Videos do YSTS 3

Noticia meio velha, mas os videos do YSTS 3 já estão no ar. Abaixo, o clipe geral.

ysts 3.0 from leduardo on Vimeo.

Behold

Behold é um search engine para o Flickr, que permite encontrar imagens boas, com a tag que você indicar, livres para uso.
A novidade é a opçao "that look like a picture of (a)" que aparece após o primeiro search. Segundo o site, esta feature permite que o Behold identifique elementos visuais nas fotos e apresente os resultados baseados nesta escolha. Experimente para entender melhor :)

AppSec Brasil 2009

CHAMADA PARA PARTICIPAÇÃO

Conferência Internacional de Segurança de Aplicações, organizada e promovida pela comunidade TI-controle e pelo Centro de Informática da Câmara dos Deputados, em parceria com o OWASP, Capítulo Brasil, e com apoio da Universidade de Brasília (UnB)

O Centro de Informática da Câmara dos Deputados e a Comunidade TI-Controle convidam a todos a participarem da Conferência Internacional de Segurança de Aplicações (AppSec Brasil 2009), que ocorrerá na Câmara dos Deputados (Brasília, DF) de 27 a 30 de outubro de 2009.

Haverão mini-cursos nos dias 27 e 28 de outubro, seguidos de sessões plenárias de trilha única nos dias 29 e 30 de outubro de 2009.

Keynotes

Dr. Gary McGraw, CTO da Cigital
O Modelo de Maturidade Building Security In (BSIMM)

Jason Li, Aspect Security
Ágil e Seguro: É possível fazer os dois?

Dinis Cruz, OWASP Board
Apresentação do Projeto OWASP

Kuai Hinojosa, NY University e OWASP
Implementando Aplicações Web Seguras Usando Recursos do OWASP

Palestras

A Conferência contará com palestras técnicas que tratarão diversos aspectos de Segurança de Aplicações. Os temas incluem:

• Segurança de aplicações web
• Otimização de gastos com segurança
• SQL Ownage
• ferramentas.
  

Mini-cursos

A Conferência contará também com 5 mini-cursos:

• Gestão de Riscos de Segurança Aplicada a Web Services
• Segurança Web: Técnicas para Programação Segura de Aplicações
• Segurança Computacional no Desenvolvimento de Web Services
• Tecnologias de Segurança em Web Services
• Hands on Web Application Testing using the OWASP Testing Guide.
  

Local

A Conferência ocorrerá na Câmara dos Deputados, em Brasília. As plenárias serão no auditório Nereu Ramos, no Anexo II e os mini-cursos serão no Centro de Formação, Treinamento e Aperfeiçoamento.

Inscrições

A participação na Conferência será gratuita, mas, devido à limitação de lugares, será necessário inscrever-se previamente.

As inscrições estarão abertas a partir do dia 29/10/2009 na URL: http://www.camara.gov.br/appsecbrasil2009

Informações

Para maiores informações, favor consultar os sites abaixo ou enviar email para appsec.brasil@camara.gov.br

Inscrições e informações sobre a conferência: http://www.camara.gov.br/appsecbrasil2009
Comunidade TI-Controle: http://www.ticontrole.gov.br
Câmara dos Deputados: http://www.camara.gov.br

Free Advanced Hard Drive Cloning Tool from Clonezilla

via MakeUseOf.com by Benjamin on 9/26/09

Imaging hard drives is the process of taking a hard drive and copying it bit by bit to create an exact replica, in a way an "image" just like a photograph of a person is a snapshot of them at any moment in time. The cloning part is the process of taking that "image" of a hard drive and placing copies of it on one or more other hard drives.

In a cloning project I worked on, my favorite freeware product from my googling journeys was Clonezilla. Clonezilla is free! Clonezilla is a good tool for taking a snapshot of a system and reverting back to it later as a backup or to get things the way you once liked them.

When you have a new computer and begin installing software that you enjoy using, that would be a great time to image the hard drive in case something happens later. This can save time instead of having to reinstall your operating system if there is a virus or corruption in data. Creating a copy of a hard drive can also save you from ruining the state of a computer due to tinkering, installing software, etc. If you do PC repair for customers or as a hobbyist, you can also use this software before beginning work on some computers in case you would need a point of reference for any reason. Clonezilla, clones a 40 gigabyte hard drive in about 15 minutes.

