A través del enlace de un amigo he acabado en una página dónde se muestra a los votantes del referéndum catalán la ubicación de la urna dónde se debe votar. Como de costumbre, me ha podido la curiosidad y me he puesto a analizar como funcionaba el sistema. La verdad es que usan un sistema […]
Continue readingUsing secure pseudonymous identifiers to protect identification numbers
By now you probably have read of the Equifax data leakage. This reminded me of the idea of secure pseudonymous identifiers I had been thinking on for some time. Secure pseudonymous identifiers make use of cryptography to make it hard or impossible to recover the original identifiers representing a specific person. To be sincere, I […]
Continue readingLexNET no es un sistema cerrado
A estas alturas, seguramente hayáis leído el tweet del Excelentísimo Señor Rafael Català Polo. En caso de no haber podido hacerlo, os lo cito aquí: #LexNET es un sistema cerrado y seguro.Si se utiliza d forma legal y ética es imposible acceder a información ajena al usuario @Congreso_Es En este post vamos a hablar de […]
Continue readingProtegido: Private notes on trying to crack notpetya’s cipher
No hay extracto porque es una entrada protegida.
Continue readingSHA-1 is publicly collided, now what?
Unless you have been under a rock you should have heard about the first public sha-1 collisions. If not, go to the page describing the collision and enjoy. In this blogpost I’ll try to explain what this actually entails for most practical purposes.
Continue readingSecurityFest CTF writeup
This time I was participating with no time and no team so not much that can be done, but at least you get a short writeup.
Continue readingCryptanalyzing Petya
A few days ago, leo-stone reverse-engineered the Petya ransomware and found that it was possible to use genetic algorithms to find out the key. He even published a nice decrypting tool in go. I took his globe and decided to prove why this is mostly a specific issue of how Petya reduced Salsa-20 to use […]
Continue readingHacking is about knowledge (and only knowledge)
This blog post has been motivated after a series of attempts to cause harm to others under different costumes in hacking environments. It aims to explain why this is a bad thing for hacking communities as a whole and what can be expected from me and which are my expectations when acting in such environments.
Continue readingEvitando que te roben los cybers con cybers: La Nueve de Anonymous y El Corte Inglés
En este artículo voy a explicar cuales son las diferentes herramientas que podrían haber hecho más difícil o incluso evitado el ataque que las personas tras La Nueve de Anonymous hicieron contra El Corte Inglés y que tenéis explicado en su tumblr. Los de La Nueve de Anonymous me han comentado sin embargo que lo […]
Continue readingThat girl
I can’t help but fantasize about that girl, the kind of girl I’d like to have by my side. I’m quite certain I might never find somebody like that but she still exists on my dreams.
Continue reading