificated/Licenses Simulated skills assessment test may be administered Skills/Competencies Ability to read, understand, & implement technical instructions (EG: 50-page HPUX implementation manual, release notes, etc) Personal computer knowledge; skills in using Microsoft Office (word processor, spreadsheet, presentations software, ets) Proficiency in administering various credit union supported hardware, software and operating systems to include configuration and connectivity Knowledge of computer security procedures and protocol Ability to calculate figures and amounts (electronically and manually) such as, but not limited to; interest, dividends, percentages and apply concepts of basic mathematics Ability to maintain confidentiality of work and/or information Ability to interpret, adapt and apply credit union/job/general guidelines and procedures Excellent public speaking, verbal and /or written communication skills (in-person and/or by telephone) Demonstrated leadership, self-motivated and team-oriented qualities Conduct self in a professional and mature manner Ability to proofread and edit accurately Ability to teach and motivate others Ability to organize, prioritize and work well under pressure Ability to maintain a high degree of accuracy Flexible work and/or travel hours Office electronics (printers, scanners, calculators, fax and copiers) Ability to negotiate with vendors Ability to solve problems and make decisions, using logic and analytical skills Ability to manage/supervise staff with diverse abilities and responsibilities Reliable transportation to travel to branch offices Working knowledge of Unix and/or Linux variants Bilingual (Windows/Unix) required Bilingual (English/Spanish); preferred, but not required Working knowledge of credit union products and services, and information systems practices and procedures Physical Demands/Work Environment Constantly required to talk and hear Constantly required to use close vision, color vision, and ability to focus Frequently required to sit; to use hands to finger, handle or feel Occasionally required to lift or move up to 25-50 lbs. Occasionally required to stand and walk; to reach outward/above shoulders; to stoop kneel, crouch or crawl Occasionally required to work outdoors Occasionally required to use distance vision, peripheral vision and depth perception Moderate noise level working environment PI114646627Pandologic. Keywords: System Administrator, Location: Las Cruces, NM - 88001

Huawei va réunir la crème des hackers pour présenter son bug bounty

Le géant chinois organise une réunion à huis clos qui se tiendra à Munich le 16 novembre. Certains des meilleurs hackers de téléphones mobiles ont été conviés pour découvrir un programme de récompense.

Coool!!! #securitytheatre Hackers Can Use Lasers to ‘Speak’ to Your Amazon Echo or Google Home | WIRED


HPR2939: Submit a show to Hacker Public Radio in 10 easy steps



  1. Record your episode
  2. Go to
  3. Click on "Give Shows"
  4. Click on "Calendar" (the link is not obvious, so use your browser's find functionality to search for the word "Calendar").
    Edit: Please use the ⇧Upload⇧ link in the menu bar
  5. Choose a slot
  6. Submit your email address
  7. Click the link in the confirmation email
  8. Create your profile (if new), then fill in the form with title, summary and show notes
  9. Attach your episode and submit (wait for long upload process)
  10. Receive your confirmation email, and enjoy your episode!


‘Deep fake’ videos could upend an election — but Silicon Valley may have a way to combat them


The Washington Post | Source URL Election officials and social media firms already flummoxed by hackers, trolls and bots are bracing for a potentially more potent weapon of disinformation as the 2020 election approaches — doctored videos, known as “deep fakes,” that can be nearly impossible to detect as inauthentic. In tech company board rooms, […]

The post ‘Deep fake’ videos could upend an election — but Silicon Valley may have a way to combat them appeared first on The T.I. Chronicles.


The Spark needs your Support!

In the summer of 2015 the idea of a Makerspace on Hornby was born. In case you missed it a Makerspace (also called a Hackerspace) is a term for a space where people come together to share knowledge and tools, work on projects together, learn new skills, a community shared resource or workspace. For the […]

The Spark: Next Steps

While we continue to work behind the scenes navigating the bureaucratic process of trying to obtain the old Firehall for use as a Community Workshop/Hackerspace/Makerspace, we are keen to get going with some hands on doing. We have the back end of a tool library set up on our website, now all we need are […]

near 23 Thackeray Road, London, E6 3BW



Hacker != Cracker | Microsiervos (Internet)


Jesse warns about easy-to-use hacking services


For years,  hackers needed to have a special set of technical skills to get control of your computer. Not anymore. Computer security experts warn — scammers are now selling easy-to-use, point-and-click hacking subscription services for as little as $20 a month. See Jesse’s full report above.

The post Jesse warns about easy-to-use hacking services appeared first on Jesse Jones Seattle - KIRO 7 Consumer Advocate.


Číně vždycky vládl císař. Dnes se mu říká prezident ČLR

Li Zhao Schoollandová se narodila a do 26 let žila v Číně. Roku 1984 si vyjednala stipendium v USA – a už se nevrátila. Pořádá konference se zaměřením na libertarianismus a rakouskou ekonomickou školu. Rozhovor jsme spolu pořídili na Hacker Congressu v Paralelní Polis, kterému jsme dělali mediálního partnera.

Piraté ! Décryptualité du 28 octobre 2019



Titre : Décryptualité du 28 octobre 2019 - Piraté !
Intervenant·e·s : Nolwenn - Nicolas - Manu - Luc
Lieu : April - Studio d'enregistrement
Date : 28 octobre 2019
Durée : 15 min
Écouter ou télécharger le podcast
Revue de presse pour la semaine 43 de l'année 2019
Licence de la transcription : Verbatim
Illustration : Le comptoir du hardware, piratage - Licence Creative Commons BY-ND.
NB : transcription réalisée par nos soins, fidèle aux propos des intervenant·e·s mais rendant le discours fluide.
Les positions exprimées sont celles des personnes qui interviennent et ne rejoignent pas nécessairement celles de l'April, qui ne sera en aucun cas tenue responsable de leurs propos.


Se faire pirater, est-ce vraiment si grave ?


Luc : Décryptualité.

Voix off de Nico : Le podcast qui décrypte l’actualité des libertés numériques.

Luc : Semaine 43. Salut Manu.

Manu : Salut Nico.

Nico : Salut Nolwenn.

Nolwenn : Salut Luc.

Luc : Sommaire ?

Manu : On a un joli sommaire avec des sujets un peu variés.

Nico : Siècle Digital, « Royaume-Uni : les données biométriques d'un million de personnes ont été exposées », un article de Valentin Cimino.

Manu : Ça ne touche pas tout à fait au logiciel libre, il faut bien le dire, je pense que je ne vais plus mettre ce genre d’articles, ça arrive trop souvent.

Luc : C’est dommage, c’est rigolo quand même !

Manu : Oui, ça reste rigolo, surtout qu’on a parlé de reconnaissance faciale, de données qui étaient utilisées par l’État français ou qui allaient être utilisées par l’État français et on faisait remarquer à chaque fois « attention, si ces données sont volées » et généralement les institutions nous disent : « Ne craignez rien, elles ne seront jamais volées ! »

Luc : Elles sont sécurisées !

Manu : Carrément ! Eh bien là, non, elles n’étaient pas bien sécurisées, donc il y a un million de données biométriques en Angleterre qui étaient exposées sur Internet. On ne sait pas qui en a fait quoi, en tout cas elles étaient accessibles à différents hackers et c’est gênant parce qu’on ne peut pas changer facilement ses données biométriques.

Nico : Numerama, « Un ordinateur par classe, logiciels obsolètes : l'école est-elle à la traîne en matière de numérique ? », un article de Perrine Signoret.

Manu : L’école et les moyens de l’école, on se doute bien que c’est déjà un sujet compliqué, mais, en plus, quand on commence à parler d’informatique, de logiciels et de matériel, eh bien là c’est encore plus mal barré techniquement. Il y a eu des plans qui ont été lancés par les différents gouvernements et généralement ça se révèle infructueux.

Luc : Microsoft ira bien aller faire un petit cadeau à la France ? Non ?

Manu : Oui, puisque c’était ce qui s’était passé pour leur permettre de rentrer dans le ministère de l’Éducation et ils ont des accords avec différentes branches des administrations. C’est très embêtant, mais on ne peut pas y faire grand-choses, sinon constater que ça ne marche pas.

Luc : Rappelons que l’Éducation c’est toujours un champ de bataille énorme parce que tous les éditeurs ont envie de refourguer leur camelote aux enfants pour qu’ils prennent des habitudes au plus tôt.

Nico : Sciencepost, « Voici Collapse OS, le système d'exploitation de la fin du monde ! », un article de Yohan Demeure.

Manu : C’est un super sujet qui est vraiment génial. La collapsologie qui veut dire ?

Nolwenn : C’est l’étude de l’effondrement de la société. Comment on pourrait, justement, réussir à survivre si demain tout s’arrête.

Manu : Il y a plein de manières de voir ces effondrements possibles et il y a aussi plein de manières d’essayer de les contrecarrer. D’un point de vue informatique c’est compliqué parce que si la civilisation s’écroule qu’est-ce qui reste ? Eh bien il y a des gens qui creusent ce sujet-là dans l’optique d’essayer de conserver un peu d’informatique, notamment en essayant de réutiliser des vieux microprocesseurs qui sont en très grand nombre un peu partout dans le monde, qui pourraient être utilisés pour être la base d’un système d’exploitation conçu pour eux.

Luc : Vivement la fin du monde qu’on essaye tout ça !

Nico : ZDNet France, « Justice : GNOME envoie un missile aux patent trolls », un article de Campbell Kwan.

Manu : Les patent trolls ce sont des gens qui essayent de mettre des brevets sur les idées de logiciels.

Luc : Ils le font !

Manu : Surtout aux États-Unis parce qu’en Europe ça reste interdit, mais ils le font aussi. GNOME est une fondation de logiciel libre. Ils ont été embêtés par un troll des brevets et ils ont répliqué en allant en justice pour essayer de lui créer des problèmes à leur tour. On suppose que ça devrait fonctionner parce le gars en face n’a vraiment aucune base pour se défendre.

Nico : Du coup la fondation GNOME a besoin d’argent parce que, malheureusement, ça coûte cher et il y a beaucoup de procès pour essayer de se sortir de là, donc ils ont fait une levée de fonds. Si vous voulez contribuer à aller atomiser un patent troll, eh bien n’hésitez pas, c’est le moment.
Les Echos, « Le Sénat veut faire de l'Arcep le gendarme des smartphones », un article de Raphaël Balenieri.

Manu : Là aussi ce sont des choses un peu compliquées. On connaît l’HADOPI [Haute autorité pour la diffusion des œuvres et la protection des droits sur Internet]. On sait qu’il y a pas mal d’institutions, d’administrations qui sont là pour essayer de contrôler des fréquences, pour essayer de contrôler les médias. Là il est question de centraliser un petit peu tout ça dans une nouvelle institution, l’Arcep [Autorité de régulation des communications électroniques et des Postes], qui récupérerait différents pouvoirs à droite et à gauche et il serait question que, dans leurs pouvoirs, ils aient des choses qui leur permettent de contrôler les téléphones portables.

Luc : Les contrôler sur quels points ?

Nico : J’ai été auditionné par l’Arcep justement sur leur nouveau mandat et l’exemple c’était sur les banques et les téléphones mobiles. Aujourd’hui on est obligé d’utiliser un téléphone Android sous telle version verrouillée par les constructeurs et l’Arcep a dit : « Ce n’est pas normal. La liberté c’est aussi de mettre ce qu’on veut », donc ils veulent aussi légiférer éventuellement là-dessus.
Le Monde Informatique, « Pierre Baudracco devient co-président du CNLL », un article de Véronique Arène.

Manu : CNLL c’est une association d’éditeurs de logiciels libres.

Luc : Oui, ça fait très longtemps qu’on n’en avait pas parlé.

Manu : Oui. Là ils reviennent un petit peu sur le devant de la scène. Pierre Baudracco est quelqu’un qui a travaillé sur BlueMind, une solution de messagerie qui avait fait jaser ; il y avait eu des problématiques judiciaires. C’est intéressant de voir qu’il est sorti de tous ces problèmes par le haut. J’espère qu’on va entendre encore parler de lui dans les mois qui viennent.

Luc : Et du CNLL qui est, en gros, un syndicat d’entreprises du logiciel libre.

Nico : francetv info, « L'article à lire pour comprendre Alicem, l'application d'identité numérique par reconnaissance faciale qui fait polémique », un article de Alice Galopin.

Manu : La reconnaissance faciale, ça me plaisait bien comme sujet, on va arrêter d’en parler autant, ça n’empêche que c’est intéressant. Allez jeter un œil sur cet article-là parce qu’il y a plein de choses qui tournent sur cette nouvelle application qu’on va probablement tous devoir installer à un moment ou un autre sur nos téléphones. C’est embêtant, il y a notamment des problèmes de biométrie, de vie privée en général et puis d’accès aux institutions, aux administrations de l’État. C’est un petit gênant !

Luc : Notre sujet du jour c’est quoi ?

Nolwenn : C’est le mot de passe ça ? C’est « admin » d’admin ! Je prends le contrôle de l’émission !

Luc : Quoi ! Comment tu as trouvé ? Ce n’est pas possible ! Malheureusement le podcast est maintenant piraté par Nolwenn. On va parler piratage, c’est un sujet qui revient assez fréquemment et on peut peut-être déjà dire ce qu’est le piratage, en vrai, enfin en informatique.

Manu : Il y a la piraterie

Luc : Oui, la piraterie.

Manu : Effectivement, qui n’existe plus dans cette forme-là dans nos contextes. La piraterie c’est un autre problème.

Luc : La piraterie existe ailleurs sur terre mais pas juste à côté de chez nous.

Manu : Pas sur Internet. Le piratage c’est une manière de dire « les gens qui agressent nos systèmes avec leur informatique. »

Nico : Ça recouvre plein de choses. Ça va être les gens qui vont effectivement essayer d’aller voler les données dans un but vraiment crapuleux, se faire de l’argent derrière. Ça va être aussi toutes les nouvelles méthodes, les rançongiciels – « on a chiffré vos données et vous allez tout perdre si vous ne payez pas » –, le phishing. Ça couvre vraiment beaucoup de choses.

Luc : J’ai un souvenir lointain de Sony – à l’époque on gravait encore des CD audio, souvenez-vous, c’était il y a longtemps – qui avait mis ce qu’on appelle un rootkit dans un CD audio et avait mis des mouchards sur les ordinateurs de tous les gens qui mettaient le CD original, donc légalement acheté, dans le lecteur de leur ordinateur Windows et qui, ensuite, envoyait des informations. À l’époque j’avais lu partout que c’était, selon des définitions officielles, du piratage. Il n’y a pas que les délinquants qui sont pirates !

Nico : Ah non ! Sony était un délinquant dans ce cas-là. Il s’était fait taper dessus.

Luc : Oui, c’est vrai il n’y a pas que les malfrats ; ça ne marche pas non plus. OK ! Donc pirater en informatique c’est s’introduire sur un système quelconque où on n’est pas invité, où on n’est pas censé être ?

Nico : C’est ça, voilà.

Manu : Et dans ce sens-là, on peut tout être pirates.

Nico : On l’a tous été plus ou moins un jour !

Luc : Ah bon !

Nico : Essayer de casser le mot de passe d’un PC.

Luc : Moi je n’ai jamais fait ça !

Nico : Essayer de s’introduire sur la boîte mail du voisin !

Manu : Accéder à un site web sans y avoir été invité et y rester.

Luc : Il y a plein de sites web où tu n’es pas invité ! Quand je vais sur le site de n’importe quel journal, je suis sur leur site web et ils ne m’ont pas invité. C’est un site public.

Manu : C’est un site public justement.

Luc : C’est dans la partie qui va être privée. On a en tête une histoire de quelqu’un d’assez connu dans le milieu.

Nico : Bluetouff1, qui avait trouvé un document de l’ANSES, l’Agence nationale de sécurité sanitaire de l'alimentation, de l'environnement et du travail, qui avait fait un article sur les nanotechnologies et qui avait mis en ligne un document qui était supposé être confidentiel. Il avait été récupéré par Google et des journalistes étaient tombés dessus sans forcément se rendre compte de ce qu’ils avaient dans les mains. Et l’ANSES les avait poursuivis en justice, « les grands méchants pirates, vous nous avez piqué des données ». Ça avait été un gros bordel : comment quelqu’un qui va sur Google peut se retrouver à faire du piratage involontairement ? Ça avait été le grand débat devant les juges. C’est vrai que c’est parfois un énorme bordel de savoir quelle est la limite entre ce qu’est du piratage et ce qui n’en est pas, ce qui est de la malveillance.

Luc : Là il était dans un espace où les portes étaient ouvertes.

Nico : Oui, c’est ça.

Manu : C’était l’image d’un juge qui avait été donnée : si vous laissez les portes de votre maison ouverte et que quelqu’un rentre dedans, il n’a pas le droit de rentrer dedans même s’il peut le faire.

Luc : C’est ce qu’on lui avait reproché : de savoir qu’il était dans un espace qui aurait dû être fermé et pourtant de continuer à tout explorer.

Nolwenn : Oui, si au début il ne le savait pas forcément, il y a quand même eu un moment où il s’est rendu compte que ça n’allait pas.

Luc : Oui. Il y a quelques semaines, quand je n’étais pas là, vous avez parlé des moteurs de recherche, or les moteurs de recherche c’est bien ce qu’ils font : ils vont partout où ils peuvent, ils suivent les liens et ils indexent tout ça. Et c’était le cas puisque Bluetouff avait trouvé ce lien sur Google, pourquoi lui est condamné alors que finalement il y a un machin industriel automatisé qui est là pour aller dans toute l’arborescence ? On aurait dû condamner Google aussi !

Nolwenn : Oui, mais lui c’est pratique !

Manu : Et lui il le fait de manière automatique. On suppose qu’il n’a pas des intentions derrière. Avec le pirate on va vouloir faire un exemple et montrer aux autres humains qu’il ne faut pas faire la même chose. L’exemple est important !

Luc : Ce qui veut dire que dès lors que c’est automatique ce n’est pas grave. C’est l’intention qui compte, c’est ça ?

Manu : Voilà ! Tu viens de lever le loup. Effectivement, dans le piratage on peut supposer que l’intention est importante. Les accidents ou les résultats de techniques non désirés ne seraient pas forcément considérés comme du piratage.

Luc : Quand Facebook perd des millions et des centaines de millions de données personnelles, enfin les distribue abondamment à n’importe qui…

Nico : Ça c’est de la débilité, ce n’est pas du piratage.

Manu : De l’incompétence.

Nico : De l’incompétence.

Luc : L’intention ne compte pas ?

Nico : L’intention c’était de protéger les données à la base. C’est juste qu’ils ont mal fait ce qu’il fallait.

Luc : Ils les ont filées à tout le monde.

Nico : Ils les ont filées à tout le monde. C’était plus des bourdes ou des erreurs, ce n’était pas volontaire ; en tout cas, à priori, ce n’était pas volontaire.

Luc : Je pense qu’ils n’en ont rien à foutre.

Nico : La justice tranchera mais, effectivement, ils n’en avaient rien à foutre. Le piratage c’est une vraie volonté d’aller nuire à la personne, d’aller l’escroquer, d’aller généralement lui soutirer de l’argent.

Manu : Et de profiter d’elle.

Nico : Et de profiter.

Luc : Bluetouff ne voulait que explorer le truc pour voir. Après il a publié un truc où il disait, si ma mémoire est bonne, « regardez comme ce n’est pas bien sécurisé ».

Nico : Il avait un peu merdé en garde à vue, des choses comme ça. C’est compliqué quand même comme sujet.

Manu : À priori on peut supposer que le juge va chercher quel est le profit qui en a été retiré et, potentiellement, Bluetouff en avait retiré une certaine notoriété et il s’était fait reconnaître parce qu’il avait publié sur le sujet.

Luc : C’est un petit peu ambigu puisqu’on peut considérer que ce n’est pas vraiment nuire, mais bref ! N’importe qui peut se faire pirater. Toi, Nolwenn, tu as une expérience récente avec le piratage.

Nolwenn : Oui. C’était un piratage sans vraiment être un piratage. Tout d’un coup l’adresse mail d’une utilisatrice s’est mise à envoyer plein de mails d’une adresse e-mail inconnue, mais c’était elle qui en était à l’origine. Du coup on s’est retrouvé avec le serveur mail qui a été blacklisté partout.

Manu : Il a été mis sur liste ?

Nolwenn : Sur une liste noire.

Luc : Plus personne ne pouvait parler avec lui.

Nolwenn : On ne pouvait plus communiquer avec l’extérieur. Du coup on a bloqué le compte, on a fait ce qu’il fallait. On a fini par avoir le fin mot de l’histoire. En fait, c’est une personne qui avait mis du code sur GiHub et il se trouve que dans ce code sur GitHub il y avait des mots de passe. En dix minutes, elle s’est fait « pirater », entre guillemets, tout simplement parce que les mots de passe étaient accessibles en ligne.

Luc : Du coup les pirates aussi font des moteurs de recherche comme Google et c’est automatique, donc leur intention n’est pas mauvaise puis que c’est automatique !

Manu : Effectivement ! Maintenant tu pourrais indiquer qu’ils l’ont fait de manière automatique mais l’intention derrière était bien de profiter, d’aller envoyer du spam. Ils auraient pu aussi installer des troyens, d’ailleurs c’est peut-être le cas, ils auraient pu installer des mineurs pour générer des bitcoins en profitant de la machine et ils auraient volé quoi dans ce cas-là ? De l’électricité.

Luc : C’est effectivement ce qu’on risque quand on se fait pirater. Souvent, eh bien les gens s’en foutent un petit peu. On dit « oui, sur une grosse structure comme un hôpital par exemple ». En tout cas tout le monde peut se faire pirater, mais il y a plein de gens qui s’en foutent un petit peu. Qu’est-ce qu’on risque quand on se fait pirater en tant qu’individu ? On peut avoir le rançon…

Nico : Rançongiciel.

Luc : Rançon… Je n’y arrive pas !

Nico : Ransomware.

Nolwenn : On peut se faire rançonner.

Luc : Rançonner. Si on paye pas qu’est-ce qui se passe ?

Nico : Rien en fait. C’est tout le problème. Si on ne paye pas, rien. Il y a deux types de rançons, il y a les ransomwares où, effectivement, les données vont être chiffrées sur le disque dur, donc on a tout perdu si on ne paye pas et, si on paye, on peut potentiellement récupérer ses données. Généralement on les récupère parce que les pirates ont tout intérêt à ce que ça fonctionne, donc à savoir que si on paye on les récupère, plutôt que de savoir que si on paye on ne récupère rien. Mais tout le monde dit de ne surtout pas payer parce que ça incite ces gens-là à continuer.

Luc : Pour plein de gens sur leur ordinateur il n’y a rien de critique, leurs photos de vacances sont sur Facebook et ils se disent « ce n’est pas grave, j’achète un autre ordinateur », alors qu’ils pourraient réinstaller le système.

Nico : C’est ça. C’est vrai que pour les rares personnes qui ont des données vraiment critiques – on a eu des cas de thèses ou autres ou même d’entreprises qui ont eu, par exemple, toute leur comptabilité paralysée –, quand on n’a pas de backup, de sauvegarde, on va peut-être vouloir payer quelques milliers d’euros pour récupérer tout ça plutôt que de tout perdre.

Luc : Qu’est-ce qu’on risque d’autre quand on se fait pirater ?

Nico : Aujourd’hui, bizarrement, on ne risque plus grand-chose. Il y a quelques années, les machines étaient vraiment détournées pour y mettre du spam, ou on essayait de récupérer des données, vos codes de carte bancaire ; maintenant c’est plus des rançons, on va vous prendre votre disque dur.

Luc : Manifestement ça envoie quand même du spam. Dans l’exemple de Nolwenn, il y a ça.

Nico : Ça envoie du spam. Il y a toujours les vieux robots tournent pour envoyer du spam.

Luc : C’est ce qu’on appelle les botnets ?

Nico : Les botnets. Mais le gros, aujourd’hui, c’est surtout du phishing et du ransomware : vous faire acheter des produits qui ne servent à rien, vous dire que soi-disant vous avez été surpris sur webcam donc vous faire chanter : si vous ne payez pas on divulgue à tous vos contacts des vidéos compromettantes

Luc : Quoi ! Tu veux dire que j’ai payé pour rien !


Nico : C’est vrai qu’au-delà de ça, aujourd’hui les données sont beaucoup moins utilisées et exfiltrées qu’il y a quelque temps. Le risque est quand même minime.

Luc : La partie botnet ça veut dire qu’il y a quelqu’un, un pirate, qui va faire des trucs plus ou moins légaux comme envoyer du spam, miner des bitcoins où il a besoin de puissance de calcul, qui va s’installer sur un maximum de machines et, en fait, qui a une stratégie du parasite, c’est-à-dire qu’il va l’utiliser notamment quand l’utilisateur ne l’utilise pas, donc en gros la machine va pédaler, donc consommer plus d’électricité. J’ai déjà rencontré des gens qui disent « je m’en fous ». En gros leur machine est parasitée, mais tant qu’elle marche ça ne leur pose pas de problème.

Manu : Tu as utilisé le bon concept : parasitage. Ça veut dire qu’on peut supporter un parasite. C’est le cas de plein d’organismes dans la nature, ils supportent des parasites et ils arrivent à vivre, à survivre avec, parfois même de manière tout à fait acceptable. En fait, c’est juste la quantité de parasitage qui peu être gênante.

Luc : Oui, surtout que les GAFAM c’est aussi du parasitage d’une certaine façon, quand on met de la pub de partout !

Nico : Après c’est aussi des effets de bord. J’en ai fait les frais, même si je n’ai pas été piraté directement. Votre machine va aussi être infectée, va servir justement à relayer du spam ou à attaquer des services en face et, du coup, vous pouvez voir les flics débarquer chez vous et saisir votre matériel parce que dans la tête de celui qui se sera fait attaquer, c’est vous l’attaquant, ce n’est pas celui qui vous a utilisé comme relais. Du coup c’est vous qui avez des emmerdes à avoir véhiculé de la pédopornographie, à avoir consulté du terrorisme ou autre et là les conséquences peuvent être un peu plus chiantes.

Luc : Tu es en train de dire que, finalement, on ne peut pas jeter aux orties la question de la sécurité informatique et se dire qu’on s’en fout de se faire pirater.

Nico : Non ! Ça c’est sûr.

Nolwenn : Donc la conclusion ?

Luc : La conclusion c’est que la sécurité informatique c’est quand même important. Se faire pirater ce n’est pas bien, ne serait-ce que parce que ça peut servir à des gens vraiment pas recommandables et que, derrière, il peut y avoir des vrais drames humains.

Nico : Et faire gaffe à vos données ! Le jour où vous avez tout perdu vous serez dans la merde !

Nolwenn : Pensez aux sauvegardes !

Luc : Oui, c’est encore la meilleure précaution !

Manu : À la semaine prochaine !

Nico : Salut.

Nolwenn : Salut.


Libre à vous ! Radio Cause Commune - Transcription de l'émission du 29 octobre 2019


Bannière de l'émission

Titre : Émission Libre à vous ! diffusée mardi 29 octobre 2019 sur radio Cause Commune
Intervenant·e·s : Marie-Odile Morandi - Jean-Baptiste Kempf - Jean-Christophe Becquet - Frédéric Couchet - Étienne Gonnu à la régie
Lieu : Radio Cause Commune
Date : 29 octobre 2019
Durée : 1 h 30 min
Écouter ou télécharger le podcast
Page des références utiles concernant cette émission
Licence de la transcription : Verbatim
Illustration : Bannière radio Libre à vous - Antoine Bardelli ; licence CC BY-SA 2.0 FR ou supérieure ; licence Art Libre 1.3 ou supérieure et General Free Documentation License V1.3 ou supérieure. Logo radio Cause Commune, avec l'accord de Olivier Grieco.
NB : transcription réalisée par nos soins, fidèle aux propos des intervenant·e·s mais rendant le discours fluide.
Les positions exprimées sont celles des personnes qui interviennent et ne rejoignent pas nécessairement celles de l'April, qui ne sera en aucun cas tenue responsable de leurs propos.

logo cause commune


Voix off : Libre à vous !, l’émission pour comprendre et agir avec l’April, l’association de promotion et de défense du logiciel libre.

Frédéric Couchet : Bonjour à toutes. Bonjour à tous. Vous êtes sur la radio Cause Commune 93.1 en Île-de-France et partout dans le monde sur le site La radio dispose également d’une application Cause Commune pour téléphone mobile.
Merci à vous d’être avec nous aujourd’hui.
La radio dispose également d’un salon web, utilisez votre navigateur web, rendez-vous sur le site de la radio,, cliquez sur « chat » et retrouvez-nous ainsi sur le salon dédié à l’émission.
Nous sommes mardi 29 octobre 2019, nous diffusons en direct, mais vous écoutez peut-être une rediffusion ou un podcast.

Soyez les bienvenus pour cette nouvelle édition de Libre à vous !, l’émission pour comprendre et agir avec l’April, l’association de promotion et de défense du logiciel libre. Je suis Frédéric Couchet, le délégué général de l’April.

Aujourd’hui c’est une émission exceptionnelle, car c’est la 42e émission de Libre à vous ! et 42 est un nombre fétiche dans la culture geek, informatique, la culture de l’imaginaire. C’est issu de l’œuvre de science-fiction de Douglas Adams qui était originellement un feuilleton radiophonique sur la BBC, totalement déjanté, et ensuite une série de livres, Le guide du voyageur galactique. Imaginez un peuple extraterrestre, intelligent, qui construit le plus puissant ordinateur de tous les temps pour trouver la réponse à la question sur la vie, l’univers et le reste. Après 7,5 millions d’années de calcul et de réflexion, l’ordinateur propose la réponse : 42. Le problème, c’est que personne n’a jamais su vraiment la question précise.
Pour connaître la suite de l’histoire, je vous invite à lire l’œuvre de Douglas Adams et nous allons faire dans l’émission quelques clins d’œil à cette œuvre de Douglas Adams.
Déjà, pour les personnes qui partent en vacances ou autre, n’oubliez pas, évidemment, de prendre avec vous des podcasts de Cause Commune pour accompagner votre voyage et n’oubliez pas, surtout, votre serviette c’est en effet l’outil indispensable pour tout auto-stoppeur galactique qu’il doit avoir ou qu’elle doit avoir en permanence.

Le site web de l’April c’est et vous y trouvez d’ores et déjà une page consacrée à l’émission avec toutes les références utiles, les détails sur les pauses musicales et les moyens de nous contacter.
Si vous souhaitez réagir, poser une question pendant ce direct, n’hésitez pas à vous connecter sur le salon web de la radio, donc sur, et vous pouvez également nous appeler 09 50 39 67 59 ; je répète 09 50 39 67 59.

Nous vous souhaitons une excellente écoute.

Voici maintenant le programme de l’émission.
Dans quelques secondes nous allons commencer par la chronique de Marie-Odile Morandi, animatrice du groupe Transcriptions, qui va nous parler de communs numériques.
D’ici dix à quinze minutes nous aborderons notre sujet principal qui portera sur le fameux lecteur multimédia libre VLC avec notre invité Jean-Baptiste Kempf.
En fin d’émission nous aurons la chronique de Jean-Christophe Becquet, président de l’April, sur Wikidata, relier tous les serveurs du monde.
À la réalisation de l’émission aujourd’hui Étienne Gonnu. Bonjour Étienne.

Étienne Gonnu : Salut Fred.

Frédéric Couchet : Comme à chaque émission on va vous proposer un petit quiz. Vous pouvez proposer les réponses soit sur le salon web, soit sur les réseaux sociaux.
Première question : lors de l’émission du 15 octobre 2019, nous avons parlé de Google et des assistants personnels connectés. Par quel prénom et pourquoi on a proposé de renommer les assistants personnels connectés ?
Deuxième question : nous allons parler du lecteur multimédia libre VLC au cours de cette émission. Savez-vous pourquoi l’icône de VLC est un cône de chantier ?

Tout de suite place au premier sujet.

[Virgule musicale]

Chronique « Les transcriptions qui redonnent le goût de la lecture » de Marie-Odile Morandi sur les communs numériques

Frédéric Couchet : Les choix voire les coups de cœur de Marie-Odile Morandi qui met en valeur deux ou trois transcriptions dont elle conseille la lecture, c’est la chronique « Les transcriptions qui redonnent le goût de la lecture » de Marie-Odile Morandi, animatrice du groupe Transcriptions. Bonjour Marie-Odile.

Marie-Odile Morandi : Bonjour.

Frédéric Couchet : Le sujet du jour dont tu souhaites nous parler aujourd’hui : les communs numériques. Nous t’écoutons.

Marie-Odile Morandi : Effectivement, ce mois-ci dans la chronique j’ai souhaité faire une rétrospective des transcriptions de conférences et interventions de Lionel Maurel, publiées par notre groupe, de « La dictature du copyright » à « Faire atterrir les communs numériques » sur le sol terrestre.
Les transcriptions auxquelles je vais me référer sont listées à l’onglet références de la page relative à l’émission d’aujourd’hui sur le site, mais il y en a aussi d’autres que vous pouvez retrouver sur la partie consacrée aux transcriptions, toujours sur le site de l’April.

Pour savoir qui est Lionel Maurel et quels sont ses sujets de prédilection, je vais m’appuyer sur la transcription de l’émission 13 du Vinvinteur qui date de 2013, d’une durée d’une quarantaine de minutes ; à noter que cette émission n’existe plus. Lionel Maurel y était interviewé par Jean-Marc Manach. Il nous explique que le pseudo qu’il a choisi, Calimaq, fait référence à un certain Callimaque de Cyrène, un des premiers bibliothécaires de la bibliothèque d'Alexandrie dans l’Antiquité. En effet, Lionel est à la fois bibliothécaire et juriste d’où aussi le nom de son blog : lex, la loi et SI sciences de l’information donc S.I.Lex. Avec cette double casquette, Lionel s’intéresse aux problèmes juridiques liés au droit d’auteur et aux licences libres qui, dit-il, « mettent le droit d'auteur sens dessus dessous en laissant l’auteur au centre du dispositif ».
Dans cet entretien il explique ce que sont les biens communs avec la nécessaire prise de conscience qu'il y a un écosystème numérique dans lequel il faut défendre la neutralité du Net et préserver certaines libertés essentielles, avec des références au logiciel libre et à l’intelligence collective.

Je vous laisse lire cette transcription avec en bonus les explications que donne Lionel Maurel concernant la compilation hebdomadaire qu’il réalise, le Copyright Madness, c’est-à-dire les dérives de la propriété intellectuelle, du droit des marques et du droit des brevets, ce qui, généralement, ne manque pas de sel.

Concernant le droit d’auteur, nous avions transcrit une intervention de Lionel Maurel à l’université de Compiègne en 2016 intitulée « Contenus numériques : droit d'auteur et licences libres » qui dure une heure et 40 minutes. Cette intervention est un cours complet et j’invite toutes les personnes qui sont intéressées par ce sujet, soit personnellement, soit dans un cadre professionnel, à écouter ce cours et à relire sa transcription : les thèmes abordés vont des notions de base du droit d’auteur, son fonctionnement, sa gestion, ses exceptions, pour arriver à l’application de ce droit sur Internet et terminer par les licences Creative Commons auxquelles est faite une large part. C’est un ensemble très complet qui mérite vraiment d’être relu régulièrement.

Toujours concernant les licences libres, Lionel Maurel avait fait une intervention d’une dizaine de minutes au Paris Open Source Summit de 2017 intitulée : « Creative Commons. Où en est-on en 2017 ? »
Il rappelle l’origine de ces licences, c’est-à-dire la façon dont Lawrence Lessig aux États-Unis, suite à sa défaite en tant qu’avocat pour empêcher l’allongement de 50 à 70 ans du copyright après la mort de l’auteur, souhaite « redonner directement aux créateurs le pouvoir de changer les choses et d’ouvrir leurs œuvres directement à la base en utilisant leur droit d’auteur non pas pour mettre des restrictions, mais pour donner des autorisations ». Il rappelle que certaines de ces licences ne sont pas libres au sens classique des termes des licences pour les logiciels libres dont elles s’inspirent. Je mentionne que les musiques qui sont diffusées durant les émissions Libre à vous ! sont réellement libres, c’est-à-dire Attribution et Partage à l’identique si elles sont publiées sous une licence Creative Commons.
Je vous laisse lire les conclusions de cette intervention, somme toutes optimistes, ce qui est de bonne augure, avec la présentation de belles réussites d’œuvres placées sous ces licences Creative Commons.

Lionel Maurel s’intéresse aussi au matériel et il avait tenu une conférence d’environ une heure au festival Pas Sage En Seine de 2016 intitulée : « Que manque-t-il pour avoir des licences Open Hardware qui fonctionnent ».
Avoir du matériel vraiment libre est un enjeu fort, mais difficile parce qu’on entre dans le champ de la propriété industrielle qui comporte d’autres droits, les dessins et modèles, les marques, les brevets. Le droit d’auteur et la propriété industrielle ne fonctionnent pas du tout de la même manière, les règles sont différentes : pour obtenir un droit de propriété industrielle il faut notamment faire un dépôt.
Actuellement ce mouvement se développe. Une fondation s’est montée, donne des instructions sur comment on doit faire pour être dans une démarche d’open source hardware et propose une définition : « conceptions réalisées publiquement et disponibles de manière à ce que n’importe qui puisse étudier, modifier, distribuer, créer et vendre un design ou un produit basé sur ce design », ce qui ressemble beaucoup à la définition du logiciel libre.

Lionel Maurel estime qu’il y a trois stratégies possibles pour libérer le matériel :

  • la première serait de publier la documentation de ce qu’on a produit et verser directement l’invention dans le domaine public. Sauf qu’il existe aux États-Unis les patent trolls qui pourraient s’en servir. Ce sont ces sociétés qui ne fabriquent rien, déposent le plus de brevets possibles et vivent de la menace des procès qu’elles peuvent faire ;
  • deuxième pratique : documenter le projet : expliquer la démarche, le processus de fabrication, publier les plans, les fichiers de conception, préparer un maximum de documentation et tout publier sous licence libre. Sauf que la seule chose qui peut être protégée par le droit d’auteur c’est le texte de la documentation et absolument pas l’objet réalisé à partir de cette documentation ;
  • la dernière stratégie c’est de se dire, puisqu’il faut un brevet, eh bien déposons des brevets et ensuite ouvrons-les. Sauf qu’il faudra engager la procédure de dépôt, payer les coûts et, pour un petit constructeur, un petit inventeur, ce n’est certainement pas possible.

Lionel Maurel propose des solutions que je laisse découvrir aux auditeurs qui liront la transcription. Pour lui il y a là un champ sur lequel faire de la recherche. Il appelle les personnes intéressées à participer car, dit-il, c’est un peu sous-estimé par le monde du Libre qui devrait être beaucoup plus présent sur le sujet.

La dernière conférence en date qui a été transcrite est son intervention au Colloque « Territoires solidaires en commun : controverses à l'horizon du translocalisme », de juin 2019 et qui dure environ une heure.

Là encore, il nous propose quelque chose de très complet, très documenté, avec des références à de nombreux auteurs ce qui permettra aux personnes qui le souhaitent d’approfondir leurs connaissances.

Habituellement, dans notre esprit, nous distinguons les communs matériels, tangibles, des communs de la connaissance, des communs informationnels qui vont être des communs immatériels, intangibles.

Charlotte Hess, qui a travaillé avec Elinor Ostrom, se pose la question : « C’est quoi Internet ? C’est la machine que j’ai devant moi. Il y a un fil. Le fil va à un serveur. Le serveur va à d’autres fils. D’autres ordinateurs sont reliés à ce serveur qui est relié à un système d’information. Ce réseau est relié par des câbles au réseau des réseaux qu’est Internet », et elle fait ainsi une description qui n’a absolument rien d’immatériel ; Internet est indissociable d'un certain nombre d'objets – ordinateurs, câbles, serveurs. Donc, nous dit-elle : « On peut penser Internet comme un commun local et global », montrant que les communs de la connaissance ont une dimension matérielle.
Sur Internet, tout ce que vous allez échanger va laisser une trace quelque part et cette trace n’est pas du tout virtuelle, elle est matérielle parce qu’elle est inscrite dans une infrastructure physique. Nos données ne sont pas du tout stockées dans un nuage, elles sont stockées dans des datacenters, ces immenses hangars extrêmement matériels ; c’est la fameuse phrase « le cloud, le nuage, c’est toujours l’ordinateur de quelqu’un d’autre. »
Donc le fait de nous présenter Internet comme quelque chose d’immatériel est extrêmement faux. L’idée selon laquelle le numérique allait nous permettre de produire les choses avec moins de matière est elle aussi fausse. On lit régulièrement que la consommation électrique due à Internet est préoccupante, à laquelle il faut ajouter les coûts de production des machines, sans oublier les déchets en fin de course qui sont difficilement recyclables. D’où les problèmes sur l’environnement. On en revient à des sujets d’actualité.

Selon un des auteurs cités, une réelle émancipation « impliquera de se réapproprier toute cette chaîne logistique numérique aujourd’hui intégralement privatisée et aliénée ». Il faut qu’on fasse des centres de stockage des données autogérés et contrôlés par nous-mêmes.

Lionel Maurel nous rappelle alors l’existence des fournisseurs d’accès à Internet associatifs, c’est-à-dire ces associations qui disent : « L’accès à Internet est un droit fondamental, donc nous allons tirer des câbles et nous gérerons nous-mêmes la couche physique du réseau. »
Lionel Maurel nous rappelle les projets de l’association Framasoft et l’excellente idée du collectif d’hébergeurs CHATONS. Nos données se trouveront à un niveau local, sur les serveurs d’une entreprise ou d’une association proche de chez nous, qui a signé une charte avec notamment la clause de ne pas utiliser nos données personnelles, donc respect de la vie privée.
Ainsi Internet redevient « translocal », thème de cette conférence.

Actuellement de nombreux penseurs s’interrogent sur la matérialité d’Internet et sur son coût écologique que nous avons sans doute négligé.
Cette dernière conférence m’a particulièrement intéressée, avec, il me semble, une évolution de la pensée, et j’ai souhaité partager.
Transcrire les conférences de Lionel Maurel, défenseur de longue date des logiciels libres, est toujours un plaisir. N’hésitez pas à rejoindre notre groupe Transcriptions, vous ne le regretterez pas !

Frédéric Couchet : Merci Marie-Odile. Tu nous a donné envie de lire ces conférences de Lionel Maurel.
Je précise que le collectif CHATONS est le Collectif des Hébergeurs Alternatifs Transparents Ouverts Neutres et Solidaires dont nous avons déjà parlé dans les émissions Libre à vous ! du 18 juin et du 16 avril 2019. Vous retrouverez les podcasts sur et Je précise également que tu as parlé des patent trolls, de ces trolls de brevets. On en reparlera rapidement en fin d’émission parce que c’est dans l’actualité.
Marie-Odile je te remercie et je te souhaite de passer une belle journée.

Marie-Odile Morandi : À vous de même. Bonne soirée.

[Virgule musicale]

Frédéric Couchet : On va passer une pause musicale. Nous allons écouter La fin de Saint Valéry par Ehma. On se retrouve juste après. Belle journée à l’écoute de Cause Commune.

Pause musicale : La fin de Saint Valéry par Ehma.

Frédéric Couchet : Nous venons d’écouter La fin de Saint Valéry par Ehma, disponible en licence Art libre. Vous retrouverez les références sur le site de l’April, et sur le site de Cause Commune,

Ne paniquez pas, vous êtes toujours avec l'April pour l’émission Libre à vous ! sur radio Cause commune 93.1 FM en Île-de-France et partout ailleurs sur le site

Nous allons passer à notre sujet principal.

[Virgule musicale]

Le lecteur multimédia libre VLC avec Jean-Baptiste Kempf président de VideoLAN et fondateur de la société Videolabs

Frédéric Couchet : Nous allons donc poursuivre par notre sujet principal qui porte aujourd’hui sur le célèbre lecteur multimédia libre VLC dont l’icône est un cône de chantier et nous allons bientôt apprendre les raisons de ce choix. Notre invité est Jean-Baptiste Kempf président de VideoLAN, l’association qui gère VLC, et fondateur de la société Videolabs qui crée des services autour de VLC et plus généralement des nouveautés autour de la vidéo. Bonjour Jean-Baptiste.

Jean-Baptiste Kempf : Bonjour.

Frédéric Couchet : On a déjà eu l’occasion d’avoir Jean-Baptiste dans l’émission en octobre 2018 pour nous parler de DRM, les fameuses menottes numériques sur lesquelles on reviendra très rapidement au cours de l’émission ; vous pouvez écouter évidemment le podcast. Déjà une première petite question, une présentation personnelle. Jean-Baptiste, d’où viens-tu ? Qui es-tu ? Quel est ton parcours ?

Jean-Baptiste Kempf : Je m’appelle Jean-Baptiste. Je suis un geek, j’ai 36 ans, je suis Parisien, j’ai vécu la plupart de ma vie à Paris. Ça fait un bout de temps, à peu près 13 ou 14 ans, que je fais du VLC et que ça a pris de plus en plus de temps dans ma vie jusqu’à être mon métier principal.

Frédéric Couchet : C’est quoi un geek ? Tu as employé ce mot-là au début.

Jean-Baptiste Kempf : Oui. Quelqu’un qui adore coder et être sur son ordinateur. Moi j’ai toujours été dans le logiciel libre dès que je me suis mis à l’informatique, pendant que j’étais en école.

Frédéric Couchet : Donc un passionné notamment d’informatique.

Jean-Baptiste Kempf : Principalement.

Frédéric Couchet : Principalement.

Jean-Baptiste Kempf : Mais aussi de bons bouquins de fantaisie comme le Le Guide du voyageur galactique de l’espace.


Frédéric Couchet : En plus c’est un grand honneur de te recevoir car, depuis le 15 novembre 2018, tu as eu le grade de chevalier de l’ordre national du Mérite, c’est l’une des plus importantes décorations françaises. Ça a l’air de te faire soupirer mais en même temps ça récompense une dizaine d’années de contribution à la fois dans ta société et dans la communauté du Libre.

Jean-Baptiste Kempf : Ça va te faire rigoler parce je suis un gros boulet : je n’ai toujours pas récupéré cette décoration parce qu’il faut organiser une cérémonie, avoir quelqu’un qui te la remet, et je dois avouer que ce n’était pas vraiment dans mes priorités, notamment personnelles, cette année. Il faut absolument que je m’en occupe parce que sinon je ne vais jamais avoir le droit de la porter. C’est génial ; c’est clair, c’est génial parce que ça montre notamment qu’on a eu des gens dans l’État qui commencent à comprendre ce qu’est le logiciel libre et pourquoi c’est important pour l’État et pour la France. Ça c’est vraiment très cool. C’était Mounir, à l’époque, qui m’avait proposé.

Frédéric Couchet : Mahjoubi, qui était ministre du numérique [secrétaire d’État chargé du numérique].

Jean-Baptiste Kempf : Maintenant c’est Cédric O, je crois, qui l’a remplacé. Donc c’est très cool. Par contre, ce que je n’aime pas : c’est une décoration personnelle pour un projet qui est un projet commun. C’est sûr que je suis la personne qui a passé le plus de temps autour de VLC et d’autres projets autour de VideoLAN, mais je suis toujours un peu mal à l’aise avec ça.

Frédéric Couchet : C’est le côté starisation qui ne te plaît pas.

Jean-Baptiste Kempf : Ouais. Il y a beaucoup trop de starisation dans tout ce qui est tech, tout ce qui est startup. On parle plus souvent, on voit plus souvent, à propos des startups, plus des photos des fondateurs que de leurs produits. Ça me gêne un peu ; ce n’est pas très grave, mais ça me gêne un peu.

Frédéric Couchet : OK. Avant d’oublier je précise que si des personnes qui écoutent veulent appeler pour faire une intervention et notamment poser une question à Jean-Baptiste, vous pouvez appeler le 09 50 39 67 59 et Étienne Gonnu, en régie, attend vos appels.
Déjà une petite première question. En fait de très nombreuses personnes utilisent VLC souvent sans savoir que c’est un logiciel libre et ça permet à ces personnes de lire des vidéos. Mais toi, quand tu présentes par exemple peut-être en soirée ce que tu fais, comment tu présentes VLC, en une ou deux phrases ? Petit résumé.

Jean-Baptiste Kempf : Ça dépend de qui est en face, du public, et ça dépend de si je veux troller ou pas. En général, ce que je dis, c’est que c’est un lecteur multimédia qui est capable de lire tous les formats de fichiers audio, vidéo et qui marche partout. Ça c’est l’accroche et après, surtout, je dis que c’est un logiciel libre, développé par une communauté, pour le bien commun.

Frédéric Couchet : D’accord. C’est intéressant parce qu’une des forces, effectivement, de VLC c’est de lire à peu près tous les formats de fichiers et on va y revenir dans la partie plus technique, présentation des fonctionnalités. Tu dis que c’est une communauté qui développe ça, justement, on va parler de l’histoire de ce projet. Comment c’est né ? Parce que c’est un projet très ancien, il y a de nombreuses années. Est-ce que tu peux nous raconter comment est né ce projet à l’École centrale de Paris, si j’ai bien suivi.

Jean-Baptiste Kempf : En fait, ce qui est marrant dans VLC, c’est qu’il n’y a pas eu de créateur de VLC et surtout il n’y a personne qui a voulu faire VLC. Souvent les gens, quand je leur raconte ça, ça les déçoit un peu, il n’y a personne qui s’est dit « je vais faire un nouveau lecteur vidéo, ça va être mieux que le reste ». En fait, c’est une succession de projets qui commence il y a très longtemps, et une partie du projet du projet est devenu VLC. Je vais m’expliquer un petit peu parce sinon c’est un peu flou.

Frédéric Couchet : Avec des dates.

Jean-Baptiste Kempf : Le projet originel date du fait que dans les années 60 l’École centrale Paris a déménagé de la gare de Lyon à Châtenay-Malabry dans le sud de Paris, pour des raisons un peu bizarres, mais notamment parce que l’Éducation nationale n’avait pas l’argent pour le faire. On s’est retrouvé avec une grande école française qui était sur un campus géré par des anciens élèves, donc privé. Et tout dans l’organisation du campus était fait par des étudiants : le téléphone, la télé, la radio, la cafétéria et le réseau informatique. Dans les années 80 ils mettent un réseau informatique et c’était un réseau informatique qui était basé sur Token Ring, donc un réseau très lent. Vers le milieu des années 90, ils veulent avoir un réseau plus rapide et quand ils vont voir l’École pour dire « on a besoin d’un nouveau réseau plus rapide », en particulier pour jouer, il ne faut pas mentir.

Frédéric Couchet : Pour jouer en réseau au début.

