Profile

Cover photo
Dragos Ruiu
Works at dragostech.com inc.
Attended University of Alberta
Lived in Saskatchewan
1,234,572 views
AboutPostsPhotosYouTube+1's

Stream

Dragos Ruiu

Shared publicly  - 
 
Oops, I think I broke TrustZone. (Display processing DMA)
6
Aljoscha Rittner (beandev)'s profile photoNick Alcock's profile photo
2 comments
 
What, TrustZone doesn't stop you getting the GPU to randomly DMA wherever you'd like it to? Oh dear oh dear oh dear.
.
Add a comment...

Dragos Ruiu

Shared publicly  - 
30
8
Mario Vilas's profile photoT Wake's profile photoEmil Sz's profile photovanguard ro's profile photo
3 comments
 
Sadly, I expected as much. Some possible exploits aren't talked about, or believed for that matter, until someone demonstrates it publicly, then everyone and sundry jumps all over it while sweating bullets. That's what comes from not thinking security even before you specify the model for the code design.
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
stuxnet .lnk vuln used for USB infection not fixed for last five years, 
you only thought so. 
details from ZDI
http://goo.gl/3xsBN4
In early January 2015, researcher Michael Heerklotz approached the Zero Day Initiative with details of a vulnerability in the Microsoft Windows ope...
17
1
Elias Pinto's profile photoCaterina Cricelli Butterworth's profile photoGeorge Avramoiu's profile photo
2 comments
 
hahahaha you have no hope my pc are inequickypted your a joke idiot
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
Projects Zero: Using repeated "rowhammer" DRAM reads to flip adjacent bits and escalate priviledge.
http://goo.gl/qQxGEv
Posted by Mark Seaborn, sandbox builder and breaker, with contributions by Thomas Dullien, reverse engineer [This guest post continues Project Zero’s practice of promoting excellence in security research on the Project Zero b...
18
3
Nick Alcock's profile photoYves-Alexis Perez's profile photoVincent Longo's profile photoMario Vilas's profile photo
5 comments
 
+Bill Beers, I don't know if anything involving memory corruption that can be triggered with four nonprivileged asm instructions, doing nothing more difficult than repeatedly reading two addresses and doing a cache flush, could be considered 'an extreme edge case'. Only the cache flush is at all obscure, and it's not that obscure -- all sorts of things do cache flushes in real machines, and even without those, normal memory traffic could in theory trigger this.
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
Please avoid the "who are you here with?" embarrassment. She can probably code circles around you. 

(Probably even by calculating the Taylor's Theorem series expansion of the trig functions and plotting the points instead of using the library function.)

http://goo.gl/CZLA5j
(this was originally given as a talk at AlterConf in Oakland)
23
25
Jeramy Brian's profile photoKathleen Flippen's profile photoBilly Chang's profile photoCaspian Kilkelly's profile photo
11 comments
 
+Bryan Bonvallet This stuff can be mind-bendingly complex. :^)

You've done a great job of showing that the issue is more complex than most of us realize - or even suspect.
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
The CanSecWest 2015 Sheraton Wall Center hotel block is sold out and the hotel is full. We have made arrangements for another conference rate room allocation one block down the street at the Sutton Place Hotel. 
Group code: VAN_CANSECWEST15 
http://www.suttonplace.com
2
Add a comment...
 
This was BIOS obliteration morning at CanSecWest. The border guard BIOS attack requires 50 seconds of physical access to the laptop (as pictured below) - one screw, one button press, wait for green light. Not Nation-State difficult stuff to develop as as all the naysayers claim: development time 4 weeks for two guys. Rafal and Corey then showed us vulnerabilities to do this remotely via software only (#venamis #speedracer) And then the Intel folks showed us another new class of bios vulns using pointers. The BIOS vulnerability beatings will continue until security and morale improves.
65
22
Nat Makarevitch's profile photoMario Vilas's profile photoJoachim Metz's profile photoJan Brands's profile photo
4 comments
 
