SEARCH KEYWORD -- Section


  A Brief Guide to Voice Navigation and the Future of UX Design

Voice devices are now everywhere, whether you like them or not. Amazon's Alexa, Google's Assistant, and Apple's Siri have proved that voice interactions are not from science fiction films but part of our new reality. Just as touch screens, voice interaction with devices will completely revolutionize how we interact with our computers, smartphones, and watches (and even cars and houses) in the coming years. But you might ask yourself, why is it evolving at such a fast speed? Well, there are many ...

   UX DESIGN     2021-11-25 02:24:55

  Kubernetes Authentication & Authorization 101

If we want to build a system with user modules, Authentication and Authorization are something that we can never ignore, though they could be fuzzy to understand. Authentication (from Greek: αὐθεντικÏŒς authentikos, “real, genuine”, from αὐθέντης authentes, “author”) is the act of proving an assertion, such as the identity of a computer s...

   RBAC,AUTHORIZATION,AUTHENTICATION,KUBERNETES     2021-06-05 23:19:18

  13 Hours of Crisis: Tracking a GitHub Poisoning Incident

Incident Overview Since 6 PM Beijing Time on December 4, 2024, “ghost repositories” have been appearing on GitHub. These repositories contain no code but include deceptive virus files. That same day, they became the fastest-growing repositories on GitHub in terms of stars. Over 180 fake zombie accounts were spreading the virus, waiting for victims to fall into their trap. A Chinese developer—myself—took notice of all this. After days of probing and searching, I identified...

   GITHUB,POISON,SIMPLEBOT,CHINA     2024-12-06 22:14:25

  Set Real-Time Clock Unit for OT/IoT Device

Configure DS1307 RTC on BeagleBone-Black Arduino or Raspberry-PI Figure-00: Project Overview Diagram , version v0.1.2 (2024) Program Design Purpose: Real-Time Clock (RTC) modules are essential for maintaining accurate timekeeping in various applications, including system clocks, data logging, and alarm systems. In scenarios where devices operate offline, such as a ship's NMEA 0183 data recorder that logs engine and rudder data, or an RTU (Remote Terminal Unit) with real time state change config...

       2024-08-18 03:09:06

  Python Deserialization Attack Introduction: How to Build a Python Pickle Bomb

This article introduces an old and classic unsecured Python data serialization feature (the pickle library) and demonstrates how a red team attacker can exploit it to create a malicious binary or text data file that executes remote code or commands upon deserialization. The following attack flow diagram illustrates this process: We will follow 3 steps with the program code to show how Deserialization Attacks Work:   [ Step1 ] Crafting Malicious Data: An attacker crafts a malicious payloa...

       2024-07-07 03:08:22

  When and How to Use the Go Channel

Go’s concise structure and powerful native library enable us to hit the ground running easily. It is more efficient than Java or Python when implementing the same functions, especially its concurrent programming, which is very handy and widely admired due to its goroutine and channel. goroutine and channel has much to dig into, and let’s start with channel, which I used to consider narrowly as a message queue to transfer data between gorouti...

   GOLANG,CONTEXT,CHANNEL     2022-09-17 23:06:36

  Deep Understanding of ReentrantLock: Unlocking the Mysteries of Java Concurrent Programming

ReentrantLock introduction ReentrantLock is a class in the Java concurrent package, java.util.concurrent.locks, and is an implementation of the Lock interface. As its name suggests, it is a reentrant mutual exclusion lock. A mutual exclusion lock is a synchronization tool used to protect shared resources, ensuring that only one thread can access the resource at a given time. Reentrant means that a thread can acquire the same lock multiple times without causing a deadlock. This lock provides some...

   JAVA,REENTRANTLOCK,CONCURRENCY,MULTITHREADING     2023-05-22 08:01:13

  OT Railway System Development: How to Use PLC to Implement Land Based Railway Track Fixed Block Sign

Figure-00: Railway fixed block signaling system over view diagram, version v1.3 (2024) Project Design Purpose: This project aims to use Programmable Logic Controllers (PLC) with train detection sensors and train control signals to develop an automated OT system for railway track fixed block signaling control. The system will include a digital equivalent simulation to explain the logic of the track fixed block Automatic Train Control (ATC) mechanism for demonstration and training purposes. In th...

       2024-07-27 04:08:41

  Python PLC Honeypot: Env Deployment And Attack Detection

In the previous article, we introduced the design of Python PLC Honeypot Project, this article will provide detailed step-by-step instructions on how to deploy and use the honeypot system in your environment for detecting potential attacks on OT (Operational Technology) networks. The article includes three main section:   Design of Attack Alert and Notification Function Honeypot deployment: an example deployment of a mixed OT protocol honeypot, consisting of a simple setup with...

       2024-12-01 00:27:33

  IoT System Cyber Attack Case Study 02: Python Deserialization Attack and Library Hijacking Attack

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop that demonstrates how a red team attacker can permanently compromise a people detection radar IoT device. The attack path is achieved through a series of attacks, including traffic eavesdropping, data deserialization attacks, web shell attacks, remote command/code execution, and Python library hijacking attacks. This case study is intended for IoT and data security professional training, aiming to ill...

       2024-07-14 01:40:09

RECENT