Jean-Baptiste Kempf : Pour jouer en réseau et l’École leur dit : « Écoutez, vous allez être gentils, vous allez l’utiliser pour jouer en réseau et pas du tout pour travailler » et surtout, la raison principale de l’École c’est « vous comprenez, le campus est privé, nous on ne peut rien y faire » ; ils disent : « Allez voir les partenaires ». C’est là que le projet qui s’appellait Network 2000 – on est en 1995, à l’époque, évidemment, tout projet s’appelle 2000 sinon ce n’est pas un vrai projet – ils vont voir des partenaires, ils vont voir notamment TF1 qui dit : « Le futur de la vidéo c’est le satellite — aujourd’hui c’est facile de rigoler, mais en 1995 c’était important — et pour 1500 étudiants s’il faut mettre 1500 décodeurs et 1500 antennes ça va coûter une fortune. Ce qu’on vous propose, c’est de mettre juste un réseau très rapide, numérique – ce sont les débuts de la vidéo numérique – on met une grosse antenne et on diffuse la vidéo sur tout le réseau hyper-rapide. Évidemment on est en 1994/95, les ordinateurs les plus puissants ce sont des 486DX-33, DX-66 ou des Pentium 60, c’est absolument impossible, sans avoir des grosses machines, de faire du décodage vidéo taille DVD à l’époque, sans matériel, mais ils le font quand même et c’est comme ça qu’ils justifient l’achat d’un nouveau réseau pour ce projet dans l’association des étudiants qui gérait le réseau informatique. À ce moment-là il n’y a pas du tout de VLC.
Ça finit, il y a une démo qui marche, ça crashe au bout de 50 secondes ; on fait une démo de 42 secondes, comme ça c’est nickel, c’était cross-platform, ça marchait grosso modo sous BeOS et Linux, rien d’autre, mais on montrait que c’était possible. Pendant un an il ne se passe plus rien. Il y a des étudiants en 98 qui disent : « C’est un projet qui est marrant, de diffusion de vidéos sur un réseau, il y a peut-être d’autres campus ou des réseaux d’entreprises qui sont intéressés ». Donc ils remontent un projet qui, à ce moment-là, s’appelle VideoLAN, lan qui veut dire réseau local en anglais. Donc ils montent le projet VideolAN. Ils sont en 98, ils ont comme objectif de devenir open source et d’être cross-platform. Mais dans VideoLAN, il y avait une partie serveur, une partie réseau, une autre partie un truc un peu compliqué, et il y avait une partie cliente. Mais la partie cliente ce n’était pas forcément le focus, parce que ce n’était pas forcément l’endroit le plus compliqué. La partie cliente s’appelle VideoLAN client.

Frédéric Couchet : Donc VLC.

Jean-Baptiste Kempf : À ce moment-là tout le monde l’appelle VideoLAN client. Ça ne va s’appeler VLC que trois ou quatre ans plus tard. Au moment où en 2001, après une bataille de longue haleine, l’École autorise le changement de licence pour que ça passe d’une licence propriétaire vers une licence open source, libre.

Frédéric Couchet : Une licence libre, en l’occurrence la licence GNU GPL, General Public License.

Jean-Baptiste Kempf : Exactement. Ils ne précisent pas la version, ils disent GNU General Public License et ils ne précisent pas VLC, ils précisent « pour l’ensemble des logiciels du projet VideoLAN ». Donc VLC c’est une petite partie du projet VideoLAN, qui est un projet dont le but a été d’être libre, mais qui, au début ne l’était pas, basé sur un projet qui était originellement de faire un nouveau réseau parce qu’il y avait un réseau informatique lent à l’époque. À ce moment-là, quand ça passe en logiciel libre, c’est à ce moment-là qu’il y a des contributions extérieures importantes qui font que ça passe sous Windows et sous Mac OS rapidement et pas à l’initiative des élèves et que ça commence à démarrer à l’extérieur.
En fait il n’y a personne qui s’est dit « waouh, je vais faire un nouveau lecteur, je vais le porter partout ». Ce sont vraiment des étudiants, plusieurs générations d’étudiants parce qu’on parle de 1994 à 2002 pour le début de l’explosion et il n’y a personne qui s’est dit « je vais créer VLC ! »

Frédéric Couchet : D’accord. L’École centrale de Paris c’est une école d’ingénieurs. Toi tu intègres l’École centrale à quelle date ?

Jean-Baptiste Kempf : En 2003.

Frédéric Couchet : En 2003. Je suppose, comme tu l’as dit en introduction, tu es un geek et tu es là pour apprendre, que tout de suite le projet te plaît. Est-ce que tu contribues tout de suite ?

Jean-Baptiste Kempf : C’est pire que ça. Moi j’ai choisi l’École centrale Paris parce que je savais que c’était une école où il y avait une association informatique qui faisait du Libre.

Frédéric Couchet : Tu as choisi l’école pour ça ! D’accord !

Jean-Baptiste Kempf : J’avais rencontré en vacances quelqu’un ; j’ai eu le choix entre plusieurs grandes écoles et je suis allé à Centrale parce que je savais que un, il n’y avait pas beaucoup de cours et deux, parce qu’il y avait une association qui faisait du réseau, qui était sous Linux. Je n’y connaissais rien, c’était clair à l’époque. Donc ça a été mon choix, c’est pour ça que ça que je suis allé à Centrale.

Frédéric Couchet : C’est marrant parce que ça me rappelle ma propre histoire à Paris 8, mais des années avant parce que je suis un peu plus vieux que toi. Donc tu arrives à Centrale en 2003. À l’époque il n’y a pas d’association qui porte ce projet et, si j’ai bien suivi, c’est toi qui vas initier l’idée de créer une association qui va s’appeler VideoLAN.

Jean-Baptiste Kempf : En fait ça arrive bien plus tard parce qu’à l’époque entre les gens du réseau VIA et les gens de VideoLAN c'était très interconnecté. Je deviens vice-président de l’association du réseau et c’est moi, avec notamment un autre développeur qui s’appelle Rémi, qui portons pendant une année cette association, donc on fait des choses sur VideoLAN. La première chose que je fais sur VideoLAN c’est gérer la diffusion interne de la télévision pour le campus de Centrale. Et ça, ça doit être fin 2003/début 2004 que je commence à toucher au projet VideoLAN, mais pas du tout par la partie code, vraiment par la partie infrastructure. En fait, je fais un stage plus tard en 2005/2006 et je m’emmerde pendant ce stage.

Frédéric Couchet : C’est aux États-Unis, ce stage ?

Jean-Baptiste Kempf : Pas du tout. J’étais au CEA [Commissariat à l'énergie atomique], à la direction des applications militaires. Le stage était génial, mais j’avais beaucoup trop de temps. Je me suis vraiment amusé sur le stage, mais c’est juste que ça n’allait pas assez vite pour moi. Donc j’ai fait deux choses : j’ai fait pas mal de documentation et j’ai commencé à aider sur VLC.
En fait, on s’est retrouvé un peu avec le problème que le projet était trop gros pour l’école, trop gros pour des étudiants, trop d’utilisateurs, et c’était très difficile de faire quoi que ce soit, surtout parce qu’en 2006/2007/2008 la nouvelle génération d’étudiants n’est vraiment pas intéressée par le projet. C’est à ce moment-là, fin 2007 et début 2008, que je lance l’idée de se séparer de l’école. Je crée l’association au VideoLAN Dev Days en décembre 2008, hébergée chez, Free et c’est là où on fait un vote, où on décide de créer une association. Début 2007 il n’y avait plus que deux personnes et demie actives sur le projet. Quand j’étais dans mon stage, comme tu l’as dit aux États-Unis, j’ai passé beaucoup de temps à retrouver des mondes, des anciens et des nouveaux, pour se remotiver autour de projet et ça va prendre quelques années pour qu’on arrive à la version 1.0 de VLC.

Frédéric Couchet : D’accord. On va y arriver. Petite question : le choix du cône chantier comme icône, c’était à cette époque-là ou pas ?

Jean-Baptiste Kempf : Quand je suis arrivé, le cône de chantier était déjà là.

Frédéric Couchet : Est-ce que tu sais pourquoi le cône de chantier a été choisi ?

Jean-Baptiste Kempf : Oui, je sais, évidemment !

Frédéric Couchet : Vas-y.

Jean-Baptiste Kempf : Il faut savoir, et je suis désolé pour les auditeurs, qu’il y a une bataille d’anciens pour expliquer quelle est la raison du cône, mais quand moi je suis arrivé à Centrale, c’est sûr, on avait des étages de 24 étudiants et sur l’étage du 2H, l’étage du réseau, il y avait à peu près une centaine de cônes, il y avait une armoire à cônes.

Frédéric Couchet : Le culte du cône !

Jean-Baptiste Kempf : Le culte avec des jeux physiques comme le cône acrobatique, le « côneball », des batailles, des montages de batailles moitié laser moitié cônes. Il y avait vraiment un culte sur le cône qui était très drôle, pas du tout malsain, attention pour ceux qui ont peur, très marrant et hyper deuxième ou troisième degré. À l’origine ils avaient besoin de parler à un étudiant qui ne voulait pas leur ouvrir la porte. En fait, après une soirée probablement un peu arrosée, ils ont utilisé le cône comme porte-voix pour l’appeler et l’alpaguer depuis sa fenêtre. Plutôt que d’avoir une petite mandoline pour chanter une sérénade, ils ont pris un cône qui était là. Ça c’était des gens autour du réseau et, en fait, dans la première sortie sous Linux X11.

Frédéric Couchet : X11 c’est l’environnement de fenêtrage graphique, on va dire.

Jean-Baptiste Kempf : Avant, la première version était en framebuffer, c’est encore au niveau plus bas. Ça passe à la première version. En fait, à l’origine, tout le monde se tirait un peu la bourre dans VLC, ce qui est normal parce qu’il y avait toujours plein de choses à faire, c’est super marrant, donc celui qui met la première version X11, il commit à quatre heures du matin, même si ce n’est pas fini, mais juste parce qu’il a quand même fait le plus gros du boulot, il envoie sa version et, pour montrer que ce n’est pas fini, il met comme icône le petit cône de chantier pour dire que c’est en travaux.
Ensuite Sam Hocevar, qui est un des génies qu’il y a eu autour du projet, dessine la première icône et ça reste. Ce n'est pas réfléchi, c’est complètement débile d’utiliser un cône de chantier pour un lecteur multimédia, mais c’est un coup marketing absolument génial parce que c’est hyper-reconnaissable. Là, maintenant, je vais partout dans le monde, quand je parle de VLC les gens connaissent déjà beaucoup plus que l’École centrale Paris ou des choses comme ça, mais, surtout, il y a plein de gens qui font : « Je ne sais pas trop » et tu dis : « Mais si, le cône qui lit des vidéos » et là, c’est universel.

Frédéric Couchet : Le cône de chantier. C’était une excellent idée et on salue Samuel Hocevar qui a aussi été le responsable du projet Debian, qui est aussi un grand fan de cinéma et notamment de La Classe américaine dont on parlera peut-être un jour. En tout cas, allez chercher sur un moteur de recherche Samuel Hocevar, c’est un génie.

Jean-Baptiste Kempf : Et qui a été un des premiers à introduire Wikipédia en France.

Frédéric Couchet : Exactement. C’est aussi un des fondateurs de Wikimédia France.
J’ai une petite question sur le salon web de la radio, je rappelle que c’est sur, une réponse rapide, Marie-Odile qui demande : « Est-ce que cette école est toujours aussi sympa afin de la conseiller aux jeunes qui vont prochainement passer des concours ? » L’ECP ? Est-ce que tu conseillerais d’aller à l’ECP aujourd’hui ?

Jean-Baptiste Kempf : Désolé, je n’en sais rien du tout. Maintenant elle s’appelle CentraleSupélec, ça a été fusionné avec Supélec. J’y vais de temps en temps parce que je suis toujours administrateur de l’association du réseau, je trouve que les gens sont toujours aussi cools, par contre je trouve que leur campus est quand même moins marrant que le nôtre.

Frédéric Couchet : D’accord. Voilà la réponse par rapport à ça. On a bien compris qu’au départ il y a pas mal d’étudiants et d’étudiantes qui ont contribué. On va revenir tout à l’heure sur la contribution concrète, aujourd’hui, à VLC, parce que les gens doivent se dire qu’il doit y avoir des centaines de personnes qui contribuent tous les jours à VLC. On va aussi parler du financement, mais dans une deuxième partie. On va revenir un petit peu, une fois passé cet historique, on remarque que c’est un logiciel libre qui existe depuis très longtemps, qui se développe. Aujourd’hui c‘est la version 3.0, c’est ça ?

Jean-Baptiste Kempf : C’est ça.

Frédéric Couchet : 3.0. Tu l’as dit tout à l’heure, l’un des grands atouts de VLC en termes de fonctionnalité, c’est que ça intègre les codecs nécessaires à la lecture de la plupart des formats audio et vidéo et que VLC peut aussi lire à peu près tous les flux réseau. Donc le choix de VLC, pour beaucoup de gens, c’est aussi la qualité et la capacité d’accéder à peu près à tous les contenus. Une autre caractéristique c’est la capacité de lire des flux un petit peu endommagés et de les réparer à la volée, c’est assez magique ! Un autre avantage, et là j’aimerais bien que tu expliques comment vous faites, c’est le côté multiplateforme, parce que souvent les logiciels libres sont disponibles sur environnement Windows, Mac, GNU/Linux, mais vous allez encore plus loin, c’est de l’Android, c’est de l’iPhone, c’est OS2. C’est intégré dans certaines box et ça serait intéressant d’en reparler tout à l’heure. Comment vous faites pour ce côté multiplateforme ?

Jean-Baptiste Kempf : Il y a plusieurs raisons. La première raison c’est que VLC est hyper-modulaire, contrairement par exemple à un autre lecteur multimédia qui est sur Linux qui s’appelle MPlayer, qui était là avant. Le cœur de VLC est tout petit, ça doit être un dixième du code, un vingtième du code, et après on a plein de modules. La raison pour laquelle VLC est passé en modules, ça n’est pas du tout une idée, une grande idée en disant « il faut absolument faire ça », c’était, je suis désolé pour le terme technique, pour raccourcir les temps de compilation à l’époque. Quand on faisait une modification on modifiait juste un module et on compilait, c’était beaucoup plus rapide que tout compiler.

Frédéric Couchet : La compilation c’est partir du code source pour arriver à la version compréhensible par l’ordinateur.

Jean-Baptiste Kempf : C’est ça. En fait, pour faire plus simple, c’était juste plus facile de développer, mais ça n’était pas dans le but d’être plus cross platform, c’était vraiment Sam qui voulait coder plus rapidement, donc pour aller plus rapidement dans son développement il est passé en modules. Et ce passage en modules, en fait c’est vraiment un coup de génie, qui n’était peut-être pas forcément vu à l’époque, c’est que ça a permis justement d’être sur plein de plateformes, parce que quand tu vas sur une autre plateforme tu fais juste une nouvelle sortie audio, une sortie vidéo, une nouvelle interface et puis c’est tout ; tu n’as pas à modifier tout le reste. Et, deuxième effet cool qui est très bien, c’est que ça permet aux gens qui rentrent dans le projet de commencer à contribuer sans être capables de comprendre ce qui se passe au cœur. Moi, pendant quasiment deux ans depuis le premier moment où j’ai codé sur VLC, je n’ai jamais rien fait dans le cœur de VLC parce que c’est compliqué ; mais ce n’est pas grave, comme ce sont des modules, tu rajoutes juste une fonctionnalité : tu veux un nouveau format, tu rajoutes juste un module ! Et quand tu veux placer sur d’autres plateformes, que tu as mentionnées, mais on est aussi sur Apple TV, sur Android TV, on a une version qui marche sur la PS4 – elle n’est pas publique parce que, pour des raisons de liberté, on ne peut pas la publier.
En fait, ce que je dis, c’est que VLC est un des logiciels le plus porté sur plein d’autres plateformes, en tout cas interfaces. On est sur plus de plateformes que Chrome, on est sur plus de plateformes que Firefox, que LibreOffice et je ne parle même pas, évidemment, de logiciels propriétaires comme Office ou Apple.
Il faut comprendre que, évidemment, ça prend beaucoup de temps, mais, en fait, le cœur de VLC est géré par cinq personnes. C’est important. Ce sont des gens très bons et je suis poli, à part moi ce sont vraiment des gens exceptionnels au niveau code, qui sont vraiment de classe internationale, qui sont hyper-bons, qui savent ce qu’ils font et c’est ça qui permet de supporter plein de plateformes. Ensuite on est très conservateurs sur notre approche du code. On écrit tout en C, un petit peu de C ++.

Frédéric Couchet : C, c’est un langage de programmation.

Jean-Baptiste Kempf : En langage de programmation C, donc vraiment du bas niveau, parce que c’est un langage qui est très limité mais qui est relativement simple, dont on connaît très bien les limites, donc ça permet à VLC de garder cette qualité. Et un truc important aussi concernant VLC, sa marque, c’est que les gens normaux, c’est-à-dire pas les gens qui passent leurs journées à recompiler leur VLC sur Linux, font confiance au code. Et ça c’est hyper-important. La deuxième raison c’est que dans VLC il y a des gens comme moi qui ont été hyper-embêtants sur la qualité du produit. J’ai emmerdé les autres développeurs des centaines de fois en disant « non, ça ce n’est pas possible, ça casse ce problème pour l’utilisateur ». J’ai passé des heures et des heures sur les forums, sur Twitter, etc., à écouter ce que voulaient nos utilisateurs, c’est hyper-important, ce n’est pas la partie la plus marrante. Pour moi c’est important d’avoir du produit qui fonctionne.

Frédéric Couchet : Justement sur la partie support j’ai une question : est-ce que globalement l’équipe reçoit plus d’encouragements ou de remerciements que de plaintes, ou traditionnellement… ?

Jean-Baptiste Kempf : Non ! On n’entend que des plaintes, voire des insultes ou des menaces de mort.

Frédéric Couchet : À ce point-là !

Jean-Baptiste Kempf : Oui. Des gens ont envoyé des lettres anonymes que j’ai reçues chez mes parents. Il y a des tarés partout ! Par rapport aux centaines de millions d’utilisateurs, en fait c’est ridicule les plaintes. Évidemment, quand tu es de l’autre côté, tu ne vois que la partie négative et c’est vrai que de temps en temps tu as des mecs qui te dises : « C’est trop bien ! » Il y a des mecs qui m’ont envoyé de la bière parce que sur un thread reddit j’ai dû raconter qu’une des bières que j’adore c’est la Kasteel Rouge et il y a quelqu’un qui a envoyé chez mes parents une caisse de Kasteel Rouge, que j’ai bue.

Frédéric Couchet : Est-ce qu'il t'a invité au Dernier Restaurant avant la fin du monde ?

Jean-Baptiste Kempf : Non, on ne m’a pas encore invité au Dernier Restaurant avant la fin du monde, mais on m’a déjà invité pas mal de fois au Dernier bar avant la fin du monde soit celui de Paris soit dans d’autres endroits.

Frédéric Couchet : Il y en a dans d’autres endroits ?

Jean-Baptiste Kempf : Oui. Il y en a dans d’autres endroits.

Frédéric Couchet : D’accord. OK. Tu parlais à l’instant de la qualité, notamment par rapport à l’expérience utilisateur et utilisatrice, il y a un autre sujet qui doit sans doute te faire stresser c’est la sécurité. D’ailleurs je ne sais pas sur combien de machines, si c’est estimable, VLC est installé, mais le problème de sécurité soit par un bug soit par une injection de code malveillant, ça doit te faire flipper !

Jean-Baptiste Kempf : C’est clair que c’est un vrai sujet qui est très compliqué. Je vais d’abord répondre à ta première question qui est combien il y a de VLC installés. On ne fait pas de télémétrie – moi j’appelle ça de l’espionnage, certains appellent ça de la télémétrie, ça s’appelle de l’espionnage même quand c’est Mozilla qui le fait, nous on ne fait pas d’espionnage –, par contre, c’est vrai qu’on peut savoir des choses. On peut savoir le nombre de téléchargements sur notre site web, sachant qu’il y a évidemment plein d’autres sites de téléchargement comme, et toutes les distributions Linux qui redistribuent sans passer pas nous, donc on n’a pas cette information. Mais là, déjà, on voit qu’on est à peu près à 25 millions, 30 millions de téléchargements par mois. Deux tiers, en fait, ce sont des updates, mais le reste ça ne l’est pas. Déjà le fait qu’il y ait pas mal d’updates ça nous donne des informations.

Frédéric Couchet : Les updates ce sont les mises à jour.

Jean-Baptiste Kempf : Les mises à jour. Après, on a des informations de Microsoft, du nombre d’utilisateurs, notamment pour les crash reports.
En fait, on n’a pas d’infos fiables, mais on a une estimation. En nombre d’utilisateurs actifs, ce que tu définis comme une personne qui utilise VLC une fois dans le mois, sous Windows on a 300 millions d’utilisateurs actifs.

Frédéric Couchet : Waouh !

Jean-Baptiste Kempf : Donc tu peux considérer qu’en nombre d’installations on doit être au moins au double, en nombre d’installations !

Frédéric Couchet : Sous les environnements GNU/Linux, FreebSD et autres, libres, on n’a pas d’estimations.

Jean-Baptiste Kempf : Si. À une époque j’avais fait des estimations : grosso modo on prend le nombre sur Windows, on divise par dix et on a la part de marché qu’on a sous Mac OS et on prend exactement la même chose sous Linux, donc ça fait 30 millions. Sur les machines bureau on pense qu’on a 350 millions d’actifs, donc en nombre d’installés c’est peut-être 600 millions, 700 millions. Après il y a les mobiles. On a eu, par exemple sur Android, 250 millions de téléchargements, de comptes qui l’ont téléchargé et 60 millions d’actifs et sur iOS quelque chose de similaire. Ça donne un ordre d’idée.

Frédéric Couchet : C’est une grosse masse.

Jean-Baptiste Kempf : C’est une grosse masse.

Frédéric Couchet : Donc la partie sécurité doit être stressante !

Jean-Baptiste Kempf : En particulier parce que nous on fait du C, on est vraiment au bas niveau, on n’est pas en train d'avoir un langage qui nous aide parce que dans le multimédia, on n’a pas le choix, il faut être hyper-performant. On va le plus proche du matériel, donc on a accès au bas niveau, donc on a accès, en fait, vraiment à tout. Pour ceux qui comprennent, quand on est dans VLC on est vraiment en mode kernel quasiment partout.

Frédéric Couchet : C’est-à-dire qu’on est au plus proche du matériel, donc on peut quasiment tout faire.

Jean-Baptiste Kempf : Et surtout j’ai accès à tout, j’ai accès à tous tes fichiers, si tu crashes VLC, normalement. C’est le même problème qu’a Chrome, sauf que Chrome ils ont une approche, ils ont des millions pour améliorer ça. On a vu, par exemple, la CIA qui a utilisé une fausse version de VLC et, en même temps que tu regardais ton film, il y avait un petit plugin qu’ils avaient rajouté, un petit module de VLC qu’ils avaient rajouté qui, en fait, chiffrait tous tes documents dans ton dossier « Mes documents » sous Windows et les envoyait quelque part. Ce n’était pas notre version de VLC mais c’était une version récupérée quelque part qu’ils redistribuaient et tu ne t’en rends pas compte : tu regardes un film, ça dure deux heures ou trois heures quand c’est Avengers games, donc ton PC travaille, il y a un peu de bruit, ça ne t’étonne pas.
Ça c’est un vrai problème et puis il y a des failles de sécurité, comme pour tous les logiciels, mais les gens font un peu moins les mises à jour que pour Chrome ; pour ton navigateur, tu passes ton temps à faire ça. On a une approche, notamment depuis trois ans, qui est très proactive, où on va notamment analyser le code et faire des choses comme ça pour, justement, trouver des bugs en amont. On a eu un bug bounty par la Commission européenne qui payait des hackers pour essayer de trouver des problèmes dans VLC et ensuite nous on allait réparer.

Frédéric Couchet : C’est le projet FOSSA [Free and Open Source Software Audit] ?

Jean-Baptiste Kempf : Sur le projet FOSSA.

Frédéric Couchet : Le projet FOSSA de la Commission européenne.

Jean-Baptiste Kempf : Évidemment que c’est grâce à Julia Reda.

Frédéric Couchet : L’ancienne eurodéputée du Parti pirate.

Jean-Baptiste Kempf : Évidemment il n’y a qu’elle qui est intéressée par ce genre de truc. C'était vraiment très cool et ça permet de remonter des problèmes, mais ça ne règle pas le problème fondamental. Pour régler le problème fondamental on a une idée avec un système de sandboxing, c’est très compliqué et surtout ce sont des choses qui n’ont jamais été faites.

Frédéric Couchet : Est-ce que tu peux expliquer en une phrase ce qu’est le sandboxing ? Ou après la pause musicale si tu veux.

Jean-Baptiste Kempf : L’idée du sandboxing et je ne pourrai pas faire plus technique que ça…

Frédéric Couchet : Moins technique que ça.

Jean-Baptiste Kempf : Ouais, pardon, c’est que quand VLC a un problème, en fait, il est dans son petit environnement, donc il n’a accès à rien sur ta machine, donc ça n’est pas grave.

Frédéric Couchet : C’est un bac à sable juste pour VLC.

Jean-Baptiste Kempf : C’est ça. En fait, ça c‘est la théorie. En pratique, il va falloir mettre une dizaine de bacs à sable à l’intérieur de VLC et c’est très compliqué.

Frédéric Couchet : On va permettre aux gens de réfléchir en écoutant une pause musicale. Nous allons écouter Jack’s Playing Ball par Jono Bacon. On se retrouve juste après. Belle journée à l’écoute de Cause Commune.

Voix off : Cause Commune 93.1.

Pause musicale : Jack’s Playing Ball par Jono Bacon.

Frédéric Couchet : Nous venons d’écouter Jack’s Playing Ball par Jono Bacon, disponible sous licence libre Creative Commons BY SA, c’est-à-dire Partage dans les mêmes conditions. Vous retrouverez les références sur le site de l’April, et sur le site de la radio,

Vous écoutez toujours l’émission Libre à vous ! sur radio Cause Commune 93.1 FM en Île-de-France et partout ailleurs sur le site Je vous rappelle que vous pouvez nous appeler si vous voulez poser une question en direct au 09 50 39 67 59.

Nous allons poursuivre notre discussion sur VLC, le lecteur multimédia libre, avec Jean-Baptiste Kempf du projet VideoLAN et de la société Videolabs dont on parlera tout à l’heure.
Juste avant on parlait de technique et notamment de sandboxing, bac à sable, et pendant la pause musicale Jean-Baptiste m’expliquait un petit peu les projets pour la version à priori 5, ça a l’air d’être quand même un sacré enjeu technique.
Là on va parler un petit peu des problématiques juridiques. On va les aborder rapidement parce que chacune de ces problématiques juridiques est complexe en tant que telle. Déjà j’ai une première question parce que tu es connu pour avoir reçu des propositions, parait-il de plusieurs dizaines de millions d’euros, en échange de l’insertion de publicités et de logiciels malicieux dans VLC et tu as refusé. Pourquoi ?

Jean-Baptiste Kempf : C’est tout à fait exact. Ça m’est arrivé au moins trois fois, des mecs qui voulaient : en même temps que ça installe VLC, il t’installe un antivirus Avast ou Avira, changer ta page de démarrage ou d’installer des spyware. Ça c’est hostile à l’utilisateur donc pour moi c’est no way, quel que soit le montant.
J’ai des gens qui m’ont proposé de racheter le nom de domaine, ils étaient déjà un peu plus malins parce que c’est un peu plus malin que d’essayer de mettre de la merde dans VLC, mais pareil, ça ne correspond pas à quelque chose qui est bien pour mes utilisateurs ni à la philosophie que j’ai autour du projet. Je ne suis pas contre l’argent en soi, mais l’argent ça doit être fait de façon morale.

Frédéric Couchet : D’accord. Au niveau des problématiques juridiques, on va parler de deux problématiques juridiques précises assez rapidement, les DRM, les menottes numériques et ensuite brevets.
Les DRM, les menottes numériques, on en a déjà parlé avec toi et Marie Duponchelle dans l’émission d’octobre 2018, vous retrouverez le podcast évidemment en ligne, donc les menottes numériques qui empêchent un certain nombre d’usages. Il y a quelques années VLC avait saisi l’HADOPI [Haute autorité pour la diffusion des œuvres et la protection des droits sur Internet] parce que beaucoup de gens ignorent que l’HADOPI, au-delà de son activité bien connue, a normalement la régulation de ce qu’on appelle les mesures techniques de protection, ce que nous on appelle les menottes numériques, et notamment vous l’aviez saisie concernant les Blu-ray, le format des Blu-ray : est-ce que VLC avait les capacités juridiques – non pas techniques parce que techniquement vous saviez le faire, évidemment – pour lire ces fameux Blu-ray. Première question : pourquoi vous avez dû saisir l’HADOPI ? Quelle était la réponse de l’HADOPI et quelle est la situation aujourd’hui par rapport à la lecture notamment de ces Blu-ray ?

Jean-Baptiste Kempf : VLC est capable de lire les DVD depuis 2001 et, en fait, c’était avant les lois LCEN, EUCD…

Frédéric Couchet : LCEN, loi pour la confiance dans l’économie numérique et EUCD c’est la version française de la directive droit d’auteur.

Jean-Baptiste Kempf : C’était des lois qui avaient été faites. On était passé avant ça. Quand on veut mettre la lecture du Blu-ray dans VLC on est après ça et il y a notamment une agence de régulation des mesures techniques de protection qui avait été créée et qui n’avait jamais rien foutu. Ils n’avaient même pas rendu le rapport annuel qu’ils devaient rendre, donc on a mergé ça dans HADOPI au moment de la loi HADOPI. En théorie, c’était à eux de nous aider parce qu’en fait il y a un problème fondamental qui est l’interopérabilité et les mesures techniques de protection. Grosso modo, ce sont deux concepts qui sont impossibles et puis la loi était hyper peu claire, donc on est allé poser des questions, puisqu’en théorie c’était eux le régulateur. On n’a rien compris à la réponse, en particulier parce qu’ils n’ont rien compris à la question. Ils ont fait ça avec une mauvaise foi absolument forte. Ils n’ont jamais réussi à comprendre, ça a mis deux ans avant qu’on réussisse à avoir une question au gouvernement par un député et c’est à ce moment-là qu’ils ont commencé à se bouger. Grosso modo, ils n’ont rien compris à la question, ils ne nous ont même pas posé la question. En fait ils étaient dans un mode complètement politique avec Franck Riester.

Frédéric Couchet : Actuellement ministre de la Culture et anciennement rapporteur du projet de loi HADOPI.

Jean-Baptiste Kempf : À la fin il s’est rendu compte qu’en fait qu’il y avait quelque chose à faire et qu’on n’était pas là juste pour les emmerder, qu’on posait vraiment une question ! Et puis il y avait le secrétaire général de la HADOPI dont j’ai oublié le nom.

Frédéric Couchet : Éric Walter.

Jean-Baptiste Kempf : Éric Walter, qui a essayé de bouger, mais c’était trop tard. J’ai dit publiquement que c’étaient des gros nuls. Je le redirai publiquement.

Frédéric Couchet : Tu es en train de le dire publiquement.

Jean-Baptiste Kempf : Je peux le redire une fois de plus, ça ne me dérange pas. Jacques Toubon qui, évidemment, ne se souvient pas de moi parce que c’était mon maire quand j’habitais dans le 13e arrondissement de Paris, qui a écrit dans la presse que j’étais un méchant, grosso modo.

Frédéric Couchet : Jacques Toubon qui est aussi un ancien ministre de la Culture et qui, à l’époque, devait être député européen, je pense.

Jean-Baptiste Kempf : Peut-être. Aujourd’hui il fait un travail qui est plutôt bien en tant que médiateur civique de la République [Défenseur des droits], je crois que ce qu’il fait est plutôt pas mal. Il m’avait gonflé. Une fois je l’ai croisé, je lui ai dit qu’il n’avait rien compris au sujet et je crois qu’il m’a dit : « C’est possible, je n’ai rien compris ! »

Frédéric Couchet : Donc l’HADOPI a répondu à côté ou n’a pas compris le sujet, aujourd’hui, légalement, comment ça se passe ?

Jean-Baptiste Kempf : Je ne sais pas. Tu p


Payments Offensive Test Engineer

Payments Counter Fraud - Offensive Test Engineer

Primary Job Responsibilities

A successful Offensive Test Engineer should possess a deep understanding of software security, computer science and hacking. They should be comfortable with advanced concepts such as application manipulation, exploit development, and stealthy operations.

This role is for experienced Offensive test engineers and hackers who can test the resiliency of eBays Payments systems in real world conditions. If you are an automated tool type of person this role is not for you.

This career is technical and meaningful with opportunities to work in some of the most exciting areas of Cyber Crime, hacking and exploit research. You will work on very technical and relevant offensive emulation testing campaigns with some of the best engineering talent in the game as you test technology, systems and processes.

A typical day could be breaking into secure communication channels, reverse engineering applications, APIs and encryption methods in order to gain access to sensitive data, all without being detected.

If you can exploit complex systems while remaining stealthy, identify and exploit misconfigurations, think like a Cyber Criminal, then youre the type of outstanding and hardworking individual were looking for.

Giving back to the community by supporting our customers, sellers and partners through outreach is strongly supported and central to our ethos. Expect to author white-papers, speak at conferences and meet with our community.

Key Responsibilities

  • The Payments Counter Fraud team will be conducting targeted Campaigns and exploitations without the use of automated tools against "real world" systems, technology and processes.
  • Research new tools, techniques, countermeasures and vulnerabilities, data exploitation and Cyber Crime malware and hacking trends.
  • Research emerging Cyber Crime threats, campaigns, threat actors, tactics, techniques, and procedures
  • Utilize honeypots to seek for new attacks and perform behavioural analysis on malware
  • Use and support threat-related data science research and development
  • Importantly, the ability to communicate complex technical concepts to non-technical people and the ability to go deep with engineers

    Working with eBay Teams

    • Work with Developers, Architecture, Product Management, Quality, and Operations teams to develop innovative solutions that meet business needs with respect to Functionality, Performance, Scalability, Reliability, realistic implementation schedules and alignment to development principles and product goals
    • Coach, guide and mentor teams on architecture direction and tech-stack to deliver excellent customer experiences in a way that builds resilient businesses
    • Communicate insights and recommendations across the organization
    • Close teamkwork and alignment with all relevant eBay departments and partners across the business within a dynamic, success-oriented culture
    • Strong interpersonal skills with the ability to drive issue resolution and root cause identification with the various teams


      • Bachelors degree or substantial equivalent experience.
      • 5 years experience as an expert hacker is helpful but not mandatory.
      • Recognize and safely utilize attacker tools, tactics, and procedures
      • Develop scripts, tools, or methodologies to improve eBay's Counter Fraud and red teaming processes
      • Network penetration testing and manipulation of network infrastructure
      • Mobile, Web & API security testing
      • Developing, extending, or modifying exploits, shellcode or exploit tools
      • Developing applications in C#, ASP, .NET, ObjectiveC, Go, or Java (J2EE)
      • Reverse engineering malware, data obfuscators, or ciphers
      • Source code review for security flaws
      • Thorough understanding of network protocols and covert channels
      • The Highest standards of personal integrity, professional conduct and ethics.
      • Excellent written (report writing) and verbal communication skills.
      • Financial sector experience is advantageous
      • You should be enthusiastic, focused, detailed and organized
      • Shown ability to understand the business and make appropriate trade-offs and contribute to technology direction that leads to measurable business improvements
      • Strong analytical, problem-solving skills, verbal and written social skills
      • Ability to work in a dynamic, iterative development environment


        This role is open to any US or UK location including remote working for the right person.

        Here at eBay, we love creating opportunities for others by connecting people from widely diverse backgrounds, perspectives, and geographies. So, being diverse and inclusive isnt just something we strive for, it is who we are, and part of what we do each and every single day. We want to ensure that as an employee, you feel eBay is a place where, no matter who you are, you feel safe, included, and that you have the opportunity to bring your unique self to work.. To learn about eBays Diversity & Inclusion click here:
        This website uses cookies to enhance your experience. By continuing to browse the site, you agree to our use of cookies

        View our privacy policy

        View our accessibility info

        eBay Inc. is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, veteran status, and disability, or other legally protected status. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at We will make every effort to respond to your request for disability assistance as soon as possible.

        For more information see:

        EEO is the Law Poster

        EEO is the Law Poster Supplement

Rockstar will pay you to find vulnerabilities in Red Dead Online


Rockstar has expanded its hacker and vulnerability bounty programmes to include Red Dead Online. Since 2016, Rockstar has been offering hackers, modders and anyone willing to hunt down bugs and identify vulnerabilities a lot of money. The focus of each bounty changes, but they’ve all been on the developer’s Hackerone site. Earlier this week, the […]

The post Rockstar will pay you to find vulnerabilities in Red Dead Online appeared first on VG247.




Cyber Forensics Subject Matter Expert

At ARA, we strive to find valuable colleagues with not only to give our employees the tools, training, and opportunities to take active roles as owners. The motto, "Engineering and Science for Fun and Profit" sums up the ARA experience. As a Cyber Forensics Subject Matter Expert on our team, you will be responsible for developing technology critical to the success of our projects as well as national security.

ARA seeks a Cyber Forensics Subject Matter Expert in support of Test and Evaluation (T&E) efforts. The successful candidate will have a passion to apply cyber security techniques to new domains, and will be working as part of a multi-disciplinary group and collaborating across research teams.


* Works across several research teams to advance the state-of-the-art in cyber defense and offense.

* Serves as the subject matter expert for network forensics and exploitation technologies.

Cyber Forensics Subject Matter Expert Required Qualifications:

* The selectee demonstrates solid decision making and problem solving skills, ability to react quickly, and technical proficiency in several of the following areas: - Operating systems (Windows and/or Unix/Linux) - Network analysis - Penetration testing - Network security - Incident response - Computer and network forensics - Network administration - Vulnerability and malware analysis - Low level protocol and packet analysis - Scripting and/or programming.

* This position is well-suited for individuals who enjoy visiting network security websites, attending conferences such as Black Hat / DEFCON, setting up and maintaining their own network or competing in Capture the Flag events.

* 7 years or more experience in an engineering/network development environment supporting multiple concurrent tasks/projects, with demonstrated success in areas involving cyber forensics.

* Excellent technical communications and leadership skills are required.

* Bachelor's degree in Computer Engineering, Computer Science, Electrical Engineering, Math, or Physics.

* Active Secret Security Clearance.

* Due to the work you'll perform and interactions with intelligence community and DoD programs you will need to be a US citizen.

Cyber Forensics Subject Matter Expert Preferred Qualifications

* The ideal candidate should have a sophisticated knowledge of software protection mechanisms, extensive knowledge of low-level software development including network protocol design and development, kernel module development, compiler design and development, virtualization and emulation technologies, cloud computing environments, and should be well-versed in multiple programming languages and comfortable learning new languages and language variants.

* Master's degree or higher.

* TS clearance with SCI eligibility.

Raleigh, NC is the office location with frequent travel to the Aberdeen/Southern Pines, NC offices and various facilities to interact with the government teams.

ARA is known for their ability to bring technical concepts to capability through research, development, and engineering. Our missions support the U.S. warfighter through Command, Control, Communications, Computer, Intelligence, Surveillance, and Reconnaissance (C4ISR), cyber, and space system initiatives. Our technological developments touch all warfighting domains. Our team of professionals are able to rapidly prototype, conduct test and evaluation, and provide acquisition, installation, and in-service engineering support.

About Us:

Applied Research Associates, Inc. is an employee-owned international research and engineering company recognized for providing technically superior solutions to complex and challenging problems in the physical sciences. The company, founded in Albuquerque, NM, in 1979, currently employs over 1,100 professionals and continues to grow. ARA offices throughout the United States and Canada provide a broad range of technical expertise in defense technologies, civil technologies, computer software and simulation, systems analysis, environmental technologies, and testing and measurement. The corporation also provides sophisticated technical products for environmental site characterization, pavement analysis, and robotics.

While this is all of the Year One and Beyond stuff, Day One is highly impressive too. These are things like our competitive salary (DOE), Employee Stock Ownership Plan (ESOP), benefits package, relocation opportunities, and a challenging culture where innovation & experimentation are the norm. At ARA, employees are our greatest assets. The corporation realizes that employee ownership spawns greater creativity and initiative along with higher performance and customer satisfaction levels.

ARA is passionate about inclusion and diversity in our workplace, in 2018 40% of our new employees voluntarily self-identified as protected veterans. (Source-AAP EOY 2018 Veterans Data Collection Report). Additionally Southeast Division has its own Women's Initiative Network (WIN) whose purpose is to motivate, support, and encourage professional career development for women in order to maximize career and professional accomplishments. Our division is also very socially oriented with activities for our employees ranging from attending a local baseball game in the summer to monthly get-togethers, board game lunches, holiday party, corn hole tournaments and so on! For additional information and an opportunity to join this unique workplace, please apply at


Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities


The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor s legal duty to furnish information. 41 CFR 60-1.35(c)",

DegreeName: Bachelors

MinimumRequiredYears: 7

MaximumRequiredYears: 9

Description: Relevant work experience

Preferred Exp

MinimumRequiredYears: 5

Description: Extensive Software Development experience with emphasis on supporting Anti-Virus efforts.

Licenses & Certifications

LicenseAndCertificationName: Cert Ethical Hacker

出於安全考慮 GitLab擬禁聘中俄新員工


【美麗日報2019年11月06日訊】因擔憂中國和俄羅斯技術支持員工可能竊取公司數據,或被外國情報部門強迫盜竊商業秘密,全球第二大開源代碼託管平台GitLab公司表示,正在考慮禁止從中國和俄羅斯招聘相關職位的新員工。 GitLab的工程副總裁約翰遜(Eric Johnson)表示,當他們的企業客戶和風險投資表達了對中共和俄羅斯兩國地緣政治氣候的擔憂之後,GitLab開始就禁止招聘兩國新員工展開討論。如果決定通過,招聘禁令將針對兩個職位:站點可靠性工程師和支持工程師,這兩個職位都負責為GitLab的企業客戶提供技術支持。 約翰遜說,這兩個職位有十足的權限訪問客戶數據,當企業客戶遇到問題時,擔心技術人員、特別是在中國和俄羅斯等國的技術人員可能會受到當地情報機構的強迫或施壓。不過新的「招聘禁令」尚未最終公布。 對於該問題的公開討論始於上個月,計劃11月6日結束。GitLab首席執行官西德·西布蘭迪(Sid Sijbrandij)在「駭客新聞」(Hacker News)上發文說,該公司目前沒有雇用來自中國或俄羅斯的任何支持人員,因此未來的禁令不會導致任何人失業。 一旦新的招聘禁令獲批,GitLab支持人員也將被禁止移居中國或俄羅斯。討論開始於美國網絡安全公司CrowdStrike上個月發布的報告。該報告詳細說明了中共網絡間諜代理商如何在西方公司招募內部人員,以協助黑客竊取知識産權(IP),以及幫助中共國有公司制造C919飛機,跟波音公司競爭。 GitLab工作人員在公開討論中提到,極有可能會在11月6日公衆咨詢期結束時批准該禁令。GitLab表示,該禁令將不適用於其它職位或活動,例如接受來自中國或俄羅斯開發人員對其開源代碼的代碼貢獻。 科技界普遍認為,俄羅斯和中共的情報機構都可能使用相同的藍圖和工廠內部代理人,或者迫使相關的GitLab員工交給他們屬于西方公司的機密數據。GitLab是僅次於GitHub的全球第二大開源代碼託管平台,對外提供托管源代碼服務,它的員工負責處理代碼,並將其同步到雲托管服務器。同時,它們還給企業提供同名平台、允許其在本地託管它們自己的GitLab版本,GitLab員工提供技術支持。 責任編輯:松林

The post 出於安全考慮 GitLab擬禁聘中俄新員工 appeared first on 美麗日報.


Nasıl Kaldırılır J2Ancheta Aldatmaca E-posta


Kaldıramıyorum J2Ancheta Kötü amaçlı yazılım açılır pencereleri? J2Ancheta size e-posta yoluyla şantaj yaparsa, panik yapmayın! Mesaj bir aldatmaca. Yeni bir aldatmaca kampanya istenmeyen eylemlere insanları kandırmak için kötü şöhretli Amerikalı hacker Jeanson James Ancheta adını kullanır. Dolandırıcılar, google’da ararsanız bu yüksek profilli suçlunun kurbanı olduğunuzu düşüneceğiniz umuduyla onun adını kullanıyorlar. Onların numaralarına kanmayın! Scammers dürtüsel […]

The post Nasıl Kaldırılır J2Ancheta Aldatmaca E-posta appeared first on


awk 入门 —— 强大的文本分析工具



awk 是用于 Unix 和类 Unix 系统的强大文本解析工具,但是由于它有可编程函数,因此你可以用它来执行常规解析任务,因此它也被视为一种编程语言。你可能不会使用 awk 开发下一个 GUI 应用,并且它可能不会代替你的默认脚本语言,但是它是用于特定任务的强大程序。

这些任务或许是惊人的多样化。了解 awk 可以解决你的哪些问题的最好方法是学习 awk。你会惊讶于 awk 如何帮助你完成更多工作,却花费更少的精力。

awk 的基本语法是:

awk [options] 'pattern {action}' file

首先,创建此示例文件并将其保存为 colours.txt

name       color  amount
apple      red    4
banana     yellow 6
strawberry red    3
grape      purple 10
apple      green  8
plum       purple 2
kiwi       brown  4
potato     brown  9
pineapple  yellow 5

数据被一个或多个空格分隔为列。以某种方式组织要分析的数据是很常见的。它不一定总是由空格分隔的列,甚至可以不是逗号或分号,但尤其是在日志文件或数据转储中,通常有一个可预测的格式。你可以使用数据格式来帮助 awk 提取和处理你关注的数据。


awk 中,print 函数显示你指定的内容。你可以使用许多预定义的变量,但是最常见的是文本文件中以整数命名的列。试试看:

$ awk '{print $2;}' colours.txt

在这里,awk 显示第二列,用 $2 表示。这是相对直观的,因此你可能会猜测 print $1 显示第一列,而 print $3 显示第三列,依此类推。

要显示全部列,请使用 $0

美元符号($)后的数字是表达式,因此 $2$(1+1) 是同一意思。


你使用的示例文件非常结构化。它有一行充当标题,并且各列直接相互关联。通过定义条件,你可以限定 awk 在找到此数据时返回的内容。例如,要查看第二列中与 yellow 匹配的项并打印第一列的内容:

awk '$2=="yellow"{print $1}' file1.txt

正则表达式也可以工作。此表达式近似匹配 $2 中以 p 开头跟上任意数量(一个或多个)字符后继续跟上 p 的值:

$ awk '$2 ~ /p.+p/ {print $0}' colours.txt
grape   purple  10
plum    purple  2

数字能被 awk 自然解释。例如,要打印第三列包含大于 5 的整数的行:

awk '$3&gt;5 {print $1, $2}' colours.txt
name    color
banana  yellow
grape   purple
apple   green
potato  brown


默认情况下,awk 使用空格作为字段分隔符。但是,并非所有文本文件都使用空格来定义字段。例如,用以下内容创建一个名为 colours.csv 的文件:


只要你指定将哪个字符用作命令中的字段分隔符,awk 就能以完全相同的方式处理数据。使用 --field-separator(或简称为 -F)选项来定义分隔符:

$ awk -F"," '$2=="yellow" {print $1}' file1.csv



$ awk -F, '$3>5 {print $1, $2} colours.csv > output.txt

这将创建一个包含 awk 查询内容的文件。

你还可以将文件拆分为按列数据分组的多个文件。例如,如果要根据每行显示的颜色将 colours.txt 拆分为多个文件,你可以在 awk 中包含重定向语句来重定向每条查询

$ awk '{print > $2".txt"}' colours.txt

这将生成名为 yellow.txtred.txt 等文件。

在下一篇文章中,你将了解有关字段,记录和一些强大的 awk 变量的更多信息。

本文改编自社区技术播客 Hacker Public Radio


作者:Seth Kenlon 选题:lujun9972 译者:geekpi 校对:wxy

本文由 LCTT 原创编译,Linux中国 荣誉推出


Backdoor Could Be Used On Microsoft SQL Without Detection

If you haven't heard of Skip-2.0 yet, prepare to be dismayed. Security researchers have recently discovered an undocumented (until now) backdoor designed for Microsoft SQL servers. It will allow a hacker working ...

Are Hackers Using Popular Assistant Devices To Listen To Users?

The utility of virtual assistants like Amazon's Alexa and Google Home are undeniable.  They're just genuinely handy devices to have around. Unfortunately, they're also prone to abuse and exploits by hackers and ...

RobbinHood Ransomware Another Reason To Back Up Your Systems

The creators of the dreaded 'Robbinhood' ransomware strain are putting their reputation to work for them.  The hackers have recently modified their ransom note in a couple of important ways. First and ...