Smoked - 
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
Yay! New Sysinternals suite update, lots of goodies! http://goo.gl/OFXgIV
Introduction. The Sysinternals Troubleshooting Utilities have been rolled up into a single Suite of tools. This file contains the individual troubleshooting tools and help files. It does not contain non-troubleshooting tools like the BSOD Screen Saver or NotMyFault.
19
4
Mike Mackley's profile photoBert Knabe's profile photoFrancisco V. (retroK)'s profile photoFred M's profile photo
 
Most useful MS software.
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
Suck.
The creation of the high-profile tech publication was the brainchild of Om Malik.
5
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
Starbug is hacking all your biometrics. http://goo.gl/duyvtL
At Mobile World Congress this week a number of eye-scanning authentication tools were shown off, notably by ZTE and Fujitsu. But security researcher Jan Krissler says it's easy to use high-res images of people's eyes grabbed from Google to break iris scanning tech.
18
5
Samuele Baisi's profile photoIvan Cabrera's profile photoBert Knabe's profile photoGZ Dixital's profile photo
37 comments
 
+Doctrine Doomsday
Thank you!
USA #1 in callousness
Add a comment...

Dragos Ruiu

Shared publicly  - 
Helix - The world's best folding bike
4
Mișu Moldovan's profile photo
 
I've been riding a full-size folding bike for 5 years, a Dahon Matrix 2009. This looks a bit smaller when folded, hopefully it also holds over the years as well as a Dahon. Not counting tire punctures, I had basically no problems.
Add a comment...
 
Take Your Action Figure To Work Day #AFWD2015
8
Nick Alcock's profile photo
 
"Life size."
Add a comment...
Story
Tagline
Stop, Think, Pwn.
Introduction
Systems Rationalizer
Bragging rights
Can hover inverted. ;-)
Education
  • University of Alberta
Basic Information
Gender
Male
Other names
dr
Work
Occupation
engineer
Employment
  • dragostech.com inc.
    engineer, 1997 - present
  • HP
  • Myrias
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Previously
Saskatchewan
Links
Contributor to
Dragos Ruiu's +1's are the things they like, agree with, or want to recommend.
Waze Social GPS Maps & Traffic
market.android.com

Waze is a fun, community based mapping, traffic & navigation app. With millions of drivers from across the globe joining forces to outsmart

Threema
market.android.com

Threema ist eine Kurznachrichten-App mit einem besonderen Fokus auf Sicherheit. Echte Ende-zu-Ende-Verschlüsselung garantiert, dass niemand

CPU-Z
market.android.com

Android version of the popular CPU identification tool for PC/Windows., CPU-Z is a free application that reports information about your devi

Demand answers and real consequences for robocall election fraud
www.leadnow.ca

Elections Canada just traced misleading phone calls made during the 2011 federal election to a company that worked for the Conservative Part

KB14320-How to maximize battery life and free memory on the BlackBerry s...
btsc.webapps.blackberry.com

Maximizing Battery Power. Application Management. Multitasking - Close any running BlackBerry® smartphone applications that are not being ac

Play VOB,MKV,MTS,FLV RM,RMVB on Windows RT (Surface 8 RT included) » AMV...
blog.amvsoft.com

Overview Micrsoft has made an important step to support the playback of MPEG-4 on Windows 8 RT and Windows 8 Pro. Windows RT has excellent s

Locus Pro
market.android.com

MULTI-FUNCTION TOURIST NAVIGATION Irreplaceable application for hiking, geocaching and your everyday life. Locus offers many useful features

A free and open world depends on a free and open web. | Google
www.google.com

A free and open world depends on a free and open Internet. Governments alone, working behind closed doors, should not direct its future. The

There's a New Way to Own a Piece of Facebook Before Its IPO
mashable.com

If you're looking to invest in Facebook before its IPO but not privy to the secondary markets where shares of the company have been trad

Maverick
market.android.com

Off-road GPS navigator with offline maps support, compass and track recording. Use offline maps and GPS even without an internet connection.

Vancouver Riot: Psychology (Not Hooligans) Is Responsibile for the Chaos...
bleacherreport.com

As I sat at home watching the Vancouver riots unfold in front of me, I was amazed at how ill-informed the newscasters and on-site reporters