Computers Insecurity. Thinking like Hacker talk at UTN: The video (Spanish)

June 27th, 2015

Last June 13 I was invited by the Argentine National Technological University (UTN) in Buenos Aires to speak about computers security. On my talk I provided a theoretical framework to think systems security but from a Hackers perspective with real life examples. It was really fun and such an honour so I am very grateful […]

Speaking at UTN: Computers Insecurity. Thinking like a Hacker.

June 11th, 2015

Next Saturday 13 I will be speaking once again about Computers Security at Argentine National Technological University in Buenos Aires. The National Technological University (Spanish: Universidad Tecnológica Nacional, UTN) is a country-wide national university in Argentina, and it’s considered among the top engineering schools in the country, so It is a great honour to be […]

FREAK Attack: 90’s NSA actions boomerang

March 6th, 2015

Back in early 90’s in the US was illegal to export strong crypto code. Sending crypto code overseas was considered something similar to export weapons. At that time the NSA and the US government banned people from selling software to other countries unless the code used involved encryption keys no longer than 512 bits. The […]

Gmail App for iOS: An example of a terrible security practice in mobile apps

January 21st, 2015

Today I just installed by the first time the Gmail official client for iOS and I was really surprised on how a company like Google has produced such an insecure app, so, before of uninstalling the app forever from my iPhone I decided to write this post to share with you why you must do […]

WS-Trust Proof-of-Possession (PoP) tokens with client and server entropy (with partial keys) – Part 1

January 15th, 2015

As a security feature WS-Trust supports Proof-of-Possession Tokens. In this post I want to show you how you can consume a service that requires PoP token security with client and server entropy (going deep in a min). This method has been tested with Microsoft Dynamics CRM and ADFS. This is a very long topic, so […]