Profile

Cover photo
Dragos Ruiu
Works at dragostech.com inc.
Attended University of Alberta
Lived in Saskatchewan
1,284,611 views
AboutPostsPhotosYouTube+1's

Stream

Dragos Ruiu

Shared publicly  - 
 
iPGmail - PGP for IOS, about time
https://goo.gl/zzmdWO
OpenPGP Email security iPhone and iPad
1
3
Yves-Alexis Perez's profile photoKen Barber's profile photoBogdan Donici's profile photoElio Torrisi's profile photo
5 comments
 
But yeah, using a specific subkeys would work, at least for signing. Encryption is a different matter 
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
binnavi - BinNavi is a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.
11
3
Mathias Hablützel's profile photoBenjamin Halbrock's profile photo
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
bettercap - portable MITM meter cap replacement http://goo.gl/Dte8hd
A complete, modular, portable and easily extensible MITM framework.
10
5
Daniel Stutz's profile photoJürgen Christoffel's profile photo
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
Happy Canada Day. (Or what's left of it and our rights after our current governing party get done with it.)
In other news the newest 801.11n WiFi standard has some seriously broken bits in the standard. They introduced a new packet coalescing and aggregation protocol that leaves the chipsets vulnerable to Packet-in-Packet injection. I.e. You can abuse the protocol to include spoofed low level MAC packets in HTTP frames from any web server and other similar fun. An attacker can leverage this technique to deauthenticate clients, inject malicious beacon frames, perform host and port scans, bypass firewall rules, and conduct Address Resolution Protocol (ARP) spoofing. So, not so good, especially since this is a chipset level issue and the chipsets are just behaving as the ill-conceived standard specifies for Aggregated-MAC Protocol Data Units (A-MPDU) handling. Being hardware/firmware, it's not easily changed.
Paper and PoC at link below.
14
7
Alexandre Keledjian's profile photoCaptain_ Hook (CaptainHook)'s profile photoJohn Chronister's profile photoMatthew J. Harmon's profile photo
 
Was your image for this post laced with aggr-inject frames? :-)
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
Seems to me that lot of fun could be had with a little pattern of small "donuts" that makes a document unprintable and uncopyable. But I've always had a weird sense of "fun." http://goo.gl/FjWi37
How often have you looked at the cash in your wallet? Look closer: it’s riddled with hidden patterns designed to deter counterfeiters. Chris Baraniuk investigates.
15
4
Bert Knabe's profile photoMathias Hablützel's profile photoAutumn Ginkgo Leaves™'s profile photoJürgen Christoffel's profile photo
3 comments
 
I'm in the US, I need to find me some cash to check this out. Hey anyone willing to make a copy for me? :D
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
5 axis CNC less than 5k http://goo.gl/NBc31q 
The PocketNC CNC Mill comes in at under $5,000 and delivers 5 axis of movement.
10
2
Brett Coburn's profile photoTheodore Stauffer's profile photo
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
PWN2OWN MOBILE: the first casualty of the Wassenaar agreement changes.

So we have the first bona fide casualty of the Wassenaar Agreement. HP and counsel are concerned over Japanese implementation of it and any resutant complications getting the bugs back into the US, so they will not be involved with Pwn2Own Mobile in Japan. However, I still like hacker circuses, and have ordered up my own RF isolation cage, and am interested in other folks to be involved int he competition which will go ahead with rules to be announced shortly(so contact me if you are interested in participating or offering bounties on anything related to mobile to get bugs back). My new plan is to hand over the bugs directly to local representatives in Japan, without the ZDI need to feed the bugs back to the US first - and make like the internet and route around the issues with export.

In related matters some folks complained about getting us mail for the PacSec CFP while I was at CCC Camp, and some office renovations yanked a cable and reinforced my belief that VLAN tagging is still bunk to be eliminated. So we'll be accepting proposals until the end of the week, just to make sure you get your mail to us (secwest16@pacsec.jp), all networks firing on all cylinders here now. Boo Yah.
7
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
Interesting android malware info.
We analyzed the statistics we had collected from May to August 2015 and identified three main Trojan families that use root privileges on the device to achieve their goals.
21
4
Sonny Mikeal's profile photoMassimiliano Giroldi's profile photoAlessio Mangoni's profile photoBert Knabe's profile photo
2 comments
 
