Profile

Cover photo
Dragos Ruiu
Works at dragostech.com inc.
Attended University of Alberta
Lived in Saskatchewan
1,247,007 views
AboutPostsPhotosYouTube+1's

Stream

Dragos Ruiu

Shared publicly  - 
 
HD firmware hacking (part3): reversing the boot loader http://goo.gl/fmaFjc
Before we get started with part 3, I have a few updates regarding part 1 & 2. I've found that the reset pad on the JTAG header is not actually a system reset (SRST) but a TAP reset (TRST), which isn't very useful for debuggin...
18
4
Luís Filipe Gonzaga's profile photoBogdan Catalin Donici's profile photo
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
Root backdoor in OSX. http://goo.gl/rsHSQz
TL;DR The Admin framework in Apple OS X contains a hidden backdoor API to root privileges. It’s been there for several years (at least since 2011), I found it in October 2014 and it can be exploite...
47
47
Sergei Nikulov's profile photoТатьяна Мацедонская's profile photoGeorge Furbish's profile photoMichael Olsen's profile photo
4 comments
 
What do you want to bet that all they did to "fix" it was invent a deeper and more obscure back door?

OS X has been an excellent example of very bad security design from day one.  Of course it's really not any worse than most any other desktop system, including all Linux systems.
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
Oops, I think I broke TrustZone. (Display processing DMA)
6
Aljoscha Rittner (beandev)'s profile photoNick Alcock's profile photo
2 comments
 
What, TrustZone doesn't stop you getting the GPU to randomly DMA wherever you'd like it to? Oh dear oh dear oh dear.
.
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
This was BIOS obliteration morning at CanSecWest. The border guard BIOS attack requires 50 seconds of physical access to the laptop (as pictured below) - one screw, one button press, wait for green light. Not Nation-State difficult stuff to develop as as all the naysayers claim: development time 4 weeks for two guys. Rafal and Corey then showed us vulnerabilities to do this remotely via software only (#venamis #speedracer) And then the Intel folks showed us another new class of bios vulns using pointers. The BIOS vulnerability beatings will continue until security and morale improves.
65
22
Nat Makarevitch's profile photoMario Vilas's profile photoJoachim Metz's profile photoJan Brands's profile photo
4 comments
 
Smoked - 
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
stuxnet .lnk vuln used for USB infection not fixed for last five years, 
you only thought so. 
details from ZDI
http://goo.gl/3xsBN4
In early January 2015, researcher Michael Heerklotz approached the Zero Day Initiative with details of a vulnerability in the Microsoft Windows ope...
17
1
Elias Pinto's profile photoCaterina Cricelli Butterworth's profile photoGeorge Avramoiu's profile photo
2 comments
 
hahahaha you have no hope my pc are inequickypted your a joke idiot
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
Projects Zero: Using repeated "rowhammer" DRAM reads to flip adjacent bits and escalate priviledge.
http://goo.gl/qQxGEv
Posted by Mark Seaborn, sandbox builder and breaker, with contributions by Thomas Dullien, reverse engineer [This guest post continues Project Zero’s practice of promoting excellence in security research on the Project Zero b...
18
3
Nick Alcock's profile photoYves-Alexis Perez's profile photoVincent Longo's profile photoMario Vilas's profile photo
5 comments
 
+Bill Beers, I don't know if anything involving memory corruption that can be triggered with four nonprivileged asm instructions, doing nothing more difficult than repeatedly reading two addresses and doing a cache flush, could be considered 'an extreme edge case'. Only the cache flush is at all obscure, and it's not that obscure -- all sorts of things do cache flushes in real machines, and even without those, normal memory traffic could in theory trigger this.
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
Fox-IT publishes open source tools to detect duplicate sequence numbers of QUANTUM INSERT style NSA attacks http://goo.gl/sGy2k2
Summary and recommendations QUANTUMINSERT (QI) is actually a relatively old technique. In order to exploit it, you will need a monitoring capabilities to leak information of observed TCP sessions a...
17
10
Brett Coburn's profile photoBogdan Catalin Donici's profile photo
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
Windows Stack Necromancy http://goo.gl/lQaFxX
Stack Necromancy: Defeating Debuggers By Raising the Dead. This article presupposes a basic understanding of how function calls and stacks work. If you'd like to learn or need a refresher, Wikipedia is always a good place to start.
12
1
Thomas Gahr's profile photo
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
 
I had the honor of coaching +Alan Eustace in a McLaren MP4-12C at Thunderhill Raceway a couple of years ago. It's a day I'll remember for the rest of my life for several reasons. First and foremost, Alan is a wonderful person and I thoroughly enjoyed talking to him. Second, McLaren MP4-12C, need I say more? Third, this man strapped himself to a balloon and jumped from nearly 136,000 feet.

