Collaborate Disseminate
Since the release of the original Raspberry Pi single board computer, the WiringPi library by [Gordon] has been the easy way to interface with the GPIO and peripherals – such as I2C and SPI – on the Broadcom SoCs which power these platforms. Unfortunately, [Gordon] is now deprecating the library, …read more
It is often said that open source software is like a recipe. In this context, let’s discuss your grandmother’s favorite cookies. It’s quite possible your grandmother is known throughout the family as having the most famous chocolate c… Continue reading The Open Source Cookbook: A Baker’s Guide to Modern Application Development
The reusability and convenient utility of open source software (OSS) and software development kits (SDKs) has been a boon to mobile application developers. Both types of software shortcuts help developers save time and money and accelerate development… Continue reading Automate Software Security Checks to Find Open Source Software, SDK Perils
At ShiftLeft we’re firm believers in the value of open source software. We leverage too many libraries to count, which massively scales our feature velocity and reliability. We also believe in contributing back when and where can so it is my plea… Continue reading Introducing Gaum: An Open Source O/RM That isn’t an O/RM
With GitHub’s 10-year Anniversary, it’s about time we talk Open Source! Visit: https://github.com/ten to read about their anniversary! Full Show NotesVisit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.com… Continue reading Open Source Software – Application Security Weekly #12
PCI pass through is the ability of a virtualized guest system to directly access PCI hardware. Pass through for dedicated GPUs has just recently been added to the Linux kernel-based virtual machine. Soon afterward, users began to find that switching on nested page tables (NPT), a technology intended to provide hardware acceleration for virtual machines, had the opposite effect on AMD platforms and slowed frame rate down to a crawl.
Annoyed by this [gnif] set out to to fix the problem. His first step was to run graphics benchmarks to isolate the source of the problem. Having identified the culprit …read more
Continue reading 10 Year Old Bug Crushed By Hacker on a Mission
New research from Harvard suggests that the freshly discovered software flaws called zero day vulnerabilities are independently rediscovered much faster than previously thought. The rediscovery rate has big implications for U.S. cybersecurity policy because it would change the calculation officials make when deciding whether to reveal zero days discovered by U.S. agencies so they can be fixed, or keep them secret so they can be used to spy on foreign adversaries and in other cyber-operations. “If the rediscovery rate is this high, the number of vulnerabilities [secretly retained] for operational use should be lower or subject to more aggressive scrutiny,” said Trey Herr a post-doctoral fellow at the Belfer Center at Harvard. Herr, along with security guru Bruce Schneier and Christopher Morris, a research assistant from the Harvard school of engineering, published their findings this week after a lengthy peer-review process, and will present them at the Black Hat USA conference in Las Vegas next week. […]
The post Study: Zero days rediscovered much faster appeared first on Cyberscoop.
It is with great sadness that Hackaday learns of the passing of Steve Evans. He was one of the creators of Eyedrivomatic, the eye-controlled wheelchair project which was awarded the Grand Prize during the 2015 Hackaday Prize.
News of Steve’s passing was shared by his teammate Cody Barnes in a project update on Monday. For more than a decade Steve had been living with Motor Neurone Disease (MND). He slowly lost the function of his body, but his mind remained intact throughout. We are inspired that despite his struggles he chose to spend his time creating a better world. Above …read more
Continue reading Steve Evans Passes Away, Leaves an Inspiring Legacy
A mysterious group appears to be relying on hacking tools that were originally stolen from Italian surveillance company Hacking Team — and leaked online two years ago — to spy on European government officials, think tanks and journalists, according to new research published Thursday by cybersecurity firm F-Secure. Dubbed the “Callisto Group,” the hackers were first discovered by F-Secure after they sent a wave of phishing emails to a wide array of different targets that were all similarly involved in either discussing or reporting on government policies related to foreign affairs and national security. The BBC reported Thursday that one of those targets was the UK’s Foreign and Commonwealth Office. Several F-Secure contacts received the suspicious phishing emails and sent samples to the Finnish company. The final payload for the malware-laden attachments contained, according to F-Secure, an outdated variant of the Hacking Team’s “Scout” tool, which is typically sold as part […]
The post ‘Amateurish’ espionage campaign launched with leaked Hacking Team tools appeared first on Cyberscoop.
Continue reading ‘Amateurish’ espionage campaign launched with leaked Hacking Team tools
Many hot new enterprise technologies are centered around free, “open-source” technology. But how can corporate customers, and investors, evaluate all these new open-source offerings? These questions are especially tough to answer because most open-source companies are still private. That’s why we created a detailed index to track popular open-source software projects. Read More Continue reading Tracking the explosive growth of open-source software