Interesting that apps were not installed by manufacturer nor end user, but apparently by small shops trying to make the device attractive by loading it with as many apps as they can. Reminds me of the old days of gray-box PC's loaded with tons of pirated software. 
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
analyzing uncommon firmware http://goo.gl/0EiueB
Let us define what common reverse engineering tasks look like. Given an executable file for Windows (or Linux, MacOS or any other widely-used operating system). We can run it, watch it in a debugger, and twist it in virtual environments in any way possible. File format is known.
13
3
Estella Madl's profile photoAlexandre Keledjian's profile photoCaptain_ Hook (CaptainHook)'s profile photoEnteroctopus dofleini's profile photo
 
Yeee! IDA!!! )))
Add a comment...

Dragos Ruiu

Shared publicly  - 
Brit boffins' test of 14 prominent privacy tunnels finds leaks galore thanks to IPv6 mess
21
15
Antti Vainiola's profile photoAlexandre Keledjian's profile photoCaptain_ Hook (CaptainHook)'s profile photoMario Vilas's profile photo
6 comments
 
+Howard C. Shaw III I think the problem is that some providers are running traffic across both IPv4 and IPv6 simultaneously. When that happens, you're vulnerable.
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
This web page contains an overview of, and Q&A about, our recent results published in a technical paper (PDF, 2.1MB), archived as IACR ePrint 2015/170. It will be presented at the Workshop on Cryptographic Hardware and Embedded Systems (CHES) 2015 in September 2015.
28
15
Markus Breitenbach's profile photoMario Gastegger's profile photoEnrico Piccini's profile photoBruno Santos's profile photo
2 comments
 
M

Add a comment...
Story
Tagline
Stop, Think, Pwn.
Introduction
Systems Rationalizer
Bragging rights
Can hover inverted. ;-)
Education
  • University of Alberta
Basic Information
Gender
Male
Other names
dr
Work
Occupation
engineer
Employment
  • dragostech.com inc.
    engineer, 1997 - present
  • HP
  • Myrias
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Previously
Saskatchewan
Links
Contributor to
Dragos Ruiu's +1's are the things they like, agree with, or want to recommend.
Waze Social GPS Maps & Traffic
market.android.com

Waze is a fun, community based mapping, traffic & navigation app. With millions of drivers from across the globe joining forces to outsmart

Threema
market.android.com

Threema ist eine Kurznachrichten-App mit einem besonderen Fokus auf Sicherheit. Echte Ende-zu-Ende-Verschlüsselung garantiert, dass niemand

CPU-Z
market.android.com

Android version of the popular CPU identification tool for PC/Windows., CPU-Z is a free application that reports information about your devi

Demand answers and real consequences for robocall election fraud
www.leadnow.ca

Elections Canada just traced misleading phone calls made during the 2011 federal election to a company that worked for the Conservative Part

KB14320-How to maximize battery life and free memory on the BlackBerry s...
btsc.webapps.blackberry.com

Maximizing Battery Power. Application Management. Multitasking - Close any running BlackBerry® smartphone applications that are not being ac

Play VOB,MKV,MTS,FLV RM,RMVB on Windows RT (Surface 8 RT included) » AMV...
blog.amvsoft.com

Overview Micrsoft has made an important step to support the playback of MPEG-4 on Windows 8 RT and Windows 8 Pro. Windows RT has excellent s

Locus Pro
market.android.com

MULTI-FUNCTION TOURIST NAVIGATION Irreplaceable application for hiking, geocaching and your everyday life. Locus offers many useful features

A free and open world depends on a free and open web. | Google
www.google.com

A free and open world depends on a free and open Internet. Governments alone, working behind closed doors, should not direct its future. The

There's a New Way to Own a Piece of Facebook Before Its IPO
mashable.com

If you're looking to invest in Facebook before its IPO but not privy to the secondary markets where shares of the company have been trad

Maverick
market.android.com

Off-road GPS navigator with offline maps support, compass and track recording. Use offline maps and GPS even without an internet connection.

Vancouver Riot: Psychology (Not Hooligans) Is Responsibile for the Chaos...
bleacherreport.com

As I sat at home watching the Vancouver riots unfold in front of me, I was amazed at how ill-informed the newscasters and on-site reporters