Google patches bug that let nearby hackers send malware to your phone


Google has patched a bug in the Android operating system that could have allowed attackers to install a rogue application on a victim’s phone – but only if they were able to invade their personal space. Nightwatch Security found the flaw, numbered CVE-2019-2114, and described it in an advisory. The problem lies in Android Beam, […]

The Post Google patches bug that let nearby hackers send malware to your phone appeared first on
Latest Technology News


[Guerre di Rete - newsletter] Whatsapp contro NSO; Facebook e le pubblicità


Guerre di Rete - una newsletter di notizie cyber
a cura di Carola Frediani
N.50 - 3 novembre 2019

Di cosa si parla:

- Whatsapp contro NSO
- Facebook e gli ads
- I social e i documenti d’identità
- indagini forensi e Cellebrite
- e poi disinformazione, meme war e altro

Facebook e Whatsapp dichiarano guerra agli spyware
A maggio Whatsapp aveva annunciato di aver individuato e bloccato un attacco che sfruttava una vulnerabilità della sua funzione di video-chiamata (ne avevo scritto qua in newsletter). Un utente riceveva una video-chiamata, ma l’attaccante in realtà trasmetteva di nascosto un codice malevolo per infettare il telefono del ricevente. Non era necessario che la persona rispondesse alla chiamata.
Bene, ora, in questi giorni, dopo mesi di indagine, Whatsapp è uscita allo scoperto con una azione legale contro la società israeliana NSO, produttrice di trojan e spyware che vende a governi e intelligence, incolpandola degli attacchi subiti dai propri utenti. A dirlo è la stessa Whatsapp in un articolo sul Washington Post (testata non casuale, vi ricordo che ci sono sospetti - respinti da NSO, che finora ha sempre negato coinvolgimenti - che degli spyware siano stati usati contro l’entourage del suo editorialista Jamal Khashoggi, brutalmente ucciso dai sauditi, secondo la stessa intelligence Usa).
Come hanno ricondotto gli attacchi a NSO?
Gli attaccanti avrebbero usato server e servizi di hosting già associati a NSO, nonché account Whatsapp.
Chi erano i target?
Secondo l’azione legale promossa da Whatsapp, NSO avrebbe costruito una piattaforma di hacking che sfruttava una vulnerabilità dei server Whatsapp per aiutare i clienti a violare i cellulari di almeno 1400 utenti, tra aprile e maggio 2019.
Whatsapp avrebbe individuato almeno 100 attivisti dei diritti umani, giornalisti e membri della società civile in tutto il mondo, dagli Usa agli EAU, dal Bahrein al Messico, dal Pakistan all’India.
Un nome ad almeno una vittima
Uno di questi è stato intervistato dalla BBC. Si chiama Faustin Rukundo, vive a Leeds (UK) ma proviene dal Rwanda del cui regime è un oppositore, e ad aprile aveva ricevuto delle strane chiamate su Whatsapp da un numero svedese. Aveva provato a richiamare ma nessuno aveva mai risposto. Solo di recente ha scoperto di essere uno dei 1400, dopo aver ricevuto una chiamata dai ricercatori del Citizen Lab, che hanno contribuito alle indagini.
I target governativi
Ma ce ne sono altre di vittime, che potrebbero dare un risvolto geopolitico alla faccenda. Secondo Reuters, infatti, una porzione “significativa” di vittime erano funzionari governativi e militari di alto profilo, sparsi per 20 paesi, molti di nazioni alleate agli Usa. Uno scenario che apre la possibilità che alcuni clienti di NSO abbiano usato i suoi servizi non per fare indagini interne, ma per operazioni di spionaggio. Il professore di studi strategici e cyberwar Thomas Rid nota che mentre il ministro di Giustizia Usa chiede backdoor per Facebook/Whatsapp, militari e funzionari di governi amici venivano attaccati proprio con una backdoor (involontaria ovviamente). Come dire: qui il problema è rafforzare la sicurezza, non aumentare i buchi nella gruviera.
Da notare che Whatsapp avrebbe prima verificato la lista dei target con il database di possibili richieste da parte di Stati relative ad indagini, come terrorismo o pedofilia, ma non avrebbe trovato sovrapposizioni.
Cosa vuole ottenere la causa mossa da Whatsapp?
L’azienda controllata da Facebook ritene che quegli attacchi siano stati un abuso della sua rete; vuole una ingiunzione per fermare NSO dall’accedere alla sua piattaforma; ritiene che anche se NSO ha fornito i servizi a dei clienti, sia comunque responsabile in quanto architetto del software (BBC)
Che possibilità ha di vincerla?
La strada è in salita, secondo una analisi di Wired. In pratica Whatsapp sta accusando NSO di violazione del Computer Fraud and Abuse Act (e di altre leggi statali), ma il caso è un tentativo ardito di usare quella legge per “punire non solo gli hacker che hanno violato i computer di una azienda, ma anche quelli che sfruttano i suoi software per violare i computer dei suoi utenti”. Nel mentre però, c’è almeno un campo d’azione su cui Whatsapp sembra voler giocare. Infatti secondo alcuni voci non confermate, i dipendenti di NSO si sarebbero trovati chiusi tutti i loro account Facebook, Whatsapp, Instagram (ht Alex Stamos)
Il ruolo di NSO
La causa di Whatsapp - che allega vari materiali e manuali interni di NSO - getta però nuova luce sul funzionamento del software della società israeliana e i suoi rapporti con i clienti. E mostra un ruolo più attivo di quello che si pensasse nell’assistenza degli stessi. Ad esempio, scrive Vice, nel confezionare messaggi di phishing per specifici target.

Pubblicità politiche, che fare?

Abbiamo visto che Facebook ha deciso di non fare fact checking sulle pubblicità dei politici, una decisione che ha raccolto varie critiche. Ora si aggiunge una lettera interna di 250 dipendenti, secondo la quale permettere ai politici di mentire nelle pubblicità è una minaccia alla stessa azienda (NYT).
Cosa dice la lettera?
“La libertà di espressione (free speech) e la propaganda (paid speech) non sono la stessa cosa. La cattiva informazione (misinformation) ci riguarda tutti”. La decisione di non fare fact checking sui politici è una minaccia a quello in cui crede Facebook (...) “perché permette di trasformare la nostra piattaforma in un’arma prendendo di mira persone che credono che i contenuti postati dai politici siano veri”.
Il suggerimento è dunque di considerare gli ads politici come gli altri, ma nel contempo usare sistemi visuali per far capire ancora di più che sono ads. Inoltre - punto importante - i dipendenti suggeriscono di limitare il targeting per gli ads politici. Attualmente è normale per un politico caricare la lista degli elettori per poi usare gli strumenti di tracking comportamentale (come i pixel) e l’engagement con le pubblicità per raffinare ancora di più gli ads. Il rischio è che le persone non possano avere la possibilità di controllare pubblicamente quanto viene detto. “Inoltre questi ads sono così microtargeted (mirati su gruppi specifici, ndr) che le conversazioni sulla nostra piattaforma sono ancora più rinchiuse dentro silo separati di altre”. Infine, esplorare la possibilità di un silenzio elettorale.
(Per inciso, proprio di microtargeting e di questo problema ho parlato sabato su Omnibus - La 7, min 47)
La proposta
La situazione è molto mutevole e dinamica. In queste ore sul piatto c’era infatti anche una proposta da parte di una delle società che fanno fact checking per Facebook di trovare un sistema bipartisan per fare fact checking anche sugli ads politici. Vedremo (CNN)
La provocazione
Mentre si svolgeva questo dibattito, un politico e attivista di San Francisco, Adriel Hampton, si registrava come candidato a governatore con lo scopo di pubblicare pubblicità false su Facebook, in una sorta di atto dimostrativo (CNN).

Documenti per usare i social? Anche no, dai

Per un qualche motivo che mi è incomprensibile (nella sua essenza, non nei fattori esterni scatenanti), siamo di nuovo tornati a parlare di proposte di legge per far presentare i documenti (carte d’identità ecc) agli utenti che vogliano usare un social network o un servizio online pensando in tal modo di eliminare o ridurre l’odio online. Proposte che negli anni sono state sempre bocciate da una miriade di esperti e quindi accantonate. Ora c’è stata la proposta del deputato Marattin (qui la sua intervista a Corriere), e dunque è ripartito un film già visto.
Mi limito a mettere dei link, iniziando con un momento amarcord:
2014, copertina di Wired: Fabio Chiusi e la sottoscritta scrivevamo perché chiedere i documenti fosse inutile se non dannoso. Ma il tempo passa e i temi ritornano dunque….
In questa settimana del 2019:
- Profili sui social network e carta d'identità: perché non è possibile
L'idea di "schedare" tutti i cittadini che abbiano un profilo social pone problemi tecnici, giuridici e politici insormontabili (Giovanni Ziccardi)
- Odio e disinformazione (che sono ovunque per strada, in TV, sui social) sono una seria questione culturale. Come si affrontano? (Arianna Ciccone)
- Disinformazione, propaganda, bugie, minacce, insulti, provocazioni, odio hanno diritto di cittadinanza in Rete? (Fabio Chiusi su Valigia Blu)
- La lesione dei diritti dei cittadini è da sempre un chiaro tema reazionario (ok, il suo vero titolo è un po’ più tranchant) (Il Post - Massimo Mantellini)
- Una sparata controproducente (Radio dell’avvocatura - Francesco Micozzi - audio)
- Perché questo genere di proposte sono inutili - uno Stefano Zanero già di qualche mese fa (ma sul tema direi d’annata, come il vino buono).
- Velleitario e pericoloso (dichiarazioni Garante Privacy)
Mi fermo qua, anche se ho lasciato fuori molti altri interventi, ma se mi costringete a riparlarne, la prossima volta ve li metto tutti, ok?

Riassunto e disegnino semplificato per chi non ha tempo o voglia: quel tipo di proposta per quel tipo di problema equivale ad avere le zanzare in casa e a sparar loro cannonate. Le zanzare restano, i buchi nei muri rendono la tua casa (i diritti di tutti) ancora più fragile. Meglio mettere degli zampironi e modificare l’aria che si respira.
Dunque oltre a investire massicciamente, in modo pianificato, a tutti i livelli, in cultura digitale (un tipo di formazione che sarà cruciale per la nostra sopravvivenza come nazione avanzata, detto en passant) e in educazione civica e cultura generale, si può chiedere, ad esempio:
- al governo: molte più risorse a magistratura e postale per indagare su reati
- alle piattaforme: procedure più snelle ed efficienti per ottenere i dati in caso di indagine
- alle piattaforme: canali più diretti con gli utenti che siano vittima di attacchi organizzati e sistemi per tutelare categorie più deboli o esposte
- alle piattaforme: spiegazioni chiare e trasparenza quando decidono di rimuovere contenuti in violazione delle loro policy, procedure chiare per appellare tali decisioni, revisione umana di decisioni automatizzate
-alle piattaforme: più strumenti in mano al singolo utente per gestire come preferisce il proprio feed, quello che vede, quello che vedono gli altri, come interagire con altri ecc
-alle piattaforme: trasparenza massima sulle pubblicità, specie quelle politiche, valutare se limitarle in qualche modo o fare altri controlli
- ai politici: chiedere di abbassare i toni, non aggredire utenti, non aizzare folle online e offline, tenere sotto controllo i propri spazi social ecc
- ai media: non dare rilevanza, se possibile, ai primi 4 idioti che insultano qualcuno online per ottenere esattamente quello, visibilità.
E ovviamente molto altro, ma era solo per dare un assaggio di come inquadrare diversamente la questione.

Fedeli alla blockchain

Abbiamo visto che la Cina si è lanciata sulla blockchain con anche investitura dall’alto di Xi Jinping. Ora il partito comunista cinese ha chiesto ai suoi membri di attestare la loro fedeltà su blockchain. Chissà cosa ne penserebbe Satoshi Nakamoto. Ad ogni modo si potrebbe usare anche per le promesse elettorali dei nostri politici…. (si scherza)

Avanti col ban Huawei e ZTE

La Federal Communications Commission andrà avanti con la proposta di vietare ai giganti delle telecomunicazioni americane l’uso di apparecchiature di rete delle cinesi Huawei e ZTE, perché per l’agenzia sarebbero un rischio alla sicurezza nazionale.

I podcast stanno andando bene su Spotify

Olimpiadi nel mirino

Gli hacker russi noti come APT28 o Fancy Bear stanno prendendo di mira 16 organizzazioni sportive e anti-doping in vista delle Olimpiadi 2020, avvisa Microsoft

Fa un deepfake porno su una ragazza, arrestato

Uno studente indiano è stato arrestato per aver usato le foto su Instagram di una teenager al fine di produrre un suo deepfake (video in cui sono riprodotte le fattezze di qualcuno per dire o fare cose che non ha mai fatto) pornografico e minacciare di distribuirlo poi online (Ndtv).
Da una breve ricognizione mi pare che i deepfake su celebrità (e non) in India siano molto diffusi. Un anno fa una giornalista indiana schierata a difesa dei diritti delle donne era stata presa di mira con deepfake pornografici.

Il caso Boettcher e lo sblocco del suo iPhone

La società israeliana Cellebrite - che si occupa di estrarre dati da dispositivi - ha pubblicato un caso studio in cui descrive come sono stati usati i suoi servizi in una vicenda di cronaca giudiziaria italiana, quello della coppia Boettcher/Lovato, e della aggressione con l’acido all’ex fidanzato di lei. Tra i reperti sequestrati a Boettcher c'era un iPhone, protetto da un PIN di 4 cifre che il ragazzo diceva di non ricordare. Come indicato nel case study, le consulenti dei legali di parte civile avevano già rinvenuto e analizzato un backup dell'iPhone che però risultava essere stato prodotto un paio di mesi prima dell'aggressione: per poter avere un quadro completo della vicenda si decise quindi di provare ad accedere direttamente all'iPhone. Era l’inizio del 2015. I magistrati allora incaricano un noto ed esperto consulente informatico forense, Mattia Epifani, di capire come gestire la situazione e presentare loro tutte le opzioni sul tavolo per provare a ottenere anche quei dati. Alla fine viene scelto di provare con Cellbrite, riferisce il rapporto.
“L'aspetto rilevante che Cellebrite evidenzia nel suo case study - commenta a Guerre di Rete Paolo Dal Checco, altro noto ed esperto consulente informatico forense - è che Cellebrite è stata in grado di sbloccare un iPhone protetto da PIN in un momento nel quale il loro servizio era l'unico disponibile, a parte alcune soluzioni rischiose che funzionavano solamente in particolari condizioni. L'incarico relativo allo sblocco dell'iPhone di Boettcher, inoltre, è stato tra i primi conferiti ufficialmente dall'Autorità Giudiziaria italiana alla società israeliana e ha dato il via a una serie d'incarichi conferiti ancora oggi, ovviamente su dispositivi più recenti”.
Case study

Rimossa l’app per coordinare manifestanti di Tsunami Democratic

La Spagna ha richiesto la rimozione da GitHub dell'app (APK) di Tsunami Democratic, usata per organizzare proteste in Catalogna, perché lo stesso movimento viene considerato dalla polizia una organizzazione criminale che faciliterebbe atti di terrorismo (ht @Orariccardo)

Il creatore di Maltego ha realizzato un nuovo tool per estrarre e organizzare info mentre si naviga.
ht The Grugq

Storia di un giovane americano che combatte i ransomware, creando strumenti per decriptarli, quando possibile. E’ il più grande creatore di decryptor gratuiti.

In Cile gli hacker svelano documenti riservati dei Carabineros - La Stampa


Se vuoi una redazione di successo, devi avere una redazione rappresentativa della diversità della popolazione. Reuters Institute


La fiducia nelle notizie locali negli Usa è più alta rispetto ai media nazionali, ma non è tutto oro quel che luccica. Inoltre coprire in modo più aggressivo temi sociali e politici potrebbe far diminuire questa fiducia, ma diversamente si rischia di abdicare alla funzione del giornalismo.
Lo studio: State of Public Trust in Local News

Un paper che studia l’astroturfing politico - la creazione di campagne coordinate di finti attivisti per fini di propaganda/manipolazione - su Twitter. Tra le altre cose, solleva un punto interessante: gran parte delle campagne di questo tipo usano umani, e cercare solo bot (account automatizzati) rischia di essere un limite.
Political Astroturfing on Twitter: How to Coordinate a Disinformation Campaign

Schiave via app

Il mercato delle lavoratrice domestiche trattate come schiave e “vendute” via app In Kuwait e Arabia Saudita. Inchiesta BBC

I meme come armi nella guerra dell’informazione e disinformazione

La ricetta: origine indefinita, più nocciolo di verità, più una scalata progressiva nella catena dei media, più amplificazione e consacrazione dai media tradizionali impegnati nel debunking - Technology Review

Una giornalista polacca ha lavorato sotto copertura in una agenzia di PR del Paese i cui dipendenti gestiscono decine di finti account a testa e su indicazioni della direzione promuovono determinati contenuti politici

Contro l’ossessiva ricerca della felicità - Aeon

- ci vediamo l’8 novembre a Bologna (ore 18, Libreria UBIKIrnerio, via Irnerio 17) per la prima presentazione del mio romanzo Fuori Controllo (edizioni Venipedia)
- il 9 novembre, sempre a Bologna, alla tavola rotonda di HackInBo (il programma).

Ti è piaciuta la newsletter? Inoltrala a chi potrebbe essere interessato!
E’ gratuita, indipendente, senza sponsor, mandanti o agende altrui, e si diffonde col passaparola dei suoi stessi utenti.
Come viene fatta questa newsletter (e come leggerla)
Per iscriversi:
Buona domenica!


Backdoor Could Be Used On Microsoft SQL Without Detection

If you haven't heard of Skip-2.0 yet, prepare to be dismayed. Security researchers have recently discovered an undocumented (until now) backdoor designed for Microsoft SQL servers. It will allow a hacker working ...

Comment on Why Hire A Wedding Planner? by Tami Hacker

I love this post!!

No talks between RSS chief, Uddhav Thackeray yet: Sena leader Raut

There have been no talks yet between RSS chief Mohan Bhagwat and Shiv Sena president Uddhav Thackeray on government formation in Maharashtra, Sena leader Sanjay Raut said on Thursday. Talking to reporters ahead of the meeting of Shiv Sena MLAs with Thackeray, Raut said legislators of his party and the opposition Congress and NCP "would not cross sides".

BJP to call on guv, Uddhav to meet Sena MLAs

With the term of the previous Maharashtra assembly set to end on Saturday, BJP and Shiv Sena have announced independent moves for Thursday. While Sena president Uddhav Thackeray has summoned his party’s newly-elected 56 MLAs, BJP ministers Chandrakant Patil and Sudhir Mungantiwar will meet Maharashtra governor and stake the party’s claim to form the government.

Russian Hackers Manipulating Dow Jones Averages

Washington, D.C. A court filing today by special counsel Robert Mueller, revealed that Russian hackers have, since 2015, regularly altered the Dow Jones Industrial averages for the benefit of Donald Trump. At a previously undisclosed Moscow meetin...

Porn. Panic. Ban.


Authored by: 


Point of View
PDF icon Thematic Datta953.02 KB

#PornBan. It’s like a rash, this impulse to ban porn all over the world – despite protests that are going viral. The Twitter hashtag #pornban sprung up in July 2015 as the Indian government blocked 857 porn sites, 1 and then backtracked a bit, 2 asking internet service providers (ISPs) to unblock those that don’t contain child pornography. Which makes service providers the arbiters of our constitutionally guaranteed right to freedom of expression, deciding what we may or may not see. Seriously?

The United Kingdom recently banned a number of sex acts online, 3 including female ejaculation, even while there were almost 250,000 hits on porn sites from IP addresses in the buildings housing parliament. 4 The UK government is now asking porn sites to collect proof 5 that their visitors are adults. Will this data be stored privately and not used for other purposes? A valid question in an age of mass surveillance, hacks on “cheating” sites 6 and hacker releases of private information, including sexual preferences. 7

Iceland 8 has been threatening to ban “violent” online porn since 2013. Indonesia 9 and Turkey 10 have blocked lesbian, gay, bisexual, transgender, intersex and queer (LGBTIQ) content in the name of banning porn. The Philippines 11 has outlawed cybersex and cam girls, while a religious lobby in Australia 12 is pushing for anti-piracy laws to be extended to porn. Porn possession is illegal in Botswana, 13 Egypt 14 and Uganda. 15 And even as the Israel-Palestine conflict escalated in 2012, Hamas managed to ban “full” internet porn in the Gaza Strip. 16 Whatever that means.

Porn. Panic. Ban. That’s pretty much the policy response in many parts of the world.

But what is it about porn that terrifies so many governments, derails feminist sensibilities, offends the religious right, and attracts so many users? How can we change the way we “see” porn?

Lesbian. Threesome. Squirt. Change the words and you change the lens. From the user’s perspective, porn leads to pleasure, not panic. That’s what porn has always been about, from ancient times, when it found its first mention in the word porneia. 17 This Greek word was varyingly defined as fornication, whoredom, promiscuity and adultery, all of which have two things in common: sex and pleasure. For most users, that’s what porn is really about: sexual pleasure. (Dirty, dirty.) Arousal. (Dirty, dirty.) Orgasm. (Dirty, dirty.) Problem is that in the parental gaze called policy, sex is kinda dirty. (Dirty, dirty.)

Problem is that in this global policy gaze, the sexual pleasure-seeker aka Porn User is always a man. Even though globally a quarter of porn viewers are women. 18 Make that 35% in Brazil and the Philippines, 24% in France, 23% in India and Argentina, and come on, Japanese women, you 17% laggards. 19 A 2015 survey of Pornhub and Redtube, 20 which gets 40 million viewers each month, shows that women like watching women. (And Kim Kardashian, James Deen, pussy-licking and rough sex.) “What immediately jumps out is that ladies prefer to take their time, with their average visits to the site lasting a lavish 10 minutes and 10 seconds, compared to men who go for just 9:22,” notes the cocky analysis. “Treat yourselves, ladies!”

So one gender gap is slowly closing as porn moves indoors from the publicness of peepshows and DVD parlours to the relative privacy of one’s own home. (We should be celebrating, not lamenting this “normalisation” of porn, no?) And don’t forget how notions of privacy shape behaviour here. No Peeping Toms. No looking over one’s shoulder. No idea of what we get off on so long as porn sites don’t start matching individual viewers to their viewing habits. Which means that even though “lesbian”, “threesome” and “squirt” are the top three terms that women searched for on Pornhub and RedTube in 2015, the data is anonymised and secure. (Hopefully.) No one’s going to land up at their doorsteps to blackmail them. (Hopefully.) They’re not going to be branded with the scarlet letter P, the digital equivalent of Nathaniel Hawthorne’s analog adulteress, 21 forced to wear the letter A in the 17th century.

Yes. Porn is becoming a bit of a Scarlet Letter – a private act portrayed as a public menace. Privacy is the right to be let alone, wrote Justices Warren and Brandeis of the United States (US) Supreme Court in their iconic 1890 essay. 22 That too was in a context when new media technologies – “instantaneous photographs”, “newspaper enterprises”, “mechanical devices” – were producing panic. Technological change has, of course, always given rise to panic: even the sewing machine was once thought to create deviant desires in women, as they rhythmically moved their legs up and down to its gentle whirr. And women, of course, have always been subjected to moral panics and moralistic privacy 23 when it comes to sexuality, notes law professor Anita L. Allen. One that is associated with “heightened modesty”, self-concealment, and chastity. (Don’t show yourself. Don’t watch other women. In short, no pornification.) Porn’s genteel cousin, erotica, has also faced similar panics. Remember the ban on D. H. Lawrence’s Lady Chatterley’s Lover 24 in the 1960s?

Problem is, in the policy gaze, women are still stuck in the passenger seat when it comes to sex. It imagines the hubby coming home, all pumped up, and asking the missus to go beyond the missionary position. Just like he saw on his iPad mini. (Dirty, dirty.) You see? Man, driver. Woman, passenger. From the first utterance of porneia, men have been seen as the drivers of sex, women its passengers. Never mind that this is rooted in another P – Patriarchy – which insists that women must have no sexual desire, let alone know pleasure-enhancing postures. (Dirty, dirty). Never mind that many women still can’t refuse men sex, or get them to wear condoms. Never mind every inequality between men and women that pops up everywhere, including in the bedroom. If there was greater equality between the genders, fewer women would feign headaches when they don't want to have sex.

That’s gender inequality. That’s what we need to fix. But it’s so much easier to blame porn for patriarchy, no?

Multi-million. Dollar. Industry. This is how anti-porn crusaders often refer to porn. It’s a magic bullet, this phrase, guaranteed to derail logic. Guaranteed to make folks see red. As if we’re not doing all sorts of things like buying biscuits and Maggi noodles and data connections from multi-million dollar enterprises.

Of course we’re all proponents of the small, the stand-alone, the artisanal. But. Can porn be damned just because it’s big business? Let’s stop eating Glucose biscuits first. And must we start loving all independent 25 or homemade porn, right from consenting cam girls to non-consensual hidden cam porn in cyber cafés? Nah. Like in other industries, porn production is “ethical”, when there are no unfair or exploitative contractual or labour practices. When performers are not being pushed to perform sex acts beyond the contract or without condoms. But that’s not enough. Porn is legit, first and foremost, if it’s based on consent. And consent cuts all the way down the line: from those who are paid to perform porn to those who freely turn their images into porn for private pleasure. That some of these images end up as non-consensual porn – often called revenge porn – is a problem that policy makers in some countries have finally begun to tackle, notably in the US where revenge porn is a crime in several states. 26

But try asking anti-porn campaigners to use consent as a yardstick. No. In the anti-porn worldview, ALL porn causes harm to ALL women: those who consume it and those who don’t. All porn objectifies and dehumanises women, never mind women who have starred as “personified” subjects! In this camp, there’s only one kind of porn – in which men treat women as instruments to satisfy their sexual desires. In which porn is the villain with a capital P, mutating “healthy” sexual desires and relationships into “unhealthy” ones. 27 It’s never about mutual pleasure or that there are as many kinds of porn as there are sexual desires. Including queer crip porn. 28 It’s rarely about porn performers who don’t see themselves as victims. Or the issues porn performers themselves raise. “My stage name is less about withholding parts of myself or maintaining privacy than it is a symbol of the idea that I am more than just my job or any other isolated slice of my identity,” says US porn performer, Stoya. 29 “Yes, there’s a paradox here in that I willingly engage in work that reduces me to a few sexual facets of myself but expect to be seen as a multifaceted person outside of that work. I participate in an illusion of easy physical access…”

If objectification is the charge that some feminists typically hurl at porn, addiction is its moralist cousin. In the digital porn discourse, access is often vilified as “addiction” with untold consequences. Portrayed as a drug. A petitioner to India's parliament argues that online porn must be banned before we turn into the equivalent of “Motherless or Fatherless America”. 30 This trend is “related to those ‘orphaned’ children, whose father or mother, though alive, are addicted to cyberpornography and don’t take any care of their children or the family,” the petitioner argues. Another #pornban petitioner in India's Supreme Court raises this bombast to untold heights. 31 “Nothing can more efficiently destroy a person, fizzle their mind, evaporate their future, eliminate their potential or destroy society like pornography,” he argues. “It is so terrible that many do not even recognize it until it is too late, and most refuse to admit it. It is worse than Hitler, worse than AIDS, cancer or any other epidemic. It is more catastrophic than nuclear holocaust, and it must be stopped.”

This #pornban petition goes on to hold online pornography accountable for increasing violence against women, an emotive charge (like “multi-million dollar industry”) that unites moralists and many feminists. Does porn cause rape? Or, as feminist Robin Morgan famously argued in the 1970s, is “porn the theory, rape the practice”? 32 No. Even those who campaign against porn warily agree there’s no evidence to back this charge. 33 In the 1990s, one research study looked at four countries where porn was freely available in the previous two decades, including “aggressive porn”. 34 In all four countries, the availability of pictorial porn – including violent porn – had gone from “extreme scarcity to relative abundance” in the study period. It noted that other studies have shown that “rapists' and nonrapists' immediate sexual reactions to presentations of pornography showed generally greater arousal to non-violent scenes.” It concluded that in none of the countries did “rape increase more than nonsexual violent crimes. This finding in itself would seem sufficient to discard the hypothesis that pornography causes rape.” 35

Disregarding such evidence, anti-porn feminists continue to insist that porn is an act of sexual violence, that porn is not “words” and “images”, that porn is not speech to be protected. 36 Not media. This positioning is, of course, part of the problem, since it exceptionalises porn, locating it in a category by itself, unlike other speech or media. But seriously, what is porn – composed of words, sounds and images, albeit of naked bodies – if not media? Innumerable studies indicate that there is no causal relationship between media representations and realities, that spectators hold diverse and different positions to what they view. 37 Do we hold on-screen rape depictions in feature films responsible for causing actual rapes? No. Do we hold on-screen depictions of murder responsible for causing actual murders? No. Then why hold on-screen porn responsible for real-life rape and sexual assault? Why blame the representation for the reality in this one case alone? What’s so unique about porn – another media representation – that it must be singled out thus? Are naked bodies inherently harmful? Or what?

In a 2009 TED talk that went viral, Cindy Gallop, a 50-something fan of hardcore porn, described how she sees online porn. 38 “I have sex with younger men…” in their 20s, she says, “and encounter directly the effect of a flood of hardcore porn.” One of these effects is the misbelief that women love men coming on their faces, a porn staple. “There’s an entire generation growing up that believes that what you see in hardcore pornography is the way that you have sex,” says Gallop. “Hardcore porn has become sex education.” But why has hardcore porn become sex education? One, because it’s easily available. Two, because there’s no other sex education. Three, because we’re so puritanical about sex, we won’t talk about it to our kids. Ergo, vacuum. Enter, online porn. As a “mature experienced self-confident older woman,” Gallop is adept at telling her 20-something lovers: “No, thank you very much. I’d rather you did not come on my face.”

As a user, how would Gallop change porn? “Reorient, reeducate, rehabilitate” is her motto. In other words, resocialise minds, reshape headspaces, rewire neutrons away from the dungheap of patriarchy. Towards a more equitable gender-friendly porn. Sounds like sex-positive feminism to me. Her site 39 busts a bunch of porn myths including balloon boobs, while understanding that porn is play, a pleasure-enhancer, like sex toys. A form of sexual expression. In another TED talk that went viral, erotic filmmaker Erika Lust talks about how it’s time for porn to change. 40 Change. Not vanish. How it’s time to fight unethical porn with ethical porn, counter-porn, porn that makes women and transpersons 41 the subjects of their sexual journeys, pleasures and destinations.

That’s right. Change porn, not ban it. Think about it. Seriously. Think how we try to change other media representations – through critique, debate, dialogue and alternative representations. Not through bans, right? If policy makers understood porn as sexual expression, why would they want to ban it?

So what should we really think about when we think about porn? Consent. We need to respect the consent of those who enact porn – if it’s given, even to enacting “rape porn”, dare we cavil? And we need to start getting justice for those who never dreamed they’d end up as digital porn – without their consent. Any image that turns into porn without consent can cause actual harm, not the imaginary variety – harm that wrecks lives, jobs, careers, relationships, self-image and identities. Harm that causes real damage, both on and offline. Harm that is harmful enough to be called out and punished as a crime. When actual rapes turn into digital porn, spreading from phone to phone, as is the case in Pakistan and India, that’s harm. And that’s three counts of consent being violated: one, in forcing sex without consent; two, in filming forced sex without consent; three, in circulating this clip without consent. When physical rape turns into digital porn we know one thing for sure: it’s time to start talking consent. It’s time to start talking harm.

If we really want to “do something” about porn, it’s time we stopped talking about its imagined harms. It’s time we started talking about actual harms. It’s time we started talking along the fault lines of consent.


1 Government of India, Ministry of Communication & IT, Department of Telecommunications. (2015). DOT Order Blocking 857 Websites on Grounds of Decency and Morality.

2 Reuters. (2015, 5 August). India withdraws order to block pornography sites. Reuters.

3 Saul, H. (2015, 13 September). UK porn legislation: What is now banned under new government laws. The Independent.

4 Withnall, A. (2015, 27 July). Porn in Parliament: Palace of Westminster computers made 250,000 attempts to 'access pornography last year. The Independent.

5 Doctorow, C. (2015, 3 August). David Cameron will publish the financial details and viewing habits of all UK porn watchers. BoingBoing.

6 Elgot, J, Hern, A, & Weaver, M. (2015, 21 July). Ashley Madison adultery site hack: Will I be found out? The Guardian.

7 Fox-Brewster, T. (2015, 19 August). Location, Sexual Preference, Weight: Embarrassing Ashley Madison customer date published by hackers. Forbes.

8 The Economist. (2013, 23 April). Why does liberal Iceland want to ban pornography? The Economist.

9 Institut Pelangi Perempuan. (2014). Queering Internet Governance in Indonesia.

10 Tremblay, P. (2015, 27 April). 'Unnatural' porn becomes ticket to jail in Turkey. US News & World Report.

11 BBC News. (2012, 20 September). BBC outlaws cybersex and 'cam girls'. BBC News.

12 Turner, A. (2015, 24 June). Porn will be next on Australia's website blocking agenda. Sydney Morning Herald.

13 APA. (2015, 13 March). Botswana: Three arrested for cyber porn material. Star Africa.

14 RT. (2015, 20 May). Egypt's top court bans porn sites, demands enforcement. RT Question More Live.

15 Strategic Initiative for Women in the Horn of Africa. (2015). Anti-pornography Act: Human rights activists and civil society organisations challenge the legality of the act in Constitutional Court, Uganda

16 Daily Mail. (2012, 3 September). Hamas bans internet porn in Gaza Strip as Islamic hardliners crack down on Palestinian freedoms.

17 Biblehub.

18 IANS. (2015, 1 August). Boys ain't having all the fun: Indian women watch more porn now. Hindustan Times.

19 Pornhub Insights. (2015, 25 July). More of what women want.

20 Ibid.

21 McCrum, R. (2014, 6 January). The 100 Best Novels: No 16 – The Scarlet Letter by Nathaniel Hawthorne. The Guardian.

22 Warren, S. D., & Brandeis, L. D. (1890). The Right to Privacy. Harvard Law Review, 4(5), 193-220.

23 Allen, A. L. (2000). Gender and Privacy in Cyberspace. Faculty Scholarship, Paper 789.

24 Robertson, G. (2010, 22 October). The trial of Lady Chatterley's Lover. The Guardian.

25 Morris, C. (2014, 17 January). The economics of being an independent porn star. CNBC.

26 End Revenge Porn.

27 Massey, A. (2015, 3 April). Porn is not coming for our sex lives. Pacific Standard.

28 Loree Erickson, Porn Star Academic.

29 Stoya. (2014, 8 March). Can we learn about privacy from porn stars? New York Times.

30 Prabhudesai, A. (12 June 2013). Petition to ban pornography by amending IT Act filed in Parliament.

31 Singh, M. (2015, 10 July). Kamlesh Vaswani v. Union of India & Ors. One Law Street.

32 Morgan, R. (1977). Going Too Far: The Personal Chronicle of a Feminist. New York: Random House.

33 Jensen, R., with Okrina, D. (2004). Pornography and Sexual Violence. National Online Resource Center on Violence Against Women.

34 Kutchinsky, B. (1991.) Pornography and rape: theory and practice? Evidence from crime data in four countries where pornography is easily available. International Journal of Law and Psychiatry, 14(1-2), 47-64.

35 Ibid.

36 MacKinnon, C, & Dworkin, R. (1994, 3 March). Pornography: An Exchange. New York Review of Books.

37 Tait, S. (2008). Pornographies of Violence? Internet Spectatorship on Body Horror. Critical Studies in Media Communication, 25(1), 91-111.

38 Gallop, C. (2009, 2 December). Make love, not porn. TEDTalk.

39 Porn world vs Real world.

40 Lust, E. (2014, 1 November). It's time for porn to change. TEDx Vienna.

41 Nadika, N. (2015, 1 April). Supporting ethical queer porn. The Orinam Blog.

42 BBC News. (2015, 26 February). How a rape was filmed and shared in Pakistan. BBC News.

43 Nelson, D. (2015, 13 April). Indian campaigner inundated by gang rape videos. The Telegraph.

44 Datta, B. (2015, 29 May). Porn. Panic. Ban. GenderIT.



Feminist autonomous infrastructures


Authored by: 


Media@McGill and Tactical Tech Collective
PDF icon gw2015-hache.pdf931.55 KB

Feminist autonomous infrastructures


Women, feminists, and gay, lesbian, bisexual, trans*, queer and intersex (GLBTQI) individuals share common experiences online: they can easily become targets of online harassment, discrimination or censorship, be it by government, private actors or corporations. When trying to understand the relationship between gender, violence and technology, one should keep in mind that online violence is intrinsically linked with real-life situations. When bigotry, sexism and homophobic attitudes exist in societies, they will almost inevitably be amplified in the online world.

”Real” name policies, data mining, tracking and surveillance technologies have become so intertwined that the days when no one knew if you were a dog or a cyborg on the internet are largely over. In fact, the creation of an industry around the profiling of users, coupled with the centralisation and contraction of the internet, have led to a situation where it is not a safe space (if it ever was). In 1996 the Declaration of the Independence of Cyberspace announced the creation of “a world where anyone, anywhere may express his or her beliefs, no matter how singular, without fear of being coerced into silence or conformity.” 1 But nowadays it is too common to see the work and voices of women, feminists and GLBTQI being deleted, censored and/or prevented from being seen, heard or read. Much of this gender-based online violence happens on corporate social media platforms such as Facebook, Twitter, Reddit and the blogosphere, in addition to other non-profit online spaces such as Wikipedia. All of them involve large communities, which are led by a set of practices and policies. Despite the existence of certain rules that govern these spaces and because of certain practices, silencing, intimidation and/or discrimination continues. So far, responses from GLBTQI to violence have involved organised public shaming, doxxing of harassers, 2 feminist counter-speech, active research and documentation, awareness raising around privacy and security, advocacy for amendments to corporate terms of service, and lobbying of institutions contributing to the governance of the internet, among others. While these tactics are paramount to the embodiment of everyday forms of online resistance,3 there is also a need to think about adopting strategies that are not only reactive, but also project us into the future we want. In other words, it is about dreaming and pre-figuring our technologies actively. Proactive practices involve understanding what it means to take back the command and control of technologies by using, creating and maintaining our own ones and shaping our communication and technological infrastructures. Using corporate services such as Facebook or Twitter may be very convenient, and at times strategic because they are generally provided for free and because this is where the so-called critical masses are. But using them also means accepting their terms of service, which are primarily shaped by profit, and in which human rights and gender social justice still remain of negligible importance. When using these online services, we and our networks are at their mercy, which means we can not fully control our data, social networks and historical memories (or traces) on the internet. While the future of the internet often looks bleak, it is paramount to not only continue to investigate into the processes and governance structure of the internet, but to continue to build a communication and technological ecology that puts human well-being front and centre, rather than profit. What will happen when big data has its proper algorithms? What will be the combined relationships between these algorithms and the Facebook project or the “Internet of Things”, to name only two of the upcoming situations that will again redefine people's rights to privacy and free expression? When our data remains under corporate control, they can be sold or given to third parties to exploit, or they can be deleted or shut down. Ultimately, they become our digital shadows, 4 enabling others to track, profile and control our voices, opinions and expressions. Part of the answer lies in developing, supporting and using not-for-profit, independent, privacy-aware and secure alternatives to corporate online services. Collectives such as Riseup, Nadir and Autistici/Inventati have been powered by hacktivist collectives for almost two decades now.5 They have provided – through volunteer work and community contributions – valuable and basic online services such as email, mailing list servers, wikis, pads,6 blogs and virtual private networks (VPN)7 to activists all around the world. But where are the feminist tech collectives that design and maintain feminist autonomous infrastructures for feminists, queer and trans* people and activists at large? We also need to ask ourselves, why are those feminist tech collectives still so embryonic? And what does this tell us about the discrimination and violence happening when women and feminists do not control, own and manage the technological infrastructure they need to express themselves and act online?

Shaping autonomy within our technologies

One of the main constitutive elements of feminist autonomous infrastructures lies in the concept of self-organisation already practised by many social movements that understand the question of autonomy as a desire for freedom, self-valorisation and mutual aid. In addition, we understand the term technological infrastructure in an expansive way, encompassing hardware, software and applications, but also participatory design, safe spaces and social solidarities. Concrete examples of feminist autonomous infrastructures include the Geek Feminism Wiki, 8 developing specific technologies that tackle gender-based online violence, such as bots against trolls, and building feminist online libraries and feminist servers, but also enabling offline safe spaces such as feminist hackerspaces which allow feminist, queer and trans* hackers, makers and geeks to gather and learn with others.

When talking about these examples of feminist autonomous infrastructures, we recognise that none of them can be fully autonomous, but rather relative in their autonomy, as they still depend, for instance, on already existing communication networks and technologies designed by mainstream companies (such as computers, servers and access devices). Having said that, their autonomy is based on different governance models, the values they embrace and the principles they promote. If feminist autonomous infrastructures are diverse in scope and in shape, they do share in common a desire to proactively create the conditions for their autonomy while following an ethic of care9 which is embedded into the active practice of social solidarities. Caring and recognising the importance of such infrastructures are two aspects that are central to attempt to address the cycle of technology that is rife with inequality from the production of technology, to its access, uptake, development and governance, until its end cycle. This intersectional and integrated approach to technology goes hand in hand with a feminist posture that does not shy away from addressing all forms of violence, whether it be online violence or the violence that is intrinsic in resource extraction or the factory and assembly line work that is gendered and raced. 10

Recently, momentum has gathered around the building of feminist autonomous infrastructures. These initiatives are still in their embryonic stage, mainly representing a set of scattered and fragmented initiatives. Below we highlight two different examples – one addressing the need for physical safe spaces enabling women and feminists to gather and uplift their skills, and another addressing the slow-politics around the creation of feminist servers.

Breaking the circle of isolation by learning together

The Gender and Technology Institute11 was organised by the Tactical Technology Collective and the Association for Progressive Communications (APC) at the end of 2014. The event brought together almost 80 participants and facilitators, mostly from the global South, to focus on some of the issues faced daily by women and trans* persons on the internet, to share strategies and tools for better protecting our privacy and security online, and to discuss how to spread knowledge and skills in our communities and organisations. Since then, the network has expanded, with different outcomes ranging from the creation of a collaborative online space enabling the documentation of the activities around privacy and digital security delivered by its members on the ground, to the production of a manual specifically addressing gender-related issues which also offers various strategies and tools for taking control of our online identities and learning how to shape safe spaces.

All these outcomes are informed by the stories and creative practices of women and feminist grassroots activists, located in 22 different countries, who are actively and creatively using and making technology to tackle gender-based online violence. Meanwhile they become digital security trainers, and privacy advocates, and they are helping others to understand how they can adopt safer and more joyful practices when engaging online and offline.

Eight months after its realisation, the Gender and Technology Institute has become an international informal network of support, a friendly resource space based on social solidarities that helps to break the circle of isolation.12 This contributes to strengthening the technological autonomy of its participants and, by extension, women, feminists and GLBTQI individuals and organisations, in order to face the challenges and threats derivative of their use of the internet.

Feminist servers

A server can be defined as a computer connected to a network that provides services such as hosting files, websites and online services. Because all online resources are hosted on servers, they constitute a base for the internet as we know it. All servers are ruled by different terms of service, governance models and national legislation in relation to privacy and access to data by third actor parties (or "trackers") and are dependent on a variety of business models. This somewhat technical definition can obscure the possibilities for understanding the political aspect behind the setting up and management of a server. In that sense, what would be the purposes13 and principles 14 of a feminist server? Can feminist servers support women, feminists and GLBTQI in their fight for having their rights such as freedom of expression and opinion respected? Can we create trust among us to develop cooperative approaches to the management of those spaces of resistance and transformation? These were more or less the questions that a group of people interested in gender asked themselves during the first Feminist Server Summit 15 in December 2013 and at the first TransHackFeminist (THF!) Convergence 16 held in August 2014. The discussions that emerged out of those meetings recognised that we do not yet have feminist tech collectives that design feminist autonomous infrastructures for the feminist, queer and trans* movement(s) and that this should become a priority. 17

For example, two feminist servers that were dormant re-emerged during the THF! Convergence:

  • The Systerserver project, which was originally launched in early 2000 by the Genderchangers 18 and the Eclectic Tech Carnival (/etc), and focuses on hosting online services such as etherpads and a voice over internet protocol (VoIP) application.

  • The Anarcha server,19 started by the TransHackFeminists from Calafou, an eco-industrial post-capitalist colony located in Catalonia. It hosts a mediawiki, a WordPress farm and a media publishing platform.

These feminist servers are composed by a loose coalition of women, queer and trans* from around the world, with some explicitly interested in hacking heteronormativity and patriarchy. They are also about demonstrating that it is possible to create safe spaces where the harassment of women, feminists and GLBTQI is not allowed and where all can learn about technology in a non-hierarchal and non-meritocratic way. However, even if these server initiatives are inspiring to many, they still remain at the embryonic stage. Moreover, they do not consider themselves service providers; neither have they clearly decided to become stable and sustainable tech collectives providing hosting and online services to women, feminists and GLBTQI groups. In any case, they show that feminist servers are possible and that they should become a political aim for any organisations working in the field of gender social justice and GLBTQI rights – which should be concerned about achieving autonomy in communication and technological infrastructures, in addition to securing their data, social networks and historical memories on the web.


The targeting, silencing and censorship of women, feminists and GLBTQI people online has been and is being challenged in multiple ways. Women, feminists and GLBTQI people have been particularly creative in their everyday forms of resistance and their solidarities and care towards one another. While the initiatives outlined above are exciting, they do remain at an embryonic stage where only a few are able to participate. The reasons why so few initiatives exist ought to be at the core of a feminist analysis to understand how gendered technology actually is. Who is encouraged at a young age to tinker with technology? What kind of division of labour exists when it comes to technology? Why is the level of attrition so high for women in the tech industry?

While seriously considering the above, it remains that if we want to see the Feminist Principles of the Internet as formulated by APC become a reality, we need our own feminist autonomous infrastructures. To do so, we need to have feminist tech collectives that focus on providing these services. We need to be active in developing our expertise and that of the younger generation. But for that to happen we need the feminist and GLBTQI movement(s) to pay more attention to these issues, create more safe spaces to learn collectively, stop fearing technologies and decide collectively that we need to change gears to reshape our own communication and technological infrastructure. After all, freedom of expression is part of the feminist struggle and women, feminists and GLBTQI people can contribute by providing collectively the knowledge and means to ensure that their right to speak up remains accessible online, offline, and wherever and in any format where expression emerges.


1 Barlow, J. P. (1996). A Declaration of the Independence of Cyberspace.

2 Doxxing of harassers means searching for and publishing private information about a harasser on the internet with the aim of shaming the individual.

3 An example of the embodiment of everyday forms of resistance is that of feminist social media practices that resist rape culture by hijacking Twitter feeds and hashtags that blame victims and perpetuate myths and stereotypes.

4 See “My shadow” by theTactical Technology Collective:

5 For a more extensive list of autonomous servers visit: and

6 The following is a great activists etherpads that can be used:

7 offers VPN to know more visit:

8 To go to the Geek Feminism Wiki visit:

9 Adam, A. (2003). Hacking into Hacking: Gender and the Hacker Phenomenon. ACM SIGCAS Computers and Society, 33(4).

10 Nakamura, L. (2014). Indigenous Circuits: Navajo Women and the Racialization of Early Electronic Manufacture. American Quarterly, 66(4), 919-941.

11 To know more visit:

12 One example is the International Feminist Hackathon Day (a.k.a. FemHack) held on 23 May 2015. To know more about this initiative see:

13 For a history of where the desire for feminist servers arose read: Alarcon, S. et al. (2015, 30 April). Exquisite Corpse. New Criticals.

14 Following discussions at the Feminist Server Summit, Femke Snelting came up with a list that defines what a feminist server is, available here:


16 and

17 The theme of the second edition of the TransHackFeminist (THF!) Convergence is aptly titled “Error 404. Dissent Technologies Not Found”:

18 A video about the GenderChangers is available at:




lnxw48a1: Sorry for the earlier downtime. Provider’s upstream had an issue.

Sorry for the earlier downtime. Provider’s upstream had an issue.

Cyber & Crypto Podcast – Episode 93

Cyber: Crypto:

Suspected N Korea hackers targeted Indian space agency

Agency was alerted during landmark moon mission as cyber experts warn of wave of attacks

Ιωάννινα: Χάκαραν πιστωτική κάρτα κι έκαναν αγορές αξίας 2.290 ευρώ!

Ιωάννινα: Χάκαραν πιστωτική κάρτα κι έκαναν αγορές αξίας 2.290 ευρώ!
Ιωάννινα: Χάκαραν πιστωτική κάρτα κι έκαναν αγορές αξίας 2.290 ευρώ!
06/11/2019 - 10:31

Σοκ έπαθε ένας άνδρας από τα Ιωάννινα μόλις συνειδητοποίησε ότι έχει πέσει θύμα απάτης μέσω internet στην πιστωτική του κάρτα.

Ο κάτοχος της πιστωτικής κάρτας διαπίστωσε χρεώσεις για διαδικτυακές αγορές από 17 έως 27 Σεπτεμβρίου 2019, τις οποίες ωστόσο δεν είχε πραγματοποιήσει ο ίδιος.

Ο άνδρας κατήγγειλε το περιστατικό και μετά από έρευνα αστυνομικών της Υποδιεύθυνσης Ασφάλειας Ιωαννίνων, ταυτοποιήθηκαν ένας άνδρας και μία γυναίκα, σε βάρος των οποίων σχηματίσθηκε δικογραφία για απάτη.

Σύμφωνα με πληροφορίες, από την έρευνα διαπιστώθηκε η εμπλοκή των δύο ατόμων οι οποίοι πραγματοποίησαν αγορές ύψους περίπου 2.290 ευρώ.



Student loan repayment information session - 11/13/2019 3:00 PM

Category: Info Session
Credits: None

Questions regarding student loan repayment? Come to the upcoming information session at the Financial Aid Wellness Center (Thackery Hall, Room 106).


Student loan repayment information session - 11/20/2019 3:00 PM

Category: Info Session
Credits: None

Questions regarding student loan repayment? Come to the upcoming information session at the Financial Aid Wellness Center (Thackery Hall, Room 106).


Student loan repayment information session - 12/4/2019 3:30 PM

Category: Info Session
Credits: None

Questions regarding student loan repayment? Come to the upcoming information session at the Financial Aid Wellness Center (Thackery Hall, Room 106).


Global Software-Defined Perimeter (SDP) Market 2019-2023 | Integration of SDP with Blockchain Technology to Boost Growth | Technavio

There is an increase in the number of network attacks such as APTs, man-in-the-middle, and DDoS by hackers and cybercriminals. This is encouraging many enterprises to adopt software-defined perimeter (SDP) because SDP analyzes the incoming traffic and immediately blocks them in case they are malicious in nature. It also automates the process and creates a perimeter for the data center and cloud infrastructure. Thus, the increase in network attacks across the globe will boost the growth of the software-defined perimeter (SDP) market during the forecast period.

Businesses need to understand the mind of a cyber criminal


Cyber threat actors, be it state-sponsored, organised hacker groups, hacktivists or lone wolf individuals pose a threat to organisations worldwide. Understanding the mind of cybercriminals is essential so that your organisation knows how to deal with them should you face any threats.

Most of the business community understand that they are at risk from a potential cyberattack. But what they are not always sure of is the motivation and thought process of the perpetrators; understanding this can help shape your defence. By understanding the mind behind the cybercrime and also learning the personality traits of cybercriminals, businesses would be able to be more vigilant and also be aware potential threats, both internal and external.

According to a study by the Cambridge Centre for Risk Studies, “certain cybercriminal groups share significant strategic overlap in motivations and aims with their native state government, sometimes resulting in clandestine collaboration or tacit sanction of damaging cybercriminal activity.”

For lone wolf attackers, they “adopt the entire burden of attack research and development. The individual cannot depend on others for different elements of an attack or campaign or rely on the external funding necessary to carry off an attack of great sophistication. Furthermore, lone wolves have the potential to function either individually, or as an ancillary, to every threat type, including cyber terrorists.”

Looking at the psychology of hacktivists groups like Anonymous, you will see that they are not interested in disrupting critical infrastructure. However, hacktivists are known to exploit and embarrass companies with poor security. Malaysian organisations have been victims of hacktivists and lone-wolf attacks many times. The most recent being the website of major university which had its webpage defaced. Again, these attacks happened due to emotions being felt by the attackers.

The same thing can happen to businesses as well — all it needs is for an unhappy client, customer or your employee to exploit your organisation. Attackers from within your organisation can be a bigger threat as they would know your weakness.

In light of this, CyberSecurity Asean is organising a discussion with peers and counterparts to discuss strategies to get “in the heads” of Cyber Attackers and better protect the organisation’s data protection. A group of High-level Security Peers will explore how a cybercriminal thinks and plans their attack, and why having this insight is crucial to protecting business and meeting data privacy compliance. Group Publisher Andrew Martin will share what other countries around the world are doing in this area together with Cyber Security Malaysia’s winning team from the Asean Capture the Flag Competition who will describe how they get in the head of an attacker. IBM’s Glen McFarlane and Sunil Prabhakaran will explain why guidelines such as Personal Data Protection (PDP) are compelling organisations in all industries to carefully review their cyber security and privacy programs to protect Enterprise Data which includes Personal Information of Individuals (PII), Intellectual Property, Strategic Information etc.
To summarize, your enterprise data represents your intellectual capital, competitive differentiator and the lifeblood of your organization. IBM believes that Organization’s data security and protection program should empower their security teams to automatically analyze what is happening across the data environment -  both structured and unstructured data.


