Month: June 2016
The Elixir Programming Language
An introduction to the language, its main concepts and its potential. The number of security incidents has been on the rise for years, and the growth of the Internet of Things is unlikely to improve the situation. Successful attacks on all kinds of interconnected smart devices, from car locks over home security systems to highly…
Side-channel Attacks
This post will give you an introduction to Side-channel Attacks by looking at some common vulnerabilities and concrete attacks that try to exploit those. But first: What actually is a Side-channel attack in general? A Side-channel Attack is an attack on a system, most probably a “secure” system, that does extract secret data by using…
Web App – File Upload Vulnerabilities
Today we will discuss file upload vulnerabilities; a topic that is widely underestimated by developers. First, we will imagine a website in which it is possible to upload images with the format .jpg, .png, .gif and so on. If an application does not have proper form validation for file uploads, an attacker is able to gain…
Keyless Gone – Vulnerabilities in keyless car systems
(written by Antonia Böttinger and Andreas Gold) Introduction Modern cars embed complex technologies to improve the drivers comfort and safety. In 1999 the automobil industry introduced the smart key system that more and more cars use. Even if manufacturers make use of various designations like Keyless Go, KeyFree Power or Smart Key the technique is…
Test Driven Development Part II
[written by Roman Kollatschny and Matthias Schmidt] Welcome back to the second article in our Node.js development series. Today, we are going to adapt the TDD cycle in an helloWorld example application. If you missed our first article about the principles of TDD, you can find it here. In the last article, we learnd about…
You must be logged in to post a comment.