Termin:Chaotic-Congress-Cinema-28C3 Nr. 23

Aus Attraktor Wiki

Version vom 31. Mai 2012, 13:23 Uhr von Muelli (Diskussion | Beiträge)

(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Wechseln zu: Navigation, Suche


Chaotic Congress Cinema Nr. 23

Beginn:

The date "2012/06/13 20:00:00 PM" was not understood.The date "2012/06/13 20:00:00 PM" was not understood.

Ende:

The date "2012/06/13 22:00:00 PM" was not understood.The date "2012/06/13 22:00:00 PM" was not understood.


Needs to be there, but does not need to be seen by a visitor Yes


Achtung: Der Projektor ist eingeschickt, die Teilnehmer muessen sich als eine Loesung zum Schauen der Videos engineeren (i.e. auf dem eigenen Laptop oder so).

Wir schauen uns die Aufzeichnung von Congress-Vorträgen an. Du bist herzlich eingeladen, in den Clubräumen im Mexikoring 21 aufzutauchen und mit uns die Talks anzuschauen und zu diskutieren. Es wird Getränke und Knabberkram zu moderaten Preisen geben. Falls Du kein CCC-, CCCHH- oder Attraktor e.V.-Mitglied bist, macht das überhaupt nichts: Alle Gäste sind gern gesehen. :-)

Weitere Informationen unter Chaotic Congress Cinema.

The Science of Insecurity

Why is the overwhelming majority of common networked software still not secure, despite all effort to the contrary? Why is it almost certain to get exploited so long as attackers can craft its inputs? Why is it the case that no amount of effort seems to be enough to fix software that must speak certain protocols?

The answer to these questions is that for many protocols and services currently in use on the Internet, the problem of recognizing and validating their "good", expected inputs from bad ones is either not well-posed or is undecidable (i. e., no algorithm can exist to solve it in the general case), which means that their implementations cannot even be comprehensively tested, let alone automatically checked for weaknesses or correctness. The designers' desire for more functionality has made these protocols effectively unsecurable.

In this talk we'll draw a direct connection between this ubiquitous insecurity and basic computer science concepts of Turing completeness and theory of languages. We will show how well-meant protocol designs are doomed to their implementations becoming clusters of 0-days, and will show where to look for these 0-days. We will also discuss simple principles of how to avoid designing such protocols.

In memory of Len Sassaman


Automatic Algorithm Invention with a GPU

Hell Yeah, it's rocket science

You write software. You test software. You know how to tell if the software is working. Automate your software testing sufficiently and you can let the computer do the writing for you! "Genetic Programming", especially "Cartesian Genetic Programming" (CGP), is a powerful tool for creating software and designing physical objects. See how to do CGP as we invent image filters for the Part Time Scientists' 3D cameras. Danger: Actual code will be shown!

Diese Seite wurde zuletzt am 31. Mai 2012 um 13:23 Uhr geändert. Diese Seite wurde bisher 2.531 mal abgerufen.