Backdoor Could Be Used On Microsoft SQL Without Detection

If you haven't heard of Skip-2.0 yet, prepare to be dismayed. Security researchers have recently discovered an undocumented (until now) backdoor designed for Microsoft SQL servers. It will allow a hacker working ...

Are Hackers Using Popular Assistant Devices To Listen To Users?

The utility of virtual assistants like Amazon's Alexa and Google Home are undeniable.  They're just genuinely handy devices to have around. Unfortunately, they're also prone to abuse and exploits by hackers and ...

Propaganda Narratives Are Custom-Made For Each Ideological Echo Chamber


Yesterday I started a thread on Twitter lamenting the fact that support for WikiLeaks and Julian Assange has been eroded all across the political spectrum since 2016 by the establishment smear campaign. I started the thread because I’d just been reflecting on how some of the first clumsy articles I ever wrote for this gig were basically just me marvelling at how support for Assange had united Berners, Trumpers, Greens, anarchists, libertarians and hackers against those who sought to silence him. Yet today I routinely see people from those factions smearing him because, at some point between then and now, an establishment propaganda narrative … Continue reading

The post Propaganda Narratives Are Custom-Made For Each Ideological Echo Chamber appeared first on LewRockwell.


HackerOne: 307 Millionen Euro Schaden günstig zu vermeiden

Kosten Datenschutzverletzung vs. Kosten für Schwachstellenaufdeckung

Datenschutzverletzungen könnten für lediglich 11.122 Euro wahrscheinlich vermieden werden.

The post HackerOne: 307 Millionen Euro Schaden günstig zu vermeiden appeared first on Informationen zu Datensicherheit und Datenschutz.


Mon. 11/04 - Everyone Got a New Logo


Your smart speakers aren’t secure in a wild new way, crazy product announcement day from Microsoft and Adobe, crazy new logo design day from everyone but especially Facebook, and Wikipedia makes a big change to citations.




Hackere kan ta over smarthøyttaleren din med laserstråler



An uncontrollable mess: The proliferation of state spyware


An uncontrollable mess: The proliferation of state spyware


Three NGOs and a digital rights platform from Germany including Reporters Without Borders (RSF Germany), The Society for Civil Rights (GFF), the European Center for Constitutional and Human Rights (ECCHR) this month filed a criminal lawsuit against FinFisher, a German company that develops and markets the spyware called FinSpy, for illegally exporting their software to Turkey. The Munich public prosecutor has launched an investigation into the charges. 

The matter is not new for those who follow this field; reports of FinSpy's use against the opposition in Turkey have been circulating for years. This latest episode is based on the claim that the Turkish government planted the software on a fake website designed to attract people interested in, or involved with the Adalet website, which was originally created to facilitate the coordination of opposition during 2017 protest marches. 

According to the claims, this site contained an app that infected the users' devices with FinSpy, which has many capabilities that can completely undermine the privacy of the individuals who used their devices, opening up opportunities for the Turkish government to abuse information to put pressure on opposition figures. At this point, this is a claim that is still being investigated, but it is well known that intelligence agencies, governments, and even third parties routinely utilise spyware for multiple purposes.

Installing antivirus or privacy protection software is no guarantee against such tools, which are designed to evade such measures. Regardless of the result of the German court case, such tools will continue to proliferate in the foreseeable future. As early as six years ago, researchers from the Citizen Lab at the University of Toronto found servers operating FinSpy in 25 countries including Australia, Britain, Canada, Germany, India, Indonesia, Japan, the Netherlands, Qatar and the United States. 

In some cases, the sale and use of FinSpy happened through legal channels, but in an age when the proliferation of extremely complex and costly programmes such as nuclear weapons cannot be fully controlled, to suggest that uncontrolled proliferation of mere software is difficult as it is bound by legal frameworks would be ludicrous. There have already been multiple reports of state actors using FinSpy to monitor their populations and suppress dissent, as the Turkish example also suggests.

And FinSpy is by no means the only tool used by states for such purposes; another recent report of abuse, also revealed by the Citizen Lab in 2018 shows that spyware called Pegasus, developed by Israeli company NSO Group was used by a number of countries. Citizen Lab also found that at least 10 operators of the spyware "appear to be engaged in cross-border surveillance". In total, the report found Pegasus infections in 45 countries.

When it comes to the proliferation of surveillance software, states are not the only interested audience; from businesses to hacker groups (ethical or otherwise), from criminal organisations to terrorist organisations, there is an enormous and chaotic marketplace for such tools, and proliferation happens at every level. In the case of Pegasus, a former employee of NSO Group was charged with stealing the spyware and trying to sell it for $50 million over the dark web. 

Much of the code of FinSpy was found to have been copied and used by the hacker group StrongPity, which staged numerous "Man-in-the-Middle (MiTM)" attacks in recent years, especially in Turkey (but also in Belgium, Italy and Syria). In other words, FinFisher did not have to sell anything illegally to anyone; its code and methods could be compromised by one of many hacker groups. 

Proliferation does not only happen through illicit or illegal means. In 2016, it was found that Turk Telekom had used Sandvine/Procera Networks Deep Packet Inspection (DPI) devices to deliver FinSpy to users who wanted to download Windows applications. Similar claims were made for Telecom Egypt, as well. When the U.S.-based company Procera, which operates branches in Canada and Sweden, became aware through its engineers in Sweden that its products were used by Turk Telekom, senior technical engineer Kriss Andsten resigned, sending a company-wide email that said: "I do not wish to spend the rest of my life with the regret of having been a part of Erdoğan’s insanity, so I'm out." 

According to Forbes, the initial request by Turk Telekom through a proxy had been deemed legitimate by senior figures at the company. But it turned out that Turk Telekom did not just request usernames and passwords, but also the IP addresses of the users, as well as a list of sites they visited.

The strength of the software that was sold to Turkey was likened to a tool used by the National Security Agency in its capabilities by computer security researchers.

If you thought that the major threat to your privacy came from businesses and social media, consider the fact that the motivations of most businesses involve profit, and the legal tools at their disposal can only collect so much. While this is not taken lightly, it is the tip of the iceberg. What about tools built from the ground up to spy on your every activity, designed to avoid detection, tools capable of reading all your messages, including encrypted ones, tools capable of locating your location at any given time with great precision, tools that can not only access your most intimate personal information, but are capable of acting on your behalf using your own equipment?" Do not forget, these tools are primarily being used by state actors with vast resources, in addition to other groups.

Turkey has been accused time and again of abusing human rights, including the right to privacy. In all three examples above, Turkey was one of the top consumers of spyware. This is not a coincidence.

*My thanks to MiTM Labs ( for the help in researching certain aspects of this article.


© Ahval English

The views expressed in this column are the author’s and do not necessarily reflect those of Ahval.


Twitter Insiders Allegedly Spied for Saudi Arabia

Hackers are one thing. But too few companies take the threat of an inside job seriously enough. 

AppSealing launches first-of-its-kind, a 360° Mobile App Security Platform for App Owners & Programmers that needs Zero coding efforts

Tuesday 5 November, 2019

Every programmer loves to build apps, but one nightmare constantly haunts them in the process - hackers.Data, money, efforts, and reputation are at huge risk. With the rising trend of hacking & piracy, Smart, Intelligent Application Security Solutions are the need of the hour.

Presenting, a Korean Digital Rights Management (DRM) outfit - INKA Entworks Inc. Known for its cloud-based solutions; it recently upgraded its security platform for app owners & programmers – ‘AppSealing-Leading Mobile Application Security Solution’, that uses a 360° robust technology “Runtime Application Self-Protection (RASP)” to provide in-app protection from known and unknown threats. The highlighting feature of AppSealing is that it requires absolutely zero coding efforts.

What's New?

Established in 2014, AppSealing has lots of registered patents in the security domain. After years of offering non-stop protection to hundreds of mobile apps through its strong codebase, AppSealing has undergone a re-branding exercise. It flaunts a new identity which is expressed through a new logo & website.

AppSealing’s new identity is to strongly convey the message about its core philosophy of robust security, modern approach and power over any theft and stealing. The new vector conveys the message of securing your app within the locks of AppSealing’s technology along with the colour used to show power over the theft. Overall the brand logo gives a fresh look and depicts a subtle message of always being ahead of the ever evolving hacking and theft techniques.

On the design front, its new website incorporates a modern design, a more intuitive interface, faint animations, and device neutral fonts.

While on the content front, it has introduced 3 major features - Blogs, Case Studies & White Papers that help keep its users abreast of the latest security industry-specific trends.

A New Perspective

The developer community poses faith in the AppSealing features to ensure that their apps can covet the premium audience segments without worrying about hackers’ malicious intents. James Ahn, the CEO of INKA Entworks, underscores this point when he says that the new AppSealing logo and brand promise clients “to help protect their mobile business and provide them with premium security throughout the journey".

Apart from offering a superior feel to the user, the new website also has improved navigation, where information is stacked according to industry sectors and technical categories. This makes the website easily accessible to both the first-time user as well as an experienced AppSealing client. The new website has a robust blog section, which is constantly updated with expert posts and analyses that the developer community can use not just to learn new concepts but also to know what new threats it faces from hackers and how to preempt attacks on their apps. The website also has a section on case studies, which describe how AppSealing has successfully solved industry-specific problems about security issues and helped its clients save money and enhance their brand value among their user base. A salient feature of the new website is a collection of white papers, which elaborately explain issues around mobile app security and offer ways to address them according to the best industry practices.

Who uses AppSealing?

AppSealing protects more than 600+ major apps worldwide and has blocked around 60 MN+ hacking vectors across various industries such as - Gaming, FinTech, Movie, E-commerce, and others. The likes of Mobile Premier League, Smilegate, Stickpoolclub, Snowpipe, Winzo, Nexon, etc have approved & are extensively using AppSealing’s platform after successful testing.

AppSealing has also empowered app developers and owners to save a huge sum of money by preventing hackers from stealing the token money from gaming apps, ensuring secured transactions in FinTech apps, plugging security loopholes in Over-The-Top (OTT) platforms to allow only authorized access, and prevented app forgery and reverse engineering of code in online to offline models.

How does AppSealing secure mobile apps? Is it new technology?

AppSealing’s Runtime Application Self-Protection (RASP) technology ensures the real-time protection of the client’s app. It further encrypts DEX, SO and DLL files of the app to ensure that no malicious code can be injected. It nips hackers’ efforts to use emulators and cheat tools and stops them from decompiling the code.

Get started

Cloud-Based Application Security Platform, Instant Real-Time ActivationNo Setup Fees, No Hidden FeesPay-As-You-Go Application Security Platform ModelFree Application Security Platform for up to 15,000 MADs every monthZero Coding Efforts Required by App Owners & Programmers

Visit the new Refreshed & Rebranded AppSealing today

Discover how AppSealing makes your app portfolio more secure and increases its reliability in a competitive environment.

mp4: AppSealing - Secure app
* For more information regarding media usage, ownership and rights please contact AppSealing.

Distributed by

Backdoor Could Be Used On Microsoft SQL Without Detection

If you haven't heard of Skip-2.0 yet, prepare to be dismayed. Security researchers have recently discovered an undocumented (until now) backdoor designed for Microsoft SQL servers. It will allow a hacker working ...

Cambridge Analytica - Innenansichten eines Manipulateurs

Symbolbild zum Datenskandal des Datenanalye Unternehmen s Cambridge Analytica mit Facebook Nutzerprofilen und dem resultierenden Kursverfall der Aktie: Schriftzug Facebook und Dollar Geldschein auf erodierendem Grund. (imago stock&people)Junge, zornige Männer waren die Zielpersonen von Chris Wylie. Der Cambridge-Analytica-Hacker lockte sie im Netz an, manipulierte sie und brachte sie dann zusammen - bis er ausstieg und an die Öffentlichkeit ging. Heute warnt er, dass viele Probleme hinter dem Skandal noch immer ungelöst seien.

Von Christine Heuer, @mediasres
Hören bis: 19.01.2038 04:14
Direkter Link zur Audiodatei


Ponoko Sponsors Hackaday Superconference


Ponoko Partners With Hackaday To Support Smart People Doing Smart Things

At Ponoko, our mission is to help
hardware startup founders, CEOs, engineers and designers go from idea, to prototype,
to product, to market 10x faster and with less cost than ever before. We also
love seeing how hackers bask in the glory of building products instead
of buying them, repairing items rather than trashing them, and raiding
their junk bins for new projects every time they can steal a few moments

The post Ponoko Sponsors Hackaday Superconference appeared first on Ponoko.




^_^ Hackers周刊是一份专为自由开发者打造的聚合远程工作,独立开发者访谈,增长黑客,盈利产品案例分析的每周读物,更多信息,请关注微博 @子曰五溪

本期收录数据摘要:自由阅读【5】篇 远程工作【11】个 闲时兼职【17】个,编辑来源:



2019-11-03 来源于微信公众号 互联网的时代,为学习买单不是什么新鲜事。前有把知识变成产品或服务以实现商业价值的“罗辑思维”们,现有卖“学习氛围”的付费自习室。 链接:


2019-11-03 来源于woshipm 怎么利用知乎赚钱?这是大家都很关心的的话题,本文作者从4个方面进行梳理分析,对这一问题总结了自己看法,与大家分享。 链接:

Vlog,不是国人的video blog

2019-11-02 来源于woshipm 中国的vlog,不是记录生活的video blog,国人所需要的生活记录式视频载体或许正在酝酿中。 链接:


2019-10-29 来源于woshipm 笔者复盘了一次社区团购的社群实践,阐释了自己对于社群搭建和激活的一些思考,分享给各位。 链接:


2019-10-29 来源于hecaijing 为设计出更好的钱包用户体验,目前已有大量的研究和工作投入其中。在这篇文章里,我将对加密币钱包的生态系统进行概述,并着重介绍最近在钱包的用户界面 / 用户体验 (UI/UX) 方面的一些改进,包括钱包 SDK、智能合约钱包和元交易(meta transactions)。 链接:



2019-11-02 来源于3cwork 统是一款连接随身检测设备的APP前后台,主要通过蓝牙连接,用户主要为25到45岁之间的家庭用户。该APP目前规划先做安卓,后上IOS,所以最好有双端经验的朋友积极联系,报酬不明。 链接:

招募长期合作 Golang 后端

2019-11-01 来源于3cwork 自有项目,纯远程小团队,APP 正在上线,基础版本已实现,后续功能也都已规划好,要求一年以上 golang 开发经验,报酬不明。 链接:


2019-11-01 来源于ruby-china 前端,React, 英语,时薪 $30,每周 10-15小时 链接:

freelance 網頁前端工程師

2019-10-31 来源于slasify 要求五年以上網頁前端經驗,熟悉互動網頁的開發 (使用react, styled components, next.js,react-hook, graphql (Apollo client), unit-test,报酬1k-10k USD/月。 链接:

Software Backend Developer

2019-10-31 来源于slasify 要求3年以上后端相关开发经验,对SQL和NoSQL的数据库都有深刻的了解 有JSON,Graphql,Python,Node.js的经验 有MySQL或Postgres和MongoDB的经验,使用Digital Ocean,AWS或Google Cloud的经验,报酬3.8k-6k USD/月。 链接:


2019-10-30 来源于react-china 要求Javascript运用熟练,熟悉React框架,擅长Debug,报酬500-1k/日。 链接:


2019-10-30 来源于v2ex 我们是杭州的一个提供外包服务的外包团队,目前有一个至少三个月的项目制的前端岗位需要尽快到岗,要求沟通主动积极,有良好的职业素养、工作习惯和团队意识,熟悉 Reactjs, Redux, DVA, Storybook,有良好的代码书规范和代码提交规范,报酬不明。 链接:

Python + Devops

2019-10-29 来源于v2ex 这个职位要求后端开发 + devOps 二合一,精通 Python,至少精通一套 web framework ( Webapp2, Flask, Django, Tornado ),熟悉 CI/CD 流程,监控和告警系统,熟练使用 Linux Shell,报酬5k-6k/月。 链接:


2019-10-29 来源于lagou 要求熟悉掌握HTML、CSS、js进行页面的开发,熟悉js、jQuery,Ajax,完成与服务器交互及其它的网页动态效果,至少懂一门后台语言,如php、nodejs,报酬12k-20k。 链接:

招实习/兼职 React 软件工程师 | 文字编辑/文案

2019-10-28 来源于v2ex 详情请见,这些项目大都是我的个人业余项目,纯粹是个人兴趣,决定价格的不仅是市场,还有我个人的支付能力,报酬不明。 链接:

招募熟悉 Django 开发的工程师

2019-10-28 来源于v2ex 要求有多年工作经验,周末不加班者,对 LSTM 或深度学习略懂,不需要调参,但知道运行模型时如何 debug,报酬6k。 链接:


iOS APP 兼容问题处理

2019-11-03 来源于codemart iOS 13 版本 和 max 机型页面头部和底部黑边兼容问题,请见相关文档里的附件,报酬1k。 链接:

react native app前端开发

2019-11-02 来源于codemart 要求有丰富的rn开发经验,使用京东的taro框架进行开发,优先兼容react native,其次是微信小程序,报酬10k。 链接:


2019-11-01 来源于clouderwork 阅读打卡,可以放图片,可以写文字,也可以语音说,报酬1k-5k。 链接:


2019-10-31 来源于learnku 协助完成几个小程序模块,基于腾讯云 im 实现的小程序即时聊天功能,报酬不明。 链接:


2019-10-31 来源于clouderwork 面对国际付款,不用国内付款控件如(支付宝,微信支付等),可以用visa,paypal等第三方结汇,报酬3k。 链接:


2019-10-31 来源于zb.oschina 详情需要去看文件,报酬10k-50k。 链接:


2019-10-31 来源于zb.oschina 我们是一个创业小团队,方向是健康医疗领域,坐标上海,现在要开发一款微信小程序,主要功能是图文咨询+话题交流,报酬1k-5k。 链接:


2019-10-31 来源于codemart 主管/财务。ID/密码登录,分别可以看到不同的功能。主管可以使用除了投包管理中投包核对之外的所有功能,报酬3k。 链接:


2019-10-30 来源于clouderwork 要求开发经验丰富,这是一整套商城业务的系统,报酬20k-50k。 链接:


2019-10-30 来源于zb.oschina 主要是一整套的业务系统,报酬不明。 链接:


2019-10-30 来源于zb.oschina 对接一下企业微信,以便再手机端使用,手机端需要可以添加线索,添加客户,填写跟进记录,报酬不明。 链接:


2019-10-29 来源于clouderwork 做一个体育赛事直播转播网站,参考www.ballbar.cc或,报酬3.7k。 链接:


2019-10-29 来源于codemart 开发一款微信小程序(的部分功能),要求能够独立搭建微信小程序的工程,熟悉HTTP请求、JSON数据格式,报酬4k。 链接:


2019-10-29 来源于ask.dcloud 外包一个微信小程序,类似一个简单的电商,但下单流程有所有不同,联系QQ:3213581873,报酬不明。 链接:


2019-10-28 来源于clouderwork 资讯类网站,主要用于展示介绍信息、信息动态、链接第三方网页、联系我们等,能适应多种浏览器,页面能根据分辨率自动做出调整,报酬5k-10k。 链接:


2019-10-28 来源于zb.oschina 使用go或者python开发一个跨境的电商平台,主要面向东南亚以及台湾地区的用户,需要做多语言的商城前台,还有在paypal线支付功能,报酬10k-50k。 链接:


2019-10-28 来源于codemart 开发一个静态的手机网页,主要用于引导用户下载APP,功能非常简单,报酬1k。 链接:


Cloudy with a Chance of Fraudulent ATM Cash-Outs, Part 3

Speculations for how hackers managed to steal the credit and debit card data for millions of Target customers last December.

Definition essays involve taking an abstract concept and clarifying it for your reader by simply making it tangible.

Definition Essays Implicitly, section of making something “concrete” involves dividing the product into its composite components or properties. As writer Diane Hacker points down, division–like classification–should be manufactured “according for some principle”: she notes, “to divide a tree into origins, trunk, branches, and leaves is practical; to record its elements as branches, lumber, water, and […]

Take Your Pick of Sony Bluetooth Headphones For $38, Today Only


Sony Wireless Headphone Gold Box | $38 | Amazon



How to Download and Install Older macOS Versions With Terminal


When it’s time to install a new version of macOS or download a new update, nearly everyone turns to the Mac App Store to start the process. While the App Store makes OS installations easy and relatively painless, it doesn’t always work—and it might be time to turn to Terminal (and a little creativity) instead.



Improve Your Understanding of Spanish With Lupa


When I was trying to learn Spanish, everybody told me to listen to Radio Ambulante. It’s a Spanish-language NPR show that aims to bring the depth of longform journalism to the world of podcasts. And it’s great—but I could never quite catch what everyone was saying.



Get Priority Boarding on Alaska Airlines This Week With a Starbucks Red Cup


If you’re flying on Alaska Airlines this week you may want to swing by a Starbucks on your way to the airport. Starbucks Red Cups launch tomorrow, November 7th, and to celebrate the coffee chain is partnering with another Seattle-based company, Alaska Airlines, to offer customers free priority boarding.



Amazon’s Already Discounting Apple’s Excellent AirPods Pro


With sound quality that can stand up to high-end offerings from Bose and Sony, excellent noise cancelation, and Apple’s customary ease of use, the brand new AirPods Pro are one of the best new tech products of the year.



The Case for Torching Your Pumpkin Pie


Fire is fun. Pie is fun. Setting your pumpkin pie (lightly) on fire is just a great time all around. Actually, I think all custard pies beg to be brûléed, but pumpkin is the seasonal darling, so we’ll focus on that.



How to Get Started in Microsoft's New Office App Beta


Microsoft’s new Office app for iOS and Android, currently in beta, is supposed to be a “one-stop shop” alternative the mobile Word suite. It combines Office’s three most popular programs—Word, Excel, and Powerpoint—and throws in a bevy of mobile-minded features, like the ability to scan text and tables off paper…



Yubico unveils security key with built-in fingerprint reader


Yubico is showing off an upgraded security key that requires your fingerprint to activate the device.

The YubiKey Bio marks the first time the company will offer a security key with built-in fingerprint authentication. Yubico has been previewing the device at Microsoft's Ignite conference as a way for enterprise customers to unlock access to their Azure Active Directory accounts.

Although security keys are pricey ($20 to $50), they offer the best protection to stop hackers from hijacking your online accounts. Anyone logging in will need to supply both the password and insert the hardware-based security key into the computer's USB port to gain access. Read more...

More about Cybersecurity, Fingerprint Sensor, Yubico, Tech, and Cybersecurity

Kyle Crutchmer looking to exploit his advantages at Bellator 233


Since turning pro in June of 2018, it had been a pretty hectic first few months of welterweight Kyle Crutchmer’s career.

Following his most recent win this past February, a unanimous decision over Josh Weston at XFN 356, Crutchmer had fought four times since his pro debut, with three finishes in his first four fights.

“It’s been an experience,” Crutchmer told “I’ve transitioned from wrestling right into MMA. Obviously I use a lot of my wrestling to win those fights.

“I’ve gotten a lot of experience and learned a lot of things about myself that I truly didn’t know. I’ve enjoyed this whole process. I’m ready to get things going at the next level, and continue this road to becoming a world champion.”

Since his win in February, Crutchmer has had some time off, and now with over a year’s experience under his belt he feels like he can accurately gauge where he’s at with his game.

“For me at first it was after the fight (I saw growth), but now that I’ve grown and learned a lot more things in this sport, I can see the progress in training,” said Crutchmer. “I’ve been in a 12-week training camp for this (upcoming) fight with guys that are really high-level and I’ve held my own, so now I know where I stand, and I have a lot more confidence in what I’m able to do.”

On Friday in Thackerville, Okla., Crutchmer (4-0) will look to close out his 2019 undefeated when he takes on Antonio Jones (7-3) in a Bellator 233 welterweight preliminary bout.

TRENDING > Dana White: MMA fans should appreciate that President Donald Trump attended UFC 244

“He’s a big guy,” Crutchmer said of Jones. “He has some experience. I don’t want to share what we’re going to do or anything to do or anything like that, but I think I have enough (advantage) in one category of the fight and I’m going to exploit it and use it to my advantage.

“I’m going to do whatever it takes to win then get back to work.”

When it comes to 2020, Crutchmer is going to approach it as he has his career up to this point and let his team lead the way while he focuses on making sure he is ready for whatever fight comes his way.

“There’s no roadmap, just fight by fight,” said Crutchmer. “I let Bob Cook kind of manage all of that. He tells me when and where, and I get ready for it. I just listen to what my coaches and my management team tells me to do and that’s what we do.”


Backdoor Could Be Used On Microsoft SQL Without Detection

If you haven't heard of Skip-2.0 yet, prepare to be dismayed. Security researchers have recently discovered an undocumented (until now) backdoor designed for Microsoft SQL servers. It will allow a hacker working ...

Are Hackers Using Popular Assistant Devices To Listen To Users?

The utility of virtual assistants like Amazon's Alexa and Google Home are undeniable.  They're just genuinely handy devices to have around. Unfortunately, they're also prone to abuse and exploits by hackers and ...

Worldwide spending on security products and services set to reach $151.2 billion in 2023

"Considering there have been many attempts for hackers to acquire funds from banks, the banking industry is expected to spend the most on security solutions."

Hackers vinculados con China espían mensajes SMS con el malware MessageTap

Hackers patrocinados por China están atacando las redes de telecomunicaciones para interceptar los mensajes SMS que contienen palabras clave que giran en torno a los disidentes políticos. Los investigadores han descubierto un nuevo malware para espionaje utilizado por el grupo relacionado con China APT41. El malware intercepta el tráfico del servidor SMS de telecomunicaciones y […]

Vacancy Ethical Hacker / Penetration tester

Vacancy Ethical Hacker / Penetration tester

Backdoor Could Be Used On Microsoft SQL Without Detection

If you haven't heard of Skip-2.0 yet, prepare to be dismayed. Security researchers have recently discovered an undocumented (until now) backdoor designed for Microsoft SQL servers. It will allow a hacker working ...

Sieht so iOS 14 aus?

Ein Youtuber namens Hacker 34 hat sein Konzept eines iOS 14 verfilmt, das nicht nur eine überarbeitete Darstellung der Telefon-App zeigt sondern auch für das iPhone einen Split-Screen einführt, den es bisher nicht gibt.

Backdoor Could Be Used On Microsoft SQL Without Detection

If you haven't heard of Skip-2.0 yet, prepare to be dismayed. Security researchers have recently discovered an undocumented (until now) backdoor designed for Microsoft SQL servers. It will allow a hacker working ...

Are Hackers Using Popular Assistant Devices To Listen To Users?

The utility of virtual assistants like Amazon's Alexa and Google Home are undeniable.  They're just genuinely handy devices to have around. Unfortunately, they're also prone to abuse and exploits by hackers and ...

RobbinHood Ransomware Another Reason To Back Up Your Systems

The creators of the dreaded 'Robbinhood' ransomware strain are putting their reputation to work for them.  The hackers have recently modified their ransom note in a couple of important ways. First and ...

Google asks mobile security vendors to help keep hackers out of the Play Store


Google announced Wednesday it would work with multiple cybersecurity companies to better secure the Google Play Store, which hackers have repeatedly used to distribute malicious software. Google’s decision to collaborate with ESET, Lookout, and Zimperium is an acknowledgement of the challenges of securing the Play Store and the countless devices that interact with it. Each company has distinguished itself by releasing research detailing how hackers are using mobile apps to spread nefarious code. Google will integrate its Google Play malware detection systems with each of those companies’ anti-virus scanning engines. That will allow the companies to do an extra layer of vetting before an app appears in the Play Store. In announcing the App Defense Alliance, as the partnership is known, Google acknowledged that the current processes for reporting malicious apps in and out of the Play Store “aren’t designed to scale.” With over 2.5 billion Android devices in use, the scale […]

The post Google asks mobile security vendors to help keep hackers out of the Play Store appeared first on CyberScoop.


Amid NSA warning, attacks on Confluence have risen in recent weeks


The National Security Agency’s recent warning about nation-state actors exploiting a vulnerability affecting Confluence wasn’t merely a delayed confirmation of information that the cybersecurity community already had on its radar. It also appears to tip off new exploitation of the vulnerability — hackers have been dramatically stepping up the pace and persistence of their attacks on the popular workplace collaboration software in recent weeks, according to new private sector research obtained by CyberScoop. The attackers are using a vulnerability that Confluence warned about this spring, according to data from Trend Micro’s TippingPoint technology. And while the NSA issued an advisory last week about the bug, it only says nation-state hackers “have exploited” and “could” exploit the vulnerability, not going so far as to say there has been a recent uptick in attacks. New information suggests now that the agency had specific reasons to share the guidance this fall: Starting in late September, just weeks before the NSA made its announcement, hackers began exploiting the vulnerability […]

The post Amid NSA warning, attacks on Confluence have risen in recent weeks appeared first on CyberScoop.


Inside the FBI's quiet 'ransomware summit'


In March, officials in sparsely populated Jackson County, Georgia, made a painful decision. Rather than rebuild their networks from scratch, they paid $400,000 to hackers to get the county’s data back. The six-figure amount — eclipsed by a nearly $600,000 payment made by a Florida city in June — is symptomatic of a much larger problem. Across the U.S., poorly secured businesses, local governments, and schools have lost millions of dollars to attackers who can cheaply buy access to ransomware-as-a-service kits on underground forums. The problem is by some measures growing more acute: Over 100 public-sector ransomware attacks have been reported in 2019 alone, double the amount in 2018. To help stem the tide of file-locking attacks, the FBI quietly convened the country’s top ransomware experts in an unprecedented, closed-door conference in September. The briefings, which occurred over two days, were a recognition by law enforcement officials that their ability to […]

The post Inside the FBI's quiet 'ransomware summit' appeared first on CyberScoop.


Fake ransomware named after Donald Trump tries to trick victims out of a buck


Donald Trump can add ransomware to the list of things named after him, thanks to scammers who again have demonstrated how current events create opportunities to steal data. Security researchers from Cisco’s Talos threat intelligence team on Tuesday published findings explaining how hackers are using the likeness of the president, his predecessor and other political figures to dupe victims into paying up. Numerous ransomware attacks, screenlockers and remote access trojans are named after Trump, Barack Obama, Hillary Clinton and Vladimir Putin. It’s the latest evidence that digital miscreants will use any trending topics to woo potential victims. “One of the unexpected aspects of the investigation was the presence of lures that dropped malware associated with multiple nation-state attacks in the past, showing how even advanced, sophisticated adversaries will use any means to achieve their nefarious goals,” researchers wrote. The scammers’ emails mention the world leaders to catch victims’ attention, or […]

The post Fake ransomware named after Donald Trump tries to trick victims out of a buck appeared first on CyberScoop.


Alleged Capital One hacker Paige Thompson to be released before trial


Paige Thompson will be free to move throughout the Seattle area before her case goes to trial. The accused Capital One hacker is scheduled to be released from jail Tuesday after a judge determined the 33-year-old defendant does not pose enough of a threat to the community to warrant her incarceration. Thompson, who is transgender, was arrested in July for allegedly hacking Capital One to access information about 106 million people, and has been held in a men’s detention center in Seattle in the months since. U.S. District Judge Robert Lasnik previously told attorneys he was “very concerned” about whether Thompson would receive adequate mental health treatment from the Bureau of Prisons, citing previous cases in which trans inmates have resorted to self-harm behind bars. The former Amazon Web Services software engineer is charged with computer fraud and abuse and wire fraud in connection with a breach at Capital One. Prosecutors say […]

The post Alleged Capital One hacker Paige Thompson to be released before trial appeared first on CyberScoop.


Shiv Sena leader said that Uddhav Thackeray hasn't received any proposal from BJP over government formation in Maharashtra

Shiv Sena leader said that Uddhav Thackeray hasn
Reportedly amid reports of a BJP delegation meeting Maharashtra governor Bhagat Singh Koshyari on Thursday, sources said that a resolution to the BJP-Shiv Sena stalemate over government formation in Maharashtra is expected and a new dispensation may take office before the term of the outgoing Assembly ends on 9 November.

Florida officials remain mum on election security breaches. (AP)


Florida officials remain mum on election security breaches. (AP)By BOBBY CAINA CALVAN
November 1, 2019

TALLAHASSEE, Fla. (AP) — Florida officials vowed transparency in securing next year’s elections but are continuing to shed little light on how Russian hackers infiltrated systems in at least two Florida counties .

During a news conference in Tallahassee on Friday with state and federal officials, Florida Secretary of State Laurel Lee again hoped to reassure Floridians of the integrity of the state’s voting systems.

The state launched — and completed — a review of its elections systems, she said, and poured millions of dollars into beefing up elections security leading into next year’s nationally crucial elections.

“We now have additional information, more thorough information and are prepared to bolster and support that infrastructure in any way that is necessary in advance of 2020,” she said.

However, lingering questions about Russian hacking during the 2016 election cycle continue to cloud those efforts.

Ever since special counsel Robert Mueller’s report mentioned that a server of at least one Florida county had been breached, questions have persisted about how the breaches occurred and which counties were infiltrated.

Subsequent reports, later confirmed by Florida Gov. Ron DeSantis, indicate that hackers broke into voting systems in at least two Florida counties.

Lee and other officials have declined to identify those counties, as she did again Friday. Lee says precaution is being taken to protect against further vulnerabilities.

Federal investigators have ordered elected officials who’ve been briefed on the breaches not to publicly identify the counties.

Although the state’s review of statewide election systems have been completed, Lee said, her ability to share details may be limited.

“It is important to remember that specific information about defensive measures or cyberthreat indicators cannot be shared publicly, as that would weaken our security posture,” Lee said. “That is the type of information our adversaries could in fact use to attack our infrastructure.”

U.S. Attorney Lawrence Keefe, whose jurisdiction covers northern Florida, convened the news conference, allowing officials from various federal, state and local agencies to describe their role in the elections-security effort.

“Over the next 12 months leading up to the 2020 election, we will be working relentlessly together so the people of Florida can have faith that their votes will count,” Keefe said.

Keefe and other officials declined to answer questions at the news conference, leaving that task to Lee.

AD Season 4 Episode 3 - Kurtis plays Binding of Issac

Jack and Joel host friend of the show Kurtis! We ramble about an amateur hacker up north, is Binding of Issac a bullet hell? Second half we talk about our D&D campaign and some other topics whatever we want!

Ce concept d'iOS 14 a de l'allure

Entre les bugs et les fonctions manquantes, le lancement d'iOS 13 a été pour le moins compliqué. Pour son successeur, on aimerait qu'Apple prenne le temps de se retourner et d'investir des ressources dans la stabilisation et l'optimisation du système, plutôt que d'empiler les nouveautés n'importe comment. Une stratégie empruntée avec iOS 12 et cela lui avait plutôt bien réussi. Mais que cela n'empêche pas d'imaginer dès à présent quelques améliorations. Dans son concept d'iOS 14, The Hacker 34 n'a pas cherché à réinventer le système, mais plutôt à intégrer des fonctions attendues de longue date, comme la possibilité de choisir des apps par défaut, d'afficher l'heure et des complications en permanence, de passer facilement d'un utilisateur à un autre, ou encore de... Lire la suite sur MacGeneration

Q&A With Board Member Ron Alphin


Continuing our Q&A series with members of the MPSA Board of Directors is Ron Alphin, ABM Federal.

Q: How long have you been involved in the MPSA and in what role/s?  

A: I first became a member of MPSA in 2009.  I immediately joined the newly formed Standards committee as the first group was formedI served as a member for the first four years, then as Chair for next two years, and have been its Executive Sponsor ever since.  This is my third consecutive term as a Board Member.

Q: What experience do you bring to this role?

A: I started in the in the imaging industry 12 years ago. The first two years were for a Canon dealership. I started there selling copiers, and then moved to their new roles selling managed print services and managed network services.

I then went to a national distributor, Supplies Network, for eight years.  They were just starting to build their MPS program and needed someone to build out sales and operational infrastructure. After we got the program established and growing, we migrated the sales to general sales members and focused them on just MPS, and I moved to fully build out efficiency and delivery of operational components of service, supplies, contracts, and software components. 

I then moved to a supplies and parts remanufacturer, LMI Solutions, for a year and a half to focus on their operational delivery solutions around their MPS program. 

Most recently I have taken on the buildout of the MPS solutions for a government-focused reseller, ABM Federal, where I am focusing on all services and solutions for the federal government.

Q: What changes or opportunities are you seeing in MPS that excite you the most?

A: In general, I love to see companies focusing more on the software and true solutions around managing documents and information. It’s exciting to see this evolution beyond the early days of just focusing on the devices and supplies. 

Specifically to my new role and company, I am very excited with the opportunity to bring MPS and other solutions to the government space.  Due to the strict requirements around information and security, and their very structure, they have been slow in their adoption of the type of efficiency and cost savings solutions like MPS can provide. They are where the commercial market was about eight years ago.

Lastly, I am excited with all the options that exist for providers today.  It is much easier to partner, or even build and deliver your own solutions today than it has ever been. 

Q: What do you enjoy doing in your spare time when you're not at work?

A: As I grow older, it has become easier for me to understand the most important things in life, and time with my family and friends is very fulfilling.  However, those that know me well know I enjoy cigars, beverages, beach, and to chase my errant golf shots as a true hacker.


Thousands of QNAP NAS devices have been infected with the QSnatch malware


Hackers have infected thousands of network-attached storage (NAS) devices from Taiwanese vendor QNAP with a new strain of malware named QSnatch. Over 7,000 infections have been reported in Germany ...

Evil:ONE #2 Continúa la aventura de hacking y superhéroes en @0xWord #Comics #armatura @calicooficial

Como sabéis, desde hace un tiempo editamos y publicamos algunos cómics en 0xWord Cómics. Y dentro del Universo Armatura de Jerry Finger tenemos ya publicados el Tomo Recopilatorio del Universo Armatura, además de haber sacado el tercer número de La Elite hace poco. Pero también tenemos una miniserie de tres números llamada Evil:ONE en la que el protagonista, Ed, es un hacker que se topa con el mundo de los superhéroes en primera persona... en su propia ciudad de Móstoles.

Figura 1: Evil:ONE #2 Continúa la aventura de hacking y superhéroes en 0xWord

Pues bien, desde ayer por la tarde tienes disponible la segunda parte de esta miniserie publicada en 0xWord Cómics. Así que puedes comprar ya Evil:ONE #2 y continuar con la aventura que terminará en la siguiente parte.
Hacer cómics a esta escala es más un placer personal que otra cosa, así que la tirada que tiene este número es también pequeña, con 100 copias, así que si quieres una de ellas tendrás que darte prisa. Además, tienes la posibilidad de apoyar este proyecto comprándote alguna pegatina de Armatura, de Cálico, pósters, etcétera o la camiseta molona esa que utilizo yo de Evil:One y el gran Krespo en sus conciertos.

Además de estos cómics de superhéroes sabes que también hemos editado Hacker Épico Deluxe Edition, que es un cómic precioso que recoge toda la acción del "thriller" tecnológico que publicamos en el libro de "Hacker Épico".
Y nuestra última incursión en el mundo del cómic ha sido la publicación del tomo con todas las Tiras de Cálico Electrónico. Ayer nos fuimos a cenar Salva Espín, Arturo González Campos, Nikotxan y yo, y además de firmarle unos ejemplares a ellos nos dejó tres cómics firmados para los primeros que los compren hoy en 0xWord.

Y esto es todo. Gracias a todos los que habiendo crecido seguís manteniendo ese espíritu joven dentro que os permite seguir disfrutando de las viñetas de un cómic en las manos. Podéis contar conmigo entre vosotros.

Saludos Malignos!


Sena MLAs authorise Uddhav to take 'final call' on Maha govt formation

The Shiv Sena MLAs on Thursday authorised party chief Uddhav Thackeray to take a "final decision" on government formation in Maharashtra. Thackeray c...

No talks between Bhagwat, Uddhav yet: Raut

There have been no talks yet between Rashtriya Swyamsevak Sangh chief Mohan Bhagwat and Shiv Sena president Uddhav Thackeray on government formation i...

Resort politics? Sena MLAs moved to hotel

After the meeting of the Sena MLAs at Uddhav Thackeray's residence 'Matoshree', all the legislators went to Rangsharda Hotel, close to the party chief...

11/7/2019: News: Police sorry for privacy breach


Police have apologised to blogger Martyn “Bomber” Bradbury after officers investigating hacker Rawshark used a loophole in the Privacy Act to access his private information. It is the third apology and settlement from police after the 2014...

Influencers Pay Thousands to Get Back Into Their Hacked Instagram Accounts

A white hat hacker who used to help for free is now charging hacked influencers to help them regain access to their accounts.

Setback to BJP: Sena MLAs back Uddhav on power-sharing


Setback to BJP: Sena MLAs back Uddhav on power-sharing   Mumbai:  In yet another dampener for the Bharatiya Janata Party, Shiv Sena legislators unanimously endorsed party President Uddhav Thackeray’s stand on government formation on the basis of 50:50 power-sharing formula, here on Thursday. The party’s legislators, who were summoned for an urgent meeting by Thackeray […]

The post Setback to BJP: Sena MLAs back Uddhav on power-sharing appeared first on


훌륭한 개발 문화의 이면(7) – 잉여력이냐 vs. 효율성이냐


많은 분들이 며칠 전 글을 읽고서 나머지 새 이야기를 빨리 보여달라는 피드백이 있어서 3년만에(?) 연재를 마치려고 합니다. 연재 마지막 글도 많은 성원 부탁드립니다.

소프트웨어 개발이라는 일은 높은 생산성을 이루기 위한 다양한 고려 사항이 있습니다. 코딩 작업이 무작정 시간만 투여한다고 해서 훌륭한 결과물이 나오지 않을 뿐더러  기술 리더 및 관리자의 역량과 기술 도입 선택 과정에서 생산성의 차이가 확연하게 달라집니다. 뿐만 아니라 중요한 기술 변곡점을 파악하여 회사의 운명을 바꿀 최고 의사 결정자가 누구냐에 따라 기업의 운명까지 좌우됩니다.

우리가 시간과 비용 그리고 역할과 책임을 효율적으로 나누어서 하는 업무의 방정식이 개발 업무에는 해당되지 않는 경우가 많습니다. 어찌 보면 비효율적이고 중복으로 보이는 소위 잉여력(剩餘力)이라고 부르는 요소를 개발 문화에 적용했을 때, 반대로 개발 생산성이 높아지는 것을 목격할 수 있었습니다.

이번 글에서는 개발팀 업무 방식, 신기술 도입, 사내 CTO의 역할 등에서 어떻게 하면 장기적인 기술 변화에 민감한 조직을 생산성에 맞추어 운영할 수 있을지 살펴보겠습니다.

■ 관리자와 엔지니어 수평적인 경력 나누기
우리 나라 IT 기업에서는 관리자로서 우수한 역량을 가진 사람 보다도 개발 능력이 뛰어나 팀 내에서 존경 받는 사람을 개발 팀장으로 승진시키는 것을 자주 보게 됩니다. 스타트업이 회사 규모가 빠르게 커질 때, 외부 사람을 영입하는 부담이 있기 때문에 내부에서 해결하는 방편으로 이런 오류를 범하기도 합니다. 저도 첫 직장에서 2년만에 개발팀장이 되고, 그 이후 2년만에 기술 이사(CTO)의 역할을 하게 되었습니다. 제가 관리자로서 역량이 있는지 검증도 되지 않았고, 준비도 되지 않은 상태였지요. Daum 같은 큰 회사에서도 우수한 개발 능력이 있던 사람을 승진의 수단으로 팀장이 시키는 경우가 많았습니다. (최근에는 일정 규모의 스타트업에서는 경험 있는 관리자를 팀장 혹은 기술 임원으로 외부에서 영입하는 경우가 있습니다. )

개발 능력만 좋았던 초보 개발 팀장들이 겪는 많은 시행 착오가 있습니다. 가끔 과거에 하던 대로 코드를 계속 만져서 팀원과 불화가 생기기도 합니다. 팀원들은 팀장이 더 이상 개발에 관여하기 보다 팀원의 업무를 조정하고 외부 팀과 원활히 소통하며 의사 결정을 해서 효율적으로 팀을 운영하는 데 집중해 주길 바라기 때문입니다. 자신이 개발 능력이 뛰어났다 보니 외부에 안된다 라는 말을 못하고, 정작 일을 해야 할 팀원의 능력을 고려하지 않은데 그동안 해 오던 습관대로 업무 지시를 하달(?)하는 경우도 생깁니다. 이럴 때, 팀장 되더니 사람 변했다는 이야기를 듣게 되기 십상입니다.

대부분 글로벌 IT 회사는 개발자 경력 경로에 관리자(Manager) 트랙과 IC (Individual Contributor)트랙이 나눠져 있고, 개발팀에는 두 가지 역할 사이의 협력으로 운영됩니다. 매니저와 IC는 각 레벨에 맞는 독자적인 업무가 주어져 있고, 레벨 간 승진도 그에 따른 평가로 이루어집니다. 외국 회사에서 레벨이란 직무를 정하고 연봉을 나눠 주는 구간의 의미만 있지 수직적인 관계가 아니기 때문에 수평적인 협력이 일반적입니다.

즉, 팀 내에 개발 일정과 업무 조정 및 보고 등 일상 관리 업무를 담당하는 관리자와 기술적인 의사 결정과 팀원 멘토링, 코드 리뷰 등을 담당하는 기술 리더(Principal Engineer 혹은 Architect)를 두는 것은 매우 중요합니다. 이 두 가지 영역을 한 사람이 다 잘할 수 있을 것이고, 따로 두는 것이 비효율적이라고 생각하는 경우가 많습니다. 하지만, 둘 다 잘하는 사람은 거의 없고, 있더라도 여러분 회사에 없을 가능성이 훨씬 높습니다. 팀 내 리더쉽의 불일치로 인한 개발 생산력 저하는 꽤 치명적일 수 있습니다.

Daum에서도 팀 내에 개발팀장과 몇몇의 기술 리더를 따로 두도록 독려했습니다. 하지만, 수평 문화를 고수하기 위해 레벨 제도 없이 팀원-팀장-임원 등 직책을 단순화 해 두었기에 주로 시니어 엔지니어가 맡고 있는 기술 리더라는 자리가 팀원 중에 하나다 보니 직무를 수행해야 하는 동기 부여가 전혀 되지 않았습니다. 이 두 직군의 관계가 파트너 관계여야 하는데, 일부 팀의 경우 잘 동작하기도 했지만 수직적이 되는 경향을 막기도 힘들었습니다. 따라서, 중복적인 인력 배치처럼 보이지만 전사적으로 개발자 경력을 투-트랙으로 관리하는 것이 중요합니다.

■ 잉여력에 기반을 둔 유연한 신기술 도입
개발팀장들의 고민 중 하나는 팀 자원을 어떻게 효율적으로 배분하여 기존 업무를 하면서도 새로운 시도를 할 수 있도록 해 줄건가 하는 것입니다. 다른 팀이 보기에 새로운 시도는 남아 도는 것처럼 생각되니 마치 노는 것처럼 보입니다. 잉여력과 효율성은 보안성과 편의성처럼 트레이드 오프(Trade-off) 관계에 있다고 생각하기가 쉽습니다. 구글에서는 ‘직원 업무 시간의 20%를 창조적 프로젝트에 쏟도록 배려’하는 문화를 가지고 있다는 유명한 일화도 있습니다. (물론 구글 전 직원이던 마리사 메이어 야후! CEO가 허구라고 폭로를 했지만, 그녀의 엔지니어링 배경이 일천하다는 측면에서 CEO로서 차별화하기 위한 거짓이라고 생각합니다.)

출처: [Daum人 해커톤] “즐거운 상상의 나래를 펼치다” 블로터닷넷, 2012

저는 초보 개발 팀장들에게 개인이 아니라 오히려 팀 전체 자원의 20%를 여유롭게 운영하라고 조언해왔습니다. 팀원의 시간은 관리하기 어렵지만, 전체 팀의 자원은 관리할 수 있으니까요. 적어도 팀원 10명 중 2명은 여유롭게 서비스 운영 대신 신규 프로젝트를 하고, 개발 대신에 연구를 하도록 하는 것이죠. 외부의 어떤 압력이 와도 이 버퍼를 유지하는 것이 중요합니다. 팀장이 정말 중요하다고 판단됐을 때 이 자원을 활용할 수 있는 장점도 있습니다. 팀원들은 언젠가 그 20%의 업무를 하게 될 날을 기대하면서 재미없는(?) 운영 업무에 지치지 않을 수 있습니다. 유독 신기술을 미리 써보고 활용해 보길 좋아하는 개발자들에게 유용한 시간이면서 장기적으로 팀의 기술 선택에 도움이 되는 정보를 얻을 수 있기 때문입니다.

팀 내부 뿐만 아니라 Daum에서는 신기술이 어느 정도 궤도에 오르기 까지는 전사 콘트롤 타워를 만들지 않는 정책을 가지고 있었습니다. 개별 팀들이 특정 신기술을 스스로 공부하고 활용하여 이용하는 것을 막지 않았습니다. 어느 정도 규모를 가진 회사들은 사내 표준이라는 것을 만들고 이를 강제하는 것이 일반적입니다. 그게 개발 생산성을 높인다고 생각합니다. 공통 플랫폼팀이 제공하는 사내 라이브러리나 프레임워크의 권고안 정도는 제공하지만, 이를 강제하면 오히려 기술 유연성이 매우 낮아집니다.

Daum 내부 빅데이터 및 클라우드 기술 활용 사례- 윤석찬 (2012)

한참 하둡(Hadoop) 기반 빅데이터 플랫폼이 유행일 때, 다음 사내에서 하둡의 활용 빈도를 조사해 보니 20가지 이상의 프로젝트에서 다양하게 활용하고 있었습니다. 특정 팀에게 해당 기술을 총괄하도록 하기 보다는 팀간의 경험을 공유하는 사내 세미나를 개최하고, 사내 전문가 선정해서 도입하고자 하는 다른 팀에게 노하우를 전달하는 방식을 채택하였습니다. Daum 서비스는 주로 자바 플랫폼을 통해 개발하지만, 캘린더 서비스는 루비(Ruby)로 개발하였고 티스토리는 PHP를 통해 개발되고 있었습니다. 대부분의 백오피스 애플리케이션은 파이썬으로도 개발하며, 소스 콘트롤도 공식 서브버전 서버 뿐만 아니라 git를 함께 활용하기도 했습니다.

흔히 폴리그랏(Polyglot)이라고 불리는 이러한 개발 문화는 하루아침에 만들어 진 게 아니라 오랫동안 개발자과 그들의 업무 환경을 이해하고 성찰하는 과정에 나왔습니다. 아마존은 업무의 규모를 자체적인 운영이 가능한 도메인 단위로 잘게 쪼갠 후, 피자 두 판으로 한끼 식사를 할 수 있을 정도의 작은 개발팀을 구성하여 이들에게 모든 자율성을 부여하는 마이크로서비스(Microservices) 아키텍처와 투-피자(Two-Pizza)팀으로 조직 운영을 하는 것이 대표적이라 할 수 있습니다.

