|
Solar Designer
Alexander Peslyak () (born 1977), better known as Solar Designer, is a security specialist from Russia. He is best known for his publications on exploitation techniques, including the return-to-libc attack and the first Buffer overflow#Heap-based exploitation, generic heap-based buffer overflow exploitation technique, as well as computer security protection techniques such as privilege separation for daemon (computer software), daemon processes. Peslyak is the author of the widely popular password cracking tool John the Ripper. His code has also been used in various third-party operating systems, such as OpenBSD and Debian. Work Peslyak has been the founder and leader of the Openwall Project since 1999. He is the founder of Openwall, Inc. and has been the CTO since 2003. He served as an advisory board member at the Open Source Computer Emergency Response Team (oCERT) from 2008 until oCERT's conclusion in August 2017. He also co-founded oss-security. He has spoken at many inter ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
FOSDEM
Free and Open source Software Developers' European Meeting (FOSDEM) is an annual software engineering conference. It is non-commercial and volunteer-organized with a focus on free and open-source software. Initiated in 2000, it is usually held during the first weekend of February, at the of the Université Libre de Bruxelles (ULB) in the southeast of Brussels, Brussels, Belgium. History FOSDEM was started in 2000 under the name Open Source Developers of Europe Meeting (OSDEM) by Raphael Bauduin. Bauduin said that since he felt he lacked the brains to properly contribute to the open-source community, he wanted to contribute by launching a European event in Brussels. Bauduin teamed up with Damien Sandras. The team repeated the event. The F (of FOSDEM) was added at the request of Richard Stallman. The Free Software Foundation's ceremony for the Award for the Advancement of Free Software was held at FOSDEM from 2002 to 2006 (for the awards for 2001 to 2005). The event has be ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
1977 Births
Events January * January 8 – Three bombs explode in Moscow within 37 minutes, killing seven. The bombings are attributed to an Armenian separatist group. * January 10 – Mount Nyiragongo erupts in eastern Zaire (now the Democratic Republic of the Congo). * January 17 – 49 marines from the and are killed as a result of a collision in Barcelona harbour, Spain. * January 18 ** Scientists identify a previously unknown bacterium as the cause of the mysterious Legionnaires' disease. ** Australia's worst railway disaster at Granville, a suburb of Sydney, leaves 83 people dead. ** SFR Yugoslavia Prime minister Džemal Bijedić, his wife and 6 others are killed in a plane crash in Bosnia and Herzegovina. * January 19 – An Ejército del Aire CASA C-207C Azor (registration T.7-15) plane crashes into the side of a mountain near Chiva, on approach to Valencia Airport in Spain, killing all 11 people on board. * January 23 – Prime Minister Indira Gandhi of India ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Security-focused Operating System
This is a list of operating systems specifically focused on computer security, security. Similar concepts include security-evaluated operating systems that have achieved certification from an code audit, auditing organization, and trusted operating systems that provide sufficient support for multilevel security and evidence of correctness (computer science), correctness to meet a particular set of requirements. Linux Android-based * GrapheneOS is a privacy and security-focused mobile operating system for selected Google Pixel smartphones and tablets. Debian-based * Tails (operating system), Tails is aimed at preserving privacy and anonymity. * Whonix consists of two Virtual Machine, virtual machines. All communications are forced through Tor (network), Tor. * Linux Kodachi is a security-focused operating system. Other Linux distributions * Alpine Linux is designed to be small, simple, and secure. It uses musl, BusyBox, and OpenRC instead of the more commonly used gli ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
GNU C Library
The GNU C Library, commonly known as glibc, is the GNU Project implementation of the C standard library. It provides a wrapper around the system calls of the Linux kernel and other kernels for application use. Despite its name, it now also directly supports C++ (and, indirectly, other programming languages). It was started in the 1980s by the Free Software Foundation (FSF) for the GNU operating system. glibc is free software released under the GNU Lesser General Public License. The GNU C Library project provides the core libraries for the GNU system, as well as many systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational facilities as open, read, write, malloc, printf, getaddrinfo, dlopen, pthread_create, crypt, login, exit and more. History The glibc project was initially written mostly by Roland McGrath, working for the Free Sof ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Qualys
Qualys, Inc. is an American technology firm based in Foster City, California, specializing in cloud security, compliance and related services. Qualys has over 10,300 customers in more than 130 countries. The company has strategic partnerships with major managed services providers and consulting organizations including BT, Dell SecureWorks, Fujitsu, IBM, NTT, Symantec, Verizon, and Wipro. History Qualys has been described as "one of the earliest software-as-a-service security vendors." Philippe Courtot first invested in the company in 1999. He became CEO and board chair in 2001. Courtot described Qualys as addressing a "mounting need for automatic detection of network vulnerabilities" when he announced the second round of financing. The company launched QualysGuard in 2000, making Qualys one of the first entrants in the vulnerability management market. This software could automatically scan corporate local area network A local area network (LAN) is a computer ne ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Black Hat Briefings
