Favoris de Chassegnouf 23/01/2015
Vu sur Diaspora ^^
(Permalink)

de Riduidel 23/01/2015
Pour être un vrai sniper sur StackExchange ...
(Permalink)

grolimur's shared links 23/01/2015
Petit tutoriel pour créer une image SVG animée
(Permalink)

Les liens de Knah Tsaeb 23/01/2015
Pour celle et ceux qui n'aurais pas eu a chance de le voir sur grand écran, une séance de rattrapage est possible.
(Permalink)

CAFAI Liens en Vrac 23/01/2015
I have been a software freedom advocate for some time now, and have worked on such issues as freedom for interactive websites and freedom in the social networking space. The work is not yet done in these areas, though great progress has been made. I, however, plan to shift my focus in 2015 down a few layers to the devices we use themselves. I have already been supporting amazing devices that greatly (if not completely) respect users’ freedom, such as:

   Novena, a motherboard, battery control board, and laptop for hardware research, prototyping, and creation
   Gluglug Laptops, refurbished laptops that respect your freedom in every aspect of the software
   USB Armory, a freedom-respecting USB-powered computer for security applications
   ZaReason Computers — most of their devices respect user freedom in all instruction executing on the CPU

And there are other devices which might be of interest as well, including the GCW Zero, a handheld gaming console, and FSF endorsed devices.

https://www.crowdsupply.com/kosagi/novena-open-laptop
http://shop.gluglug.org.uk/
https://www.crowdsupply.com/inverse-path/usb-armory
https://zareason.com/shop/home.php
http://www.gcw-zero.com/
https://www.fsf.org/resources/hw/endorsement/respects-your-freedom
(Permalink)

Les liens de Kevin Merigot 23/01/2015
DANS TA GUEULE PUJADAS !

Putain, ce que ça fait du bien, merci madame !
(Permalink)

Les Petits Liens Malfaisants 23/01/2015
Papa, le sauveur de la droite...
Et du salaire de son fils !
(Permalink)

Les Petits Liens Malfaisants 23/01/2015
Enfin un peu de bon sens...
(Permalink)

le hollandais volant 23/01/2015
C’est bien. Espérons que ça passe.

Et pour ceux qui ne voient pas pourquoi les machines à voter — actuelles, en tout cas — c’est la chose la plus anti-démocratique qui soit (car pouvant potentiellement truquer les votes, qui sont la base de notre système), lisez ça : http://zythom.blogspot.fr/2012/05/vous-ne-pourrez-pas-verifier.html
— (permalink)

CAFAI Liens en Vrac 23/01/2015
When the DNS of millions of Chinese users is pointed at your web server’s IP address, this happens...
(Permalink)

Links Lounge > CAFAI Liens en Vrac 23/01/2015
Ouah ! Ah oui quand même.
(Permalink)

Les liens de Jim 23/01/2015
Un DNS poisoning en Chine qui fait pointer plein d'adresses vers votre serveur, ça fait mal.

Un pic à 52.000 de requête/seconde pour ce brave monsieur. C'est du bon DDOS, mangez-en.
(Permalink)

CAFAI Liens en Vrac 23/01/2015
It took Betsy just 10 minutes and 54 seconds to learn how to set up a rogue access point, frequently used by attackers to activate what is known as a ‘man in the middle’ (MiTm) attack.  After setting up a rogue access point, Betsy managed to eavesdrop on the willing participants (victim’s) internet traffic. More worry is that the 7 year old primary schooler used the hacking instructions available extensively online through Google Search engine.  If a 7 year old can take less than 11 minutes to hack into a computer through a Public Wi-Fi hotspot, just imagine how easily a hardened cyber criminal can break into any computer that is connected to such public Wi-Fi systems.
(Permalink)

Les Petits Liens Malfaisants 23/01/2015
Le président de la République, François Hollande, a «salué» dans la nuit de jeudi à vendredi «la mémoire» du roi Abdallah d'Arabie Saoudite, «un homme d’Etat dont l’action a profondément marqué l’histoire de son pays et dont la vision d’une paix juste et durable au Moyen-Orient reste plus que jamais d’actualité»

L'Arabie Saoudite, ce pays sympathique, où les athées sont des terroristes, où les cheiks enculent des ânes, où les blogueurs sont fouettés et où il est interdit de faire des bonhommes de neiges
(Permalink)

Les Petits Liens Malfaisants 23/01/2015
Si même eux se mettent à faire du racolage...

En gros, il se pourrait que ce soit dû à des artefacts de mesure...
(Permalink)

CAFAI Liens en Vrac 23/01/2015
There are tons of Python packages out there. So many that no one man or woman could possibly catch them all. PyPi alone has over 47,000 packages listed!