■ 비전가로서 최고 기술 임원(CTO)의 역할
기업의 최고 기술 임원(Chief Technology Officer, CTO)은 기술 직군의 꽃이라고 할 수 있습니다. 누구나 오르고 싶은 꿈을 꾸기도 하는 자리이기도 입니다. 대부분 CTO는 관리자 트랙으로 승진을 거쳐 오르거나 대규모 기술 조직을 이끈 경험이 있는 사람을 선호합니다. 그러다 보니, 기술적인 큰 그림을 그리기 보다는 일상적인 관리 업무가 대부분인 경우가 허다합니다. 팀이나 본부에서 해결되지 못한 많은 머리 아픈 복잡한 문제가 올라오는 자리이기도 합니다. 일반 개발자들은 CTO가 그런 일을 할거라고는 전혀 생각하지 못합니다.

스타트업에서 3년간 작은 조직의 처음 CTO 역할을 경험했는데, 회사의 사업에 변화에 영향을 줄 새로운 기술 기반 사업 모델을 구상하기 보다는 IT 기술 활용으로 빚어지는 법적 소송 부터 소소한 개발자들의 근태 및 불평 등을 계속 해결해야 했습니다. Daum으로 옮긴 후 11년 가까이를 CTO 직속팀으로 있으면서 총 5명의 CTO가 바뀌었는데, 그들의 일상 업무도 크게 다르지 않았습니다. 개발자로 시작해서 개발팀장, 본부장으로 승진한 새로운 CTO들은 반복되는 회의와 업무를 조정하는 관리자의 연장선에 있었습니다. (덕분에 기술적인 조언자 위치에 있었던 제가 사내 개발 문화와 대외 기술 전략 등을 고민하고 실행할 수 있었던 좋은 기회이기도 했습니다.)

앞서 말한 대로 글로벌 IT 기업에는 관리자와 개발자의 투-트랙으로 경력 관리를 합니다. 최정점에서는 VP of Engineering과 CTO가 존재하며, 이들은 전혀 다른 업무를 수행합니다.

클라우데라의 공동 창업자이자 CTO였던 Amr Awadallah의 What does a CTO do? (한국어 번역)라는 블로그 글을 보면, VP of Engineering이 통상적인 관리 업무를 맡는데 반해 CTO는 회사의 장기적인 기술 전략, 개발자들의 정신적 리더, 대외 에반젤리스트의 역할을 해야 한다고 합니다.  CTO는 내부 보다는 외부와 소통에 더 많은 시간을 쏟고, 사내 개발 문화의 건강한지 늘 확인하면서, 회사가 필요한 기술 변곡점을 적시에 확인하고 이를 다른 임원들과 공유하여 적절한 의사 결정을 내리도록 하는 것이 가장 중요한 업무입니다.

물론 회사에 따라 이러한 CTO 역할을 VP of Engineering의 다음 포지션으로 맡기도 하고, 엔지니어 트랙에서 명망을 얻은 사람이 수행하기도 합니다. (Amazon의 Werner Vogels 박사나 Microsoft의 Kevin Scott 등은 IC로서 일하는 대표적인 CTO 들입니다. 대형 행사의 강연과 팟캐스트, 유튜브 채널 등 다양한 외부 활동으로 회사의 기술 리더쉽을 전파합니다. )

출처: Defining roles: CTO and/or VP Engineering


사실 국내에서는 이러한 CTO 역할이 생소하여 쉽게 받아들이기 힘듭니다. 다만, 몇몇 IT 기업들이 개발자 관계(Developer Relations)의 중요성을 인식하면서 글로벌 개발 문화나 조직 운영 기법들을 이식하고 있는 경우도 많이 있기 때문에 변화가 있을 것입니다.

저는 많은 개발자들이 관리자가 아니라 별도의 트랙을 따라 수석 엔지니어나 아키텍트, 임원급에 해당하는 특임 엔지니어(Distinguished engineer), 펠로우(Fellow) 혹은 CTO의 역할을 수행하는 것을 보고 싶습니다. (물론 개발만 잘해서는 안되고, 기술적 배경, 트렌드를 보는 통찰력, 소통 능력, 프로젝트에 조언할 수 있는 능력이 함께 있어야겠지요.)

전통적인 IT 기업 뿐만 아니라 오늘날 대부분 일반 기업에서 IT와 기술을 중심으로 하지 않고는 변화하는 세상에 민첩하게 움직이는 비즈니스를 영위하기가 어려워졌습니다. 제조, 금융, 리테일 등 산업 분야의 강자들도 직접 SW 개발팀을 구성하는 일도 많아졌고요. 어찌 보면 개발 조직에 중복으로 관리 인력을 구성하고, 신기술 탐험을 위한 잉여 자원을 두고, 기술 비전을 보여 주는 롤 모델과 경력 트랙을 구성하는 것이 비효율적이고 이상해 보일 수 있지만, 초기에 훌륭한 개발 문화를 정착하는 데 중요한 초석이 될 것입니다.

이번 연재는 이것으로 끝내지만 개발자 비급(祕笈) – 1. 연봉은 실력의 결과가 아니다의 비급 시리즈는 계속 됩니다. 물론 언제 끝날지는 알 수 없지만…

연재 목차


מכללת האקריו, אקדמיה או לימוד עצמי? איפה כדאי ללמוד הייטק?


מכללת "האקריו" תעזור לך להתקבל לעולם ההייטק. להלן 3 אופציות בדרך אל תחום ההייטק המתגמל – לימודים באקדמיה, לימוד עצמי או מסלול לימוד ב-HackerU הצומחת.


Una nueva generación de superhéroes llega con la novela póstuma de Stan Lee


Carmen Naranjo

Madrid, 7 nov (EFE).- Una nueva generación de superhéroes está lista para luchar contra el mal y lo hace desde las páginas de la novela póstuma de la leyenda del cómic Stan Lee, 'padre' de personajes como Spider Man o Hulk, que llega a las librerías en España el próximo lunes, pocos días antes del primer aniversario de su muerte.

'Alliances. A Trick of Light', que llegará a Latinoamérica en la segunda quincena de noviembre, fue escrita por Stan Lee en colaboración con la periodista norteamericana Kat Rosenfield, antes de su fallecimiento a los 95 años el 12 de noviembre pasado en Nueva York.

Un mes antes de morir, Stan Lee sorprendió a los editores internacionales en la Feria del Libro de Fráncfort con el anuncio de su último proyecto, esta novela en la que aborda también temas que van desde las difíciles relaciones familiares a los riesgos de la tecnología invasiva, asegura la editorial.

La novela, cuya publicación en español forma parte de un lanzamiento mundial, incluye una introducción del creador de Marvel en la que recuerda cómo le fascinó la ciencia y los misterios 'del más allá' durante el proceso de creación de personajes como Los Cuatro Fantásticos y los X-Men.

Y despertó su curiosidad por la tecnología que permite jugar con la propia realidad y le planteó interrogantes que traslada a esta novela: '¿Qué es más real, el mundo en el que nacemos o el que nos creamos?'.

Al comenzar esta historia 'nos encontramos con una humanidad perdida dentro de su propia burbuja tecnológica, con la que cada ciudadano es el protagonista de su propia fantasía digital', señala Stan Lee en la introducción que escribió a este relato 'lleno de tentadoras tecnologías'.

En esta historia se presenta una nueva generación de héroes: son jóvenes y rebeldes, poseen superpoderes extraordinarios y no tienen miedo de usarlos.¿Su objetivo? Derrotar el mal que amenaza con destruir el planeta.

Nia y Cameron son estos héroes: Ella es una 'hacker' con mucho talento, pero se siente muy sola. Vive alejada del mundo con la sola compañía de un padre enigmático. El único modo que tiene para relacionarse con el exterior son las redes sociales pero la amistad virtual de un millón de desconocidos no llena ni de lejos el vacío que la envuelve.

Cameron tiene el sueño de triunfar en Youtube pero mientras graba un vídeo en un lago le sorprende un temporal que lo deja inconsciente. Y cuando despierta, ya no es el mismo porque tiene un sorprendente talento cibernético: la capacidad de controlar ordenadores y dispositivos electrónicos con la mente.

Ambos se unirán para usar sus poderes contra una oscura organización de recursos ilimitados que gestiona el mundo de la información desde la sombra.

Sus colaboradores en este proyecto, los escritores y cineastas Ryan Silbert y Luke Lieberman recuerdan también en el libro cómo Stan Lee dio el 'toque maestro' en la creación de 'Alliances', al decidir que aunque el mundo de ficción estaría repleto de tecnología del futuro, el núcleo de la historia sería 'tan humano y familiar al lector como un invitado a comer'.

Un nuevo universo de este creativo, editor y productor que en 1939 comenzó su carrera en el negocio de los cómics, con solo 17 años, en la Timely Comics, que más tarde se convirtió en Marvel Comics.

Fue en 1962 cuando Stan Lee y Jack Kirby crearon la familia de héroes compuesta por Los Cuatro Fantásticos y en los años siguientes fueron naciendo personajes como Hulk, Thor, Iron Man, los X-Men, Daredevil, el doctor Strange y el más famoso de Marvel, Spider Man. EFE


(Recursos de archivo en Código 9861609 y otros)


Certified Ethical Hacker - CEH V10 - Hippo Cyber Institute , Dubai

Certified Ethical Hacker V10
A Certified Ethical Hacker is a skilled professional who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s). The CEH credential certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective.

Hippo Cyber Institute Premium CEH V10 Training program 
  • Officially EC-Council Accredited training Centre
  • Certified EC-Council Trainer with 8+ year of industrial training experience in more than 8 countries and delivered training to people from America, Canada, Brazil, UK, Netherlands, Belgium, Angola, Nigeria, Ghana, South Africa, Cameroon, Egypt, Syria, Australia, Hongkong, Mongolia, Philippines, Indian, Sri Lanka, Saudi Arabia, Argentine, Qatar, Tanzania, Lesotho, Seychelles, Afghanistan, Burundi, Sweden, Pakistan, Russia
  • Official EC-Council courseware material includes Book, Tools, & Exam Voucher
  • Official EC-Council Test Centre
  • Intense hands on training and demonstration
  • One free repeat training if not you are not ready for the exam
  • Exam tips, practice questions, and in-depth explanations
  • Post-training support
  • Exam Registration support
  • Exam cost of all the training are included
  • Refreshments
About the Program

Our security experts have designed over 140 labs which mimic real time scenarios in the course to help you “live” through an attack as if it were real and provide you with access to over 2200 commonly used hacking tools to immerse you into the hacker world.
As “a picture tells a thousand words”, our developers have all this and more for you in over 1685 graphically rich, specially designed slides to help you grasp complex security concepts in depth which will be presented to you in a 5 day hands on class by our Certified EC-Council Instructor.
The goal of this course is to help you master an ethical hacking methodology that can be used in a penetration testing or ethical hacking situation. You walk out the door with ethical hacking skills that are highly in demand, as well as the internationally recognized Certified Ethical Hacker certification! This course prepares you for EC-Council Certified Ethical Hacker exam 312-50.

The Purpose of the CEH credential is to:
  • Establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures.
  • Inform the public that credentialed individuals meet or exceed the minimum standards.
  • Reinforce ethical hacking as a unique and self-regulating profession.
What is New in CEH Version 10 Course
  • Module 01: Introduction to Ethical Hacking
  • Module 02: Footprinting and Reconnaissance
  • Module 03: Scanning Networks
  • Module 04: Enumeration
  • Module 05: Vulnerability Analysis
  • Module 06: System Hacking
  • Module 07: Malware Threats
  • Module 08: Sniffing
  • Module 09: Social Engineering
  • Module 10: Denial-of-Service
  • Module 11: Session Hijacking
  • Module 12: Evading IDS, Firewalls, and Honeypots
  • Module 13: Hacking Web Servers
  • Module 14: Hacking Web Applications
  • Module 15: SQL Injection
  • Module 16: Hacking Wireless Networks
  • Module 17: Hacking Mobile Platforms
  • Module 18: IoT Hacking
  • Module 19: Cloud Computing
  • Module 20: Cryptography
About the Exam
  • Number of Questions: 125
  • Test Duration: 4 Hours
  • Test Format: Multiple Choice
  • Test Delivery: ECC EXAM, VUE
  • Exam Prefix: 312-50 (ECC EXAM), 312-50 (VUE)

Cost: 5000 AED

Duration: 40 Hours


Comment on Hackers For Hire by William Davidson

<p>I don’t think anyone could do better than CYBERWISE after so many trials and none did anything and I almost gave up on my credit issues but... </p> <div class="pmpro_content_message">This content is for Gold Member, Platinum Member, Lite Member and Money Makers Club only. Visit the site and log in/register to read.</div>

Nov. 6, 2019 HPI Daily Wire sponsored by Indiana Motor Truck Assn.


INGOP TAKE RECORD 70 MAYORAL RACES: The Indiana Republican Party achieved a new record in this year’s municipal elections, ending the 2019 cycle with 70 Republican mayors throughout Indiana. This involved flipping 19 mayoral offices, including those in traditional Democrat strongholds Kokomo, Muncie, Logansport and Michigan City (Howey Politics Indiana). Some 17 mayors were defeated for reelection, joining three who lost in the primary.

DEMS HANG ON TO INDY, FORT WAYNE; MOVE IN SUBURBS: Indiana Democrats held on to the two largest city halls in Indianapolis and Fort Wayne where Mayor Tom Henry won an unprecedented fourth term with a landslide victory over Tim Smith, and picked up Elkhart with Rod Roberson’s defeat of former mayor Dave Miller. Joe Hogsett won a second term in the capital city, easily dispatching State Sen. Jim Merritt (Howey Politics Indiana). Democrats also made suburban gains with Emily Styron upsetting Zionsville Mayor Tim Haak, as well as picking up council seats in the Republican strongholds Carmel and Fishers.

PARRY UPSETS INDICTED MAYOR MEER: For the first time in 44 years, Michigan City has elected a Republican mayor. Duane Parry unseated incumbent Mayor Ron Meer in Tuesday’s election by just 76 votes (Mayes, Michigan City News-Dispatch). “It’s long overdue,” Parry said Tuesday while doing a victory lap at American Legion Skwiat Post 451.

LYNCH UPSETS MAYOR CANNON IN PORTAGE: Democrat Sue Lynch pulled ahead late in a tight race Tuesday night to unseat Republican Mayor John Cannon (Kasarda, NWI Times).

HENRY WINS HISTORIC 4TH TERM IN FORT WAYNE: In his biggest victory since 2007, Fort Wayne Mayor Tom Henry was elected to another four-year term Tuesday, making him the only mayor in city history to be elected to four consecutive terms in office (Gong, Fort Wayne Journal Gazette).

BENNETT STAVES OFF GOODWIN FOR 4TH TERM: Incumbent Republican Mayor Duke Bennett captured a historic fourth term in Tuesday’s Terre Haute municipal election, tying for the second-longest serving mayor in city history (Modesitt, Terre Haute Tribune-Star).

NEW HPI BUSINESS OFFICE CONTACTS: Howey Politics Indiana has new business office, subscription management and accounts payable/receivable contacts. Lisa Hounchell of 1up! is our new business manager. If you have subscription or account business with HPI, contact her at 765.452.3936 or via email at

BESHEAR WINS RAZOR THIN BOMBSHELL IN KY: Democratic Attorney General Andy Beshear declared victory in Kentucky governor's race as he held a razor-thin margin over Republican incumbent Matt Bevin after Tuesday's election. But Bevin says don't be so sure (Louisville Courier-Journal).

DEMOCRATS PREVAIL IN VA LEGISLATURE: Republicans awoke Wednesday to a stark new political reality in Virginia after losing majorities in both chambers of the General Assembly, a sweeping defeat that solidifies Democratic control over the state capital for the first time in a generation (Washington Post).

SONDLAND CHANGES TESTIMONY; DESCRIBES QUID PRO QUO: A U.S. diplomat who is a key witness in the House impeachment probe told Ukrainians over the summer that aid to that country would continue to be held up until Kyiv committed to investigations that President Trump had been seeking, according to a revised statement to investigators (Wall Street Journal).

ELECTION EXPERTS FRET DEEP FAKE VIDEOS: Election officials and social media firms already flummoxed by hackers, trolls and bots are bracing for a potentially more potent weapon of disinformation as the 2020 election approaches — doctored videos, known as “deep fakes,” that can be nearly impossible to detect as inauthentic (Los Angeles Times).

HPI DAILY ANALYSIS: Some early take aways from the municipal elections: Across the small and mid-sized towns, the Indiana Republican Party remains very strong, with pickups in cities like Kokomo, Muncie, Logansport, and Peru. Democrats easily prevailed in the big cities, including a dominating performance in the Evansville council races despite Republican Mayor Winnecke's dominating win as well as Mayor Henry and Mayor Hogsett easily winning fourth and second terms. Democrats have to be buoyed by their encroachment in suburban Indianapolis, with that upset win in Zionsville by Emily Styron and winning council seats in Carmel and Fishers. We'll have the most comprehensive analysis you can find in Thursday's weekly HPI. Look for it around 9 tomorrow. - Brian A. Howey



FTC takes action against stalkerware company Retina-X


[We've been covering the grimy, sleazy stalkerware industry for years, and so it's nice to see that the FTC is finally taking action against the worst of the worst actors -- pity that they're still getting it wrong, as EFF's Gennie Gephart and Eva Galperin explain in this Deeplinks post that I've mirrored below. -Cory]

The FTC recently took action against stalkerware developer Retina-X, the company behind apps Flexispy, PhoneSheriff, and Teenspy. The FTC settlement bars Retina-X from distributing its mobile apps until it can adequately secure user information and ensure its apps will only be used for “legitimate purposes.” But here’s the problem: there are simply no legitimate purposes for secret stalking apps.

Retina-X, and its own James N. Johns Jr., seem to have come to the FTC’s attention not necessarily for making stalkerware, but for making stalkerware poorly. The company has suffered multiple security breaches over the past several years, including attacks from “vigilante hackers” who deleted petabytes of the company’s data—essentially, data that stalking app users had collected through spying on spouses, children, employees, and other targets. The FTC alleged that the poor security was a deceptive practice, which the FTC has authority to regulate under Section V of the FTC Act.

In addition to requiring Retina X to demonstrate tighter security overall, the FTC alleged that the company violated the Children’s Online Privacy Protection Act (COPPA), which requires companies like Retina X to secure information—especially the kind of sensitive information Retina-X’s apps collect, like physical location and online activities—from children under 13. Read the rest


20 товаров с AliExpress, которые помогут создать новогоднее настроение

20 tovarov s AliExpress, kotorye pomogut sozdat' novogodnee nastroenieСвитер с оленями, кружка-снеговик, миниатюрные ёлочки и другие крутые вещи, которые добавят в рабочие будни немного праздника.

Бешеные деньги и никакой личной жизни: как на самом деле живут стартаперы

5 заблуждений о жизни предпринимателейСобственное дело меняет стиль жизни и даже мышление предпринимателя. Но не всегда таким радикальным образом, как кажется многим людям, далёким от мира бизнеса. Развеем основные мифы о жизни бизнесменов.

Netflix перестанет работать на некоторых телевизорах Samsung уже в декабре

Netflix перестанет работать на некоторых телевизорах Samsung уже в декабреКак проверить, будет ли работать на вашем.

Как правильно: выберете или выберите

Всё зависит от наклонения глагола.

AliExpress и не только: самые интересные находки дня

В сегодняшнем выпуске — скидки на Xiaomi Mi 9T, Cubot Max 2, электронику, книги и другие товары.

8 блюд, за которые вам должно быть стыдно

Продукты могут быть взаимозаменяемыми — но далеко не всегда. Рассказываем, почему лучше не добавлять помидоры в борщ, лазанью и другие популярные блюда, и как готовить их правильно.

В какое время года лучше покупать загородную недвижимость

В какое время года лучше покупать загородную недвижимостьВыберите правильный сезон, чтобы сэкономить и как следует изучить особенности дома.

Как понять, что ваш ребёнок — гений

Как понять, что ваш ребёнок — генийКакими бы хорошими ни были природные задатки, неправильное воспитание может их задавить. Что, если ваш ребёнок — будущий успешный предприниматель, экономист или IT-специалист? Почитайте про 10 признаков маленького гения, которые стоит развивать и поощрять.

Как понять, что вам пора заняться спортом

Как понять, что вам пора заняться спортомНесколько простых тестов покажут, насколько вы себя запустили.

Как приготовить настоящий суп харчо

Kak prigotovit' sup harcho kak v GruziiПопробуйте классическое блюдо или разнообразьте его вкус.

Подкаст Лайфхакера: 9 хитрых глаголов, которые выставят вас безграмотным

Подкаст Лайфхакера: 9 хитрых глаголов, которые выставят вас безграмотнымЗапомните эти слова, чтобы не попасть впросак.

Как реагировать на негативные отзывы клиентов

Как реагировать на негативные отзывы клиентов в соцсетяхДаже плохие отзывы можно обратить на пользу репутации компании, если правильно с ними работать.

3 совета для тех, кто стал слишком забывчив

Советы для забывчивыхОтрывок из книги японского нейрохирурга Такаси Цукияма «Забывчивость — моё второе… что-то там» о проблемах мозга, связанных с современной жизнью.

Во сколько дети начинают говорить и как им помочь

Когда дети начинают говорить и как им помочьЕсли ребёнку уже 15 месяцев, а первое слово так и не прозвучало, это тревожный сигнал.

Что подарить маме на Новый год

Подарки для мамы на Новый годПодарки, которые порадуют самого дорогого человека и сделают жизнь проще.

Handelsblatt-Tagung Cybersecurity: Angriff auf Ransomware: Der Mann, der die Hacker hackt

Attacken mit Schadsoftware nehmen rasant zu. IT-Spezialist Fabian Wosar erschwert Cyberkriminellen die Arbeit – dafür zahlt er persönlich einen hohen Preis.

Hacker B20 12L motor and g/box with Hacker/Jeti master 30-3p esc

Hacker B20 12L motor with Hacker/Jeti master 30-3p esc in reasonable condition

Inside The Microsoft Team Tracking The World's Most Dangerous Hackers


From Russian Olympic cyberattacks to billion-dollar North Korean malware, how one tech giant monitors nation-sponsored hackers everywhere on earth.


Most Common Industries Targeted by Phishing Attacks


We hear about data breaches and hacks on big companies on a near daily basis and most people assume these cyber-attacks are being conducted by sophisticated actors using complex hacking tools. The truth is; most hacks are quite simple. Hackers…

The post Most Common Industries Targeted by Phishing Attacks appeared first on Alliant Cybersecurity.


Shiv Sena stays resolute in their demands: Uddhav Thackeray to take final call on Maharashtra government formation

Thursday marks the 13th day of negotiations between the Shiv Sena and its ally BJP over the issue of government formation in Maharashtra, continuing a political deadlock in the state.

Backdoor Could Be Used On Microsoft SQL Without Detection

If you haven't heard of Skip-2.0 yet, prepare to be dismayed. Security researchers have recently discovered an undocumented (until now) backdoor designed for Microsoft SQL servers. It will allow a hacker working ...

Are Hackers Using Popular Assistant Devices To Listen To Users?

The utility of virtual assistants like Amazon's Alexa and Google Home are undeniable.  They're just genuinely handy devices to have around. Unfortunately, they're also prone to abuse and exploits by hackers and ...

RobbinHood Ransomware Another Reason To Back Up Your Systems

The creators of the dreaded 'Robbinhood' ransomware strain are putting their reputation to work for them.  The hackers have recently modified their ransom note in a couple of important ways. First and ...

Mw3 Hackers! 60000 PUNTOS POR BAJA ! PS3

Partida hackeada en dominio warfare 3 600000 por muerte, hackers de super salto, salir de mapa, Like y Fav si […]

National: Feds and police are war-gaming all the ways an election can be hacked | Joseph Marks/The Washington Post

As voters head to the polls today in Virginia's odd-year contest, federal officials and local police are war-gaming how adversaries could disrupt next year's contest without hacking any election systems at all. Officials from the FBI, Department of Homeland Security and U.S. Secret Service are working with cops in Arlington to game out how to respond if hackers from Russia or elsewhere in 2020 disrupt electricity at polling places, shut down streetlights, or hijack radio and TV stations to suppress voter turnout and raise doubts about election results. They'll also test how to respond if adversaries launch social media campaigns to incite fights at polling places -- or to spread rumors about riots or violence that deter people from going out to vote. Cybersecurity experts and academics will play the mock hackers, lobbing new challenges at officials throughout the day. The exercise underscores how hackers could destroy public faith in an election’s outcome without changing any votes. And that’s particularly concerning because many of these potential targets are far more vulnerable than voting machines. “If you can prevent people from getting to the polls … if you can effectively disenfranchise certain segments of the population, that's far more disruptive to the republic than taking out a few voting machines,” Sam Curry, chief security officer at Cybereason, the company organizing the war game, told me.

Illinois: State Elections Board: ‘We’re Under Constant Threat’ from Foreign Interference | Paris Schutz/WTTW

The 2020 election is just under a year away, and both federal and state election authorities say the threat of foreign interference is ramping up. Illinois was one of several states whose election infrastructure was attacked by Russians in 2016, and officials say they’ve made big changes to make sure it doesn’t happen again. But can voters be sure the new measures will work? The Illinois State Board of Elections says it has received $13.2 million in federal aid since 2016 to deal with foreign interference. As outlined in the Mueller report, Russian hackers successfully breached an Illinois voter database that included information such as names, addresses and voter registration status. The breach affected 76,000 Illinois voters, but the board says there is no evidence that hackers manipulated any of that information to try and change voter registration status and, ultimately, impact the outcome of the election. But they say it was a wakeup call.

Europe: On the front line in Europe’s war against Russian election interference | Ellie Zolfagharifard/The Telegraph

The hackers who fought against Russia in the first ever nationwide cyber attack are today hailed as heroes. “I’ve been to parties where people would discuss how they fought in the cyber war,” says Pactum’s Kristjan Korjus, with a combination of pride and envy. “They had to try to get to the main server rooms and hack for several days and nights… it was really cool.” It may not sound as dramatic as aiming a gun on a battlefield, but the work of these cyber warriors was crucial in thwarting a Russian assault that could have brought down a nation. Today, as the UK prepares for a General Election, Estonia believes Britain can learn from its efforts in defending against online attacks and misinformation. “This is a country that is on the front line of digital warfare,” says Scott Dodson, Lingvist’s chief growth officer, who moved from Seattle to Tallinn several years ago. “It’s kind of a fact of life that, you know, I don't think people in the UK or the US really appreciate... essentially this region is kind of a firewall [against Russian attacks].” That’s partly thanks to Nato’s Cooperative Cyber Defence Centre of Excellence, codenamed K5, which sits in the shadow of grey Soviet high-rises in the suburbs of Tallinn.   Surrounded by barbed wire and armoured trucks, K5 looks like something out of a spy film. "We get people asking if they can tour this as part of their stag party all the time," laughs Aari Lemmik, who heads up the centre's communications team. 

Virgin Media's deal with Vodafone highlights the opportunity 5G presents for MVNO deals


UK communications company Virgin Media inked a five-year deal with Vodafone to transition its mobile virtual network operator (MVNO) service, called Virgin Mobile, onto Vodafone's wireless network, per a company release. Global Mobile Network Peak Usage Timeline

Currently, Virgin Mobile uses BT Enterprise's network for its mobile service, but that deal will end in 2021, at which point the MVNO's 3 million customers will transition to Vodafone's network. As part of the new partnership, Virgin Media additionally plans to launch a 5G service with Vodafone before 2021. 

As an MVNO, Virgin Mobile relies on another telecom's network infrastructure to provide connectivity by leasing bandwidth. MVNO deals allow telecoms to derive additional revenue from their networks by leasing out unused network capacity. And for MVNOs, the deals allow them to offer competitive, lower-cost data and voice rates than their traditional telecom counterparts because they avoid the costs of maintaining their own network infrastructure.

This low-cost approach ultimately lets MVNOs sell mobile services to customers priced out of other telecom's offerings or who simply wish to pay less for services. The major drawback of this strategy is that MVNOs are reliant on partners — who are also competitors — for service provision and continuity.

The commercialization of 5G gives telecoms an opportunity to win over new MVNO deals as they reconsider their options in light of the next-generation networks. MVNOs are continuously on the lookout for the best deal that allows them to offer the widest reaching network for the lowest price. For instance, MVNO Ting Mobile decided to switch its US service from T-Mobile to Verizon after T-Mobile faced delays in its merger with Sprint, failing to offer the promised benefits of a combined network.

As telecoms begin to offer 5G services, it presents a natural stopping point for MVNOs to reassess carrier offerings. Telecoms that aim to attract or retain MVNOs should look to establish widely available 5G services to differentiate their networks from rivals. For instance, Virgin Media likely took into account Vodafone's wide international 5G presence that allows for 5G roaming, in addition to a likely lower price when switching from BT Enterprise.

Want to read more stories like this one? Here's how to get access:

  1. Sign up for Connectivity & Tech Pro, Business Insider Intelligence's expert product suite keeping you up-to-date on the people, technologies, trends, and companies shaping the future of connectivity, delivered to your inbox 6x a week. >> Get Started
  2. Join thousands of top companies worldwide who trust Business Insider Intelligence for their competitive research needs. >> Inquire About Our Enterprise Memberships
  3. Explore related topics in more depth. >> Visit Our Report Store
  4. Current subscribers can log in to read the briefing here.

Join the conversation about this story »


Kikkerland Webcam covers (set van 3)

Webcam covers van Kikkerland. Set van drie covers om de webcam van computer, laptop of tablet af te schermen. Voorkom dat hackers meekijken. De webcamcover moet bevestigd worden over de webcam van het..

Amazon, Sony, Xiaomi, Samsung Devices Successfully Hacked at Pwn2Own Tokyo 2019

A number of popular devices from the likes of Amazon, Netgear, Sony, Samsung, TP-Link, and Xiaomi were hacked by various white hat hacker teams as part of Pwn2Own Tokyo 2019 competition.

Un mystérieux hacker publie des profils d'utilisateurs du forum néonazi IronMarch

Une aubaine pour les autorités de tous les pays, qui disposent désormais de plus d'éléments pour partir en chasse.

Russia and Iran: Beards (in the Medieval Sense) Are Back

Here is a terrific example of how Russian cyber attackers skillfully sow confusion. The Financial Times reveals, “Russian Cyber attack Unit ‘Masqueraded’ as Iranian Hackers, UK Says.” A joint investigation by the UK’s National Cyber Security Centre and the US’s National Security Agency reveals the espionage group first hacked an Iranian hacking group, then attacked […]

phillymike: BID whackers gone now, all of a sudden;



敏腕クリエイターやビジネスパーソンに学ぶ仕事術「HOW I WORK」シリーズ。今回話を伺ったのは、米Lifehackerのスタッフ・ライター、ジョシュ・オカンポさんです。

#Amazon Ring doorbells exposed #Home Wi-Fi passwords to hackers


Amazon fixed the vulnerability in all Ring deices in September, but the vulnerablity was only disclosed today. It’s another example of smart home technology suffering from security issues. As much as ...

Manual To Accompany Hacker Techniques Tools And Incident Handling Jones Bartlett Information Systems Security Assurance By Vlab Solutions

Manual To Accompany Hacker Techniques Tools And Incident Handling Jones Bartlett Information Systems Security Assurance By Vlab Solutions

Are You Falling for the Myth of “Failing to Plan is Planning to Fail”?



You probably heard the business advice of “failing to plan is planning to fail.” That phrase is a misleading myth at best and actively dangerous at worst. Making plans is important, but our gut reaction is to plan for the best-case outcomes, ignoring the high likelihood that things will go wrong.

A much better phrase is “failing to plan for problems is planning to fail.” To address the very high likelihood that problems will crop up, you need to plan for contingencies.

When was the last time you saw a major planned project suffer from a cost overrun? It’s not as common as you might think for a project with a clear plan to come in at or under budget.

For instance, a 2002 study of major construction projects found that 86% went over budget. In turn, a 2014 study of large IT projects found that only 16.2% succeeded in meeting the original planned resource expenditure. Of the 83.8% of projects that did not, the average IT project suffered from a cost overrun of 189%.

Such cost overruns can seriously damage your bottom line. Imagine if a serious IT project such as implementing a new database at your organization goes even 50% over budget, which is much less than the average cost overrun. You might be facing many thousands or even millions of dollars in unplanned expenses, causing you to draw on funds assigned for other purposes.

Moreover, cost overruns often spiral out of control, resulting in even bigger disasters. Let’s say you draw the extra money from your cybersecurity budget. As a result, you’ve left yourself open to hackers, who successfully stole customer data, resulting in both bad PR and loss of customer trust.

What explains cost overruns? They largely stem from the planning fallacy, our intuitive belief that everything will go according to plan, whether in IT projects or in other areas of business and life. The planning fallacy is one of many dangerous judgment errors, which are mental blindspots resulting from how our brain is wired that scholars in cognitive neuroscience and behavioral economics call cognitive biases. We make these mistakes not only in work, but also in other life areas, for example in our shopping choices, as revealed by a series of studies done by a shopping comparison website.

Fortunately, recent research in these fields shows how you can use pragmatic strategies to address these dangerous judgment errors, whether in your professional life, your relationships, your shopping choices, or other life areas.

You need to evaluate where cognitive biases are hurting you and others in your team and organization. Then, you can use structured decision-making methods to make “good enough” daily decisions quickly; more thorough ones for moderately important choices; and an in-depth one for truly major decisions.

Such techniques will also help you implement your decisions well, and formulate truly effective long-term strategic plans. In addition, you can develop mental habits and skills to notice cognitive biases and prevent yourself from slipping into them.

For instance, we can address the planning fallacy by planning around it. Such planning involves anticipating what problems might come up and addressing them in advance by using the research-based technique of prospective hindsight, by envisioning yourself in the future looking back at potential challenges in the present. It also involves recognizing that you can’t anticipate all problems, and building in a buffer of at least 40% of the project’s budget in additional funds. If things go better than anticipated, you can always use the money for a different purpose later.

Besides this broad approach, my consulting clients have found three specific research-based techniques effective for addressing the planning fallacy.

First, break down each project into component parts. An IT firm struggled with a pattern of taking on projects that ended up losing money for the company. We evaluated the specific component parts of the projects that had cost overruns and found that the biggest unanticipated money drain came from permitting the client to make too many changes at the final stages of the project. As a result, the IT firm changed their process to minimize any changes at the tail end of the project.

Second, use your past experience with similar projects to inform your estimates for future projects. A heavy equipment manufacturer had a systemic struggle with underestimating project costs. In one example, a project that was estimated to cost $2 million ended up costing $3 million. We suggested making it a requirement for project managers to use past project costs to inform future projections. Doing so resulted in much more accurate project cost estimates.

Third, for projects with which you have little past experience, use an external perspective from a trusted and objective source. A financial services firm whose CEO I coached wanted to move its headquarters after it outgrew its current building. I connected the CEO with a couple of other CEO clients who recently moved and expressed a willingness to share their experience. This experience helped the financial services CEO anticipate contingencies he didn’t previously consider, ranging from additional marketing expenses to print new collateral with the updated address to lost employee productivity due to changing schedules as a result of a different commute.

If you take away one message from this article, remember that the key to addressing cost overruns is to remember that “failing to plan for problems is planning to fail.” Use this phrase as your guide to prevent cost overruns and avoid falling prey to the dangerous judgment error of planning fallacy.

Key Takeaway


Because we usually feel that everything is going to go according to plan, we don’t pay nearly enough attention to potential problems and fail to account for them in our plans. This problem is called a planning fallacy. Click To Tweet


Questions to Consider (please share your thoughts in the comments section)

  • Do you agree that “failing to plan is planning to fail” is misleading? If not, why not?
  • Where have you seen the planning fallacy lead to problems for your team and organization?
  • How might you help your team and organization address the planning fallacy? What are some next you can take to do so?


Image credit: Pixabay/Rawpixel



 — -



Bio: Dr. Gleb Tsipursky is on a mission to protect leaders from dangerous judgment errors known as cognitive biases. His expertise and passion is using pragmatic business experience and cutting-edge behavioral economics and cognitive neuroscience to develop the most effective and profitable decision-making strategies. A best-selling author, he wrote Never Go With Your Gut: How Pioneering Leaders Make the Best Decisions and Avoid Business Disasters (2019), The Truth Seeker’s Handbook: A Science-Based Guide (2017), and The Blindspots Between Us: How to Overcome Unconscious Cognitive Bias and Build Better Relationships (2020). Dr. Tsipursky’s cutting-edge thought leadership was featured in over 400 articles and 350 interviews in Fast Company, CBS News, Time, Business Insider, Government Executive, The Chronicle of Philanthropy, Inc. Magazine, and elsewhere.

His expertise comes from over 20 years of consulting, coaching, and speaking and training experience as the CEO of Disaster Avoidance Experts. Its hundreds of clients, mid-size and large companies and nonprofits, span North America, Europe, and Australia, and include Aflac, IBM, Honda, Wells Fargo, and the World Wildlife Fund. His expertise also stems from his research background as a behavioral economist and cognitive neuroscientist with over 15 years in academia, including 7 years as a professor at the Ohio State University. He published dozens of peer-reviewed articles in academic journals such as Behavior and Social Issues and Journal of Social and Political Psychology.

He lives in Columbus, OH, and to avoid disaster in his personal life makes sure to spend ample time with his wife. Contact him at Gleb[at]DisasterAvoidanceExperts[dot]com, follow him on Twitter @gleb_tsipursky, Instagram @dr_gleb_tsipursky, Facebook, YouTube, RSS, and LinkedIn. Most importantly, help yourself avoid disasters and maximize success, and get a free copy of the Assessment on Dangerous Judgment Errors in the Workplace, by signing up for his free Wise Decision Maker Course.

Originally published at on October 27, 2019.


11/7/2019: Times Nation: Day 14: BJP to call on guv, Uddhav to meet Sena MLAs


Mumbai: With the term of the previous Maharashtra assembly set to end on Saturday, the yet-unreconciled allies BJP and Shiv Sena have announced independent moves for Thursday. While Sena president Uddhav Thackeray has summoned his party’s newly-elected...

Concepto de diseño de iOS 14


Featured Video Play IconAunque hasta el próximo mes de junio aún falta mucho tiempo y hasta entonces no sabremos cómo es iOS 14, en the Hacker 34 se aventuran a dar ideas a Apple creando un concepto de diseño de iOS 14 con un buen montón de ideas interesantes. Estas son las novedades que se imaginan para esta […]

La entrada Concepto de diseño de iOS 14 se publicó primero en iPhoneros.


All Sena MLAs lodged in Mumbai hotel

All Sena MLAs lodged in Mumbai hotel

MUMBAI: Not willing to take any chances of potential poaching, the Shiv Sena has decided to shift all its 56 legislators to a private sea-facing hotel in suburban Bandra till the political crisis in the state is resolved, party sources said here on Thursday. The legislators, who are from Mumbai and different parts of Maharashtra, are …

Check out more stories at The Siasat Daily


Mumbai: Uddhav Thackeray meets Shiv Sena MLAs

Mumbai: Uddhav Thackeray meets Shiv Sena MLAs

Mumbai: Shiv Sena Chief Uddhav Thackeray held a meeting with party MLAs here at his residence on Thursday. The meeting comes amidst the reports that Shiv Sena MLAs are being shifted to a resort to prevent any attempts of poaching, which the party has brushed aside as “rumours” while asserting that Shiv Sena legislators are …

Check out more stories at The Siasat Daily


Defence Insurance

LegalShield is now available in the UK and requires associates to offer their two products. PrivacyDefence: Identity theft can be an easy problem to ignore until you experience it for yourself but you now have the means to beat the hackers at their game for just £7 per month. LegalDefence: members have access to unlimited legal advice calls for themselves and their whole family for just £19 a month. If you are an insurance agent, mortgage broker, property letting agent or a business owner with existing clients who would appreciate being informed of services to guard against hackers and to have qualified legal professionals on hand offering 24 hour guidance and support when needed then LegalShield has something you can offer.

THE COMPLETE SALES HACKER BUNDLE Coupon Discount Code @> $1571 Off Promo Special Offer


“Become a Better Salesperson & Learn How to Scale a Business with 8 Courses on Sale Optimization & Modern Product Promotion”

Use this The Complete Sales Hacker Bundle Coupon Discount Promo Link and for a limited time only save $1571 on The Complete Sales Hacker Bundle from Skillwise. More details…

Discount Link :

Expiry Date : Unknown

More Deals : Click here to join us and get special access to deals like this daily…

Description : What’s Included:

How to Sell to Challenging Modern Buyers:

– Learn & Master the Sales Skills & Techniques You Need to Successfully Close More Deals

Business isn’t only about creating the perfect products and services, it’s also important to know who you’re selling to and the products that they’ll generally buy. This course is a sales master class on handling modern buyers, sales negotiation, and closing deals. It will give you insights on the purchasing evolution and a glimpse of who are these challenging modern buyers, so well prepared. By knowing who the modern buyers are, how they work, what tools and systems they use; you’ll be able to adopt the right approach and answer in order to overcome such a difficult obstacle.

Sales Skills & Traits for Modern Sales Reps:

– Learn How to Prepare, Negotiate & Close Sales with Confidence

Developing sales skills is extremely important for your career, not only as a salesperson but as you rise through the ranks as well. This training will provide you the different traits and sales skills you need to become a sales rep and to understand the buying and selling process. It will equip you to face challenging purchasers and close sales with confidence by providing you solid sales skills background. There are several templates and documents at the end of the course that you can download for a better follow up and application of the learnings.

Sales Optimization Skills – Increase Your Sales by 1000%:

– Convert Free Users into Hyper Buyers with Proven Conversion Tricks & Turn Your Online Business into a Successful Venture

Learn how to boost your sales by 100% or even 1,000% with all the techniques you’ll learn in this course. Understand every optimization trick and tip and see what will work for your business. All these strategies are backed by very strong industry and market research from real customers and can be implemented in just 1 to 2 days. Selling your products has never been easier, get the course now, and increase sales literally tomorrow!

Online Sales Using Email Sales Funnels with ClickFunnels:

– Make Online Selling Easy by Learning MailChimp, Copywriting, & Business Development Strategies

Outspend competitors, reach a lot of customers, and make more money by understanding the core concepts behind Sales Funnels and the phases of the Value Ladder. This course will show you how to communicate and socially connect with your customers in a way that makes them, quite naturally, want to ascend up your Value Ladder where you can offer more valuable services in return for more money. Learn the most effective sales scripts to have people “unconsciously” go through your entire catalog and convert people at each stage within these funnels.

Create Any Sales Funnel with ClickFunnels + 20 Free Templates

– Get the Ultimate ClickFunnel Training & Create Squeeze, Opt-in, & Landing Pages for You & Your Affiliates

Would you like to grow your email list with powerful landing pages in a quick and easy way? This course will help you create an entire sales funnel with ClickFunnels to grow your email list with highly-targeted subscribers. You’ll also learn the most effective sales scripts to sell your product through affiliates. With this course, you will also get a funnel template that you can use as a base for your own page or just use the template pretty much as is!

Sales Funnel Mastery: The Bridge Page Funnel

– Take Email Opt-ins from Free to Paid in Seconds & Easily Increase Conversions

Get ready to transform your business or website from a flattened two-dimensional company into a three-dimensional marketing and sales machine! This course will show you how to communicate and socially connect with your customers in a way that makes them, quite naturally, want to ascend up your Value Ladder where you can offer more valuable services in return for more money. Create a culture of buyers for your company with these methods and translate increased traffic into exponential growth.

The Break-Even Sales Funnel Blueprint & Fundamentals Guide

– Become a Salesforce Wizard with a Marketing Strategy Proven by 100+ Millionaires

Discover how to set up a super-profitable funnel that can start bringing you income without the need for a website. This course contains 26 video lectures that will help you get started online and hand-held through the entire funnel-creation process. You’ll discover traffic building mastery, secrets of creating high-converting, profit-pulling Facebook image and text ads, and so much more! You’ll see the cash start coming in once you’ve got your funnel up and running.

Online Business V2 – Sales Scripts for Every Sales Funnel:

– Learn Millionaire Mindset Scripts that Convert Visitors into Hyper-Buyers

Have all of your sales letters, scripts, and webinar slides written without hiring and paying a copywriter. This course is going to dive deep into the stories that push readers to buy products. When you learn how to frame and phrase your sales copy correctly, you can double up your sales overnight without doubling your traffic. Learn how to sell every type of product for every type of sales funnel you could imagine!

If this The Complete Sales Hacker Bundle Coupon Promo Link has stopped working, then click here to look through our database for more The Complete Sales Hacker Bundle discounts and deals

This special offer THE COMPLETE SALES HACKER BUNDLE Coupon Discount Code @> $1571 Off Promo Special Offer was first discovered on IM COUPONS.


El ‘invent’ de un grupo de amigas sobre la vagina que Internet ha dado por bueno

El ‘invent’ de un grupo de amigas sobre la vagina que Internet ha dado por bueno

Si encontrar el clítoris puede ser difícil, espera a que te hablemos del plítode. Esto es lo que tienes que saber sobre este músculo y la información que hay en Internet sobre él.

Hay quien ni siquiera sabe dónde está el clítoris, así que lo más probable es que tampoco sepa siquiera qué es el músculo plitodiano o plítode ni por qué se ha puesto de moda. No es por la llegada del satisfyer ni otro juguete sexual sino porque una usuaria de Twitter, Melisa, ha desvelado toda la verdad acerca de su existencia. No es un nuevo descubrimiento, en realidad es todo una broma que le gastaron a unos amigos que decían saber mucho sobre la anatomía femenina.

Esta broma que, buscando ser creíble, llegó hasta la Wikipedia en 2014 y hoy en día todavía sigue ahí, en medio de una cita correcta, excepto porque se añade el músculo plitoidal a la ecuación y que, en realidad, no existe. "Después de que aquellos chicos nos soltasen bastantes burradas paternalistas sobre nuestra propia anatomía sexual, decidimos gastarles una broma para demostrarles que estaban alardeando de su ignorancia", explica Melisa en su hilo de tuits.

Un día, en el tren, Melisa tuvo una revelación y se inventó el plítode o plitodiano, un músculo que supuestamente se encontraría "en la pared que separaba el ano y la vagina y que ayudaba a contraer/relajar". Para que la zona quedara mucho mejor delimitada, por si no estaban entendiendo el lenguaje común, les comentaron que era "donde pegan los huevines". Además, este supuesto músculo sería la causa de que algunas chicas tuvieran vaginismo. Sin embargo, nada de esto era verdad y tampoco se lo creyeron mucho estos amigos a los que intentaron engañar: "Como no nos creían, modificamos la Wikipedia, nos creamos perfiles falsos en foros, como enfemenino, y nos sentimos las más hackers del mundo por unos días", indica en el hilo.

La broma de Melisa y sus amigas ha sido pasada por alto en la Wikipedia posiblemente porque se encuentra en medio de una cita que ya habría sido revisada con anterioridad. Por este motivo, aunque la enciclopedia suele ser bastante fiable ya que cuenta con editores que revisan que la información nueva sea correcta, lo mejor siempre es recurrir a las fuentes primarias del texto o, lo que es lo mismo, los artículos y textos de los que se extrae la información. De hecho, los editores pueden suspender las cuentas de aquellos usuarios que no estén escribiendo información verdadera.

Esta enciclopedia online se basa en la "idea de que los escritores respalden los hechos que redactan con referencias comprobables y fuentes autorizadas lo más posible", es decir, que se utilizan textos académicos para escribir las entradas en Wikipedia. De hecho, las fuentes están señaladas en el texto con un número y al final de la entrada se puede comprobar de dónde viene esta información.

Si necesitas consultar la Wikipedia para realizar un trabajo, no hay problema con que la utilices, siempre y cuando compruebes que las fuentes citadas dicen exactamente lo que recoge el artículo. Además, en ocasiones, al consultar los textos primarios se puede encontrar más información de utilidad. Eso sí, mientras que la Wikipedia puede ser un hilo del que tirar, no hay que fiarse de la información que se puede encontrar en foros: hay que contrastarlo con fuentes fiables, como las que se pueden encontrar en Google Académico.


Data Safety

Let’s talk about data safety. We have discovered a potential safety leak on our website which could have theoretically been used by an attacker to obtain some customer data, including names, addresses, and passwords. Payment and credit card details were never in danger.

Popular websites like are the target of hacker attacks every week, and usually they fail on our firewalls; in this case we cannot 100% guarantee that all attempts were unsuccessful. If we found the leak someone else might have found it as well.
There is no evidence that any data was stolen but due to the new data protection laws in Europe we want to be extra cautious and therefore are implementing a mandatory password reset. 

Here is the direct link to do so:

Of course we are now working hard to improve the security on our website. The new website with a state-of-the-art shop system will be launched in April/May. 

If you also want to improve your personal data safety, I would personally like to recommend a database for your passwords (Password Manager) which is convenient and 100% safe. I’ve used it for 2 years and couldn’t live without it anymore. This is a great solution for passwords on the internet because it is safe and very convenient.
• Use an individual and very complex password for every website you need to log-in.
• No need to memorize dozens of different passwords.
• All the passwords and website links are available on all your devices and in one place.
• Use it for all your website log-ins, credit card details, banking details, passport data, etc.
• Super convenient because you only need to memorize ONE password, and you can even log-in with your fingerprint. Auto-fill of forms on websites is also supported.
• The passwords are not saved in the browser or cloud (which is NOT safe) but locally on a super encrypted and personal database file on your mobile phone, tablet, or PC.
• The tool is free of charge and from a non-profit organization which uses open-source code. Your personal password database is protected with the same algorithm which is used by the NSA.

If you like to do this, you need to install two things:
1. A data cloud service like Microsoft OneDrive (free)
2. The database tool KeePass (free)

First you install OneDrive (or similar) on all your mobile phones, PCs, and tablets. There is now a data folder which is synced to all your devices.
Then you install KeePass on all your devices and create a new password database. Store this database file in your OneDrive folder so it will be available on all your devices.

You can now access all your passwords with one single master password, or your fingerprint, and don’t need to worry that your 12345678 password is used by a hacker to log-in to your iRacing account then drives like a maniac in your name.


Eutirox order payment australia, buy eutirox zamienniki chance - by: Himaamase

Za-18 eutirox generic, buy eutirox fr mexico

Throughout the long years of operation our company has become synonymous to quality

Order Eutirox Without A Doctor Prescription Online - Click Here

We are ready to provide you with all the medications you need to stay healthy and happy!