Clonezilla has two forms, Clonezilla live and Clonezilla ServerEdition (SE). Clonezilla live is used for cloning single machines while Clonezilla SE is for multiple machine deployments. This article is about Clonezilla live.

When using the Clonezilla live version, I burned it to a CD and then set the computer to boot from that CD. The first screens after Clonezilla begins, let you choose video resolution, language and keyboard layout.

The following screen is where you will select to "Start_Clonezilla" or "Enter_Shell" which is to enter command line mode, to make things easier on myself I selected "Start_Clonezilla".

At the next screen I selected "device-image". The other option is to go direct from partition to partition or disk to disk or any combination in between, in case your choice is to only clone a single partition of a drive to another drive. I wanted to clone the whole enchilada so I selected "device-image".

The next screen was selecting where to place the image that was going to be created. Because I was saving the image across our network, I did not choose the more popular option of "local_dev" to save on a local hard drive or USB drive. If using "local_dev" you will just need to ensure the storage device has sufficient space for the image being cloned. The option that worked for me was selecting "samba_server" which is, in this arena, equivalent to a shared folder on a Windows network. You must allow write permissions on the shared folder for the account that is chosen.

After this step in the process, another thing that has to be decided is how to get an IP address, either statically assign one or send out a DHCP broadcast in search of one so the computer can begin talking on the network.

Then the next option is choosing the location where the Clonezilla image is going to be stored. You can either enter an IP address of the computer where the image will be stored or you can enter the Fully Qualified Domain Name of the computer, which might be something like "cloneserver.internaldomainname.com". The next step is to choose which domain that computer resides on. Keeping with the previous example, I would enter "internaldomainname.com".

Then you will be prompted to enter a username that has permissions to that save location. The name of the shared resource must also be provided, Clonezilla by default will elect to use a folder called "/images". You must ensure that your shared resource and the response here match. We were placing our images in a folder named "CLONEZILLA", so we would change "/images" to "/CLONEZILLA". Make sure yours match also; if you get red letters in a message, there was a problem.

Now you will be prompted to hit Enter to put in the password associated with the account you chose. You will see a password prompt but when you type, no asterisk marks "***" will appear. Hit Enter after typing your password correctly. You must also select beginner or expert mode, since I had never used it before and I like doing things the easy way, I selected beginner mode.

In our project, when I wanted to copy a hard drive and save it as an image for use on other computers, I selected the "savedisk" option. When you want to restore an image to a hard drive, the process is very similar except at the option page where you originally selected "savedisk" you would select "restoredisk" instead. Some of the options after choosing to restore are not there; like you won't be prompted to name the image but rather select it from a list of image files that are detected on the shared resource.

Then you must give the image a name. Which hard drive you are making a replica of, or pulling an image to, must also be selected, if there is only one hard drive to clone or overwrite then it will already be selected for you.

Then you can begin the restoring process, by hitting Enter a couple of times, and confirming the actions. For other freeware cloning alternatives you could try nLite, PC Inspector Clonemax,Marcium Reflect Free Edition, or Odin and let us know what you think.

Check out the software and documentation from the Clonezilla website.

Unlikely (We Hope!) Video Game Peripherals

via Neatorama by John Farrier on 9/10/09

Image:Kent Smith, Gizmodo

Gizmodo held a photoshop contest for video game peripherals that will probably never be developed. Above is the…uh, animal husbandry Nintendo Wii controller by Kent Smith, which took 3rd place. There are 42 reader-submitted images at the link.

Link via GearFuse

How To Find Unknown Device Drivers By Their Vendor & Device ID

via MakeUseOf.com by Saikat Basu on 9/2/09

Rule No.1: Never lose your device driver CDs.

Rule No.2: Be prudent and keep a backup copy close by.

Rule No. 3: If you lose your driver files, know where to download it from again.

Congratulations! If you have flouted at least two of the above rules, then this post might serve as deliverance from the three cardinal sins. I am a fellow sinner. But, the third rule has often bailed me out and it's thanks to a little postscript to the third rule that has washed away my need for penance.

Device Manager is the place where all drivers are displayed. An unknown device gets a yellow question mark against it in Device Manager. The causes could be one or a few – You could have installed the wrong device driver which the OS does not recognize. Or the hardware itself could be faulty. All such cases lead a device driver to be classified as an unknown device.

