【Native Speaker每日综合训练—40系列】【40-08】科技 Black Hat

leo688

Part III: Obstacle


Part I: Speaker
cyber currencies got high-profile endorsements
apply bans bitcoin, but allows some other cyber coinage
D network, TV network, accepts bitcoin for monthly fee
that helps cyber coinage into mainstream

[Time 2]
2'17
Google glass could be a tool for stealing personal info such as password
long distance is also vulnerable

[Time 3]
1'00
the positions of device and fingertips tapping are critical
countermeasures, swapping

[Time 4]
1'23
cars, easier to be hacked than before
mid price sedan

[Time 5]
1'32
hacker could manipulate the control sys of car
manufacturer should design better security for car
to update the software could patch the problem

[Time 6]
2'6
smart phones are vulnerable to hack
the backdoor open
OEM, ODM targeted
Android is comparatively worse
it hard to patch the problem because of the disagreement

Part III: Obstacle
6'3
definition, Malleability, Hash, Signature
transactions and Malleability
the scores of diff platform

lulalei

[Time2] [316 words] 1’44
Google Glass can not only make surreptitious video recording but also recover passcodes at some distance.

[Time3] [138 words] 0’48
To capture a passcode, the software must identify the position and orientation of a device’s screen as well as the position of a person’s fingertips tapping on it. The researchers are working on ways to against the software.

[Time4] [214 words] 1’06
Cars are vulnerable to potentially dangerous hacking as more cars come with wireless connection. Automatic industry should increase cybersecurity of cars.

[Time5] [279 words] 1’43
Car companies need to design their systems to detect exploitation attempts and prevent security from being compromised.

[Time6] [580 words] 3’06
ODM installed in smartphones make them easy to be hacked.

psychoarya

占座！！

Starlun

Speaker 太快，只过了一遍. 最后一篇只知道主题是比特币，但具体讲了什么不是很清楚。。
=========================
(2:18) Google glass would be a threat to security as well as other technical machines.

(1:00) A software can capture the pass codes. Researchers try to find ways to defend it.

(1:18) Cars with wireless and apps have high risks to be hacked.

(1:57) There are 3 steps to attack a car by hackers. The steps should be prohibited by car manufacturers.

(4:00) The smartphones can be attacked by updating software automatically and changing the setting that cannot erase to let out the secrete data and private communication.

(11:50) Explain the terms. States the process of transaction. States problems sometime will meet about different between original version and m version.
All scores for each system.

flhuihui1001

2/    2’50
the devices can be attacked by figure movement.
Should surfing – steal by watch the movement  -- is  becoming more stronger
A’s presentation in the  conference. A can identify the people whose devices are vulnerable
AT： vedio footage – can get code at distance.

3/  2’47
Need to know the screen orientation and dinger position. A software can solve this problem. It activate the final and identify the orientation , finally track the finger movement.

Defend ways: 1 swap keys  2. Button shift

4/     2’ 41
App  + wireless – make car more vulnarabel
1 resrache:  CM , CV: most security system can be comprised  2. Introduce a c rating system
2.research  2: can hack the car by CD, cellular connection

5/   3’13
Attack of auto system： 3 steps:  expoile the veicle system, comman ECU, get ECU execute the command

Celluler  connection + Bluetooth make the vunarable – depends on the design
Car company need to design a system that can defend the hacking.
The in-car app – make car vulnerable.
Security into vehicle become more imporatant.

6/   6’17
Remote control and system in phone make it easy to be attacked
ODM – has flaws
Researcher can take over the devices and steal data.
Now 2 billion device with ODM, and  70 -90% with a package software
The invader can build own network to get access to the phone.

Android is the most vulnerable one.  The full unlock mobile phone is the most security one.
R B has start the patches.

S: after patch, ODM attack can still exist.
This hole can be a problem to law institution and police.  Since they use mobile base to send message.


OBSTACLE   12.57
The M means piable without breaking the metal.  Means changeable
Signiture: math scheme    bitcome encrypt digital signature
Id:  T components: variable facts + digital objects. The signature =input and can be used in the whole T process
M: exent to change the signature but not breaking the validaty of the transactions
M: sign pose no security threat , no double spending

0/10: wallent use id as primary indicator. M compromise this.
If the wallet the original sig: paid + confirmation
If the wallet get the M version: paid + no confirmation
This risk of double spending == risky enough to stop the Bitcom withdraw

DDOS: 7/10 M
Attacjer use M poor wallet show up. But developer use IRC to prevent invaders.

QT:  0/10    bug is fexed. And the issue will only be eliminated years after.

Silk Road:  0/10  little possibility of being stolen.

happyxgb

这篇Obstacle简直惊人！我现在有一个小疑问，为什么每天训练突然觉得理解力跟速度都有点跟不上了，好像卡在一组一组的小词组上了。 有大牛能告诉我怎么回事嘛T.T
Time 2: 01:41
Time 3: 00:47
Time 4: 01:12
Time 5: 01:47
Time 6: 03:36
Obstacle: 06:!2
Three articles in one title actually have nothing to do with malleability
Definition of three terms
How Malleability works in the transaction
One example of Mt. Gox: the sequence of entering the confirmation was wrong, resulting in transaction open to the ground.
People were trying to test their accounts and thanks to the standard Bitcoin QT wallet, the actions were circumvented.
The Silk Road is identified as so easy to spot the cause.

MAGGIEHE1993

。。。。。。。。。。。。。。。。。。。。。。。

wensd1111

1 A 02:21
2 A 01:10
3 A 01:25
4 A 02:14
5 A 04:12
6 A 09:22

shirleyyou03

2'47
40"
1'23
1'52
3'57
9'26

a2360239

大家是怎么记录的呀呀呀~~~