Cover photo
Dragos Ruiu
Works at inc.
Attended University of Alberta
Lived in Saskatchewan


Dragos Ruiu

Shared publicly  - 
Oops, I think I broke TrustZone. (Display processing DMA)
Aljoscha Rittner (beandev)'s profile photoNick Alcock's profile photo
What, TrustZone doesn't stop you getting the GPU to randomly DMA wherever you'd like it to? Oh dear oh dear oh dear.
Add a comment...

Dragos Ruiu

Shared publicly  - 
Mario Vilas's profile photoT Wake's profile photoEmil Sz's profile photovanguard ro's profile photo
Sadly, I expected as much. Some possible exploits aren't talked about, or believed for that matter, until someone demonstrates it publicly, then everyone and sundry jumps all over it while sweating bullets. That's what comes from not thinking security even before you specify the model for the code design.
Add a comment...

Dragos Ruiu

Shared publicly  - 
stuxnet .lnk vuln used for USB infection not fixed for last five years, 
you only thought so. 
details from ZDI
In early January 2015, researcher Michael Heerklotz approached the Zero Day Initiative with details of a vulnerability in the Microsoft Windows ope...
Elias Pinto's profile photoCaterina Cricelli Butterworth's profile photoGeorge Avramoiu's profile photo
hahahaha you have no hope my pc are inequickypted your a joke idiot
Add a comment...

Dragos Ruiu

Shared publicly  - 
Projects Zero: Using repeated "rowhammer" DRAM reads to flip adjacent bits and escalate priviledge.
Posted by Mark Seaborn, sandbox builder and breaker, with contributions by Thomas Dullien, reverse engineer [This guest post continues Project Zero’s practice of promoting excellence in security research on the Project Zero b...
Nick Alcock's profile photoYves-Alexis Perez's profile photoVincent Longo's profile photoMario Vilas's profile photo
+Bill Beers, I don't know if anything involving memory corruption that can be triggered with four nonprivileged asm instructions, doing nothing more difficult than repeatedly reading two addresses and doing a cache flush, could be considered 'an extreme edge case'. Only the cache flush is at all obscure, and it's not that obscure -- all sorts of things do cache flushes in real machines, and even without those, normal memory traffic could in theory trigger this.
Add a comment...

Dragos Ruiu

Shared publicly  - 
Please avoid the "who are you here with?" embarrassment. She can probably code circles around you. 

(Probably even by calculating the Taylor's Theorem series expansion of the trig functions and plotting the points instead of using the library function.)
(this was originally given as a talk at AlterConf in Oakland)
Jeramy Brian's profile photoKathleen Flippen's profile photoBilly Chang's profile photoCaspian Kilkelly's profile photo
+Bryan Bonvallet This stuff can be mind-bendingly complex. :^)

You've done a great job of showing that the issue is more complex than most of us realize - or even suspect.
Add a comment...

Dragos Ruiu

Shared publicly  - 
The CanSecWest 2015 Sheraton Wall Center hotel block is sold out and the hotel is full. We have made arrangements for another conference rate room allocation one block down the street at the Sutton Place Hotel. 
Group code: VAN_CANSECWEST15
Add a comment...
This was BIOS obliteration morning at CanSecWest. The border guard BIOS attack requires 50 seconds of physical access to the laptop (as pictured below) - one screw, one button press, wait for green light. Not Nation-State difficult stuff to develop as as all the naysayers claim: development time 4 weeks for two guys. Rafal and Corey then showed us vulnerabilities to do this remotely via software only (#venamis #speedracer) And then the Intel folks showed us another new class of bios vulns using pointers. The BIOS vulnerability beatings will continue until security and morale improves.
Nat Makarevitch's profile photoMario Vilas's profile photoJoachim Metz's profile photoJan Brands's profile photo
Smoked - 
Add a comment...

Dragos Ruiu

Shared publicly  - 
Yay! New Sysinternals suite update, lots of goodies!
Introduction. The Sysinternals Troubleshooting Utilities have been rolled up into a single Suite of tools. This file contains the individual troubleshooting tools and help files. It does not contain non-troubleshooting tools like the BSOD Screen Saver or NotMyFault.
Mike Mackley's profile photoBert Knabe's profile photoFrancisco V. (retroK)'s profile photoFred M's profile photo
Most useful MS software.
Add a comment...

Dragos Ruiu

Shared publicly  - 
The creation of the high-profile tech publication was the brainchild of Om Malik.
Add a comment...

Dragos Ruiu

Shared publicly  - 
Starbug is hacking all your biometrics.
At Mobile World Congress this week a number of eye-scanning authentication tools were shown off, notably by ZTE and Fujitsu. But security researcher Jan Krissler says it's easy to use high-res images of people's eyes grabbed from Google to break iris scanning tech.
Samuele Baisi's profile photoIvan Cabrera's profile photoBert Knabe's profile photoGZ Dixital's profile photo
+Doctrine Doomsday
Thank you!
USA #1 in callousness
Add a comment...

Dragos Ruiu

Shared publicly  - 
Helix - The world's best folding bike
Mișu Moldovan's profile photo
I've been riding a full-size folding bike for 5 years, a Dahon Matrix 2009. This looks a bit smaller when folded, hopefully it also holds over the years as well as a Dahon. Not counting tire punctures, I had basically no problems.
Add a comment...
Take Your Action Figure To Work Day #AFWD2015
Nick Alcock's profile photo
"Life size."
Add a comment...
Stop, Think, Pwn.
Systems Rationalizer
Bragging rights
Can hover inverted. ;-)
  • University of Alberta
Basic Information
Other names
  • inc.
    engineer, 1997 - present
  • HP
  • Myrias
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Contributor to
Dragos Ruiu's +1's are the things they like, agree with, or want to recommend.
Waze Social GPS Maps & Traffic

Waze is a fun, community based mapping, traffic & navigation app. With millions of drivers from across the globe joining forces to outsmart


Threema ist eine Kurznachrichten-App mit einem besonderen Fokus auf Sicherheit. Echte Ende-zu-Ende-Verschlüsselung garantiert, dass niemand


Android version of the popular CPU identification tool for PC/Windows., CPU-Z is a free application that reports information about your devi

Demand answers and real consequences for robocall election fraud

Elections Canada just traced misleading phone calls made during the 2011 federal election to a company that worked for the Conservative Part

KB14320-How to maximize battery life and free memory on the BlackBerry s...

Maximizing Battery Power. Application Management. Multitasking - Close any running BlackBerry® smartphone applications that are not being ac

Play VOB,MKV,MTS,FLV RM,RMVB on Windows RT (Surface 8 RT included) » AMV...

Overview Micrsoft has made an important step to support the playback of MPEG-4 on Windows 8 RT and Windows 8 Pro. Windows RT has excellent s

Locus Pro

MULTI-FUNCTION TOURIST NAVIGATION Irreplaceable application for hiking, geocaching and your everyday life. Locus offers many useful features

A free and open world depends on a free and open web. | Google

A free and open world depends on a free and open Internet. Governments alone, working behind closed doors, should not direct its future. The

There's a New Way to Own a Piece of Facebook Before Its IPO

If you're looking to invest in Facebook before its IPO but not privy to the secondary markets where shares of the company have been trad


Off-road GPS navigator with offline maps support, compass and track recording. Use offline maps and GPS even without an internet connection.

Vancouver Riot: Psychology (Not Hooligans) Is Responsibile for the Chaos...

As I sat at home watching the Vancouver riots unfold in front of me, I was amazed at how ill-informed the newscasters and on-site reporters