Here's a picture of the suit, which is now on its way to the Smithsonian. Good luck, Alan, in your next adventure. I don't know how you're going to top this, but if anyone can, it's you.
6 comments on original post
2
Add a comment...

Dragos Ruiu

Shared publicly  - 
30
8
Mario Vilas's profile photoT Wake's profile photoEmil Sz's profile photovanguard ro's profile photo
3 comments
 
Sadly, I expected as much. Some possible exploits aren't talked about, or believed for that matter, until someone demonstrates it publicly, then everyone and sundry jumps all over it while sweating bullets. That's what comes from not thinking security even before you specify the model for the code design.
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
Yay! New Sysinternals suite update, lots of goodies! http://goo.gl/OFXgIV
Introduction. The Sysinternals Troubleshooting Utilities have been rolled up into a single Suite of tools. This file contains the individual troubleshooting tools and help files. It does not contain non-troubleshooting tools like the BSOD Screen Saver or NotMyFault.
19
4
Mike Mackley's profile photoBert Knabe's profile photoFrancisco V. (retroK)'s profile photoFred M's profile photo
 
Most useful MS software.
Add a comment...

Dragos Ruiu

Shared publicly  - 
 
Suck.
The creation of the high-profile tech publication was the brainchild of Om Malik.
5
Add a comment...
Story
Tagline
Stop, Think, Pwn.
Introduction
Systems Rationalizer
Bragging rights
Can hover inverted. ;-)
Education
  • University of Alberta
Basic Information
Gender
Male
Other names
dr
Work
Occupation
engineer
Employment
  • dragostech.com inc.
    engineer, 1997 - present
  • HP
  • Myrias
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Previously
Saskatchewan
Links
Contributor to
Dragos Ruiu's +1's are the things they like, agree with, or want to recommend.
Waze Social GPS Maps & Traffic
market.android.com

Waze is a fun, community based mapping, traffic & navigation app. With millions of drivers from across the globe joining forces to outsmart

Threema
market.android.com

Threema ist eine Kurznachrichten-App mit einem besonderen Fokus auf Sicherheit. Echte Ende-zu-Ende-Verschlüsselung garantiert, dass niemand

CPU-Z
market.android.com

Android version of the popular CPU identification tool for PC/Windows., CPU-Z is a free application that reports information about your devi

Demand answers and real consequences for robocall election fraud
www.leadnow.ca

Elections Canada just traced misleading phone calls made during the 2011 federal election to a company that worked for the Conservative Part

KB14320-How to maximize battery life and free memory on the BlackBerry s...
btsc.webapps.blackberry.com

Maximizing Battery Power. Application Management. Multitasking - Close any running BlackBerry® smartphone applications that are not being ac

Play VOB,MKV,MTS,FLV RM,RMVB on Windows RT (Surface 8 RT included) » AMV...
blog.amvsoft.com

Overview Micrsoft has made an important step to support the playback of MPEG-4 on Windows 8 RT and Windows 8 Pro. Windows RT has excellent s

Locus Pro
market.android.com

MULTI-FUNCTION TOURIST NAVIGATION Irreplaceable application for hiking, geocaching and your everyday life. Locus offers many useful features

A free and open world depends on a free and open web. | Google
www.google.com

A free and open world depends on a free and open Internet. Governments alone, working behind closed doors, should not direct its future. The

There's a New Way to Own a Piece of Facebook Before Its IPO
mashable.com

If you're looking to invest in Facebook before its IPO but not privy to the secondary markets where shares of the company have been trad

Maverick
market.android.com

Off-road GPS navigator with offline maps support, compass and track recording. Use offline maps and GPS even without an internet connection.

Vancouver Riot: Psychology (Not Hooligans) Is Responsibile for the Chaos...
bleacherreport.com

As I sat at home watching the Vancouver riots unfold in front of me, I was amazed at how ill-informed the newscasters and on-site reporters