Recently, with so many data scientists making the switch to Python, I couldn't help but think that while they're getting some of the great benefits of pandas, scikit-learn, and numpy, they're missing out on some older yet equally helpful Python libraries.

In this post, I'm going to highlight some lesser-known libraries. Even you experienced Pythonistas should take a look, there might be one or two in there you've never seen!
(Permalink)

CAFAI Liens en Vrac 23/01/2015
Fasd (pronounced similar to "fast") is a command-line productivity booster. Fasd offers quick access to files and directories for POSIX shells. It is inspired by tools like autojump, z and v. Fasd keeps track of files and directories you have accessed, so that you can quickly reference them in the command line.

The name fasd comes from the default suggested aliases f(files), a(files/directories), s(show/search/select), d(directories).

Fasd ranks files and directories by "frecency," that is, by both "frequency" and "recency." The term "frecency" was first coined by Mozilla and used in Firefox (link).
(Permalink)

CAFAI Liens en Vrac 23/01/2015
After gaining ‘blind’ command execution access to a compromised Linux host, data exfiltration can be difficult when the system ibinbash2s protected by a firewall. Sometimes these firewalls prevent the compromised host to establish connections to the internet. In these cases, data exfiltration through the DNS-protocol can be useful. In a lot of cases DNS-queries are not blocked by a firewall.  I’ve had a real life situation like this, which i will describe later on.
(Permalink)

CAFAI Liens en Vrac 23/01/2015
Many of the network cartography tools and protocols we commonly use are defined through a set of standards called Request For Comments (RFCs). Surprisingly, not all of the tools we take for granted are covered by these. Take the humble traceroute for example. Do you actually know what really happens when Alice tries to trace the route to Bob? Read on to find out.

ICMP, UDP, TCP and IP. Oh my!

Traceroutes work by manipulating a field in an IP packet called Time-To-Live. Despite sounding a bit like a James Bond film title, the time to live field simply tells the device a packet is passing through how many more systems (or hops) a packet can pass through before being dropped. This is to ensure that packets don’t just simply run around the Internet forever clogging it up.

The Time-To-Live (also referred to as TTL) field is decremented as it passes through each network hop. When it reaches zero, a router will drop the packet being sent through it and send an ICMP Time-To-Live exceeded message back to the source.

We can (ab)use this in order to determine both the route to a particular host or network and the time it takes for a message to be sent and a response to be received by using a traceroute implementation. There are two main forms of traceroute, an ICMP traceroute used by Windows, and the UDP traceroute used pretty much everywhere else. If you were hoping for a nice clean set of standards, the water here is as clear as SNMP is simple (i.e. not very once you look under the hood).
(Permalink)

CAFAI Liens en Vrac 23/01/2015
We often find ourselves running applications we received in binary format. These include not only traditional software installed on our computers, but also unauthenticated programs received over the network and run in web browsers. Most of the time these applications are too complex to be bug-free, or can come from an adversary trying to get access to our system.

Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications. The core technology behind Firejail is Linux Namespaces, a virtualization technology available in Linux kernel. It allows a process and all its descendants to have their own private view of the globally shared kernel resources, such as the network stack, process table, mount table, IPC space.
(Permalink)

CAFAI Liens en Vrac 23/01/2015
Gitrob is a command line tool that can help organizations and security professionals find such sensitive information. The tool will iterate over all public organization and member repositories and match filenames against a range of patterns for files that typically contain sensitive or dangerous information.
(Permalink)

shaarliGor 23/01/2015
Vidéo postée en mars 2014 par Benjamin Sontag, avec le transcript traduit en français. Une explication claire de l'importance de la vie privée = liberté.
(Permalink)

Marquetapages Shazen 23/01/2015
Ladar Levinson interviewé au parlement Européen en mars 2014 présentant le problème de la confidentialité des communications et le droit à la vie privée.

via @shaarliGor http://id-libre.org/shaarli/?fo3kIA
(Permalink)

Mitsu'liens 23/01/2015
Un jour on lira que pour réparer la batterie d'un iPhone il faut passer l'appareil sous une dameuse.

Et l'écran fissuré ? Chauffer au rouge dans un feu de charbon de bois, puis marteler intensément, et enfin polir avec du sable récolé à marée basse au Mont Saint-Michel.

iPod Touch ? Mettre au congélateur durant 48 heures, puis laisser son chat mordiller l'appareil.

MOUHAHAHAHA
(Permalink)

HowTommy | Liens et actu en vrac 23/01/2015
Excellent XD [via un Shaarliste]
(Permalink)