The easiest way to resolve an unknown status is to find and download device drivers from the manufacturer's website. The respective websites usually have drill down menus to take you to the right driver for your OS. But what if you can't recollect the make or brand of the device? To err is human; to fix it is divine duty. Thankfully, ways exist that makes correcting unknown device status as easy as a prayer.

The Manual Way from the Device Manager

Every device driver comes with two identity numbers – the Vendor ID and the Device ID. These two numbers can be used to track down the manufacturer and the specific device driver. The Device ID is the most unique identifier for a device. Hardware ID's can be less specific. Device ID is what gets accessed first during setup.

1. Open Device Manager from…
   • Control Panel – System – Hardware – Device Manager (In Windows XP).
   • Control Panel – System and Maintenance – Administrative Tools – Computer Management – Device Manager (In Windows Vista).
   • Alternatively, in the Run box type devmgmt.msc.
     
2. Unknown devices would be listed as such and marked out with a yellow question mark.



3. Select the unknown device and right click to access Properties.
4. In the Properties window click on Details tab and select Device Instance Id from the drop down.



5. An alphanumeric string like this PCI\VEN_1217&DEV_7130&SUBSYS_012F1025&REV_01\4&6B16D5B&0&33F0 is the identification marker for the device. We only need to isolate the Vendor ID number (prefixed with VEN) and the Device ID number (prefixed with DEV). In this case, Vendor ID is 1217 and Device ID is 7130.

With the numbers identified, a few resources can be tapped to get the vendors behind these numbers.

PCI Database

It is a reputedly the largest centralized database of PCI device IDs to find your device driver. Using the search box, you can search vendors and devices by IDs. Either one of the searches gives you the clue about the origins of this device. Further information can be obtained from the vendor's website or a Google search.

The Software Way Using Unknown Devices

A small free standalone software aptly named Unknown Devices offers a quick way to get to the anonymous device drivers. The 630 KB sized software (beta ver.1.4.20) runs directly without an installation. The database used by the software comes in 3 text files located in the same folder.

1. The program scans the devices installed and displays the name of the manufacturer and the devices discovered.



2. The detailed info includes the vendor and device IDs along with the manufacturer names.



3. A Google search is available for any of the details with a right-click. For instance, a Google search using the hardware ID can be used to find device drivers.
4. The text based database can also be queried for any hardware ID using its integrated Lookup Hardware ID search box.

The beta version (1.4.20) extends support to Vista.

The info obtained using the above two methods, does not guarantee a solution. In some cases, the information will take us into a blind alley because the device driver itself is not available. But the two ways do help to unmask the unidentified devices and make them accessible with a few more details. With the devices identified, we are in a better position to query the manufacture or hunt around on the web for the right device driver.

Let me point you to some resources to find device drivers as a starter…

DriverGuide.com

With 400,000 drivers, it is very nearly king of the heap. The free membership comes with a few limitations like access to all 100,000+ member uploaded drivers but limited access to the site's own 300,000+ uploaded drivers. But free entry into its huge company database list and community forum makes this site a great hub. As it allows user submitted drivers, you can put in a request for an obsolete driver.

NoDevice.com

Nearly 30,000 drivers are indexed by company name and driver type. Read more about it here.

DriversPlanet.com

It offers a downloadable driver scanner. The site is well laid out with a database of 120,000 drivers listed by manufacturer and device type.

Let us know how you deal with an unknown device driver and make it a bit more recognizable.

Image credit: viagallery

Did you like the post? Please do share your thoughts in the comments section!

New on MakeUseOf ? Get cheat sheets and cool PDF guides @ www.makeuseof.com/makeuseof-downloads/

Related posts

• How To Find PC Drivers and Set Up Your Printer (8)
• How To Easily Remove Old Drivers from Windows (17)
• How To Easily Manage Photos from Multiple Cameras [Mac] (1)
• Free Alternatives to 10 Popular Commercial Mac Applications (Part2) (13)
• Download Junkies, Update Your System With RadarSync (17)

Entendendo o PCI DSS: Porque os padrões promovidos pelo Payment Card Industry Council são bem mais do que um simples Snake Oil

Este artigo do Eduardo Neves explica muito sobre o PCI-DSS. Imperdível para quem está envolvido no assunto.

Tech Support Cheat Sheet

via xkcd.com on 8/23/09