Short-term home rental company Airbnb Inc said on Wednesday it will introduce new safety measures in response to a fatal Halloween shooting in California last week, including a 24/7 hot line and review of "high risk reservations." The stars filed a lawsuit on Wednesday as part of an effort to stop fake online endorsements, a growing problem for Hollywood. Britain's second biggest mutual has launched a new version of its Poppy Bond offering a fixed rate for three years with 1.7% interest. How young people are using the app to engage with, and critique, the movies. Australia, Thailand, China. The Swedish centre-back has been nursing a knock he picked up in the victory over Chelsea last week and played through it against Bournemouth at the weekend. The ad refers to the freshman's time as a lawyer two decades ago when he defended hardened criminals and is designed to boost GOP hopeful Brendan Doherty. Formerly the head of the state police, Doherty is making his first run for office. Senior police officers in England and Wales have criticised groups who pretend to be children online in a bid to snare child sex abusers. eutirox An Italian court threw out a last-minute appeal to halt the drawing from leaving Italy. Critics fear it is too fragile to travel. Wednesday The latest in our series about inequality. Also A deep dive into Representative Adam Schiffs impeachment game plan. Protesters clashed with police on the streets of Santiago yet again on Tuesday (November 5), with tensions sparked by an increase in the price of metro fares remain high. U.S. President Donald Trump struck a defiant note on Wednesday at a rally in Louisiana a day after Democrats clinched victories in a raft of local elections that cast a shadow over his 2020 re-election hopes. Sales of new cars in Russia fell 5.2% year-on-year in October to 152,057 units, after a 0.2% decline in the previous month, the Association of European Businesses (AEB) said on Thursday. Virginia Governor Ralph Northam's push for new gun control laws after the May massacre of 12 people in Virginia Beach flopped when the Republican-controlled state legislature acquiesced to his call for a July special session but eutirox left without a vote. A major wildfire burning in Los Angeles near the famed Getty Center art museum was likely sparked by a tree branch falling on power lines in high winds, fire officials said on Tuesday. Readers share poignant stories of the pain and comfort that food can bring after a loved one dies. The home-sharing platform has offered several novelty lodging opportunities lately, like a stay in Barbies mansion or a night in the Goodyear blimp. They earn headlines, and thats the point. Some Kentucky counties use vote-tallying machines that don't produce a paper trail, leaving the vulnerable to tampering. Newer systems were shown last year to be easy for hackers to penetrate. On social media and in interviews, many are saying the chicken sandwich comes across as authentically black.

Libarchive vulnerability can lead to code execution on Linux, FreeBSD, NetBSD

A compression library included by default in Debian, Ubuntu, Gentoo, Arch Linux, FreeBSD, and NetBSD distros, contains a vulnerability that can allow hackers to execute code on user machines. The macOS and Windows operating systems, where this library is also included and used as a default decompression utility, are not affected. The vulnerability impacts Libarchive,

日本医学; 和方❗; 三石分子栄養学➕藤川院長系; 代謝医学❗; 代謝外のリスクら❗

☆ 代謝以前のリスクら❗ ;

☆ 日本医学 ; 和方 ❗ ;
三石分子栄養学➕藤川院長系; 代謝医学❗ ;

☆ 代謝員らの合体性の度合い、
による、 代謝ら、の、あり得る度合い ;

タンパク質な、 酵素 コウソ 、
補酵素 ホコウソ 、 な、
ビタミン 、か、
補因子 、な、 ミネラル 、
文字通りに、 『 合体 』、をする、
『 代謝 』、 な、 働きを成し合う、
代謝員ら、 であり、

が、 一定以下である場合らにおいては、
どの、代謝、も、成されない❗ 。

が、 異なる、 だけでなく、
その、 代謝員らごとに、
合体性の、 能く、成され得る、
異なり得る❗ 。

この、 三石分子栄養学➕藤川院長系 、
で、 言う所の、

代謝を成す上で、 必要な、
合体性 、での、 あり得る、 度合い、
『 確率的 親和力 』、
らにおける、 不足性、らを、
より、 埋め余し得るような、
度合い、ら以上の、 度合い、らで、

必ず、 その一方に、
タンパク質、らを、 含む、

あるべき、 代謝員ら、 への、
を、 成し付ける、
人々が、 その命と健康性とを、
より、 確かに、 より、 能く、
圧倒的に、 重要な事であり、

これの度合いを、 欠けば、欠く程に、
運動ら、や、 薬らに、
あり得る、 効果らの度合いらは、
より、 小さくなり、

それが、 一定度合い以上に、
何をしても、 助からない、
状態に、 誰もが、成る❗ 。

どんな健康法も、 どんな治療も、
どんな薬も、 どんな手術も、
『 確率的 親和力 』、 らでの、
あり得る、 不足性ら、を、
埋め余し得る以上の、 度合いらでの、
あるべき、 代謝員ら、への、
飲み食いなどによる、 摂取ら、の、
量としての度合い、 を、
欠けば、 欠く程に、
より、 その人々の命や健康性を、
能く、成さしめる、 その、 あり得る、
より、 小さくされ、
誰もが、 必ず、 死に至る、

癌 ガン 、などを、
再発させる人々が、 成る、のも、
この、 あるべき、度合いら
≒ つまり、
『 確率的 親和力 』、 らの、
あり得る、 不足性 、らを、
より、 埋め余し得る、 度合いら 、
より、 有り余らしめる、 のと、
より、 欠かしめる、 のと、の、
互いへの、 違いよう、 らに、
決定的な、 要因性ら、がある❗ 。

☆ ハゲてある人々が、
特定の、 代謝ら、か、
それらに類する、 代謝ら、を、
新たに、 成したり、する、
事が、 必要に成る。

ウィルス 、などによって、
その、持ち前の、 特定の、
細胞ごとに、 作らしめる、
能力性ら、を、 改変されていない、
その、細胞ごとに、 含まれてある、
必ず、 その一方に、
あるべき、 代謝員らを、
度合いら、で、 投与し続ける、
自然に生える、 髪の毛らを、

上で、 必要な事であり、

より、 得られ得ないものにされる❗ 。

現実に、 植物人間状態から、
人々は、 存在している、
欠かし得ない、 要因性を帯びて、
あり得ている❗ 。

☆ 赤ちゃん、との、添い寝は、
やめよう❗ 、
死亡リスクを下げるためにも ;
的野裕子 記者 ;


少しでも、 休息を取りたい親にとっては、
赤ちゃんが、 規則正しく、
眠ってくれることが、 重要です。

何でもやる、 という、
戦略を取るのは、 そのため。

しかし、 親が使っている製品や、
ときには、 愛情だと思って、
危険だ❗ 、と証明する、
履報 リポー ; レポート ;
、が、 次々と出てきています。

@ 赤ちゃんの死❗ 、
と、 ベッドインベッド、との関係 ;

ベッド・イン・ベッド ;
( 赤ちゃん用の、 辺床 ベト ; ベッド ;
、な、上で使える、 ベッド ) 、です。

態譜 タイフ ; タイプ ; 、の、
バウンサー ; ( 電動 ゆりかご ) ;
、 が、
多くの赤ちゃんの死❗ 、
と、関連がある、 ことは、

「 Consumer Report 」 ; 、の、
2012 〜 2018年に起こった、
少なくとも、 12件の赤ちゃんの死が、
と、 関連していた❗
、と、 断定しています。

これは、 親や保護者と一緒に、

現在にては、 ベッド・イン・ベッドには、
米国の安全基準が、 ありません。

潜在的な、 デザイン、 の、

特に、 中に、 詰め物がしてあり、
表面が、 柔らかいので、

通常は、 赤ちゃんとの添い寝で、
それが、 原因で、
増加しています❗ 。

小児科の准教授の、Roy Benaroch 博士は、
「 眠っている赤ちゃんの近くに、
詰め物があると、 窒息する❗
、 危険性がある、 ということは、
わかっています 」 、
と、 言っています。

推奨された状態で、 常に、 もしくは、
頻繁に、 別々に、 眠っている、
と、 答えた母親は、
31 % 、しか、 いない❗
、 という、 研究が、
「 Pediatrics 」、 で発表されたのと、
同じ時期に、 流れました ;

( 対象が、 女性だけだったので、
父親では、 どのような割合になるのか、
は、 定かでは、 ありません )。

@ 睡眠中の赤ちゃんの死亡、への、
リスクを下げるには? ;

睡眠に関連する、 赤ちゃん、の、
死亡、 への、 リスクを下げる❗、

1歳になるまで、赤ちゃんは、 常に、
( 昼寝でも、夜間でも ) 、
仰向けで、 寝かせるべき❗ 。

表面が硬いところで、 寝かせる❗ 。

生後、 の、 6カ月、できれば、
1歳までは、 親と同じ寝室に、
一緒の部屋で、 寝る。


所和 ソワ ; ソファ ; 、 や、
決して、 赤ちゃんを眠らせない❗ 。

おすすめしない❗ 。

窒息や、 首が絞まる、 おそれの高い、
柔らかい、 物や、寝具、
などは、 置かない❗ 。

赤ちゃんのおくるみは、 OK❗ 。

就寝時や、 お昼寝の時に、
おしゃぶりを与える❗ 。

こちら ; 元の記事 ; 、
( 英文 )から、 どうぞ。

赤ちゃんが、 確実に、
安全とは、 限りません❗ 。

Image: Monkey Business Images/
Source: Consumer Report, Pediatrics, Healthy Children
Meghan Moravcik Walbert - Lifehacker US
[ 原文 ] 。

☆ 代謝が、 どうこう以前に、
より、 無 ナ みし去られるべき、
特定の、 代謝ら、の、
成り立ちようら、が、 それらを、
成り立たしめる、 もとな、
要因性として、 必要であり、
その一方に、 必ず、
あるべき、 代謝員ら、への、
摂取ら、 が、 成し付けられ、
より、 漏れらを成さないように、

あり得る、 寝つきようら、へも、
摂取ら、が、 より、 能く、
それら、を、 より、能く、
成され得る物にする、 のに、
必要とされてある❗ 。

『 代謝 』、 は、
万象、への、 もとにある、
もとにある、 要因性でもある、
全ての、 質量のある物同士が、
互いに、互いを、 引き合う、力、
万有引力、 が、
同じような、 立場を占めてもある❗ 。

☆ 身体のサビつきを防ぐ、
栄養素とは❗? ;
ラブすぽ ;

『 コラーゲン 』、 への、
生成を助け、身体のサビつきを防ぐ❗ :
ビタミン C ❗ 。

ビタミン C 、 は、
身体のなかで、 もっとも、 多く、
働いている、 ビタミン 、 です。

一度に、 沢山を摂取しても、
必要以上の分は、 排出されますし、
体内で、 合成できない、
栄養素 、 なので、


体内の、 タンパク質の、
30 % 、 を占めていて、
血管や筋肉、とか、 骨、や、 皮膚、
などの、 細胞、と、細胞、とをつなぎ、
より、 丈夫に保つ、
役割を担います❗ 。

また、 細胞をサビつかせ、
老化を招く、 電子強盗、な、
美肌を保つのにも、 欠かせません。

【 書誌 情報 】 ;
『 子どもに効く栄養学 』
監修: 中村丁次氏, 牧野直子女史。 nicospyder ;

子どもは、 しょっちゅう、

ただ、 病院で、 お薬をもらっても、
嬉々として、 薬を飲む、
子どもは、 余り、いません。

また、 薬で、 解熱したり、
咳や鼻水を止めたり、 といった、
対処療法は、 できますが、
一番に、 大事になるのは、

日々の食事でも、 しっかりと、
佐幇 サポー ; サポート ;
、 できるようになります❗ 。

本書では、 イラストで、わかりやすく、
さらに、 子どものための食事の、
コツ、や、 食材の選び方まで、

鼻水、 お通じ、など、
約 16種類の症状別に、
それぞれに、 効く、
食材 & 栄養素 、 を紹介❗ ;

パワフルで、 元気に、すくすくと、
子どもが育つために、 1家に1冊ある、
これからの食生活が、変わります❗ 。

☆ ビタミン C 、の、 突出害❗
、 や、
不足性ら、 を、
より、 埋め余し得ない、
飲み食いらによる、 万病、
への、 リスク性の増大、
といった物らを、 きちんと、
より、 三石分子栄養学➕藤川院長系、ら、
を、 踏まえ得るようにすべきであり、
人々へも、 それをすすめるべきだ❗。

地域講習でも、 学校ら、での、
より、 公共性のある教育の現場ら、
伝授されるべき、 ものら、だ❗ 。

日本人たちの、 命と健康性との、
あり得る、 福利ら、や、
より、 能くも、 最大限にも、
成すべく、 政府機関ら、や、
役人らに、 政治家ら、などは、
そうした、 公員 クイン 、らは、
自らへの、 主の立場にある、
が、 自らの、 命と健康性、とを、
より、能く、成し付ける、 事ら、などを、
自ら、進んで、 助けるべき、


分析型の、 体系知ら、では、
より、 無い、 体系知ら、は、
より、 公の交信系らから、
事を、 無しに、
それ以外の、 体系知ら、が、
公の交信系らを、 より、

より、 主権者たちの一般の側に、
立つ事のできる、 主権者たちが、
新たに、 法体系らを成し、
より、 実現すべきでもある、
そうした、 あるべき、
できる限り、 自らと、
人々と、 その事らを、 より、
能く、 生かし合えるように、

☆ ビタミン C 、
だけ、 を、 大量に摂取し続ける、
事による、 あり得る、
ビタミン E 、 らへの、
大量な、 摂取らなり、
備蓄なり、 によって、
緩和され得る❗ ;

☆ ビタミン C 、への、
ワクチンら、の、 あり得る、
より、 軽減する ❗
、 との事なので、
ビタミン C 、 などへの、
摂取ら、を、 より、 極端にも、
欠いている、 人々は、
ワクチンら、 による、
副作用ら、の、 度合いら、を、
より、 深刻に、 自らに成し宛て得る、
と、 考えられもする❗ 。

【 その体に、 不具合ら、 が、
余計に、 あれば、ある程に、
より、 大量に摂取しても、
腹が、 より、 下らなくなり、
補酵素 ホコウソ 、な 】、
『 ビタミン C 』 ;
【 C6 ➕ H8 ➕ O6 】 ;

【 人々が、 大量に撮るべき、
ビタミン C 、 などが、
他者から、 その枠内の、 電子を、
自らの側へ、 引き寄せて、 奪う、
電子強盗になる事を、 未然にも、
より、 差し止め、
子宝 ビタミン E1 、 を、
はじめとして、 色々とある 】 ;
『 ビタミン E 』 ;
【 C29 ➕ H50 ➕ O2 】 ;


Don’t want to break alliance, but BJP should keep its word: Uddhav Thackeray

Shiv Sena leader Sanjay Raut says there is no change in the party’s stand on government formation

Prepare for the next financial collapse by learning how to invest

If you think the Global financial collapse is not going to take place, then you have been very misinformed. The next financial collapse is a mathematical certainty. It's not a question of IF but WHEN (much sooner than you think). The following are 3 STRATEGIES you can apply to hedge that RISK: - Buy Gold - Buy Silver - Buy Bitcoin and/or other valuable Cryptocurrencies I understand that you probably have no idea how to buy bitcoin and/or cryptocurrencies, and more importantly do not know how to properly secure them from hackers. That's where I come in. I am very experienced in this space and will teach you step-by-step how to achieve that from the comfort of your home, and will share with you many invaluable tips and tricks. About Crypto Wolf Service: - I am an experienced, honest and trustworthy tutor - I will never take payment in exchange of a cryptocurrency directly - I will teach you how to do this yourself, you are in control of your own money - I’m simply here to carefully guide you through the process of securely acquiring and storing crypto, and highlight to you the do's and don'ts Don’t get caught unprepared for the upcoming financial collapse, you owe it to yourself and your loved ones to be better informed and take the necessary steps to hedge that risk. Get in touch with Cypto Wolf today to learn more about the upcoming financial collapse, Bitcoin and cryptocurrencies (and why they represent the future of money). Don’t procrastinate, you cannot afford to, get in touch now. Crypto Wolf Disclaimer: I am not a Financial adviser, please do your own research before you invest in anything.

Should You Worry About Your No-Fee ETFs and Trades?


We’ve all heard the best things in life are free, but when it comes to your investments, is “free” a good thing? Recent changes announced by investment firms may have you confused about how you’re supposed to manage your nest egg.



Warn Your Parents: Medicare Open-Enrollment Scams Are Coming


Open enrollment season is here, the time of year when just about everyone can make changes to their health care coverage without the restrictions you’d face the rest of the year. And while you may feel confident about the process for making changes to your own healthcare, do you know who is particularly at risk to get…



MESH Interview with Devin and Brianna Mahoney of UTCA

At our recent MESH event (Makers Entrepreneurs Students & Hackers) we interviewed Devin and Brianna Mahoney – founders of the Uptown Theater for Creative Arts UTCA). We talk about their journey from Utica to Hollywood and back to Utica – as well as what’s in store for this historic building.

Analyst Discusses Reporting Hack Of Computer System At Indian Nuclear Reactor | Avast


This week a report of hackers gaining access to an Indian nuclear power plant's computer network led to alarm, confusion, and denial before officials admitted the hack took place. The threat analyst who reported the issue experienced a unique vantage point in the middle of that furious cybersecurity news cycle. 


Amazon, Xiaomi, Sony, and Samsung quickly defeated in Pwn2Own hacking competition


The first day of the Pwn2Own hacking contest held in Tokyo has concluded, and a dual-member team of white-hat hackers by the name of Fluoroacetate cleaned up the house. After successfully hacking past numerous devices from multiple manufacturers, such as Samsung and Xiaomi, the team collected a bounty of $145,000 and secured a commanding lead in the contest after accruing 15 Master of Pwn points.

Pwn2Own is an annual computer hacking contest that started in 2007, and its name is derived from the fact that contestants must "pwn" or hack the device in order to "own" or win it.

Read More

Amazon, Xiaomi, Sony, and Samsung quickly defeated in Pwn2Own hacking competition was written by the awesome team at Android Police.


Nuevo emotet aun poco detectado, con mucha picardia del hacker tanto en el asunto como en el nombre del fichero anexado


El típico EMOTET, que tanto está proliferando, nos acaba de llegar usando un asunto para el mail y nombre de fichero anexado que pocos usuarios se van a resistir, por mas que digamos que no se abran ficheros recibidos en mails no solicitados ... :(



Date sent: Wed, 06 Nov 2019 04:47:14 -0600

From: en primer lugar figura el remitente infectado a quien el virus ha capturado las direcciones de envio y en segundo lugar el que envia realmente el mail, en este caso de Argentina : <>

To: destinatario al que se reenvia el mail con virus

Subject: Queja OR1320


Queja sobre el comportamiento de los empleados.


anexado: Reclamación.doc ---> fichero con macros maliciosas que instalan el EMOTET (que al ser un downloader puede descargar un TOTBRICK, o un Ransomware como el RYUK, etc)


El preanalisis de virustotal ofrece el siguiente informe:

Y viendo que Kaspersky aun no lo detectaba, ya le hemos enviado muestra del DOC para que obre en consecuencia, y McAfee ya lo detecta con el Appliance, por lo que pronto lo controlará la versión EndPoint

Evidentemente se trata de un fichero de Word con macros, como es habitual con el EMOTET:

Recordar tres puntos para evitar infectarse con este virus:





Recordamos que el EMOTET está en auge, siendo nº 1 en infecciones desde primeros de Octubre 2019 !!!


Esperamos que lo indicado les sea de utilidad


ms, 6-11-2019

Nuclear Throne y Ruiner están gratis en la Epic Games Store


Ruiner y Nuclear Throne son los juegos gratis de esta semana en la Epic Games Store.

Nuclear Throne es un shooter 2D post-apocalíptico con componente roguelike; es uno de nuestros juegos favoritos de los últimos años en la redacción.

Ruiner comparte perspectiva y disparos, pero con un estilo mucho más violento y una historia que nos pone a los mandos de un psicópata que se enfrenta a un sistema corrupto con la ayuda de una hacker.

Leer más...


Terobsesi Jadi Hacker? Ini 5 Film Tentang Hacker Paling Seru

Mungkin kamu selama ini mengira kalau hacker cantik dan hacker cilik hanya ada di dalam film saja kan? Ternyata nggak juga loh gaes. Mereka memang ada di kehidupan nyata, hanya saja mereka tidak terlalu dipublish di media sehingga tidak banyak yang tau. Melalui film juga, banyak yang terobsesi menjadi seorang hacker. Padahal untuk menjadi seorang […]

(Ficarra e Picone) - Commedia - Film Completo HD 2019 ITA @1


# New Movie # Watch Movie 2019 # domestic movie # foreign Movie # Watch movie in Italian doppiaggio Hd # drama # science fiction # horror # thriller # HD # New
film watch 2019,
proiezione di film,
avventura cinematografica,
film di animazione,
guarda il film divertente,
film thriller,
guarda il film emotional,
film watch comedy 2018,
tracce di film,
film di famiglia,
guarda il film La Luna,
guarda il film action thriller,
film watch action Turkish doppiato singolo binario 2018,
guarda il film militare,
guarda il film Love Drama,
guarda il film, Azione, Fantascienza,
guarda il film Love Italian,
biografia film,
guarda il documentario,
guarda barbie film,
guarda il film Ice Age,
guarda il film, fantascienza avventura,
guarda il film, fantascienza, commedia,
guarda il film sci-fi horror,
guarda il film Mio padre e mio figlio.,
guarda la compagnia cinematografica,
guarda il film b,
guarda il film China,
guarda il film ,
guarda il film porta via il,
Guarda film on-line,
guarda il film Hell.,
guarda il film La Strega,
hole movie,
guarda il film christmas,
Guarda film in italiano doppiaggio com,
Guarda film in Blocco C,
Cartone Animato,
The Great Wall of China Movie,
guarda il film che balla con i coyote 4 pieni,
guarda il film Chichewa,
film Cinese,
guarda il film "pugni d'acciaio",
il film Lo Sciacallo,
guarda il film Gallipoli,
guarda il film behzat C,
zgi, Guarda film c I,
guarda il film La religione,
guarda il film Disney,
guarda il film Crazy,
guarda il film deadpool,
love the drama The Movie,
guarda il film resurrection,
guarda il film,
guarda il film terremoto,
the movie is the best,
guarda L'ultimo film,
guarda il film il meglio,
Guardare film da soli a casa,
guarda vecchi film italiani,
Guarda Dragon,
guarda la leggenda del film,
nuovi trucchi per i vecchi film di cani,
guarda i film il più bello essere,
Guarda il film completo italiano,
Film italiano,
Film Watch fantastic 2018,
guarda il film, fantasy adventure,
il tipo F Guarda il film completo,
guarda il film Mystery,
guarda il film Mystery,
meteorite guarda il film,
cognata del cinema,
i veri cattivi del film,
guarda il film grattacielo,
guarda il film, thriller, horror,
film thriller d'avventura,
guarda il film L'Hacker,
film sulla prigione,
Guarda film Hindi,
guarda il film "Lo Hobbit",
felice di vedere il film,
guarda l'intera avventura del 2019 nel doppiaggio italiano in hd,
action movie watch HD,
Guarda film, italiano doppiaggio Indiano,
Film Hercules,
il film di desert island,
Guarda film IMDb rating high,
Guarda film su IMDb 9,
guarda il film La guerra in Iraq,
guarda un film non lasciare che le luci si spengano,
guarda il film,
guarda il film e l'Isola riproduttiva,
Guarda film su imdb high,
Guarda film su IMDb 10,
Film in inglese,
guarda il film iran,
guarda il film,
guarda islamico,
guarda il film imdb
Il film "2019","confine guarda","film con i sottotitoli","regione","a guardare un film horror"nuovo"film","film horror 2019","mistero"film","scary movie","guarda un film fantastico, avventura","horror","leggenda cinematografica","sulla rete a guardare il film""film in hd","2019"film","film","film di fantascienza","orrore"guardare"regione di frontiera","miglior film horror","film""film horror"guardare il film completo italiano","l'orrore video""il migliore dei migliori film da vedere","guardare il film, trattenere il respiro","il confine del Mondo","il filmato qui monitorati"Tuttapposto","giorno più bello","le quattro volte","La Grande Bellezza","Perfetti Sconosciuti"," Il buono, il brutto, il cattivo
film completo ita,
film completo in italiano 2019,
film completo in italiano azione,
film completo azione,
film completo in italiano per bambini,
film completo in italiano amore,
film completo in italiano 2018,
film completo in italiano disney,
film completo in italiano,
film completo in italiano after,
film completo aldo giovanni e giacomo,
film completo alberto sordi,
film completo amore,
film completo after,
film completo adriano celentano,
film completo animazione,
film completo avventura,
film completo amici miei,
film completo aladdin,
a film completo italiano,
film completo benvenuti al sud,
film completo barbie,
film completo bud spencer,
film completo benvenuti al nord,
film completo bombolo,

Logitech VDP


Welcome to Logitech's Vulnerability Disclosure Program!

Please note this program does not provide monetary rewards for bug submissions, and it is used for responsible disclosure purposes only.

Here at Logitech we are committed to providing secure products and services to our customers. If you believe you have discovered a potential security vulnerability with any of Logitech's systems, products and/or services, we look forward to receiving your submission, and appreciate your help in disclosing the issue to us responsibly.

This program is dedicated to suspected security issues that may affect Logitech customers, systems, products and/or services. If you're having issues related to your Logitech product or a Logitech-related account, then please visit our Support Center __.

Logitech looks forward to working with the security community to find security vulnerabilities in order to keep our business and customers safe.

Disclosure Policy

  • Our customers' privacy, data confidentiality and integrity is crucial at Logitech. You agree that you will not disclose vulnerability information reported to Logitech to any other third party. Public disclosure may be allowed upon request, and only after granted written permission to do so from Logitech, through this program. In such cases, we endeavor to grant such permission within four weeks from the release of the fix that addresses the discovered vulnerability.
  • Follow HackerOne's disclosure guidelines __.


  • Please submit a detailed description of the issue, and the steps required to reproduce what you have observed. In doing so, please make every attempt possible to protect our customers' privacy, data confidentiality, and integrity - we very much value your assistance in preserving those. Please understand that we cannot work with anyone who violates applicable laws or regulations, attempts to exploit a security issue or access other users' data - in other words, violate this policy.


Upon receipt of your report, we endeavor to review and address any security issues in a timely manner. We will communicate with you during our investigation and upon resolution, as needed, and will try to keep you informed about our progress throughout the process.

Program Rules

  • Please provide detailed reports with reproducible steps.
  • Submit one vulnerability per report, unless you need to chain vulnerabilities to provide impact.
  • When duplicates occur, we only recognize as valid the first report that was received (provided that it can be fully reproduced).
  • Multiple vulnerabilities caused by one underlying issue are considered one issue.
  • Social engineering (e.g. phishing, vishing, smishing) is prohibited.
  • Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service. Only interact with accounts you own or with explicit permission of the account holder.

Out of scope vulnerabilities

When reporting vulnerabilities, please consider (1) attack scenario / exploitability, and (2) security impact of the bug. The following issues are considered out of scope:

  • Denial of service attacks
  • Password cracking attempts, including but not limited to: brute forcing, rainbow attacks, word list substitution, pattern checking
  • Clickjacking on pages with no sensitive actions
  • Unauthenticated/logout/login CSRF
  • Attacks requiring MITM or physical access to a user's device
  • Previously known vulnerable libraries without a working Proof of Concept
  • Comma Separated Values (CSV) injection without demonstrating a vulnerability
  • Missing best practices in SSL/TLS configuration.
  • Social engineering attacks (including phishing, vishing, smishing)
  • Software version disclosure
  • Issues requiring direct physical access to hardware (with the exception of hardware vulnerabilities)
  • Flaws affecting out-of-date browsers and plugins
  • Email enumeration / account oracles
  • CSP Policy Weaknesses
  • Email Spoofing
  • Content spoofing and text injection issues without showing an attack vector/without being able to modify HTML/CSS

Safe Harbor

Any activities conducted in a manner consistent with this policy will be considered authorized conduct and we will not initiate legal action against you. If legal action is initiated by a third party against you in connection with activities conducted under this policy, we will take steps to make it known that your actions were conducted in compliance with this policy.

Thank you for helping keep Logitech and our customers safe!


Q: What do you do with leftover IKEA hardware?


Over at the IKEAhackers Community FB Group, Christina posted an interesting question: “What do you all do with leftover IKEA hardware? I have so many bits of things even for pieces I no longer own … any suggestions?” She mentions that she is selling some of the leftover … “but all the little screws, etc. […]

The post Q: What do you do with leftover IKEA hardware? appeared first on IKEA Hackers.


IKEA illuminated bookshelf – Let there be light!


This is the story on how I built a BESTÅ + LACK illuminated bookshelf. It all started because I had an empty wall in my living room and needed to decorate it: before We looked into several possibilities and came up with a decision to make an embedded bookcase. Settled the design and asked around for prices […]

The post IKEA illuminated bookshelf – Let there be light! appeared first on IKEA Hackers.


Svar: Gider du kaste et blik på min webshop og give den karakter på en skal fra 1-10.


Pineapple Developers:

1. Din webshop er ikke krypteret. dvs ved kortbetalinger kan hackere se kortoplysninger. Det er et no go.

Det er ikke shoppen du indtaster kortoplysningerne i, men derimod hos en indløser, så det er indløserens platform, som skal sikres i det tilfælde. Dog bør siden have et SSL certifikat installeres, men det er af alle mulige andre grunde end lige netop kortbetalinger. :)

Ellers er jeg meget enig i kommentarene. På checkouten ville jeg samle nogle af betalingsmulighederne. Det bliver let forvirrende at skulle forholde sig til dankort to gange, MasterCard tre gange osv. 

Jeg ville give godkend knappen en anden farve - evt. grøn så den siger "Se mig, du må gerne klikke".

Med venlig hilsen
Kristian Kristensen


Svar: Gider du kaste et blik på min webshop og give den karakter på en skal fra 1-10.


Hej Kim,

Det er dejligt at høre at alder ikke er din akilleshæl i forhold til at have drive på at drive virksomhed. 

Vi har bemærket et par ting vedr. din webshop, som desværre er nogle almene problematikker rundt omkring. 

1. Din webshop er ikke krypteret. dvs ved kortbetalinger kan hackere se kortoplysninger. Det er et no go.

2. Du bruger nok et template, hvilket desværre gør at hjemmesiden ikke er optimeret i forhold til load hastighed. 

3. Selve designet, dvs igen templatet føles ikke rigtigt personligt. Det er selvfølgelig en kunstner smag, men din webshop skulle jo gerne være personlig ud fra din filosofi, men et standard template gør bestemt ikke det. 

4. Som nævnt tidligere af anden bruger, så er der problemer med dit domæne.

Ellers dejligt at du er aktiv og har en passion.


Become an Ethical Hacker Bonus Bundle (92% discount)

You hear about it all the time: companies getting hacked, having their websites shut down or their customers’ data compromised. When that happens, it’s time to call in ethical hackers to break into network systems, evaluate their security, and propose solutions. After this course you’ll be well on your way to being one of these…

The Complete White Hat Hacker Certification Bundle (96% discount)

If you’re serious about becoming an ethical hacker, you’re going to need to know Metasploit. One of the most popular pentesting frameworks out there, Metasploit empowers cybersecurity pros to verify vulnerabilities, manage security assessments, and more while staying ahead of their cybercriminal foes. Let this course serve as your Metasploit primer, starting you off with…

Komentar di CB 1D-AI 3D-OFF 2D Sabtu oleh naenggolan


Komentar di AI 4D Jumat oleh naenggolan


Komentar di CB 1D Jumat oleh naenggolan


Worldwide spending on security products and services set to reach $151.2 billion in 2023

"Considering there have been many attempts for hackers to acquire funds from banks, the banking industry is expected to spend the most on security solutions."

Face Cachee D Internet Hackers Dark Net Rayna

Face Cachee D Internet Hackers Dark Net Rayna

Backdoor Could Be Used On Microsoft SQL Without Detection

If you haven't heard of Skip-2.0 yet, prepare to be dismayed. Security researchers have recently discovered an undocumented (until now) backdoor designed for Microsoft SQL servers. It will allow a hacker working ...

Are Hackers Using Popular Assistant Devices To Listen To Users?

The utility of virtual assistants like Amazon's Alexa and Google Home are undeniable.  They're just genuinely handy devices to have around. Unfortunately, they're also prone to abuse and exploits by hackers and ...


THACKER Le Bucket Mini 6lQEEQDD8EDaSKU: #9269438Mesmerize your onlookers when you add the shining THACKER™ Le Bucket Mini bag to your outfit.Made of leather with texture detail.Magnetic closure. Dual ring carrying handles with detachable chained crossbody strap.Exterior slip pocket.Signature logo detail at front.Protective metal foot base.Lined interior. Interior slip pockets. Imported. This product may have a manufacturer's warranty. Please visit the manufacturer's website or contact us at for full manufacturer warranty details.Measurements: Bottom Width: 5 1⁄2 in Depth: 3 in Height: 6 1⁄4 in Strap Length: 46 in Strap Drop: 23 in Handle Length: 11 in Handle Drop: 3 1⁄2 in Weight: 15.2 oz

Buy Now

THACKER Claire Small Shopper vmyjfP8W5Ws4

THACKER Claire Small Shopper vmyjfP8W5Ws4SKU: #9296665Indulge in style that makes an entrance, the THACKER™ Claire Small Shopper.Made of leather. Magnet closure. Dual rolled carrying handles with detachable shoulder strap.Exterior back slip pocket.Signature logo detail at front.Lined interior.Interior zip and slip pockets. Imported.This product may have a manufacturer's warranty. Please visit the manufacturer's website or contact us at for full manufacturer warranty details.Measurements: Bottom Width: 8 1⁄4 in Depth: 3 3⁄4 in Height: 10 in Strap Length: 31 in Strap Drop: 16 1⁄2 in Weight: 1 lb 7.2 oz

Buy Now

THACKER Le Pouch Crossbody kf78HX3tESOs

THACKER Le Pouch Crossbody kf78HX3tESOsSKU: #9269436Complete your look with the poised and creative THACKER™ Le Pouch Crossbody bag. Made of leather. Magnetic snap closure. Dual ring handles with detachable, adjustable crossbody strap.Signature logo hardware detail at front. Lined interior. Interior zip pocket. Imported. This product may have a manufacturer's warranty. Please visit the manufacturer's website or contact us at for full manufacturer warranty details.Measurements: Bottom Width: 9 3⁄4 in Depth: 1⁄2 in Height: 8 1⁄4 in Strap Length: 43 in Strap Drop: 21 1⁄2 in Handle Length: 8 in Handle Drop: 4 in Weight: 10 oz

Buy Now

Las 10 mujeres más fuertes del anime

[ad_top1 class="mb40"]
[sourceLink asin="" asin_jp="B00IK8D5AG" text="" url="" ]

La frase "chicas anime" evoca imágenes de cuerpos con poca ropa, mujeres lindas pero despistadas, completo con un festín de escotes y tiros de panty. Muchas series cuentan con personajes femeninos con un enfoque sexual para complacer al público masculino. A la luz de esto, sería sorprendente encontrar que todavía hay algunas féminas que son fuertes. Hay tantas que de hecho, seleccionar sólo diez para este artículo fue un desafío. Puedo decir con certeza que aquí les hice una lista de los diez personajes femeninos más fuertes en el anime.

[ad_top2 class="mt40"]

10. Akane Tsunemori de Psycho-Pass

[sourceLink asin="" asin_jp="B00P8WV98M" text="" url="" ]
[Information episodes=" 22 " aired="octubre 2012 a marzo 2013" language="es"]

Akane entra en la Oficina de Seguridad Pública como una recién graduada y la mejor en su clase. Aunque preparada intelectualmente, ella no tiene experiencia. Tiene ojos saltones, es compasiva y pequeña en estatura, ella parece una candidata poco probable para estar en esta lista. A pesar de todo esto resulta que ella es capaz de resistir tragedia y adversidad contra viento y marea. Mientras que ella conserva su fuerte inclinación moral inicial como una faceta de su carácter, se adapta y se hace más fuerte volviéndose un valioso miembro de su equipo. A pesar de los desafíos que enfrenta ella utiliza estas experiencias para crecer. Akane está hecha de un material más duro que el resto de su elenco y se mantiene en donde otros pueden fallar, por eso recibe un lugar en esta lista.

psycho pass akane tsunemori wallpaper

9. Riza Hawkeye de Fullmetal Alchemist

[sourceLink asin="" asin_jp="B0002ZEOCI" text="" url="" ]
[Information episodes=" 51 " aired="octubre 2003 a octubre 2004" language="es"]

La teniente Riza Hawkeye es una soldada muy respetada y una especialista de armas de fuego. Ella es una mujer de éxito en un escenario dominado por los hombres. Aunque su rango es el primer teniente, a menudo es la voz de la razón de sus superiores. Aunque es respetuosa no tolera ningún tipo de tonterías, incluso de aquellos con rangos más altos. Ella es apasionada y enfocada - después de todo, se requiere de mucha disciplina para aprender a disparar de la forma en que lo hace, y su reputación de precisión mortal es inigualable. Ella es callada, aunque no se queda callada si tiene una opinión importante. Ella trata a sus palabras como sus balas - dispara sólo cuando sea necesario y con precisión. Ella se hace notar, impone respeto, y se gana un lugar en esta lista.

fullmetal alchemist riza wallpaper

8. Re-L Mayer de Ergo Proxy

[sourceLink asin="B00176LTYM" asin_jp="" text="" url="" ]
[Information episodes=" 23 " aired="febrero 2006 a agosto 2006" language="es"]

Re-L Mayer trabaja para la Oficina de Inteligencia como investigadora, y es muy capaz. Ella tiene una personalidad muy seria, lo que probablemente puede atribuirse a su amplia formación en el gobierno. A pesar de que normalmente presenta un exterior frío ella es muy inteligente y curiosa, a menudo empujando los límites sociales. En una ciudad donde la mayoría de la gente está sin un pensar compatible, ella no tiene miedo a ser la oveja negra. Ella se atreve a desafiar al mundo a su alrededor, hacer preguntas y buscar respuestas. Cuando ella se compromete a algo cumple con su palabra y tiene una determinación de acero. Su tenacidad y curiosidad innata es lo que la pone en esta lista.

ergo proxy highlight1

7. San de Mononoke Hime [Español: La princesa Mononoke]

[sourceLink asin="B01COZGWLY" asin_jp="" text="" url="" ]
[Information episodes="Película" aired="julio 1997" language="es"]

Ningún artículo de chicas fuertes del anime estaría completo sin mencionar al estudio Ghibli. Casi todas las películas que se me ocurren presentan una protagonista femenina fuerte, desde Nausicaä del Valle del Viento hasta El Castillo Ambulante. La más ejemplar y posiblemente más famosa es San de La Princesa Mononoke, la princesa lobo. Los orígenes de San son desconocidos. Ella vive en el bosque, donde fue criada por lobos y se considera a sí misma como una de ellos. Esta crianza hizo que se volviera una fiel guardián de la naturaleza. En muchas ocasiones, ella demuestra su voluntad de proteger el bosque a riesgo de su propia vida. Su dedicación a lo que ella cree y la ferocidad con la que protege a la naturaleza, gana un lugar aquí.

mononoke hime san wallpaper

6. Teresa de Claymore

[sourceLink asin="" asin_jp="B000T7QD6Y" text="" url="" ]
[Information episodes=" 26 " aired="abril 2007 a septiembre 2007" language="es"]

Teresa se considera que es la más fuerte de su especie. Como Claymore, posee habilidades de combate excepcionales, así como aptitudes sensoriales únicas. Además de poseer una enorme cantidad de energía, la ejerce con una falta total de conciencia, hasta que comienza a obtener una perspectiva diferente. Posiblemente Teresa es una de las más fuertes féminas de todos los tiempos en términos de habilidades de combate y poder puro y duro. Inicialmente, ella ejerce este poder sin piedad. Sin embargo, el desarrollo de su personaje evoluciona a través de la serie hasta mostrar su potencial de fortaleza moral, que asegura su lugar en esta lista.



5. Sarasa de the Legend of Basara

[sourceLink asin="B0084IMU1W" asin_jp="" text="" url="" ]
[Information episodes=" 13 " aired="abril 1998 a junio 1998" language="es"]

Sarasa lo pierde todo cuando su pueblo es destruido en un solo día. En esta tragedia, su hermano también pierde la vida. El niño que fue profetizado a ser la última esperanza de la gente ha muerto. Esto sería devastador, si alguien se enterara. En un acto de tremenda valentía, Sarasa se corta el pelo, asume la identidad de su hermano, y nunca mira hacia atrás. Sarasa es un personaje complejo. Ella se ve obligada a vivir como su hermano en lo que comienza como un esfuerzo para proteger a los que ama, pero con el tiempo se convierte en un asalto total contra un régimen de un gobierno corrupto. Al mismo tiempo, ella sigue siendo una adolescente. Ella es fuerte e infinitamente compasiva, es un personaje con quien fácilmente te identificarás; esto la pone en la lista.

legend of basara sarasa wallpaper

4. Sir Integra Fairbrook Wingates Hellsing de Hellsing Ultimate

[sourceLink asin="B000TMDFXI" asin_jp="" text="" url="" ]
[Information episodes=" 10 " aired="febrero 2006 a diciembre 2012" language="es"]

Sir Integra Fairbrook Wingates Hellsing fácilmente podría estar muerta. Y después de ver lo más inimaginable que un infante pudiese ver, ella podría haberse dado por vencida. En cambio, convirtió la adversidad en ventaja, asumiendo la posición de su difunto padre como jefa de la Organización Hellsing, y transformó su subyugación en justicia. Mientras que ella aceptó su posición en el poder a temprana edad, ella se ha ganado el respeto de los que la rodean. Además de su papel de liderazgo, también pasa a ser la dueña de uno de los vampiros más poderosos en la Tierra. Ella es inteligente, ingeniosa y determinada, fácilmente asegura su lugar en esta lista.

hellsing integra hellsing wallpaper

3. Mikasa Ackerman de Shingeki no Kyojin [Español: Ataque a los titanes]

[sourceLink asin="" asin_jp="B00GUBOET6" text="" url="" ]
[Information episodes=" 25 " aired="abril 2013 a septiembre 2013" language="es"]

Mikasa Ackerman, aunque pacífica y tranquila por naturaleza, fue considerada como la más fuerte, más eficiente en batalla que el resto de su equipo de novatos. Ella es muy leal a sus amigos y familia sustituta. Arriesgaría su vida para protegerlos sin pensarlo dos veces. Esta lealtad extrema es la razón principal por la que se unió a la lucha contra los Titanes. La vida de Mikasa era una tragedia traumante mucho antes de que lidiara con los Titanes. Después de que se le arrebato todo y presenciar una verdadera atrocidad; emerge de las cenizas y agarro armas para proteger a la humanidad. Esta determinación y fuerza de carácter hacen de ella una de las más fuertes féminas en el anime.

attack on titan mikasa fanart
[sourceLink url=" " a_text=" Mikasa Ackerman Fan Art"] [/hide]

2. Revy de Black Lagoon

[sourceLink asin="" asin_jp="B009JZH8R0" text="" url="" ]
[Information episodes=" 12 " aired="abril 2006 a junio 2006" language="es"]

Revy es una mercenaria de la Compañía Lagoon. Ella no tiene miedo de decir lo que piensa, y esta marca de honestidad a veces la pone en aprietos. Ella tiene mucho respeto por sí misma, tanto que casi rayana en la arrogancia. Ella es un rival muy diligente y dificil de enfrentar si alguna vez fueras el blanco de sus pistolas. Inicialmente, no se sabe mucho sobre el pasado de Revy. Esto se aclara en el transcurso de la serie, que sirve para demostrar su firme determinación. Como su personaje se desarrolla a través de toda la serie, sus defectos son explorados a través de la introspección. Es esta combinación de carisma temeraria, determinación, y la profundidad de carácter la pone en el segundo lugar de esta lista.

revy black lagoon

1. Major Motoko Kusanagi de Ghost in the Shell: Stand Alone Complex

[sourceLink asin="" asin_jp="B007PM4JEO" text="" url="" ]
[Information episodes=" 26 " aired="octubre 2002 a marzo 2003" language="es"]

Mayor Motoko Kusanagi, un cyborg femenino, es el protagonista de la serie Ghost in the Shell. Como resultado de su amplia formación militar y artes marciales junto con sus implantes cyborg, sus capacidades físicas e intelectuales superan a la de un humano común. Poco se sabe acerca de sus antecedentes, ella está envuelta en una gran cantidad de misterio. Ella es una líder fuerte y eficaz, imponiendo respeto para su competencia y tiene un fuerte sentido de independencia. Además de ser un oponente formidable y tener una gran experiencia en combate, sus habilidades como un hacker son épicas. Su fuerza, determinación e intelecto son impresionantes, poniéndola en el primer lugar de esta lista.

ghost in the shell motoko kusanagi wallpaper

ghost in the shell Koukaku Kidoutai Highlight 3 the GitS universe

Palabras finales

Contrario a la opinión popular, el anime está lleno de fuertes modelos femeninos. Estos personajes son admirables, superan desafíos y muestran una extraordinaria determinación y fortaleza. Hay muchas series donde los personajes femeninos son representados como objetos y son altamente sexualizadas, creando la lamentable percepción ficticia de cómo se deberían ver las chicas en el anime. Espero que este artículo te haya mostrado la luz y clarificación de este error tan común. Muchos personajes notables no hicieron el corte, así que sientete libre de compartir tus personajes favoritos en los comentarios de abajo.

[author author_id="021" author="" translator_id="002"] [ad_bottom class="mt40"]
[recommendedPost post_id='42323' url='' title='' img='' class=''] [recommendedPost post_id='43989' url='' title='' img='' class=''] [recommendedPost post_id='219903' url='' title='' img='' class='']

Amazon fixes Ring Video Doorbell wi-fi security vulnerability

Instead of securing the home, the Ring Video Doorbell could have given hackers access to the user's wi-fi network. Fortunately, security researchers discovered the flaw, and Amazon patched it.

Kudankulam cyber attack: North Korean hackers stole technology data


Suspected North Korean hackers stole technology-related data from the computers at Kudankulam Nuclear Power Plant. The cyber attackers, who deployed a malware designed for data theft, were backed by the North Korean government, said IssueMaker Labs, an expert group of malware analysts based in South Korea. “We have found that Nuclear Power Plant technology-related data […]

The post Kudankulam cyber attack: North Korean hackers stole technology data appeared first on Netive.


If Balasaheb Thackeray Were Alive Today…”: Rohit Pawar


Nationalist Congress Party (NCP) leader Rohit Pawar hit out at BJP-Shiv Sena alliance over the delay in government formation saying the “recent skirmishes” between the NDA partners are an “insult to democracy.” In a Facebook post, he said that he respects Balasaheb Thackeray and questioned if the BJP would have been “so brave” if the […]

The post If Balasaheb Thackeray Were Alive Today…”: Rohit Pawar appeared first on Netive.


Commentaires sur Basketball Stars par Pipo

Note15 tres bon jeux adictif mais parcontre que de bug et de hacker sur se jeux jai vu des contreur en 1vs 1 balancé la balle a lenvers et apres c a lui de lancé et il marque tous les pts alors quand tu mise 500 000 cash de mise dans le niveau 150 carriere t degouté de les perdre comme ça quil fasse la chasse au hacker il se de regardé leur nivo par rapport a ce quils ont gagné en gain(jai vu balle nivo 1 nivo 15 dexperience et avoir deja 520millions de cash faut pas dec)d record de 169 au lancé avec precision nivo 1 .moi jai mis plus de 150 euro dans se jeux toute mes carte sont a fond ou presque nivo 5 et il manque juste 2 carré a ma balle demente mais jvais arrétté de misé et de joué ya des joueurs qui sont au nivo 1ou2 qui vont plus vite dans le deplacement au contre que moi ou qui ont allez 8fois sur 10 4ou 5 balle bleu de chance de + et qui tire aussi vite! du grand nimporte quoi et pourtant jme demerde bien par dessus ça quil regle ces gros probléme de justesse et justice sinon je ne mise plus rien si ça change rien de mettre du pognon.mais bon on diré quil font jamais de mise a jour alors que le jeux doit leur rapporté vu tous les joueur et hacker !alors bougé vous la ré sinon le jeux est tres bien c domage.

Pocket Style Manual 6th Edition By Hacker Diana Sommers Nancy 2011 Spiral

Pocket Style Manual 6th Edition By Hacker Diana Sommers Nancy 2011 Spiral



Episode 241: How a smarter edge can make schools safer

This week on the show, Kevin and I started with a discussion of reports of how smart speakers can receive remote commands from a hacker with a laser. We then shifted gears to talk about company research showing how much data your smart homes are sending and a brand new network product from Firewalla. Cortana’s … Continue reading Episode 241: How a smarter edge can make schools safer

Pozor na podvodníky, posílají důvěryhodně vypadající e-maily i SMS

E-mail, který vás nutí ke změně hesla k internetovému bankovnictví, SMS o zablokované platební kartě či vyděračská zpráva o zveřejnění vašich dat mají jedno společné. Vytvořili je podvodníci, aby se dostali k vašim penězům, datům nebo obsadili vaše zařízení. Problém je, že mohou být velice důvěryhodní.

Как это было: финал чемпионата Яндекса по спортивному программированию


Каждый год Яндекс проводит Алгоритм — чемпионат по спортивному программированию с денежными призами. Это масштабное состязание, которое длится несколько месяцев. Сначала участники набирают очки в интернет-раундах, а затем лучшие встречаются в финале — по его итогам определяются победители.

Финалисты Яндекс.Алгоритма в петербургском офисе Яндекса

В этом году финал Алгоритма состоялся 20 мая в петербургском офисе Яндекса. В нём поучаствовали 24 человека из восьми стран: России, Беларуси, Китая, Латвии, Польши, США, Украины и Японии.

Бейджи участников состязания

Финальный раунд Яндекс.Алгоритма стартовал в 11 утра. За два с половиной часа участникам предстояло найти решения шести задач.

Перед началом финального раунда

Все задачи смог решить только один финалист — Геннадий Короткевич, который и стал победителем чемпионата. Это уже пятая победа Гены на Яндекс.Алгоритме.

Геннадий Короткевич на финале Яндекс.Алгоритма-2018

Короткевич, представлявший на состязании Беларусь, сейчас заканчивает магистратуру ИТМО. Он неоднократно занимал первые места на Google Code Jam, Facebook Hacker Cup, Topcoder Open и других престижных соревнованиях. В составе команды ИТМО он дважды выиграл международную студенческую олимпиаду по программированию ACM-ICPC и шесть раз получал золотую медаль на Международной олимпиаде по информатике, в которой участвует с 12 лет.

Геннадий Короткевич с кубком Яндекс.Алгоритма-2018

Второе место занял студент факультета компьютерных наук НИУ ВШЭ Алексей Данилюк, а третье досталось Михаилу Ипатову, который учится на мехмате МГУ. Оба участника решили по пять задач, но Алексей набрал меньше штрафных баллов.

Для участия в финале приезжать в Петербург было необязательно — некоторые финалисты состязались по интернету

Алексей Данилюк — тренер команды НИУ ВШЭ по спортивному программированию и лауреат стипендии имени Ильи Сегаловича 2017 года. Михаил Ипатов — член команды МГУ Red Panda, которая в этом году выиграла олимпиаду ACM-ICPC.

Кубки Яндекс.Алгоритма

Яндекс.Алгоритм-2018 прошёл в новом формате. Помимо традиционного алгоритмического трека чемпионат включал в себя ещё два состязания: оптимизационное и по машинному обучению.

Оптимизационный трек включал два раунда, которые состоялись в марте-апреле. Конкурс по машинному обучению стартовал 30 марта и длился 24 дня

Оптимизационный трек выиграл представитель Венгрии Андрей Токарев, а победителем соревнования по машинному обучению стал россиянин Денис Антюхов, выпускник Московского физико-технического института.

