Reading List in Feb 2021
A collection of my interesting blogs, talks, researches I read in a month
My reading list Feb 2021
A visual guide to SSH tunnels: I use SSH for long, but I nerver sit down and wrap my head around how remote port forwarding work. This visual guide is so helpful.
Child PTRACE hook and remap Python code in .pyc file: A nice writeup by Midas. I believe that .pyc file obfuscation will reappear in some near CTF soon.
GPU can help 68x speed up compare with CPU, new SVP record dimension 180. Sieving is the achieve the best SVP record, break through due to its parallelism.
Software Defined Radio
Pseudo Base Station can intercept people call, it also means that the protocol is broken. Note, this article was from 2014.
This attack is devastasted to Vietnamese 4G network: It defintely costs them a huge a mount of money to fix faking SMS branding problem.
Ericsson proposes a kinda complete solution from device to network-based detection, however their experiment only stop at lab experiment.
IMSI-catcher is widely deployed in China, and researcher start to tackle the problem by gathering data and visualize them. I admire their efforts, but I also doubt that this approach is only practical in real life if and only if users agree to share their SMS messages. Here is version from 2017. The attack happened and data was visualized in Bejing.
I see there is slim a possibility to catch IMSI catcher criminals. There are not many people interest in hardware hacking and software-defined radio, so I think the local security enthusiastists are kinda unfriendly to this kind of criminals.
Mark my words, if they (the police) can’t catch them today, the number of criminals in this area will be multiplied rapidly in the next few years.
Performance Engineering of Software System: Useful resources. I’ve read next 4 chapters:
C to Assembly: This chapter introduce LLVM IR. If I ever see LLVM IR in CTF, I should just compile it to binary and decompile it using IDA.
Multicores programming: This chapter introduces
clik. Note to myself: always use abstract API like
clikto do multicores programming. The underlying race hurt parallelism a lot.
Races and Parallelism: This chapter show how races condition affect parallelism, and demonstrate that
clikruntime can solve the problem provably.
Parallel Algorithm: This chapter gives examples of parallel merge sort and matrix multiplication with
clik. For the analysis, I don’t bother understand them since I don’t need them right now.
What compiler cannot do: Useful insight how Clang compiler can optimize by looking at LLVM IR. Two keywords mean a lot to compiler:
Performance Counter Cortex-A9: I plan to use PMU in my course work. I guess embed the ASM will work.