Portable experiments (I) – VMs with Vagrant


All programmer or researcher need to create development environments or experiments. It is highly desirable that this environments are portable and easily reproducible. The use of virtual machines and / or containers can offer this. There are several tools that

Security Research (VI) – Papers, Structure


After talking about how to choose a topic and  director, how to do the first work plan and how a scientific contribution it is done, in addition to listing four typical mistakes in this post we will discuss one of the most important aspects:

Backdoors, I don’t remember opening that door


Although many people have never heard of them, backdoors are one of the most frequently methods used nowadays to perform malicious attacks. Leaving aside the specific case of the backdoors in cryptographic algorithms, backdoors allows access to a particular computer

It’s time to vote


Once again the prestigious annual Bitacoras Awards voting start. Last year we had the honor of being ranked 23rd in the category of best computer security blog, above many reference blogs. The truth is that this encouraged us to continue even with

Applications of cybercrime legal framework (II)


In this post we will summarize the resolution 161/2010 of the Criminal court number two of Salamanca where the absence of criminal liability is settled on a denial-of-service attack to a web server of the Cancer Research Center, that at

Hardening binaries (III) – ASan


In previous posts we’ve talked about GCC options that make our executable safer , in this posts we present compilation options that generate reports, warning of errors in the code. AddressSanitizer (Asan) is an option for Clang (> = 3.1) and GCC (> =

Autoscaling trend: Microservices and Docker


In the previous post we mentioned the potential of cloud computing thanks to the virtualization layer. For years we have been using Virtual Machines (VMs) to house multiple “copies” of the same service. This allows you to add or remove instances,

go run summer.GO


We recognize it, we have sinned. We are playing Pokemon GO. We have decided to ignore the privacy issues, battery drain, DoS attacks to servers and we have taken the streets. It has also helped us to discover the sunlight, which

Security Research (V) – 4 errors, 1 failure


In this series of posts on how to start researching in system security, we have seen the first steps on how to choose topic, director, as well ad doing the first workplan and how  a scientific contribution is done in

Applications of cybercrime legal framework (I)


Given the wide case mix that make up the jurisprudential doctrine of this type of crimes, we thought it is appropriate to bring up curious and instructive cases. STC (2nd Penal Chamber) 7 November 2011, facts: The defendant gives brought his computer