Победители оптимизационного трека

1Андрей ТокаревВенгрия
2Максим ПименовРоссия
3Иван ПоповичРоссия

Победители трека по машинному обучению

1Денис АнтюховРоссия
2Павел ПлесковРоссия
3Илья ЕзеповРоссия
Денис Антюхов, победитель состязания по машинному обучению

Общий призовой фонд Яндекс.Алгоритма — 980 тысяч рублей. Приз за первое место на алгоритмическом треке составил 300 тысяч рублей, за второе — 150 тысяч, а за третье — 90 тысяч. Призёры двух других треков получат соответственно 100 тысяч, 70 тысяч и 50 тысяч рублей. Участникам, которые не заняли призовых мест, но показали хорошие результаты, мы пришлём футболки с символикой чемпионата.


Most Hackers Aren’t Criminals

When asked what his father did for a living, my son explained to his kindergarten teacher that “he steals things, but it’s O.K. because he gets paid to do it.” He wasn’t wrong. I’m a hacker...

seven-cifa essay competition

Luke Hawkins from Santa Clarita was looking for seven-cifa essay competition

Keanu Richardson found the answer to a search query seven-cifa essay competition

[Image: 500x500.jpg]

essay writing service

seven-cifa essay competition
sevendust homework
seventeen magazine essay vol 6
seventeen magazine internship cover letter
seventeen syllables essay
seventeen syllables essays
seventh day adventist essays
seventh grade book reports
seventh grade by gary soto essay
seventh grade essay
seventh grade essay topics
seventh grade gary soto essay
seventh grade homework
seventh grade homework alternatives
seventh grade homework help
seventh grade math homework
seventh grade math homework help
seventh grade math problems
seventh grade persuasive essay
seventh grade persuasive essay topics
seventh grade research paper
seventh grade research papers rober e lee
seventh grade sample essay
seventh grade science homework help
seventh grade term paper topics
seventh seal essay
seventhgrade homework help
seventy nine short essays on design
seventy nine short essays on design ebook
seventy-nine short essays on design
seventy-nine short essays on design by michael bierut
seventy-nine short essays on design download
seventy-nine short essays on design pdf
sever resume
several companies regarding company essay 09l filmbay iiv 441 college l html
several examples of essays
several word study homework
severe paper writing anxiety
severe storm book report
severin hacker thesis
severn cullis suzuki speech essay
severn trent draft business plan
severn trent water business plan
severn trent water draft business plan
severus snape essay
sevikul resume
sewage sludge bricks thesis
sewage treatment plant construction resume
sewage treatment plant thesis
sewage treatment worker and resume

essay writing service
college paper writing service
buy dissertation
argumentative essay topics
write my research paper

simple resume layout samples
spelling homework ideas for 2nd grade
sample business plan for personal services
scholarship proofreading sites uk
rutgers business school resume tips
sri aurobindo the mother essay
stop application resume lion

Nuclear Throne & Ruiner kostenlos im Epic Store ab dem 07.11.2019

Epic Games Store
Moinsen, ab dem 7.11.2019 erhaltet ihr Nuclear Throne & Ruiner kostenlos im Epic Store.

Nuclear Throne - 6,80€
Ruiner - 4,50€

Nuclear Throne is a post-apocalyptic roguelike-like top-down shooter. Not 'the final hope of humanity' post-apocalyptic, but 'humanity is extinct and mutants and monsters now roam the world' post-apocalyptic. Fight your way through the wastelands with powerful weaponry, collecting radiation to mutate some new limbs and abilities. All these things and more you could do if only you were good at this game. Can you reach the Nuclear Throne?

Metacritic 88%

[shortcode id="12385549"/]

RUINER ist ein knallharter Action-Shooter, dessen Handlung in der Cyber-Metropole Rengkok im Jahre 2091 spielt. Ein verkabelter Soziopath schlägt gegen ein korruptes Herrschaftssystem zurück, um die Wahrheit zu entdecken und seinen entführten Bruder zu befreien. Auf seiner Seite:eine geheimnisvolle Hackerin. Verbinde übernatürliche Reflexe und erstaunliche Werkzeuge mit dem Arsenal deiner toten Gegner und bring die Virtuality-Dealer des HEAVEN-Konzerns zur Strecke.

Metacritic 75%

[shortcode id="12385550"/]

Backdoor Could Be Used On Microsoft SQL Without Detection

If you haven't heard of Skip-2.0 yet, prepare to be dismayed. Security researchers have recently discovered an undocumented (until now) backdoor designed for Microsoft SQL servers. It will allow a hacker working ...

Are Hackers Using Popular Assistant Devices To Listen To Users?

The utility of virtual assistants like Amazon's Alexa and Google Home are undeniable.  They're just genuinely handy devices to have around. Unfortunately, they're also prone to abuse and exploits by hackers and ...

Flaw in Amazon's Ring doorbell could have allowed hackers to control homes


Flaw in Amazon's Ring doorbell could have allowed hackers to control homesA security flaw in Amazon's £200 Ring Pro doorbell could allow hackers to control smart devices within a home, security researchers have warned.




New York State Supreme Court Judge Melissa Crane has reinstated a temporary restraining order that prevents the takeover of WBAI by what was in effect a rogue faction of the Pacifica network. On October 7th, the station, which airs the "Off The Hook" hacker program, was forcibly shut down by Pacifica officials without the consent of the Pacifica National Board. Those people have since been either suspended or fired. However, the battle isn't over and the financial crisis at both the station and throughout the network remains a major challenge.

For now at least, it's a time to celebrate. You can stream the station via And next Wednesday, "Off The Hook" returns to the airwaves for the first time since September.



[ FreeCourseWeb com ] Defense against the Black Arts- How Hackers Do What They Do and How to Protect against It zip

Category: Other
Seeds: 5
Leechers: 4
Size: 83.99 MB

More @


Backdoor Could Be Used On Microsoft SQL Without Detection

If you haven't heard of Skip-2.0 yet, prepare to be dismayed. Security researchers have recently discovered an undocumented (until now) backdoor designed for Microsoft SQL servers. It will allow a hacker working ...

Top Stories Today


Top Stories Today

My Friend Mister Rogers

Posted: 07 Nov 2019 07:22 AM PST

I first met him 21 years ago, and now our relationship is the subject of a new movie. He's never been more revered — or more misunderstood.

This posting includes an audio/video/photo media file: Download Now

Here Are Some Insane Slides From SoftBank's Presentation Explaining (?) How It Will Fix WeWork

Posted: 07 Nov 2019 08:56 AM PST

"So this time, the earnings results announcement is not good at all," said SoftBank CEO Masayoshi Son at the start of the company's quarterly earnings call on Wednesday.

This posting includes an audio/video/photo media file: Download Now

Polyglot Bets Random Strangers He Can Speak Their Language

Posted: 07 Nov 2019 06:57 AM PST

Wouter Corduwener speaks many languages and bet random people €5 he could speak theirs. Here's how he did.

This posting includes an audio/video/photo media file: Download Now

Driver Blows Past School Bus With No Intention Of Stopping, Receives Some Instant Karma

Posted: 07 Nov 2019 06:08 AM PST

At the very least, this is an example of reckless driving.

This posting includes an audio/video/photo media file: Download Now

I Was The Fastest Girl In America, Until I Joined Nike

Posted: 07 Nov 2019 05:44 AM PST

Mary Cain's male coaches were convinced she had to get "thinner, and thinner, and thinner." Then her body started breaking down.

This posting includes an audio/video/photo media file: Download Now

I Tried To Get My DNA Back From 23AndMe. Here's What Happened

Posted: 07 Nov 2019 05:24 AM PST

Concerned that my spit sample had already been sold to one of 23andMe's Big Pharma partners, I offered to swing by the office and pick it up myself.

This posting includes an audio/video/photo media file: Download Now

Owner Sleeps In Great Dane's Bed. Great Dane Is Not Happy About It

Posted: 07 Nov 2019 04:26 AM PST

Never mind the countless times the Great Dane has occupied his owner's bed — this is his bed and he will. not. share.

This posting includes an audio/video/photo media file: Download Now

An Elderly Hawaiian Man Died After Falling Into A Lava Tube Hidden In His Backyard

Posted: 07 Nov 2019 05:54 AM PST

"You could be standing on one and not even know it," one volcanologist said.

This posting includes an audio/video/photo media file: Download Now

Why xHamster Is So Much Better At Content Moderation Than Facebook

Posted: 07 Nov 2019 08:23 AM PST

Laws hold the porn industry accountable for dangerous content — and it's thriving nonetheless.

This posting includes an audio/video/photo media file: Download Now

This Dog Has Learned To Talk Using Buttons &mdash; And She Says Exactly What You'd Expect

Posted: 06 Nov 2019 02:06 PM PST

We don't deserve dogs.

This posting includes an audio/video/photo media file: Download Now

Watching This Ceramics Master Make Plates For Michelin-Starred Restaurants Is The Highbrow ASMR You Need Today

Posted: 07 Nov 2019 07:56 AM PST

This is one of those things that looks easy but is actually incredibly difficult to do, isn't it?

This posting includes an audio/video/photo media file: Download Now

Preparing For The Inevitable Thousand-Year Storm

Posted: 07 Nov 2019 08:21 AM PST

Sprawl has made the Baltimore suburb Ellicott City more vulnerable to climate change — in the last three years, it's already suffered two thousand-year storms.

This posting includes an audio/video/photo media file: Download Now

15 Gifts For The Person Who Thinks They're Tougher Than Bear Grylls

Posted: 06 Nov 2019 02:40 PM PST

We've all got that outdoorsy friend. You know, the one who thinks Bear Grylls is weak and Survivorman was staged and if they were stranded out in the woods, they'd create the greatest Discovery Channel show of all time. Well, this holiday season, it's time to call their bluff.

This posting includes an audio/video/photo media file: Download Now

Cat Persuades Owner To Go Outside In The Winter, Immediately Regrets It Once He's Outside

Posted: 06 Nov 2019 07:31 PM PST

This cat is all of us when winter hits.

This posting includes an audio/video/photo media file: Download Now

The New Dot Com Bubble Is Here: It's Called Online Advertising

Posted: 07 Nov 2019 06:05 AM PST

Where he came from, a Super Bowl ad cost three million dollars. Why? Because that's how much it cost. What does it yield? Who knows.

This posting includes an audio/video/photo media file: Download Now

Kid Doing The Worm Behind CNN Correspondent Jim Acosta Steals The Show At Louisiana Trump Rally

Posted: 06 Nov 2019 07:19 PM PST

Before Trump's Louisiana rally could begin tonight, CNN correspondent Jim Acosta was totally upstaged by a talented kid with a sense of humor.

This posting includes an audio/video/photo media file: Download Now

A Photographer's Ode To Everyday Soviet Architecture

Posted: 07 Nov 2019 07:07 AM PST

Areniy Kotov finds inspiration in urban exploration and concrete cityscapes.

This posting includes an audio/video/photo media file: Download Now

What Happens When You Tweet A Death Threat To The President?

Posted: 07 Nov 2019 04:54 AM PST

Quite possibly the worst tweet you can send.

This posting includes an audio/video/photo media file: Download Now

Here's The Teaser Trailer For Pixar's New Film 'Soul,' A Movie About A Jazz Musician Who Accidentally Dies

Posted: 07 Nov 2019 07:18 AM PST

Jamie Foxx plays Joe Gardner, a jazz musician in New York City who embarks on a fantastical journey after he passes away. "Soul" will come out in 2020.

This posting includes an audio/video/photo media file: Download Now

The 2010s' Most Important Games

Posted: 07 Nov 2019 06:41 AM PST

Still a relatively young industry, gaming has mutated massively over the course of the last decade — and it's been a weird 10 years for video games.

This posting includes an audio/video/photo media file: Download Now

'Country Road' Road Sung In A Minor Key Is Freaky (But In A Good Way?)

Posted: 07 Nov 2019 04:44 AM PST

"The place where I belong" is now a haunting, mournful place.

This posting includes an audio/video/photo media file: Download Now

Who Is The Real Dice Man? The Elusive Writer Behind The Disturbing Cult Novel

Posted: 07 Nov 2019 05:20 AM PST

A search for the mysterious author of a counterculture classic led to someone else entirely. Or did it?

This posting includes an audio/video/photo media file: Download Now

Millennials Will Get Sick And Die Faster Than The Previous Generation

Posted: 07 Nov 2019 04:11 AM PST

Physically speaking, we're actually healthier than our predecessors, but statistically, it doesn't really matter.

This posting includes an audio/video/photo media file: Download Now

Watch The Bloodhound LSR Supercar Hit 501 MPH

Posted: 07 Nov 2019 07:57 AM PST

The run is the latest in a series of practice runs as the Bloodhound team attempts to crack the 1000 mph barrier.

This posting includes an audio/video/photo media file: Download Now

Why We Are All Losing Sleep

Posted: 07 Nov 2019 07:31 AM PST

With longer work hours, the rise of the gig economy and smartphone apps competing for our every waking moment, sleep has become the final frontier of consumer capitalism. No wonder we're so tired.

This posting includes an audio/video/photo media file: Download Now

The Mississippi River's Hidden History, Uncovered By Lasers

Posted: 07 Nov 2019 05:59 AM PST

Using hyperprecise LiDAR data, a cartographer maps the river's bends and channels over time with mesmerizing results.

This posting includes an audio/video/photo media file: Download Now

Inside The Microsoft Team Tracking The World's Most Dangerous Hackers

Posted: 07 Nov 2019 04:05 AM PST

From Russian Olympic cyberattacks to billion-dollar North Korean malware, how one tech giant monitors nation-sponsored hackers everywhere on earth.

This posting includes an audio/video/photo media file: Download Now

The Greatest Unknown Intellectual Of The 19th Century

Posted: 07 Nov 2019 06:43 AM PST

Emil du Bois-Reymond proclaimed the mystery of consciousness, championed the theory of natural selection, and revolutionized the study of the nervous system. Today, he is all but forgotten.

This posting includes an audio/video/photo media file: Download Now

Oops, This Teppanyaki Trick Sure Did Not End Well

Posted: 07 Nov 2019 04:29 AM PST

The customer here was meant to catch the egg the chef lobbed at him in his bowl. Let's just say it went a bit sideways.

This posting includes an audio/video/photo media file: Download Now

You Are About To Become A Pocket Projectionist

Posted: 14 Oct 2019 08:19 AM PDT

This mini projector will let you throw an 80 inch image against the wall for movie night everywhere.

This posting includes an audio/video/photo media file: Download Now

The Rise And Fall Of WeWork

Posted: 07 Nov 2019 05:29 AM PST

All of the employees described a similar emotional trajectory working at WeWork. The first stage was romance.

This posting includes an audio/video/photo media file: Download Now

Why Planes Aren't Allowed To Fly Over Lionel Messi's House

Posted: 05 Nov 2019 08:59 AM PST

You might be surprised about the rules governing air space.

This posting includes an audio/video/photo media file: Download Now

The Top-Selling Musician From Each State, Mapped

Posted: 06 Nov 2019 10:44 AM PST

The top-earning music artists from each state in 2019, from Ariana Grande (Florida) to Wiz Khalifa (North Dakota?!).

This posting includes an audio/video/photo media file: Download Now

Attorney General Declined Trump Request To Declare Nothing Illegal In Ukraine Call

Posted: 07 Nov 2019 05:47 AM PST

President Trump asked Attorney General William P. Barr to hold a news conference stating that no laws were broken in his call with Ukraine's president. Mr. Barr declined.

This posting includes an audio/video/photo media file: Download Now

Former Twitter Employees Charged With Spying For Saudi Arabia

Posted: 07 Nov 2019 04:51 AM PST

The case raises concerns about the ability of tech firms to protect users' data from repressive governments.

This posting includes an audio/video/photo media file: Download Now

Timing Is Of The Utmost Importance In This Incredible Bowling Ball Trick Shot

Posted: 06 Nov 2019 12:03 PM PST

The best trick shots are the kind that require teamwork.

This posting includes an audio/video/photo media file: Download Now

Where Do Hippos Wander? An Aquatic Mystery, Solved

Posted: 04 Nov 2019 07:26 AM PST

Hippos need water to survive — and water is disappearing, leading to growing social unrest among the beasts.

This posting includes an audio/video/photo media file: Download Now

After Five Years Of Amazon's Alexa, Why Isn't It Better?

Posted: 06 Nov 2019 01:48 PM PST

Half a decade after its launch, Alexa is a household name. But there's a lingering question: has Amazon's assistant actually become more useful? For me, the answer is a clear "no."

This posting includes an audio/video/photo media file: Download Now

James Dean, Who Died In 1955, Just Landed A New Movie Role &mdash; Thanks To CGI

Posted: 06 Nov 2019 01:27 PM PST

The directors claim that he was perfect for the role, but it's a troubling change in Hollywood.

This posting includes an audio/video/photo media file: Download Now

Company Insiders Are Selling Stock During Buyback Programs And Making Additional Profits When Stock Prices Jump. And It's Legal

Posted: 07 Nov 2019 04:08 AM PST

At least 500 insiders sold their stock during active buyback programs at their companies in a 15-month period.

This posting includes an audio/video/photo media file: Download Now

Billy Eichner Asks A Woman Whether She'd Rather Sleep With Chris Evans Or Paul Rudd &mdash; With Both Of Them Standing Right There

Posted: 06 Nov 2019 11:05 AM PST

Also featuring Chris Evans's worst nightmare: "a bunch of lesbians that don't care that he's hot."

This posting includes an audio/video/photo media file: Download Now

Modern Apartments Have More Fungi Than A Jungle Hut

Posted: 06 Nov 2019 03:00 PM PST

Despite urban dwellers using more cleaning products and antifungals, their homes foster more microbes than rural houses do.

This posting includes an audio/video/photo media file: Download Now

What To Eat Before Making A Big Decision

Posted: 06 Nov 2019 10:33 AM PST

Can carbs derail your entire future?

This posting includes an audio/video/photo media file: Download Now

The Good Internet Is History

Posted: 06 Nov 2019 02:59 PM PST

The internet, notoriously, is the mechanism by which all our most embarrassing and evil deeds live on forever, but it's also a fragile, immaterial place. The keystroke of a petty billionaire could take thousands upon thousands of words away without warning, and the snip of an underwater cable could take it all away irrevocably. But even without such an extinction-level event, what's lost on the internet threatens to be lost for good.

This posting includes an audio/video/photo media file: Download Now

This Chair Is An Optical Illusion, But For Your Entire Body

Posted: 06 Nov 2019 03:18 PM PST

Is Escher missing a chair? This must be his.

This posting includes an audio/video/photo media file: Download Now

I Have No Idea What I'm Doing

Posted: 07 Nov 2019 08:26 AM PST

My washing machine has fourteen settings, but I wash everything on the "casual" setting, because it seems like the least risky one.

This posting includes an audio/video/photo media file: Download Now

This Is What Loneliness Looks Like On Twitter

Posted: 06 Nov 2019 01:50 PM PST

Psychologists are discovering just how much information about our inner states can be gleaned from social media.

This posting includes an audio/video/photo media file: Download Now


Your Card Is Linked To Yet another PayPal Account Documentation

Welcome to the PayPal Enterprise Setup Center. PayPal purchasers need to also add their own level of data safety by always maintaining their information security application updated on all of their digital devices and not employing public Wi-Fi to make purchases, as it is less complicated for information hackers to breach than a secure and private Wi-Fi connection.

And Paypal is now t

6 секретов идеальной позы 69

Поза 69Если вы не любите эту позицию, значит, вы просто не знаете, что в ней делать.

«Краудфандинг — это работа». Интервью с Фёдором Мурачковским, гендиректором платформы

Planeta.ruОт идеи клона «ВКонтакте» до сервиса, который помогает находить деньги на различные проекты.

Вышел первый трейлер нового «Человека-невидимки» с Элизабет Мосс

Вышел первый трейлер нового "Человека-невидимки" с Элизабет МоссПерезапуск знаменитого хоррора выйдет на большие экраны уже весной.

Как режиссёры заставляют нас полюбить их фильмы: бесплатный вебинар

Как режиссёры заставляют нас полюбить их фильмы: бесплатный вебинарПознакомьтесь с приёмами, которые вы могли даже не замечать.

Личный опыт: 7 ошибок начинающего предпринимателя

Личный опыт: 7 ошибок начинающего предпринимателяПренебрежение рекламой, слишком маленькая финансовая подушка и излишняя скромность могут затруднить ваш путь к успеху.

4 функции календаря iPhone, о которых знают далеко не все

4 функции календаря iPhone, о которых знают далеко не всеНаучитесь использовать стандартное приложение по максимуму.

Как фильм «Доктор Сон» совмещает драму и настоящий хоррор от Стивена Кинга

Доктор СонКритик Алексей Хромов рассказывает о немного затянутой картине, связывающей книги писателя с «Сиянием» Стэнли Кубрика.

Epic Games Store раздаёт шутеры Ruiner и Nuclear Throne

Epic Games Store раздаёт шутеры Ruiner и Nuclear ThroneКиберпанк и постапокалипсис с выгодой 708 рублей.

Почему болит левый бок и что с этим делать

Почему болит левый бок и что с этим делатьЛайфхакер собрал 16 распространённых причин, включая смертельно опасные.

Охотники за скидками: 5 захватывающих историй о выгодном шопинге от любителей распродаж на AliExpress

что купить на алиэкспресс, распродажа 11.11Шопинг на AliExpress напоминает сафари. Нужно внимательно смотреть по сторонам, иначе добыча ускользнёт от вас в считанные минуты. Особенно в период распродаж! Чтобы купить что-то по-настоящему классное и по хорошей цене, надо знать, что именно и как стоит выбирать. Мы поговорили с опытными шопоголиками и узнали, где водятся самые классные акции, когда нужно притаиться в засаде и выждать лучшую цену, а когда ринуться напролом и скупить всё на своём пути.

«Начни с себя» — непопулярная идея, которая может многое изменить

Здесь как с лекарством: важно правильное применение.

Вышел первый трейлер вдохновляющего мультика «Душа» от создателей «Вверх» и «Головоломки»

Вышел первый трейлер вдохновляющего мультика «Душа» от создателей «Вверх» и «Головоломки»«Не разменивай жизнь на всякую ерунду».

Обзор Vivo NEX 3 — необычного флагмана без боковых кнопок и с выезжающей камерой

Obzor Vivo NEX 3 — neobychnogo flagmana bez bokovyh knopok i s vyezzhayushchej kamerojСмартфон для тех, кто устал от однообразных дизайнерских решений.

15 простых способов освежить интерьер любой квартиры

Если вы живёте в съёмной квартире или не хотите делать большой ремонт, есть трюки, которые помогут быстро обновить декорации.

Видео дня: как выглядит идеальная iOS 14

Видео дня: как выглядит идеальная iOS 14Разделение экрана, дисплей Always On и не только.

IFW 백업복구 프로그램에 PECMD를 활용하여 보았습니다..


저의 경우..초보 지인분이...원클릭으로 백업,복구를 할수 있도록 설정이 정해서 있는 프로그램과...제가 설명을 해주지 않아도..수동으로 

하실수 있는 분이거나..제가 사용하려고..마음대로 파일저장 위치나..파일이름을 지정할수 있는..2가지 버전을 항상 같이 만듭니다


이렇게...용도에 따른 2가지 프로그램이 상황에 따라서 쓰기 위해서..항상 같이 붙어다닙니다..

프로그램 2개를 따로따로 관리하는것이 귀찮아서..이번에 합쳐보았습니다



SnapShot 관련해서 중국 프로그램에 포함되어 있던..pecmd 폼을 활용하였습니다..

원래는..단순히..pecmd.exe의 BROW 명령어를 활용해서..초간단으로 만들려고 했습니다만...지인분의 의견의..반영되면서..결국

기존 BR 버전과 GUI 버전..기능이 합쳐지는것으로 변해버렸네요..사공이 많으면..배가 산으로 가죠..



중국 프로그램에 포함되어 있던..pecmd 폼을 IFW 백업,복구 프로그램에 활용을 하였구나 하여 주십시요



1. 2개가 서로 기능이 따라서...상황에 따라서..쓸수 있도록..항상 붙어 다닙니다..1개를 관리하는 것보다는 불편하죠...



2. pecmd.exe로 만들어진 폼입니다.. Win.tag와 PETools 폴더를 검색을 하여서..표시를 하여 줍니다

  Win.tag 파일이 없어서...윈포우 파티션이 표시되지 않았습니다..윈도우 파티션이나..백업파일 유무에 따라서.안내 메세지를 보여주는것보다는

  이번에는..버튼 자체가 작동하지 않은것으로 하였습니다 현재..백업,복원 버튼이 비활성입니다. 



3. Win.tag 파일이 검색되면..드라이브 문자와 볼륨명이 표시가 됩니다..요즘은..pe가 부팅할때 윈도우때와 같은 순서로 정렬을 해주지만..드라이브 문자

  하나만 있는것보다...볼륨명이 있으면..좀더 정확하여서.같이 보여주는것으로 하였습니다.

  백업파일이 없어서..복원 버튼은 비활성입니다.



4. 드라이브 목록을 만드는것이 귀찮아서...BROW 명령어에서 폴더 찾는 명령어를 활용을 하였습니다...폴더 찾아보기가 보여서 보기는 좀 그렇습니다



5.  BROW 명령어에서 파일 선택하는것은 그래도 활용을 하였습니다..

  Win.tag나 PEtools 검색을 기본으로 하고..이렇게...임으로..파일을 지정할수 있도록 되어 있어서...BR버전과 GUI 버전..기능이 모두 있습니다



6. GUI 버전에서 처럼...폴더나.이름을 마음대로 지정할수 있습니다.



7. 예전에는..생각도 못했었습니다..원래..예, 아니오가 아니라 Yes, No 입니다...SnapShot 한글화를 하면서 배웠던것을 여기에 활용을 하였습니다

   역시 한글로 보기가 좋습니다..실제는...별것 아닙니다..ResourceHacker에서..수정이 됩니다.



8. 기본 설정으로 백업을 진행하여 보았습니다....백업이 완료되면..IFW는 자동 종료 됩니다.. 백업,복원시에는 모든 버튼이 비활성입니다



9. 백업이 완료되고..IFW가 종료되면..아래처럼..백업파일 있음으로 표시가 됩니다.. 백업파일이 있어야...복원 버튼이 활성화 됩니다..



10. 복원 메세지입니다..영어가 안보여서..기분이 다 좋네요..한글화에 대해서는 역시..배우기를 잘한것 같습니다..



11. 복원중입니다..



12. 수동실행 버튼입니다..프로그램 종료 버튼이 없어서..프로그램 오른족 위 X 에서 종료해야 합니다..단점입니다.



13. 기본 설정에서..폴더나..백업 파일 이름도. 변경할수 있도록 하여 보았습니다 

    pecmd.exe를 활용하기 때문에...프로그램 자체가..ini로 되어 있어서..cmd 처럼..수정이 편하다는 좋은 점도 있습니다..



14. 마무리

pecmd.exe는 PE에 관심이 많으신분들은..다 아시는 파일이죠...가끔 중국 프로그렘에 이렇게 암호화가 되지 않은 프로그램들이 있습니다

덕분에..pecmd.exe에 대해서..많이 배울수 있는 기회가 되기는 합니다.


SnapShot 관련한 중국 프로그램에 포함되어 있던..pecmd 폼이 있어서..IFW 백업,복구 프로그램에 활용을 하여 보았습니다

덕분에..생각만 했던..BR버전과 GUI 버전 기능을..한곳에 모을수 있었습니다.


pecmd.exe가 헥사 수정도 할수 있고..참 막강한 능력이 있는 파일인것 같습니다

프로그램언어도 좋지만...pecmd.exe에도 한번 관심을 가져보시는것도 괜찮을것 같습니다..어떤 것이든..활용하기 나름이죠...


편안하신 시간 되시길 바랍니다..



FSMG님 하드 코딩 치환법 강좌를 따라하여 보았습니다..


지난 일요일에..FSMG님께서...하드 코딩 치환법 강좌를 하여 주셨습니다...

집안에 경사가 있어서 바쁘신 와중에서..강좌를 하여주신 FSMG님께 감사드립니다..

이쁜 강아지들도..무럭무럭 잘 자라길 바랍니다



강좌란에서...연재강좌란으로 이동이 되어서....윈포 첫 화면에는 보이지 않습니다..아직 모르시는 분들이 많으신것 같습니다




하드 코딩 치환법


제대로 배우는데에는...강좌를 따라하면...짧게는 6개월에서 2년정도 걸리신다고 말씀을 하셨습니다..

앞으로..오랜시간 강좌가 이어질것 같습니다..



강좌에 사용되어진 EditPad Pro 7는 아래 홈페이지에서 데모버전을 다운 받으실수 있습니다....저도 데모버전으로 따라하였습니다



자료실에...sTarTr**님께서 EditPad Pro 7는 폴더블 버전을 소개하여 주셨습니다....감사합니다..

 JGSoft EditPad Pro v7.6.5 Retail Portable



이 사용기는 멋진 강좌를 하여주신..FSMG님 강좌에 대한 감사의 사용기입니다..

저도..EditPad Pro 7프로그램은 처음 사용하기 때문에..어설픈 부분이 있을수 있습니다..이런 부분에 대해서는 양해를 하여 주십시요


예전에는..상상도 할수 없었던것을..멋진 강좌를 해주신 덕분에..이제는..직접할수가 있게 되었습니다

FSMG님 다시 한번더 감사인사 올립니다..



1. EditPlus로 헥사를 수정하신다는 분이 있으셔서 처음에는 아무생각없이 EditPlus 인줄 알았습니다..EditPad Pro 7 란 프로그램이 따로 있네요

   처음 실행해 보는 프로그램에고 영문이어서..좀 헤메이기는 하였습니다

   아래의 돋보기를 클릭하시면..



2. 이렇게 변합니다..강좌에 있는것과 같은 모습입니다..처음에는..Search만 있었던것 같습니다..이것저것 하다보니까..이렇게 2개가 보입니다

  강좌하고 다르게.. 메인폼에..포함되어 있지 않고..이렇게..따로..떨어져 있습니다..



3. 대소문자 구분해서 입력후...오른쪽에..화살표를 클릭을 하면..단어를 찾아 줍니다...여러개여서 계속 클릭을 했습니다.



4. 원하는 단어가 나왔습니다..이경우..커셔가..맨끝에 있어서 원하는 값이 아닙니다.



5. 커셔를 시작위치로 옮기시면..원하는 값이 보입니다..



6. 이 프로그램이...핵심인것 같습니다....위에서 알게된 값을 입력하면...오른쪽에 값이 보입니다..이것을 복사해서..



7. 여기에 붙여넣기 하시면 됩니다...복사한것에서 맨 마지막 00 은 표시되지 않고..아래만 표시가 됩니다



8. 강좌에 있는 위치에서..한글 드라이브를 입력을 하였습니다...처음에는 오른쪽 파란 네모에서 한글로 입력을 하였습니다..그런데..에러가 나서..

   왼쪽에..헥사값으로 입력을 하고...입력후..저장을 한후...SnapShot 실행까지 확인을 하였습니다.


   제가 잘못하고 있을수도 있습니다...저는 여기에서 저장을하고 진행을 하였더니 잘되었습니다..강좌대로 진행을 하실때...잘 안되시면..여기에서

   저장후..다음을 진행해보시는것도..괜찮으실것 같습니다..



9. 드라이브를 입력한 위치값을...넣어서 필요한 값을 알아내야죠.



10. 교체할 곳에 붙여넣기를 하였습니다.. 원래  A->B 이런 아이콘이 모두 활성화 되어야 하는데....여러번 테스트하면서..맨 마지막것만 활성화가

   되었습니다..몽땅 바꿀때 사용하는 아이콘 같습니다11.jpg


11. 위에서 아이콘을 클릭을 했더니..커서가..맨 위로 올라왔습니다..교체가 된것 같습니다

    첫번째 A->B가 활성화 되어서 클릭했을때에는...교체한 MJ. 이 단어가 있는 위치를 보여주었던것 같습니다

    이것저것을 해보면서..다시 재현을 하는것도 쉽지않네요..이렇게 교체가 되었습니다.



12. 드라이브로 교체가 잘되었습니다...맨처음..HxD로 수정을 할때에는..이런것을 내가 할수 있을거라고는 생각도 못했습니다

    FSMG님 덕분에...이제는..이렇게 어려운 부분도 한글화를 다해보네요..FSMG님 감사합니다.



13. 강좌에서 배운것을..실전에 적용하여 보았습니다....x86 버전을 자동으로 한글화를 진행하였습니다.




14. 3개가 모두..잘 적용이 되었습니다..SnapShot 실행시...실제보이는것은..파란네모처럼.."파티.." 이렇게..단어가 길어서 모두 보이지 않습니다



15. FSMG님 덕분에 소원성취를 했습니다...No 단어가..아니오 단어하고 길이가 맞지 않아서 HxD에서는...절대 못하는 부분입니다

   이렇게 한글로 보이네요..속이 다 후련합니다..FSMG님 복 많이많이 받으십시요



16. 백업이 진행중입니다..



17. OK 가 드디어 한글 "확인"으로 바뀌었습니다...



18. 복원시에 마지막 경고 부분입니다..백업에 있는것을 바꾸었는데..여기는 자동으로 바뀌었네요.



19. 복원중입니다...여기는 한글로 다 보였던 부분입니다



20. 여기도 OK가 확인으로 보입니다..



21. 마무리

처음에..ResourceHacker로 차칸앙마님..작품을 보고.Dialog를 수정할때에는...이렇게까지 될줄은 몰랐습니다

FSMG님께서..지식을 베풀어 주신 덕분에..눈에 거슬렸던 부분들도..이제 한글로 볼수 있게 되었습니다


강좌를 처음 보시는 분들은..따라하시기가 쉽지 않으실수도 있습니다..

한글화에 관심이 있으셨던 분들이시라면...강좌를 하여 주실때..같이..진행을 하시면..댓글로 질문을 드릴수도 있어서..잘 안되시는 부분들을

해결하실수 있으실것입니다

강좌가 오랜동안 이어지면...지난 글에 대한 댓글이 올라와도 일일히 확인하고 답글을 다시는것이 쉽지 않으실것입니다

시간이..되신다면..진도에 맞추어서..같이..진행하시는것이..더 도움이 되실것 같습니다


강좌를 보고 따라하셔서 성공하신분들이 있으시면...성공 사진을 강좌 댓글에 올려주시면...강좌를 하시는 FSMG님께서도 힘이 나실것 같습니다


강좌를 보고 따라하신분들 모두 성공하실 바랍니다..




PECMD 명령어로 SnapShot 한글화를 진행하여 보았습니다..


중국의 새로운 Snapshot 중국어도구를 소개하여 주신 분 덕분에...많은것을 배울수 있는 기회가 되었습니다..

중국 프로그램을 소개하여 주신분께 다시 한번더 감사드립니다..


중국 프로그래에서.저의 경우 이제까지 알지 못했던...3가지를 얻었습니다..  SnapShot 한글화에 관심이 있으신분들은 한번..살펴보시는것도

좋을것 같습니다


1. Athena-A 프로그램

  이 프로그래은..제가 상상했던것을 중국분이 만드신 프로그램입니다..보면 볼수로..중국분에 대해서 감탄이 나옵니다

  한글 SnapShot에서..한글문자열 추출해서..영문 SnapShot를 한글화 하는 대단한 프로그램입니다

  이미 Athena-A를 한글화를 하신분도 있으시죠..우리두리님 블러그에 사진이 있습니다


2. SnapShot 라이선스를 자체명령어로 입력

 SnapShot 를 수동으로 입력하거나..cmd에서 자동으로 입력할때에는..저의 경우..헥사값으로 입력을 했습니다..그런데..이미.. SnapShot 에서

 cmd에서 입력하는 자체 명령어가 있었습니다..이렇게 자체 명령어가 있는데..엉뚱한 짓을 한것이죠


3. Pecmd 명령어로 헥사값 수정

  저의 경우 cmd에서 헥사수정을 CFF Explorer 를 이용해서만 가능했습니다. 그런데...진짜 보물이..품안에 있는것을 몰랐습니다

  pecmd.exe 명령어에 이미 헥사수정하는 것이 있었습니다..항상..활용하는 pecmd.exe인데...상상도 못했습니다

  역시..,pecmd.exe는..능력있는 파일입니다


이런 프로그램을 만드시다니 중국분께 감탄이 절로 나옵니다.

중국 프로그램에서  Athena-A 프로그램으로 중국어로 수정하는 부분은..저는 pecmd.exe 명령어로 진행을 하여 보았습니다


pecmd.exe를 그냥 실행하면 나오는 도움말에서 복사해 온것입니다..

디스크의 헥사값도 수정할수 있나 봅니다..


┃    │FORM│PUTF <FileName>,[Base],<data queue>                                   ┃
┃    ├──┼──────────────────────────────────────────────┨
┃    │FUNC│modify specified file in BINARY form, specify the physical disk data (Example 2, the disk 1--62 sector fill 0) ┃ 
┃    ├──┼──────────────────────────────────────────────┨
┃    │PARA│File Name: file name already exists, the physical disk \\.\PhysicalDrive0~N ,support environment variables    ┃
┃    │    │start position: value relative to the beginning of the file base address,support hex nos.,e.g. 0x100,start from 0,default0,can take

┃             TG MKS suffix
┃PUTF│  │Data Queue: [*Repeat Factor] value, the start position to begin writing data from several values ​​separated by spaces,

┃              such as * 1M 0x00
┃    │    │            0x23 0xAD *1K 0x1C 128                                                          ┃
┃    ├──┼──────────────────────────────────────────────┨
┃    │E.G.│PUTF %CurDir%\Memu.DAT,0x400,0x23 0xAD   PUTF \\.\PhysicalDrive%PHYDRV%,1S,*62S 0x00        ┃



101.ini 에 있는 명령어 입니다...라이선스 등록하기전에...Security Directory RVA, Size 값을 수정하는 내용입니다..


FIND $%YS_FileName%=snapshot, PUTF %YS_File%,0x9878,0x00 0xC6 0x06 0x00 0xD8 0x2F !PUTF %YS_File%,0x1A0,0x00 0xD6 0x06 0x00 0xD8 0x2F


Dialog 부분을 제외한 나머지 부분을 PUTF 명령으로 SnapShot 한글화를 진행하여 보았습니다

pecmd.exe는 PE 덕분에 자주 활용을 해서인지..CFF Explorer보다는..명령어도 간단해서 더 편한것 같습니다


SnapShot 을 한글화 하는것을 처음에는.ResourceHacker와 HxD만 있는줄 알았는데 이렇게 다양한 방법들이 있네요



1. 필요한 파일은..Resource 폴더에 넣었습니다..



2. 3개 프로그램은...프로그렘에서 수동 실행이 되도록 하였습니다



3. 처음 실행 모습입니다..3번째 Athena-A 프로그램 실행 부분을..pecmd.exe 명령어로 헥사 수정을 하도록 하였습니다..



4. 이 작품을 만드신 중국분은..단계별로 확인을 할수 있도록 하셨습니다..x86 버전은 압축해제후 정상 실행이 되지 않아서..조금 수정을 하기는 



   101.ini에 있는 원본 내용입니다..... SnapShot 구버전에서는..x86일때 헥사를 수정을 하는것으로 했었던 것 같습니다

   실행되는것은..x86은 수정하지않고 x64만 수정하고 있는 모습니다.



//Snapshot V1.47 - Sep  10 2019

//FIND $%JY_FileName%=snapshot, PUTF %JY_File%,0x2BB55,0xEB 0x0C !PUTF %JY_File%,0x10E,0x23

//Snapshot V1.47 - Sep  24 2019

//FIND $%JY_FileName%=snapshot, PUTF %JY_File%,0x2BE42,0xEB 0x0C !PUTF %JY_File%,0x10E,0x23



FIND $%JY_FileName%=snapshot, !PUTF %JY_File%,0x10E,0x23




5. 저는..ResourceHacker 가 실행될때 왜 실행이 되는지 잘 몰랐습니다..ResourceHacker에서..수정된것을 확인라는 뜻이었네요

   중국어의 경우..1031이 아니라 다른 언어여서 추가가 됩니다..저의 경우는..1031을 그대로..저장해서..이렇게 덮어쓰기가 된것입니다


   101.ini에 있는 원본 내용입니다  중국어로 수정할때 원래는 -delete로 1031을 삭제했었나 봅니다. 중국어로 변환시..이것을 실행되지 않게 해서..

   두개 언어가  모두 있게 되었던것 같습니다..


//EXEC =%CMPEXE% -delete "%BH_File%", "%BH_File%", Dialog,,

EXEC =%CMPEXE% -addoverwrite "%BH_File%", "%BH_File%", "%CURDIR%\Dialog.res", Dialog,,




6. 3번째 작업을 진행하였습니다..Athena-A 프로그램 대신에..pecmd.exe 명령어로 헥사를 수정을 한것입니다.



7. Dialog외에서..다행히...한글화가 되었습니다.



8. 4번째 라이선스를 등록하는 과정입니다...아래창이 보이도록 SnapShot를 바로 실행하는것으로 하였습니다

  GUI에서 수동으로 입력시 나오는 메세지처럼..cmd에도 성공이라고 표시가 됩니다..




9. 라이선스 파일이 같은 폴더에 있는면...확인이 되지 않아서 라이선스 파일은..Resource 폴더안에 있습니다

   등록이 잘되었네요..


  중국 프로그램을 소개하여 주신 분 덕분에 pecmd.exe 명령어로 한글화를 다 진행해 보게 되었습니다..

  소개하여 주신분께 다시 한번 더 감사드립니다



10. 한글화는 실제 진행에서도 에러가 없어야죠..압축해제시 에레가 발생했던..x86 버전으로 백업,복원을 진행하여 보았습니다



11. 저는 단순히..보이는 부분 몇개만 해본것입니다12.jpg


12. 아래 부분을 빼먹었는데..이번에 알게되어서..추가하였습니다..



13. No 부분이..아니오로 표시가 되게 하는것은..지난 일요일에 FSMG님이..강좌를 해주신 부분입니다..이 부분은..강좌를 보고 열심히..배워야

   할것 같습니다.   FSMG님 강좌는..연재강좌란에 있습니다..



14. 백업이 진행중입니다..헥사값이..모두 잘 적용이 되었네요..



15. 완료시 메세지 부분입니다..



16. 복원도 확인햐여 보았습니다



17. Yes No 대신에 한글로 할수 있는 날이 빨리와야..한글로 볼수 있는데요...이런 날이 오겠지요..



18. 복원중입니다...여기도 모두 한글로 잘 바뀌었네요..



19. 완료 표시입니다



20. 마무리

중국 프로그램을 좋하실것 같다고 소개를 하여 주신분 덕분에..많은것을 배울수 있었습니다..

이렇게 좋은 프로그램을 소개하여 주셔서 감사합니다..복 많이 받으십시요.


항상..사용하는..pecmd.exe에서도 헥사 수정을 할수 있는줄은 생각도 못했습니다..

pecmd.exe는 pe를 활용하시는 분들은..친근한 파일이죠....헥사 수정에 pecmd.exe를 활용하여 보시는것도 좋은 방법이 될것 같습니다


오늘 하루도 고생하셨습니다

편안하신 시간 되시길 바랍니다





대박! 중국 Athena-A 프로그램의 능력이 끝내주네요...간단한 사용법입니다


바로 옆의 중국의 새로운 Snapshot 중국어도구 사용기에 보시면..Athena-A 프로그램이 포함이 되어 있습니다.

메뉴가 중국어여서..사용법을 알수가 없어서..지난 사용기에는..자세한 실행을 할수가 없었습니다


이미..Athena-A 를 한글화 한 버전이..우리두리님 블러그에 소개가 되어 있지만..세부적인..한글 메뉴가 없어서..어떻게 사용하는지는

파악을 할수가 없었습니다


sTarTrak님께서..윈도우에서 중국 txt파일이..께지는것을 중국어로 보는것을 알려주셔서 중국어들을 구글로 변역을 하였습니다.

여기에...사용법이 있네요..sTarTrak님..너무너무 감사합니다..덕분에..이제서야 사용법을 알게 되었습니다

항상 좋은일만 있으시길 바랍니다.



번역한 중국어 txt 파일의 내용입니다..


비표준 자원 중국 운영 단계.txt


비표준 자원 완료 작업 단계 :


1. 파일 → 새 프로젝트 → (PE 파일) 파일을 선택하십시오 (예 : D:\Downloads\snapshot64.exe) → 열기 → 프롬프트 : 파일이 
    프로젝트 디렉토리에 복사됩니까? → 확인 → 시작 → 새 프로젝트 성공 → 확인 → 확인;

2, 프로젝트 → 자동 번역 → 사전 선택 → Snapshot V1.47 20190919.db → 열기 → 번역 → 정보 : 사전을 정렬하는 것이 가장 좋습니다
   → 확인 → 자동 번역 완료 → 확인 → 확인;

3. 프로젝트 → 대상 생성 → 경로 → 생성 → 대상 파일 생성 성공 → 확인;

4. 파일 → 종료 (또는 창을 직접 닫습니다).



깨진 중국어 였을때에는..내용을 짐작할수가 없었지만....구글 번역이지만..어느정도 사용법이 짐작이 되시죠

이마..이 프로그렘에 대해서..알고 활용하시는 분도 있으실것 같습니다...능력이..막강합니다



중국 프로그램 전체가 아닌 Athena-A 만으로 진행을 하여 보겠습니다


사전 준비물이 있습니다....아래의 SnapShot.exe 파일은 둘다..압축이 풀어져 있어야 합니다


1. 영문 SnapShot.exe 

2. 한글화된 SnapShot.exe


영문은..한글화 할 파일입니다..한글 SnapShot.exe 이 필요한 이유는...영문과 한글 두개를 비교해서..한글화에 사용될 db 파일을 만들기

위해서 입니다


이렇게 db 파일을 만들어 놓으면..다음 한글 작업시에..이 db 파일을 불러서 한글화를 진행할수가 있어서 너무 편합니다

중국쪽은 이미..,중국어 db가 있습니다.


프로그램 메뉴가 중국어 이지만...사용하시는데는 무리가 없을것 같습니다..

Athena-A  프로그램은 Dialog 부분을 제외한 나머지 부분에 대해서 한글화를 할수가 있습니다... Dialog는 ResourceHacker 로 진행을

따로 하셔야 합니다.



1. 한글화할 영문 버전입니다..



2. 제가 어설프게 보이는 부분만 한글화한 버전입니다..



3. 메뉴가 잘 안보이시면..그림 파일을 다운 받아서..메뉴를 정확히 따라 해주시면 되십니다..한글 버전에서 db를 추출하기 위한 메뉴입니다



4. 이런 프로그램이 실행이 됩니다..위에는 영문..아래는..한글 버전입니다..그리고...아래 (T)를 실행하시면 추출 작업을 합니다..



5. 추출시 문제가 있는것인지..아래와 같은..메세지가 나옵니다..논리드라이브 영문에서...남은 글자가 있나 봅니다..ion 영문이 있네요...00 입력을

   하지않았나 봅니다..


   영문 버전과 한글 버전에서 차이가 있으면..한글버전에서 한글이 모두 추출되지는 않습니다...



6. 사전 폴더에..기존 중국 db 파일외에 방금전에 추출한 한글 db 파일이 만들어졌습니다..



7. 여기 메뉴에서 한글화할 영문 버전을 불어옵니다.



8. 파일 경로 바로 아래에 영문으로 되어 있습니다...(T)를 클릭해서 진행을 하시면 되십니다



9. 위의 작은 프로그램을 종료하면..다시 이렇게 나옵니다..오른쪽에..영문 문자열을 추출것이 보입니다..



10. 자동번역 메뉴 입니다...



11. 한글 버전에서 추출한 db를 선택하여 주시면 됩니다..



12. 제가 보이는 부분만 한글화 하여서..한글은 몇개 되지 않습니다...db 추출시에..뭔가 맞지 않은 부분이 있어서 누락이 된 부분 있습니다.

   이부분은..맨 아래에서 한글을 추가할수도 있습니다..지난 사용기 있는 부분이어서 생략하였습니다.



13. 이제..SnapShot.exe 에 적용을 해야죠...아레 매뉴가 생성 메뉴입니다..



14. 원하시는곳에 지정을 해주시면...파일이 만들어 집니다.



15. 한글 버전에서 추출시에..추출되지 못한 부분들이 있네요...그래도..대부분은..잘 적용이 된것 같습니다..



16. Dialog는 ResourceHacker로 따러 작업을 해주어야 합니다.. 



17. 마무리

한번 SnapShot을 한글화한후..db 파일만..잘 추출해 놓으면..그 다음부터는..중국 Athena-A 프로그램을 사용해서 편하게 한글화를 진행할수가

있을것 같습니다


한글버전에서..db로 추출할때...모든것이 추출되지 않는것이 조금 그렇죠...저의 경우 한글화 할때..어디에선가..다른 부분들이 있었나



상상으로..한글버전에서 한글 소스만..추출해서..영문 버전에 덮어쓰기하면 얼마나 좋을까 했습니다.

이미..이런 프로그램을 만드신 분이 있으시네요.진짜 대단하신분입니다..


중국 Athena-A 프로그램을 이렇게 사용하는것이구나 하고 참고만 하여 주십시요

어떤 프로그램이든지 사용하기에 따라서 활용가치가 있는것이죠....좋은 쪽으로만 활용을 하여 주십시요

이것을 한글화 하면 좋겠습니다만..저는..능력이 안되네요..


즐거운 토요일이 되시길 바랍니다




중국의 새로운 Snapshot 중국어도구에 다양한 기능이 있네요.


먼저...Snapshot 관련한 새로운 버전을 알려주신분께 주신분께 감사드립니다..

덕분에..대단한 프로그램을 알게되었습니다.. 복 많이 받으십시요



중국의 Snapshot 새로운(?) 프로그램이..다른분이 만든신 작품인지..실행방식 자체가 다릅니다...오토잇으로 되어 있지 않고.pecmd.exe를

이용한 프로그램입니다

프로그램 자체가 오토잇하고 다르게 txt로 되어 있습니다..명령어들을 그냥 볼수가 있습니다..진짜 대박입니다..



이 프로그램이 이미..10월 1일에..중국에는 소개가 되었네요..그리고..이 프로그램에 포함된 보조프로그램의 경우 한글화를 하신분이 있으십니다

중국쪽에 정통하신 고수님들께서는..이미...이 프로그램에 대해서 다 알고 계셨을것 같습니다..


이제라도..이런 프로그램이 있다는 것을 알게 된것도 소식을 전해주신분 덕분입니다..다시 한번더 감사합니다


프로그램이..txt로 되어 있어서..작동하는 소스를  볼수가 있습니다..맨 마지막에는.라이선스를 자동입력하는 것도 있네요


중국 프로그램이지만... Snapshot 한글화에 관심이 있으신분은..한번 구경해보시는것도..괜찮을것 같습니다

아래는..중국 사이트 입니다... 이 분이 9월 21일 첫 작품을 소개하셨네요...좀더 일찍 알았다면..하는 아쉬움이 있습니다

아쉬운점은..사이트는 회원 가입을 하셔야 다운이 가능합니다..

