At last a crack !!!!!!

[G77]

People were lazy before n3, there even more lazier now with this cs thing

Sent from my GT-I9000 using Tapatalk

[BL4K3Y]

Quote:

Originally Posted by G77

People were lazy before n3, there even more lazier now with this cs thing

Sent from my GT-I9000 using Tapatalk

You mean using the fixes or just asking daft questions without searching the forum?

[TheCoder]

Quote:

Originally Posted by blakey_8

You mean using the fixes or just asking daft questions without searching the forum?

The answer to that is very probably BOTH !

[waqasahmed]

Just wondering if this is true. What I've heard is that in security companies(more to do with Internet Security, but it still applies) the company will create at lease two teams, that are separate from the network that will attempt to hack each other so that they can improve their security?

Sort of ethical hacking if you will

[TheCoder]

Quote:

Originally Posted by waqasahmed

Just wondering if this is true. What I've heard is that in security companies(more to do with Internet Security, but it still applies) the company will create at lease two teams, that are separate from the network that will attempt to hack each other so that they can improve their security?

Sort of ethical hacking if you will

Its quite common for companies to hire in 'ethical' hackers to test their network security including using such skills as social engineering (attempting to get passwords etc from people by 'plausible' means) and actual network attacks.

Smartcard companies rarely use these techniques because they are mostly far too secretive. A typical core smartcard team will consist of usually less than 10 team members (typically 5-6) and those will usually be the only people who ever gain access to algorithms or source code etc. The team architects (rarely more than 2-3 persons) will nearly always fully research all algorithms beforehand with at least one of the members being a professional mathematician/cryptographer who is likely already fully familiar with the actual algorithms to be used. Afaik, non of the major smartcard operators have ever put code out to peer review or have ever employed 'hackers' to break their own card (although they frequently attempt to 'break' other companies cards).

Look at companies like Kudelski/SECA or NDS and you'll find they consist of maybe four or five core teams of developers (25-50 key people) surrounded by a whole bunch of managers/salemen/lawyers etc. who aren't actually involved in development.

[timetrex]

I seen there was an exploit with some of the commands to drop data into the RAM. The only problem then is getting it to run?

Was having a look at specs and that for AT90SC144144CT and if the programmers use some virtual java machine for the coding.
i do know there was a java exploit and whether that can be used for the Rom 180

http://xxx.uclouvain.be/crypto/wissec2009/static/13.pdf