Posted on So, 2014-10-26 in ctf • Tagged with ctf, hacklu, coco, node.js, CoffeeScript, JavaScript
So we got the source for something that looked like CoffeeScript, but had really strange string literals. After some investigation I found out, that this was in fact coco source code. Coco in turn is a fork of CoffeeScript. Both compile to JavaScript. The service allows you to login with …
Posted on So, 2014-07-27 in security • Tagged with web, security
Last year during my summer internship I had the chance to catch up with current developments in Web-Security. In particular I had a closer look at mechanisms, that are used as a second line of defense or hardening mechanisms against common web attacks. I created drafts of blog entries describing …
Posted on So, 2014-07-27 in thoughts • Tagged with thoughts, programming, software-engineering
Recently I read a blog post about the supposedly worst programming interview question. So here is the question:
Write a function that can detect a cycle in a linked list.
Basically the guy that asked the question was testing of whether you've heard of Floyd's cycle-finding algorithm (aka. the tortoise …
Posted on Mo, 2013-10-28 in crypto • Tagged with cryptography, security
I recently read this tweet which gave an example for why you should use good IVs in your crypto. The tweet was:
Why you should always use good IVs in your #crypto http://i.imgur.com/jxUv3ha.png
This is the about the example that was given [1]
$ echo 'Give …
Posted on Mo, 2013-09-02 in android • Tagged with android, security
About a year ago I gave a talk to my fellow students about the security of android devices, once you get physical access to them. This post will be pretty much that talk plus some additional infos and links. You can find the slides here [1].