여기에서 다운 받은 프로그램을 실행하였더니..avast에서 검출이 되었습니다 참고하여 주십시요





Snapshot 중국어도구에 있는 보조프로그램인 Athena-A 한글화 버전 사진은.. 우리두리님 블러그에 있습니다

Athena-A 중국메뉴를 보시는데 도움이 되실것입니다..



1. 중국 사이트에서 받은 3개 파일입니다...설명서.완성품..프로그램입니다.



2. CFF Explorer 로 RVA 값을 수정하고 있는 설명도 있습니다...다른 중국사이트하고..값이 다르네요..이미 이 값은 상황에 따라서 변하는 값이라는것은

   다 아실것 같습니다..



3. 완성품인데..폼이 영어입니다..4번째 과정에 있는 파일인데...라이선스가 입력되어 있지 않네요..저도 포함된것이어서 그냥 실행해 본것입니다



4. x64 버전은..이런 메세지가 나옵니다...알고 보았더니..경로에 있는..이상한 외계어 때문입니다...x86은 실행이 되었는데요...차이가 있습니다



5. 프로그램을 실행했더니..압축을 해제하는것 같습니다..



6. 이렇게 압축이 해제되고..바탕화면에는 바로가기 파일이 만들어 집니다

   아래에 보이시는..폴더가 중국어로 되어 있습니다.. 저의 경우 이상하게. 이폴더에서 SnapShotx64를 에러가 생깁니다



7. 에러 모습입니다.. 탐색기에서는 정상으로 보이는 중국어가..cmd에서는..외계어로 보입니다.



8. 중국어 폴더명을 한글로 바꾸었습니다..이제서야 제대로 실행이 됩니다..



9. 처음 실행 모습입니다...어떤 중국어는 잘보이는데..하필이면..이 메뉴 중국어가다 엉망입니다...이 프로그램은 txt로 되어 있어서..중국어를 복사후

   구글에서 번역하면..한글로 쓸수가 있는데...중국어가 이렇게 깨져서..실제 번역이 되지 않습니다

   어떤 중국어 폰트를 설치해야..중국어 깨지지 않고 표시가 될까요..



10. 1번은..SnapShot를 압축해제 하는 단계입니다.. x64 을 압축해제후..실행하였습니다. x64를 압축해제후..헥사를 수정해 주어야..이렇게 실행이

    되니다..헥사값도..프로그램에서 수정을 해준것입니다..이 프로그램이..pecmd.exe 명령어된 txt 로 되어 있어서..오토잇하고 다르게 누구나 소스를

    볼수 있습니다..



11. SnapShot이 압축헤제 되어 있습니다..



12. 2번째 단계입니다..ResourceHacker 구버전인가요..이것이 실행이 됩니다  중국 Dialog.res가 포함이 되어 있습니다..



   101.txt를 확인한 하여보았더니 아래처럼 명령어가 있습니다...그리고 101.txt에 있는 중국어를 모두 구글에서 번역을 했더니 ResHack.exe가

   실행된 이유가...아래 명령어로  Dialog.res가 잘 적용이 되어 있는지 확인하라는 뜻으로 실행된것 같습니다


   EXEC =%CMPEXE% -addoverwrite "%BH_File%", "%BH_File%", "%CURDIR%\Dialog.res", Dialog,,



13. 메뉴가..최신하고 좀 다르네요..업데이트로 진행을 하여보았습니다. 



14. 업데이트 되었다고 합니다



15. 언어 숫자가 달라서 2개가 있습니다...1031을 삭제해야 중국어가 보이나 봅니다...저는 그냥 다음으로 넘어 갔습니다.



16. 3번째에 있는..Athena-A를 실행하 모습입니다..이 프로그램은 어느분이 만드셨는지...대단한 프로그램 같습니다..



17. Ctrl+N은..snapshot64.exe를 불러서..문자열을 추출해서 보여주는 프로그램을 실행하는것 같습니다..그런데..한글 버전으로 해도..영문을 보여주는

   것을 보면..제가 잘로는 부분이 있나 봅니다...

   Ctrl+O는..영문을 중문으로 번역하는 작업을..저장해서 다시 볼러오는..메뉴 같습니다 삼아서 한글로 한개를 했는데 그대로 불러오네요


    이 프로그램에 대해서 저도 잘 모르고 있습니다..이런것 같구나 하고 짐작만 한것입니다..나중에 실제 기능과 다르더라도.양해를 하여 주십시요


    이 프로그램 관련해서는..우리두리님 블러그에 있는..한글화 버전에서 메뉴를 참고하시면 되실것 같습니다..



18. Ctrl+N 을 하면 아래처럼.. snapshot64.exe에서 아래와 같은 모습으로 바뀝니다.



19. (T)를 클릭하시면 작업을 시작합니다.. 완료후 종료하면..이전 프로그램이 나옵니다..



20. 보이시죠..왼쪽에 핵사값과 그리고 오른쪽에..영문 문자열을 보여줍니다..여기에서..영문을 중국어로 번역해서 적용을 하나봅니다

  중국어 db 파일은 없는것 같습니다..



21. 공개까지..다 표시가 되네요...검색하는 메뉴도 아래에 있습니다.. 공백없이 검색하면 다른것이 나와서 수동으로 찾아서..클릭한것입니다.



22. 검색된것을 복사해서 아래로 옮긴후 한글로 바꾸고 저장을 했더니..오른쪽에 한글로 저장이 되었습니다.

    이렇게 작업을 하나 봅니다..



23. txt 파일로 저장하는 기능도 있네요...



24. 4번째 메뉴입니다..cmd에 있는 메세지에 라이선스 등록이 성공했다고 표시가 됩니다..다른것을 몰라서..이것은 활용할수 있을것 같습니다





25. snapshot64.exe로 실행해 주네요...라이선스가 입력이 되었습니다..라이선스는 Lic-Snapshot.txt 파일에 저장이 되어 있습니다

    테스트 한다고 snapshot64.exe 파일에 이폴더에 넣어서 Lic-Snapshot.txt 파일과 같은 폴더에 있어서.. snapshot64.exe를 다른 폴더에

    복사한후..확인까지 하였습니다.




26. 한글로 변환한 부분이 이부분인데..어떻게 적용하는지 몰라서..안되었나 봅니다..



27. ResourceHacker 에서 수정후..수정을 안해서 영문으로 보인것입니다..



28. 101.txt 파일 내용입니다..이파일은..읽기속성을 보호가 되고 있습니다...

    windows7 x64 입니다..중국어 어떤 폰트를 설치해야...아래처럼...중국어가 깨지지 않을까요....여기를 한글로 수정하면..일단은..프로그렘 메뉴만

    이라고 한글로 보일텐데요..


    많이 보신 명령어 들이죠...pecmd.exe 명령어 입니다....이 분은 고맙게도..암호화를 하지않으셨습니다.



29. 우클릭 메뉴에서 실행하기 위해서..txt를 ini로 바꾸었습니다.



30. 프로그램이 실행이 되었습니다.. 여기에서 Snapshot简易汉化工具.EXE 는 101.txt를 실행하는 역활을 하나 봅니다.


   다른폴더에서 Snapshot简易汉化工具.EXE와  101.txt 2개만 복사후 실행해도 잘 실행이 됩니다..pecm.exe 파일이 없어도 되는것을 보면

   Snapshot简易汉化工具.EXE에 특별한 기능이 있나 봅니다..앞으로..pecmd.exe를 활용해서 프로그램을 만들때에.. Snapshot简易汉化工具.EXE의

   이름을 바꾸어서 활용을 할수가 있을것 같습니다.



31. 4번에서 압축하고...라이선스를 등록하는 부분 같습니다...다른것들은..활용하지못하더라고..  이것을 잘 활용하면..라이선스 등록을 편하게 할수

   있을것 같습니다



32. 마무리

중국쪽에 대해서는 별로 아는것이 없습니다..10월 1일에 소개된 프로그램인데..이제서야..그것도 소식을 알려주신분이 계서서 이렇게 실행을

해보게 되었습니다

저에게는..너무나 귀한 소식이었습니다.....복 많이 받으십시요


SnapShot 관련한 새로운 중국 프로그램을 있어서..간단히 소개만 하였습니다....

이런 프로그램도 있구나 하고 참고만 하여 주십시요


편안하신 시간 되시길 바랍니다







위의 사용기에 있는..라이선트 등록하는 명령어가 알고 보았더니...SnapShot.exe에 이런 자체 명령이 있네요...


 --register:License.lic - register %s



1. cmd에서...Lic-Snapshot.txt 파일로 라이선스 등록이 되었습니다..한글화 진행이 정상이라면..등록이 이상없이 될것 같습니다



2. txt 파일 이름을 바꾸고 실행을하여 보았습니다..정상 등록이 되었습니다



3. 테스트한 cmd 파일 내용입니다...snapshot.exe 자체에 이런 명령이 있다는것도 중국소스 덕분에 알게되었네요..



@echo off
pushd %~dp0 


    "%~dp0snapshot64.exe" --register:"%~dp0Lic-Snapshot.txt"






News about our community network – Portal sem Porteiras



Image description: A lone body high on communications tower against view of sunrise and clouds

Image description: A lone body high on communications tower against view of sunrise and clouds. Image source: Portal sem Porteiras

Portal sem Porteiras: News about our community network by GenderIT


M: I am Marcela

L: and I am, Luisa

M: We are part of the Portal sem Porteiras or gateless portal


L: an association created to formalize our community network

L: Today our community network has an infrastructure of 12 nodes, omnidirectional and sectorial radios that connect to a mesh. These points were programmed to communicate with each other thanks to Libremesh, a software installed to replace the factory firmware, changing the way the router thinks.

With a server we have an infrastructure that allows us to circulate our own information creating a local network. In addition, a pair of directional radios with a 30dbi antenna make the long-distance link to the gateway, or the connection to the "Big Internet".


M: This idea started 3 years ago. Since then we went up, down and up the mountain again carrying the antenna on our back, connected and disconnected from the internet, hosted our local network in a Raspberry, changed it to a Tvbox and then to a 4TB server. We have limited access requesting coupons for connection, opened the network and established the association, learned to always keep contracts, and we are still in the process of regularization.

But despite all the technical problems we got involved in, I really wanted to talk about people, about the relationships with my neighbours, with my community. Because, in addition to the technique, which does present many difficulties, as a community network we propose to integrate this virtual network into the many other layers of relationships that already exist between people. And this is our biggest challenge.


L: We are not simply an internet provider, we want more than providing an internet service. We want to expand existing relationships using technology as a tool. So that the first cake recipe in my search is from Dona Nilda's cassava cake and not from a great YouTube chef. We would like a network where we won't have our information used to persuade us, where we do it our way, where we do not stay at the mercy of great producers of technology that shape our cultures and daily lives. A technique developed according to what we need here, where we live.

But that is us ...

Technology: a set of techniques, that is, methods and practical details essential for the execution of an art or science.

Here, art is life, and life is unique in every part of the world.

That is, it is impossible to "technify" in one single way.


M: My house, the headquarters of Portal sem Porteiras, has always been a place with good Internet connection.

We know that because we are testing the stability of this network daily. So before we installed more nodes, some people used to sit on the sidewalk in front of my house with their phones in hand. Even after setting up a user authentication system, this movement continued. That is because there is an application to circumvent the system that endangers our entire network.

The house is in a dangerous corner because it is not easy to see the cars making the curve to enter the neighborhood. In this corner, a lady used a cell phone every day.

It is common for people to limit themselves to using Facebook and WhatsApp as if it were the entire Internet, and providers encourage this practice while offering these services without cost. And with the lady it was not very different, she told me she always used these applications.

She stood almost in the middle of the street, where she thought the signal was better. The cars barely missed her and she didn't even care, she was very focused on the screen.

One day, my cat, meow, crossed the street. It couldn't wait for the car to swerve the way it did to avoid the lady, so the cat was hit and died.

Something wasn't working very well...

We started thinking about our responsibility.

"Will we be the ones who bring Facebook to the community ?" And what was the difficulty in communicating our purpose, that someone in the same community would need to ignore our attempts and risk all of our information and our cat

L: We started to focus more on the local network than on the internet connection itself. That way it would be easier to explain everything else, and we wouldn't be confused with a service provider. That's how we found a deeper sense purpose that pushed forward.

So, if we want more people involved, we also need to find what drives them. Aware of the gender gap in technology, we were concerned about taking the first step in that direction by sensitizing the women of our own community about the local network and the internet.

And so our journey begins.

We started to focus more on the local network than on the internet connection itself. That way it would be easier to explain everything else, and we wouldn't be confused with a service provider.

M: Tania, a feminist hacker, became the tutor of our group of women in this technological advance. Every month there is a meeting and a new topic. Finally, we managed to find a meaning that would connect our needs with our network: the need to recover narratives and put them back in the hands of women.

L: We created a project that seeks to prevent us from repeating this same pattern of technological creation, where the creator is the same heteronormative white man who reinforces narratives from his own point of view as truths. Because that breaks the democratic possibility of the internet.

L: The project is called Nós por Nós or us for us, this is because in Portuguese we use the same word NOS, for us and for nodes.The project was created to stimulate the role of women in the neighborhood since from the very beginning of the network creation. Talking about its operation, safe and healthy use of the Internet. From our local infrastructure microcosm, we show how the macrocosmic “Internet” works. That the cloud is actually a server and that it has owners. As we guide this use of the "Big Internet" we work together to create our local Internet: we are filling our server with our own content, with narratives and services directed by women.

At the end of the project we will have a website created by us that can be accessed from the neighborhood, through our own intranet. Showing that the Internet is not a mythological entity, but a tool used and fed by people. And why not us?

M: As the plans do not always happen as we would like, but as they should be, as soon as the project started, it triggered a lot of questions.We made an open call to women in the neighborhood, who would be responsible for creating consensual media content about other women in the territory - the researchers - finally creating a map.

L: But the people who came were women who somehow were already in our circle: women who arrived in the neighborhood in the last ten years, carrying children, dogs and a university degree, privileged women. Hum... .. it seems that the "us" is still a fragment of our community.

This women would be responsible for bringing technology to the neighborhood. The technique done by who already has access.

Are we being new colonizers and imposing our ideas as a supposed point of view of a whole community?

M: This question makes me think that there is much more to talk about during these interviews. We know that our reach within the community is limited. Calling an open meeting and spreading posters in the public square seems democratic, but ignores everything that implicitly separates us. Coexistence spaces imply power relations that are directly related to our privil

eges, it is a structured logic in our society, whether we like it or not.

L: That's why we choose the coffee with cake methodology. That is, go to the people's house and connect with them, and in this meeting, take our ideas about the local network, see where they agree and where they don't, what is in fact relevant to them.

M: We understand that the feminist look from one woman to another is a liberation from the patriarchal vision. But is it the last step? Certainly not ... When each being has the access, tools and support to create their own narrative, then we have reached a new stage in which projects like Us for Us will be superfluous.

We stopped trying to fix the world and started slowly, working with humility.

L: The word "Humildade" or humility has its origin in ancient Greek, which comes from HUMILIS, literally "he who is on the ground."

To walk the same terrain, find the common place between us, look for what is shared simply because it is human. A precious spark lights up at the time of that encounter and overcomes the abyss of separation.

That way we respect the rhythm already established and the way relationships are here in our neighborhood.

M: This virtual network adds up and comes to recover what the imposed technology dares to destroy: casual encounters, the exchange of recipes, home remedies, oral history, the fantastic as true.



Between one cup of coffee and another we make friends and seek to break the barriers between us.




links for 2008-07-30



'Soviet Tactics': Russia Tries Prisoner Swap for Hacker

Moscow Reportedly Seeks Leverage as Counter-Extradition Attempts Keep Failing
What's the best way to spring your citizens from foreign jail if they've been detained on U.S. hacking charges? That's a question that continues to plague Russia, including in the ongoing case against Aleksey Burkov, who's been charged with being part of a $20 million payment fraud scheme.

Vollversion: Ruiner Deutsch

Im Action-Shooter Ruiner kämpfen Sie in einer düsteren Cyber-Metropole gemeinsam mit einem Hacker gegen das korrupte System an.

Etier Meurtrier Stephane Kirchacker Stephane

Etier Meurtrier Stephane Kirchacker Stephane

Pocket Style Manual Apa Version 7e Launchpad Solo For A Pocket Style Manual 7e Six Month Access By Diana Hacker

Pocket Style Manual Apa Version 7e Launchpad Solo For A Pocket Style Manual 7e Six Month Access By Diana Hacker

Understanding The Definitive Solution for Hacker Attacks and Free Vpn for Android

A Startling Fact about the Definitive Solution for Hacker Attacks and Free Vpn for Android Uncovered One of the absolute most important things to check whenever you are deciding which VPN you ought to use is whether the VPN provider retains logs of user activity. In some particular nations in the world, such as China, […]

Amazon Ring doorbells exposed home Wi-Fi passwords to hackers

Security researchers have discovered a vulnerability in Ring doorbells that exposed the passwords for the Wi-Fi networks to which they were connected. Bitdefender said the Amazon-owned doorbell was sending owners’ Wi-Fi passwords in cleartext as the doorbell joins the local network, allowing nearby hackers to intercept the Wi-Fi password and gain access to the network […]

Hackers afirman que pueden romper el bloqueo de huellas dactilares de cualquier teléfono inteligente


Los propietarios de casi todos los teléfonos inteligentes Android, y los iPhones hasta el iPhone 8 incluido, podrían tener un nuevo problema de seguridad por el cual preocuparse: los piratas informáticos chinos afirman ser capaces de superar cualquier escáner de huellas digitales en solo 20 minutos, reporta Forbes.

Según la publicación, a menos que haya invertido en un teléfono inteligente como el iPhone 11 que ha eliminado las huellas dactilares como medida de seguridad biométrica, es probable que confíe en esa imagen del dedo para desbloquear su dispositivo y muchas de las aplicaciones dentro. Lo que podría ser una mala noticia, ya que los piratas informáticos chinos han demostrado cómo, dicen, se puede vencer cualquier escáner de huellas digitales utilizando un equipo que cuesta 140 dólares y una aplicación que analiza una fotografía de su huella.

Los hackers trabajan como parte del equipo de investigación de seguridad de X-Lab en una compañía china llamada Tencent. Demostraron su metodología de pirateo de huellas dactilares en la conferencia GeekPwn 2019 en Shanghai.

El líder del equipo de X-Lab, Chen Yu pidió a miembros de la audiencia al azar que tocaran un vaso. Las huellas dactilares que quedaron fueron fotografiadas con un teléfono inteligente y pasaron a través de una aplicación que los hackers han desarrollado. Aunque no se reveló la metodología precisa, se cree que la aplicación extrae los datos necesarios para clonar una huella digital, presumiblemente utilizando una impresora 3D.

La parte física de la clonación no se reveló a la audiencia por razones de seguridad, pero las huellas digitales que creó el proceso se usaron para desbloquear tres teléfonos inteligentes diferentes que se habían registrado para los miembros de la audiencia involucrados.


Vulnerability In Ring Doorbells Left the Door Open for Hackers to Open the Door



Podcast: How a smarter edge can make schools safer


This week on the show, Kevin and I started with a discussion of reports of how smart speakers can receive remote commands from a hacker with a laser. We then shifted gears to talk about company research showing how much data your smart homes are sending and a brand new network product from Firewalla. Cortana’s […]

The post Podcast: How a smarter edge can make schools safer appeared first on Stacey on IoT | Internet of Things news and analysis.


Windows Tech Support Hackers Can Lock Up Screen through Firefox

Everyone knows the pain of a machine or device that won’t work. There aren’t many things that are more maddening. You need to get your work done, are waiting to watch your favorite show on Netflix, or are trying to contact someone, and your machine or device is not cooperating. It’s what leads you many times to just wanting to throw the machine or device out the window. That’s what makes it even more upsetting when hackers make their way through to tech help. They are taking advantage of the most vulnerable. But this is an old scam that just won’t go away. It’s been... Read more


Bihar BJP chief alleges corruption, writes to Nitish Kumar

Bihar BJP chief alleges corruption, writes to Nitish Kumar

Patna: Bihar BJP President Sanjay Jaiswal has written to Chief Minister Nitish Kumar, demanding a high level inquiry into alleged financial irregularities in various projects in the state. Jaiswal highlighted irregularities in the construction of about 14,000 rural roads, alleging collusion among engineers, contractors and politicians, in the letter. “I have a proof of irregularities …

Check out more stories at The Siasat Daily


We have the numbers to form govt: Shiv Sena

Reiterating the Shiv Sena's demand for sharing the chief minister's post, Raut said the state's CM will be from the Uddhav Thackeray-led party only.

Todos los estrenos en noviembre 2019 de Amazon, Rakuten, Filmin y Sky: 'Rick y Morty', 'The Man in the High Castle' y más


Todos los estrenos en noviembre 2019 de Amazon, Rakuten, Filmin y Sky: 'Rick y Morty', 'The Man in the High Castle' y más

Después de revisar el contenido de plataformas como Netflix o Movistar, es el turno de sobrevolar otras plataformas. Vamos a ver qué tienen para nosotros en estas primeras semanas del otoño en servicios como Amazon Prime Video, Filmin, Rakuten y Sky. Desde luego, por falta de oferta no va a ser.

Sky: nuevas películas, series y documentales

'Rick y Morty' T4

Desde los lejanos tiempos de la primera temporada, apenas una serie de culto extremo en un rincón de la parrilla de Adult Swim a su transformación en iconos geek, con su propia línea de merchandising y habiendo generado todo tipo de productos derivados, han pasado unos cuantos años. Los suficientes para que las metarreferenciales y paródicas aventuras de Rick Sánchez y su nieto se conviertan en una cita ineludible para los devotos de la animación para adultos.

  • Estreno el 11 de noviembre

Otros estrenos de Sky

  • 'Chernobyl' T1 (5/11)
  • 'FBI' T2 (7/11)
  • 'Magnum' T2 (8/11)
  • 'Rick y Morty' T4 (11/11)
  • 'Europa desde el cielo (National Geographic)' (12/11)
  • 'SEAL Team' T3 (14/11)
  • 'The Conners' T1 (18/10)
  • 'S.W.A.T: Los hombres de Harrelson' T3 (25/11)

Amazon Prime Video: nuevas películas, series y documentales

'The Man in the High Castle' T4

Esta muy libre adaptación de Philip K. Dick llega a su fin con el despertar, al fin, de la rebelión contra los nazis que en esta distopía vencieron en la Segunda Guerra Mundial. Una insurgencia negra será el pistoletazo de salida para una de las series que conformó el mascarón de proa de Amaon Prime Video en sus primeros meses.

Otros estrenos de Amazon Prime Video

Filmin: nuevas películas, series y documentales


Esta aterradora muestra de folk horror bajo un sol sueco de justicia es la esperadísima continuación de Ari Aster de su debut en 'Hereditary', y como aquella ha tropezado con adhesiones enfervorecidas y críticos sin piedad. Aquí, Aster vuelve a poner en pie la historia de un trauma que marca a los personajes, esta vez en un viaje aparentemente apacible a una extraña comunidad cerrada en sí misma.

Otros estrenos de Filmin

  • 'Utoya, 22 de julio' (8/11)
  • 'Panique au Village: La Foire Agricole' (8/11)
  • 'Ayudar al ojo humano' (8/11)
  • 'Serenity' (13/11)
  • 'Bosque Maldito' (15/11)
  • 'Muñeco Diabólico' (15/11)
  • 'Midsommar' (15/11)
  • 'La noche de las dos lunas' (15/11)
  • 'Fireworks' (20/11)
  • 'Lucky' (24/11)

Rakuten TV: nuevas películas en modo gratuito

'Bosque de sombras'

A partir de este mes, destacaremos cada mes algunos de los estrenos disponibles en el modo 'Free' de Rakuten, que inauguran a partir de noviembre como un modo de competir contra plataformas de pago como Netflix o HBO. Aparte de su ya conocida sección de alquiler y venta digital incluirán una selección de películas gratuitas, en las que se intercalarán anuncios. Es cierto que ninguna de ellas es un estreno recientísimo y que no puede competir con la propia taquilla de la misma plataforma, pero hay contenido muy interesante.

Por ejemplo, 'Bosque de sombras', una película de Koldo Serra que bebe a manos llenas del cine de los sesenta y setenta que el director siempre ha adorado, especialmente de 'Perros de paja', a la que rinde sincero homenaje. Aquí, dos parejas de ingleses de vacaciones en una zona agreste del norte de España a finales de los setenta descubren a una niña que vive retenida, e intentan liberarla. Espectaculares interpretaciones y demoledor uso del suspense y la tensión, como siempre en el cine de Serra.

Otros estrenos gratuitos de Rakuten TV

  • 'Casa de arena y niebla'
  • 'Los sin nombre'
  • 'El perfume'
  • 'Precious'
  • 'Wicker Man'
  • 'Bosque de sombras'
  • 'Buñuel y la mesa del rey Salomón'
  • 'El segundo nombre'
  • 'El maquinista'
  • 'Los abandonados'

También te recomendamos

Estrenos de enero 2019 en HBO España, Movistar, Amazon Prime Video, Filmin y Sky

Todos los estrenos en octubre 2019 de Amazon, Filmin y Sky: vuelve La Purga, Pacific Rim y más

Todos los estrenos en septiembre 2019 en Amazon, Filmin y Sky: 'Hellboy' y la nueva serie del creador de 'Bojack Horseman'

La noticia Todos los estrenos en noviembre 2019 de Amazon, Rakuten, Filmin y Sky: 'Rick y Morty', 'The Man in the High Castle' y más fue publicada originalmente en Xataka por John Tones .


Última actualización de Chrome para Android te protege contra hackers


¿Os gustaría saber que trae la última actualización de Chrome para Android? El navegador Chrome en general, independientemente de la plataforma, a menudo se critica por ser un consumidor de ... Leer más

La entrada Última actualización de Chrome para Android te protege contra hackers aparece primero en Aplicaciones Android.


Best Hotel Booking Site


You've got plenty of options when booking hotels for your next trip. But which websites offer the best deals? We cover all the top sites—and the pros and cons you should know before booking.

Is It Better to Book Directly With the Hotel?

With all the other online options available, you may still get the best deal by contacting the hotel directly. Many major brands offer deals and specials to compete with online travel agencies (OTAs) and search engines.

Depending on the hotel, you'll also earn points through their reward programs. You won't typically qualify for these when booking through other sites.

If you find a good deal on OTA website, call the hotel directly before booking. They may offer that lower price. Plus, you'll earn the loyalty points that come with reserving your room directly. These points can used toward future stays or special promotions.

Even if they don't drop their price, they might give you other perks like free breakfast, Wi-Fi, or complimentary late checkout.

Are hotel booking sites reliable?
You can book with confidence through well-known online travel agencies and search engines (including all the ones on our list). However, you may want to do some research before reserving a room with an unfamiliar website. Regardless of where you book, always call the hotel 24–48 hours after making your reservation to confirm.

Top Hotel Booking Sites

We've compiled a list of the best booking sites for your next business trip or vacation. Many of these OTAs and travel search engines have similar features. The best one for you depends on your needs and destination.

Keep reading to learn more.

Which website gives you the best hotel deals?
  • Best for Las Vegas: Hotwire or Priceline
  • Best for Asia: Agoda or Trivago
  • Best for Europe:
  • Best for Last Minute Travel: HotelTonight

Easy to use and easy to navigate, also lets you book flights and flight/hotel packages.


  • Has own loyalty program—earn 1 night for every 10 you book
  • "Secret Prices" only available to users
  • Frequent sales on hotel rooms


  • Can't earn loyalty rewards

One of the most popular booking sites, offers a low-price guarantee. Any guest who finds the same hotel and dates at a lower price online can get refunded the difference. You can also trust that their "Verified Reviews" come from actual customers.


  • Book other types of accommodations—bed and breakfasts, vacation rentals, hostels, etc.
  • Book flights, car rentals, airport taxis, and flight plus hotels
  • Lots of search filtering options and clear descriptions of types of rooms
  • 24/7 customer service


  • Can't earn loyalty rewards

Best for Paris and Rome
For cheap deals on hotel brands and franchises, start with But European cities in France, Italy, and Spain are also home to a lot of independent hotels. Travel search engines like Trivago or HotelsCombined let you look for hotels as well as hostels, inns, vacation rentals, and bed and breakfasts.


Originally a hotel booking site for Asia, Agoda lets you narrow your search by accommodation class, special deals and discounts, as well as traditional filters. It offers special "Insider Deals" for creating an account and logging in each time you visit the site.


  • Pay now or later options
  • Free cancellations
  • Map feature with nearby attractions
  • Can pay with PayPal


  • No loyalty points

Best for Travel to Japan
Rakuten is one of the largest online shopping portals in Japan, offering travelers hundreds of hotel options. Trivago is also worth checking out, with over 12,000 hotels in Tokyo alone.


KAYAK is a travel search engine, not an online travel agent. Its Hacker Rates offer extra savings by booking through two different portals. When checking in, ask the front desk to combine the reservations so you don't have to change rooms.


  • Excellent filtering options
  • Map option shows all the hotels in that city, plus restaurants, shopping, and attractions
  • Search for flights, cars, cruises, packages, and special deals


  • Can't book directly through the site

What's the difference between an online travel agent (OTA) and a travel search engine?
An OTA, like Expedia or Agoda, compiles available hotel rooms so users can compare prices and other features. You can book your stay directly through an OTA.

A travel search engine, like KAYAK, displays available rooms and features from several OTAs to help users find the best price. But you can't book your room directly—instead, you'll get redirected to the site of your choosing.


With wide name recognition, Hotwire is a great option if you're not particular about the brand of hotel. The site offers "Hot Rate Hotels", where you receive a hotel's rating, neighborhood, and amenities, but not the name of the hotel, before booking.


  • Book vacation packages with flights to save more
  • Price guarantee—get a refund if you find the same room at a lower price within 24 hours of booking
  • Frequent sales
  • Can pay with PayPal


  • No loyalty rewards


Like Hotwire, Priceline offers deals on surprise hotels. The "Express Deals" feature lets you search by city and date. You'll see the hotel's amenities, rating, and general location in the city but not the hotel's name until after you book.


  • Low-price guarantee—100% refund if you find a lower price elsewhere within 24 hours, 200% refund for Express Deal hotels
  • 24/7 customer service
  • Book flights, rental cars, cruises, and vacation packages


  • No loyalty rewards

Las Vegas Hotels: Hotwire vs Priceline
Both websites offer great deals on rooms, especially if you're flexible. Hotwire and Priceline offer deals where you pick the general area and rating but not the specific hotel until after you book.

Recently, Hotwire was offering rooms at a 4-star hotel in the central Strip area of Las Vegas for $23 a night. Priceline's Express Deals showed a 3-star Strip hotel for $48 a night.

American Express Travel

Don't let the name fool you—anyone can access American Express Travel, though AMEX Membership Reward members benefit the most. Simply create an account for this booking portal to see final pricing.


  • Can book flights, hotels, cars, cruises, and packages


  • Price doesn't always show extra fees and taxes

Don't use Membership Reward points through the travel portal. Instead, transfer those points to travel partners to make your points go farther.


Expedia is a travel booking website with its own loyalty program. Guests earn two points for every $1 they spend booking a hotel through the site. The program has three levels: Blue, Silver, and Gold.


  • Easy-to-earn rewards program with three tiers
  • Benefits for higher tiers including bonus points, exclusive offers, and no blackout dates for reward redemption


  • Does not allow for loyalty rewards

Expedia has a Split Rate Offer where you can break multiple-night stays into two separate reservations to maximize savings.

But it can be a hassle since you'll have to check out and check back in between reservations. The hotel also may not guarantee you'll have the same room for both reservations.


If you're not loyal to a specific hotel brand, Orbitz allows you to build loyalty points no matter what hotel chain you book. You'll get 1 Orbuck for every $1 you spend on flights and vacation packages.

The program has three loyalty levels: Silver, Gold, and Platinum, with exclusive higher-tier rewards like priority access, upgrades, and freebies (Wi-Fi, breakfast, etc.) at VIP hotels.


  • Generous loyalty program with three loyalty levels
  • Earn rewards at restaurants through Orbitz Rewards Dining
  • Booking bonuses—3% in Orbucks when you book hotels on a web browser and 5% through the app


  • Orbucks can only be used for hotel stays


Better known for their flight deals, Skyscanner does offer hotel bookings. Be aware, however, that the price listed is for the entire stay, not for one night.


  • Lots of filtering options
  • Search for hostels, B&Bs, and other types of accommodations


  • Price per night not clear
  • No loyalty rewards

Best for Thailand
Trivago is a great option for Thailand (and overseas travel in general), featuring nearly 100,000 Thai hotels.

More of a travel search engine than an online travel agency, Trivago compiles hotel deals from all the major websites. It offers lots of information, including rankings, customer reviews, and photos.


As with other online travel agencies, you can search for hotels and other needs like flights, cars, and cruises.


  • Discounts to members who sign up for a free account and log in before searching
  • Clear filtering options


  • Can't earn loyalty rewards

Always read the fine print
Each website's policy is different and sometimes the cancellation policies can even differ on the same website depending on the hotel. The booking website or the hotel may also charge additional taxes, resort fees, and other surcharges.

Other Options

This simple, user-friendly app can help you find awesome deals on last-minute stays because it sells rooms in sold-out hotels.

You can also book several days ahead of time in certain hotels. HotelTonight also shows rooms that normally have a minimum night stay requirement that you can book for only one night.

Like KAYAK, you don't book directly through TripAdvisor. When you search for a hotel, it will list each option and show the prices on several OTAs with links to each. TripAdvisor also offers ratings for nearly every hotel, as well as photos from previous guests.

Google Hotel Finder
From the Google homepage, type in "hotels in (fill in the blank)" to see all available rooms in that area. You can't book directly through Google, but you can follow the links to other OTAs. The filtering options aren't as strong as other websites, but you can still narrow down your choices to find some great deals. Google also allows you to set up price tracking.

You can't book hotels through HotelsCombined, but it does give you numerous options for the best deals on other OTAs. Their Hot Deals section gives that day's top deals at hotels throughout the world.

This platform has similar search options as other sites, but charges a $25 cancellation fee up to 5 days before travel and no refund within 5 days of the stay.

A little old-school, GetARoom has a website where you can search for hotel deals. To get an even better discount, you have to call their 1-800 number and speak to a customer service rep. The website also charges a service fee.

Hotel Booking Tips

Use a Travel Rewards Credit Card
Regardless of where you choose to book, always use a travel credit card to pay for your stay. You'll earn extra points or miles on top of getting a great deal.

Book Early to Get the Best Deals
Hotel prices usually rise as you get closer to your stay dates. You may find low-priced, last-minute deals, but it's usually best to reserve your room well in advance.

Trust, but Verify
After booking through an OTA, verify with the hotel that your reservation is in their system.

Bottom Line

You've got plenty of options for booking hotels online. Online Travel Agencies purchase blocks of hotel rooms they sell at a cheaper rate, but watch out for hidden fees and strict cancellation policies.

Travel search engines help you narrow down choices but don't allow you to book directly. If you have elite status with a hotel brand, book directly with them to earn rewards points and stays that will help you maintain your elite status.

Best Hotel Booking Site appeared first on CreditDonkey


Penetration Testing – How it Works and Why You Need It?


A secure environment is the need of every business organization. When any website or web application is released to the public, it is also exposed to hackers and cybercriminals. Hence, testing and scanning against all types of known and unknown vulnerabilities should be a part of any proactive organization’s business model.

When it comes to testing and scanning, penetration testing and vulnerability scanning are the two processes that come to mind. People often tend to mistake these both to be the same and hence include only one of them in their business process.

The post Penetration Testing – How it Works and Why You Need It? appeared first on TechNorms.


Ces hackers chinois parviennent à déverrouiller un smartphone avec… un verre d’eau

En Chine, des pirates informatiques qui ont l’habitude de travailler avec Tencent, ont utilisé une méthode pas très orthodoxe pour déverrouiller un smartphone en passant par le capteur d’empreinte digitale. Pour ce faire, ces hackers ont utilisé une empreinte récupérée sur un verre d’eau. Cette scène s’est déroulée lors d’un événement organisé et encadré, les pirates en question ont réussi à déverrouiller non pas un, mais trois smartphones en utilisant cette méthode. La technique est ...

Wie entfernen J2Ancheta Scam E-Mail


Kann nicht entfernen J2Ancheta Malware Pop-ups? Wenn J2Ancheta Sie per E-Mail erpresst, keine Panik! Die Botschaft ist ein Scherz. Eine neue Betrugskampagne verwendet den Namen des berüchtigten amerikanischen Hackers Jeanson James Ancheta, um Menschen in unerwünschte Aktionen zu betrügen. Die Betrüger verwenden seinen Namen in der Hoffnung, dass, wenn Sie es Google, Sie denken, dass ...

The post Wie entfernen J2Ancheta Scam E-Mail appeared first on


How VPN can safeguard your cybersecurity and privacy?

VPN & Cyber Security by CallHippo

The world of the internet is growing by leaps and bounds. With each passing day, you are getting something or other new invention to make your life better than ever. Despite all of it, cyber threat is a real thing. With constant fears of ISP snooping, or a hacker hovering over your network connection, using […]

The post How VPN can safeguard your cybersecurity and privacy? appeared first on CallHippo .


Can someone assist me with my rkhunter.log - i was hacked

These hackers sent me an email from my own email address saying they put a trojan on my pc and wanted ransom. This is a newly installed linuxmint 19.2 xfce and I'm showing possible 7 rootkits. Id...

Yudkowsky and MIRI


In talking to ML researchers, many were unaware that there was any sort of effort to reduce risks from superintelligence. Others had heard of it before, and primarily associated it with Nick Bostrom, Eliezer Yudkowsky, and MIRI. One of them had very strong negative opinions of Eliezer, extending to everything they saw as associated with him, including effective altruism.

They brought up the example of So you want to be a seed AI programmer, saying that it was clearly written by a crank. And, honestly, I initially thought it was someone trying to parody him. Here are some bits that kind of give the flavor:

First, there are tasks that can be easily modularized away from deep AI issues; any decent True Hacker should be able to understand what is needed and do it. Depending on how many such tasks there are, there may be a limited number of slots for nongeniuses. Expect the competition for these slots to be very tight. ... [T]he primary prerequisite will be programming ability, experience, and sustained reliable output. We will probably, but not definitely, end up working in Java. [1] Advance knowledge of some of the basics of cognitive science, as described below, may also prove very helpful. Mostly, we'll just be looking for the best True Hackers we can find.


I am tempted to say that a doctorate in AI would be negatively useful, but I am not one to hold someone's reckless youth against them - just because you acquired a doctorate in AI doesn't mean you should be permanently disqualified.


Much of what I have written above is for the express purpose of scaring people away. Not that it's false; it's true to the best of my knowledge. But much of it is also obvious to anyone with a sharp sense of Singularity ethics. The people who will end up being hired didn't need to read this whole page; for them a hint was enough to fill in the rest of the pattern.

Now, this is from 2003, when he was 24, which was a while ago. [2] On the other hand, it's much easier to evalute than his more recent work. For example, they had a similarly negative reaction to his 2007 Levels of Organization in General Intelligence, but I'm much less knowledgeable there.

Should I be considering this in evaluating current MIRI?

[1] This was after trying to develop a new programming language to create AI in, Flare:

Flare is really good. There are concepts in Flare that have never been seen before. We expect to be able to solve problems in Flare that cannot realistically be solved in any other language. We expect that people who learn to read Flare will think about programming differently and solve problems in new ways, even if they never write a single line of Flare. We think annotative programming is the next step beyond object orientation, just as object orientation was the step beyond procedural programming, and procedural program was the step beyond assembly language.
  — Goals of Flare

[2] I wrote to Eliezer asking whether he thought it was reasonable at the time, and asked if it was more like "a scientist looking back on a 2003 paper and saying 'not what I'd say now, conclusions aren't great, science moves on' vs retracting it". Eliezer skimmed it and said it was more the first one.

Comment via: google plus, facebook


Static Types in SwiftUI

Chris Eidhof (tweet, Hacker News): In SwiftUI, the implementation works differently. In our stack above, SwiftUI knows the type: a vertical stack view with two subviews. During the execution of the program this type will never change — it’s a static property of the code. As such, our program will always render a vertical stack view […]

Windows Vps Hosting - Why Is It Cheaper Than Dedicated Servers

Single Processor multi-core Cheapest Dedicated Server hosting - You can choose from two to 6 cores, with clock speeds up to 3.twenty Ghz. You can select up to 8GB of DDR3 RAM. The bandwidth is up to 6TB. The single processor can be both Intel i5-760 Quad Core or MD x6-1066T Hexa Core with 250 GB 7200 RPM SATA space. The cost of the solitary processor multi-main dedicated server is $189 for each thirty day period.

No genuine technique, no real tactical elements. If ya lay wait around in ambush, you will be bored to loss of life. The only way to perform is to operate and gun. For me this is a no talent manner of play. Don't get me wrong here - some people are rally great at it, but for me the problem is not to run like a madman and hope I see them first. That's not techniques or strategy.

This is the purpose why small and medium-sized companies ought to choose VPS Hosting or Home windows VPS as conserving you time and energy, administration, and it is extremely cheap and inexpensive. This is also the reason why the very best known VPS Windows VPS. In contrast to a dedicated server, one has to think twice before setting up one of the huge investment concerned in its determination. So Home windows VPS would be the best option.

Web hosting is essential to develop up your online company. It assists individuals to make their on-line web site accessible via Globe Broad Internet. Hosting solutions consist of windows hosting, Linux hosting, image hosting, java hosting, dedicated server hosting and etc. The best internet hosting companies offer all important services.

Do you require a lot of technical help? If so, look for a hosting business with reside 24/7 assistance. Do you want to create a blog, or lot's of blogs? Then you will require to see if your web hosting company allows you to set up multiple MYSQL databases.

In purchase to put your web site on-line you have to buy a hosting strategy for it with a good hosting supplier. There are primarily three type of hosting solutions accessible on the web namely Shared Hosting, VPS Hosting and Dedicated Server hosting. Individuals choose Shared Hosting at first for their web site as it is cheap and provides you an entry on the web with out investing a lot cash. But it has certain disadvantages. Then arrives Dedicated server hosting in which you get all the features you can believe of but it will cost you huge quantities of cash. Not everyone can afford it. So the third option accessible is VPS Hosting.

There are numerous various deals accessible with cheap dedicated servers hosting hosting based on how much you want to invest. The much more sources a server has, IE, RAM, Hard drive area, processor pace, the much more it will price.

A2 hosting has been at the forefront of creating services that are going to remodel the on-line company sector. In addition this plan has been in a position to provide competitive solutions inside the sector. This is a program that defines the best practice within the business exactly where it operates.

Finally, your workplace network or spare-room business ought to have a high quality firewall cheap dedicated servers hosting set up and up-dated immediately every day. The black hats are Always creating ways to circumvent server-aspect security, a by no means-ending process. That's why you want a host that provides multiple layers of safety so when the hacker gets through layer A, there's still layer B, C and D ahead. Guaranteed, that black hat gallops out of city.

A cheapest dedicated servers server plan that is cheap and offers flexibility may be nicely worth obtaining. A good strategy will allow you to select either Linux or Windows OS. When you get a plan, then you should also be in a position to have full root access. This basically means that you are in manage.

If you are unaware of why VPS beats cheap dedicated servers hosting, then prepare to be enlightened. Cheapest Dedicated Server hosting frequently require independent workers and infrastructure for management. Along with the monthly hosting costs, the general cost can make or split a company that struggles to stay in the black. VPS allows the same functionality, the exact same energy, and the exact same protection at a cost that can really be break up amongst the other people utilizing the exact same VPS. It is the financial model of shared hosting with the protection and the peace of mind of dedicated. It also provides the same uptime and pace you will get from dedicated.

They have vast array of scripts you can set up with a solitary click to run a complete functional website free inside your cPanel. You can have a check generate at their cpanel to know how it actually. The cPanel is well personalized to suit the consumer and it is also easier to use even if you are a novice.

Think about the kind of business that you're truly attempting to open up. The website you begin needs to be professional and needs to speak nicely of your cheap dedicated servers hosting brand name. If you're just trying to earn some PPC money or make affiliate sales via a weblog, then a free blogging server will work just good. But if you're attempting to create a bigger web store or some thing of that character, you'll need a beefier internet host with plenty of choices.

These 30 Essential IPhone 6 TIPS AND TRICKS CAN HELP YOU Master It

The demand for clique aqui para mais informações Iphone 5, the thinnest smartphone in the world, has exceeded the original source after Apple unveiled the new version of its iconic smartphone. Yes, all your iOS devices will be both faster and more reactive - it's an upgrade, in the end - but if Apple's numbers are true, we might really start to see the difference on version no. 12. The business noted that applications can launch up to doubly fast on devices, when you could see major swiftness increases in picture taking (the camera app will open around 70 percent faster on iOS 12), and even keyboard summoning times are cut in two on older backed devices.

You could go through and signal into all your Netflix and Hulu and (shudder) Twitter accounts on your smart Television. But also maybe don't! Get a Roku or a Chromecast or an Apple Television instead. Their interfaces are more reliable, their choices are much larger, and they are cheap as all heck. It will likely be the best present you ever gave yourself.

Hello Friends, Today i will let you know iPhone Tips- How exactly to hide images in is the best iPhone Tricks- How to conceal images in iOS. So you can check iPhone Tips- How exactly to hide images in iOS Below Here. Hello Friends, Today i am going to let you know iPhone Tricks- How to conceal images in iOS. This is actually the best iPhone Methods- How to conceal images in iOS. Which means you can check iPhone Tricks- How exactly to conceal images in iOS Below Here. The iOS software has been improved once in a while to improve your connection with using the Apple devices. Now, the improvements has been made so amazing and such amazing features has been introduced that make you like the latest iOS features.

Do you realize there are a few great features hidden in iPhone's convenience settings? Change your configurations to let Siri read text aloud for you, enable LED blinking for notifications and create new gestures with the addition of your own assistive touch features for a few cool tricks. Check out these articles from Lifehacker , Device Hacks and iMore for even more tips.

Reliable salon software that is always by your side can be an offer that can't be beat, right? So by now you must be asking, what's the catch? Well, some companies may try to ask you for an arm and a knee for something this great, but believe me it is possible to find salon and spa software that can fit your budget, you merely need to consider it. Google searches for, "salon software iPhone" is a great place to begin looking for your cosmetic salon software or the iTunes App Store is a guaranteed place to find a credit card applicatoin that is dependable and affordable.

I did make the mistake without thinking and did a stock reset. I've 2 tablets, an iPad and an Android and both have a Roku Remote app that worked well. The Roku lost the WiFi connection when I did so the factory reset (button on the side of the Roku) and the tablets could no longer hook up to it and the Roku Remote control app does not have sufficient smarts to re-establish the pairing. EASILY had not done the factory reset out of stress, I could utilize them as remotes. They were working fine even following the Roku remote crapped out.

Vulnerability In Ring Doorbells Left the Door Open for Hackers to Open the Door



How Girl Scouts built a cyber challenge that made girls feel included

Engaging girls in STEM education has been a strong focus for the Girl Scouts of the USA, but including students in the development of curriculum and projects has opened up a new way to help solidify their interest in technical subjects. The first-ever Girl Scouts Cyber Challenge, developed in partnership with the defense contractor Raytheon, was designed to give girls a sense of what a career in science, technology, engineering or mathematics could look like. Last month, nearly 3,000 Girl Scouts from 10 cities participated in the challenge in which teams immersed themselves in an “adrenaline-filled simulation” to defend the oxygen supply of a fictitious moon colony from hackers, by using cybersecurity and coding concepts. “I hope each girl left Cyber Challenge feeling confident in their abilities, and inspired to explore what a career in STEM or cybersecurity could offer them,” Raytheon engineer Catherine McLean told EdScoop. To ensure the initiative […]



Ring doorbell security flaw opened the door to hackers

Amazon Ring has fixed a security vulnerability in its Ring doorbell that could have potentially allowed hackers to access homeowners’ networks. ...

« Libre à vous ! » diffusée mardi 5 novembre 2019 sur radio Cause Commune - Les femmes et l’informatique – Google, la presse et les droits voisins – Pacte pour la Transition


Au programme : Notre sujet principal portera sur les femmes et les métiers et communautés de l'informatique et du logiciel libre; chronique « La pituite de Luk » sur Google, la presse et les droits voisins; interview sur le Pacte pour la Transition.

Libre à vous !, l'émission pour comprendre et agir avec l'April, chaque mardi de 15h30 à 17h sur la radio Cause commune (93.1 FM en Île-de-France et sur Internet).

Au programme de la quarantième-troisième émission :

Podcasts des différents sujets abordés

Les podcasts seront disponibles après la diffusion de l'émission.

N'hésitez pas à nous faire des retours sur le contenu de nos émissions pour indiquer ce qui vous a plu mais aussi les points d'amélioration. Vous pouvez nous contacter par courriel, sur le webchat dédié à l'émission (mais nous n'y sommes pas forcément tout le temps) ou encore sur notre salon IRC (accès par webchat).

Personnes participantes

Les personnes qui ont participé à l'émission :

Galerie photos

Vous pouvez voir quelques photos prises pendant l'émission.

Références pour la chronique « La pituite de Luk »

Références pour la partie consacrée aux femmes et l'informatique

Références pour la partie consacrée au Pacte pour la Transition

Références pour la partie sur les annonces diverses

Pauses musicales

Les références pour les pauses musicales :


College student, Scrap Pack and Yang Gang member Smith ready for fight

As Leslie Smith prepares for what may be a number one contender fight against Arlene Blencowe this Friday in Thackerville, Oklahoma, she has learned to manage her time training and going to school.  Smith is working on her Bachelor of Science in Labor and Employment through online courses via Rutgers University.  She has 60 more […]

Comment on Resource Hacker FX: the improved Resource Hacker by Valokordin

Hi! I need to mоdifу an executable that has Sаnsсrit text strings in its diаlоgs. I cаnnot add the Sаnsсrit suppоrt to our Windоws cоmputer (long story why...). Is there a way to modify DIALОGEХ so that a СОNTROL property will display Uniсоde correctly? I read about adding “L” before the string, but cannot figure out the соrrect sуntax. I tried something like this %u0904%u0905%u0906%u0907 instead of АNSI, but that did not work...

These photos show an Iranian man who was executed for assassinating a judge

Two images of a man with a noose around his neck have been shared tens of thousands of times in multiple Facebook posts alongside a claim they show an Algerian hacker executed for stealing money from Israeli banks. The claim is false: the photos previously circulated in media reports in 2007 about the public hanging of Majid Kavousifar, an Iranian man who was convicted of assassinating a judge.

We have the numbers to form govt: Shiv Sena

Reiterating the Shiv Sena's demand for sharing the chief minister's post, Raut said the state's CM will be from the Uddhav Thackeray-led party only.

No talks between Bhagwat, Uddhav yet: Raut

Asked if he represented views of his party amid the logjam over government formation in the state, Raut said, "I put forth views of Uddhav Thackeray."

Next Page: 10000

© Googlier LLC, 2019