Black Hat Briefings (commonly referred to as Black Hat) is a computer security conference that provides security consulting, training, and briefings to hackers, corporations, and government agencies around the world. Black Hat brings together a variety of people interested in information security ranging from non-technical individuals, executives, hackers, and security professionals. The conference takes place regularly in Las Vegas, Barcelona, London and Riyadh but has also been hosted in Amsterdam, Tokyo, and Washington, D.C. in the past. History The first Black Hat was held July 7-10, 1997 in Las Vegas, immediately prior to DEF CON 5. The conference was aimed at the computer industry, promising to give them privileged insight into the minds and motivations of their hacker adversaries. Its organizers stated: "While many conferences focus on information and network security, only the Black Hat Briefings will put your engineers and software programmers face-to-face with to ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Pwnie Award
The Pwnie Awards recognize both excellence and incompetence in the field of information security. Winners are selected by a committee of security industry professionals from nominations collected from the information security community. Nominees are announced yearly at Summercon, and the awards themselves are presented at the Black Hat Security Conference. Origins The name Pwnie Award is based on the word "pwn", which is hacker slang meaning to "compromise" or "control" based on the previous usage of the word " own" (and it is pronounced similarly). The name "The Pwnie Awards," pronounced as "Pony," is meant to sound like the Tony Awards, an awards ceremony for Broadway theater in New York City. History The Pwnie Awards were founded in 2007 by Alexander Sotirov and Dino Dai Zovi following discussions regarding Dino's discovery of a cross-platform QuickTime vulnerability () and Alexander's discovery of an ANI file processing vulnerability () in Internet Explorer. Winners 202 ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Michał Zalewski
Michał Zalewski (born 19 January 1981), also known by the user name lcamtuf, is a computer security expert and " white hat" hacker from Poland. He is a former Google Inc. employee (until 2018), and currently the VP of Security Engineering at Snap Inc. He has been a prolific vulnerability researcher and a frequent Bugtraq poster since the mid-1990s, and has written a number of programs for Unix-like operating systems. In 2005, Zalewski wrote ''Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks'', a computer security book published by No Starch Press and subsequently translated into a number of languages. In 2011, Zalewski wrote '' The Tangled Web: A Guide to Securing Modern Web Applications'', also published by No Starch Press. For his continued research on browser security, he was named one of the 15 most influential people in security and among the 100 most influential people in IT. Zalewski was one of the original creators of Argante, a vi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Openwall Project
The Openwall Project is a source for various software, including Openwall GNU/*/Linux (Owl), a security-enhanced Linux distribution designed for servers. Openwall Patch (computing), patches and security extensions have been included into many major Linux distributions. As the name implies, Openwall GNU/*/Linux draws source code and design concepts from numerous sources; most importantly to the project is its usage of the Linux kernel and parts of the GNU Userland (computing), userland, and others include the BSDs, such as OpenBSD for its OpenSSH suite and the inspiration behind its own blowfish (cipher), Blowfish-based crypt (Unix), crypt for password hashing, compatible with the OpenBSD implementation. Public domain software The Openwall project maintains also a list of algorithms and source code which is public domain software. Openwall GNU/*/Linux releases LWN.net reviewed Openwall Linux 3.0. They wrote: ''PoC, , GTFO'' Issues of the ''International Journal of ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Return-to-libc Attack
A "return-to-libc" attack is a computer security attack usually starting with a buffer overflow in which a subroutine return address on a call stack is replaced by an address of a subroutine that is already present in the process executable memory, bypassing the no-execute bit feature (if present) and ridding the attacker of the need to inject their own code. The first example of this attack in the wild was contributed by Alexander Peslyak on the Bugtraq mailing list in 1997. On POSIX-compliant operating systems the C standard library ("libc") is commonly used to provide a standard runtime environment for programs written in the C programming language. Although the attacker could make the code return anywhere, libc is the most likely target, as it is almost always linked to the program, and it provides useful calls for an attacker (such as the system function used to execute shell commands). Protection from return-to-libc attacks A non-executable stack can prevent some buffe ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Debian
Debian () is a free and open-source software, free and open source Linux distribution, developed by the Debian Project, which was established by Ian Murdock in August 1993. Debian is one of the oldest operating systems based on the Linux kernel, and is the basis of List of Linux distributions#Debian-based, many other Linux distributions. As of September 2023, Debian is the second-oldest Linux distribution still in active development: only Slackware is older. The project is coordinated over the Internet by a team of volunteers guided by the List of Debian project leaders, Debian Project Leader and three foundational documents: the Debian Social Contract, the Debian Constitution, and the Debian Free Software Guidelines. In general, Debian has been developed openly and distributed freely according to some of the principles of the GNU Project and Free Software. Because of this, the Free Software Foundation sponsored the project from November 1994 to November 1995. However, Debian ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
