Leaderboard

Daca vreti sa cititi despre cum sunt exploatati chinezii, va recomand cartea https://www.publica.ro/yukari-iwatani-kane-apple-dupa-steve-jobs.html Direct de la sursa. Asta pentru cei care-si doresc sa vina multe multinationale in Romania.

Am omis partea aia, my bad. Chiar si in conditiile astea, cred ca este posibil sa se faca ceva asemanator pentru windows doar ca trebuie sa caute utilitare specifice sau o cutie JTAG pentru modelul respectiv.

@xzsdyx ce ai postat este doar pentru android, el are windows 8.1 pe lumia

Nu am incercat dar cred ca e posibil sa clonezi OS-ul sau sa faci un backup la nivel software. Arunca un ochi aici: https://www.coolmuster.com/phone-transfer/how-to-clone-android-phone.html https://www.recovery-android.com/backup-and-restore-android.html Daca la nivel software nu merge, la nivel hardware merge sigur dar ai nevoie de niste echipamente speciale(niste cutii bazate pe JTAG) care sunt scumpe si de regula le detin doar unele service-uri.

posibil sa fie deplasata banda de la touch, incearca sa-l desfaci si vezi ce rezolvi https://www.gsmnet.ro/piese-componente-display-uri-touchscreen-uri/touchscreen-nokia-lumia-520, il poti schimba si tu, nu este mare bataie de cap.

Am avut si eu un din asta acum 4 ani. I l-am dat lui taica-miu si in 2 luni i-a spart touch-ul. El l-a schimbat cu 100 de lei si merge si astazi. Daca esti mai priceput poti comanda piese de la gsmnet, ca sunt ieftine (cat o masa la unele cantine). Uite link: https://www.gsmnet.ro/cauta/Touchscreen lumia 520 Multa sanatate! Ps: dc lcd e intact trebuie sa iei doar touchul, care e un plastic transparent cu niste sarme.

@Che am citit si eu despre chinezi, cum sunt exploatati la blana si alte rahaturi, in ziua de azi se plateste mai mult marca + cu bani dupa un iphone sau samsung 3000 - 4000lei iti poti face o afacere gen: butic de suvenire + menaj, atelier de reparatii biciclete, sticlarie etc. Sunt prea exagerate preturile tinand cont de costurile de productie. De exemplu un telefon ca asta 4 dolari, in romania costa in jur de 150 - 200lei. Cel mai bine cumperi de la concurenta cu specificatii de top si mult mai ieftin dupa cum spunea si aismen.

Ai dreptate in tot ceea ce ai zis. Am dat citare doar la propozitie asta fiindca vreau sa clarific un lucru: Eu nu critic/jignesc etc. pe cei care isi iau telefoane scumpe. Daca as avea bani poate ca si eu mi-as lua iPhone sau Samsung ultimul model. Eu ii critic pe cei care le fabrica si le dau asa de scumpe desi cica isi bat joc la propriu de chinezii care le produc, vazusem un reportaj in care se zicea ca fac tot felul de cancere de la substantele cu care lucreaza, nu mai zic de programul de sclav extenuant si multe altele, la care se adauga un salariu de mizerie si costuri de productie infime (acuma nu stiu daca chiar 10$ dar eu asa am citit/auzit acum cativa ani). Dupa toate astea sa-si mai vanda unii si un rinichi pentru un rahat de telefon care acum e un model si mai incolo apare alt model, mi se pare o prostie. Si pentru ce ? La urma urmei e doar un telefon. Scuze de offtopic ! Multumesc pentru sfaturi tuturor !

Hai salut

https://github.com/aflgo/aflgo https://github.com/aflgo/oss-fuzz AFLGo is an extension of American Fuzzy Lop (AFL). Given a set of target locations (e.g., folder/file.c:582), AFLGo generates inputs specifically with the objective to exercise these target locations. Unlike AFL, AFLGo spends most of its time budget on reaching specific target locations without wasting resources stressing unrelated program components. This is particularly interesting in the context of: patch testing by setting changed statements as targets. When a critical component is changed, we would like to check whether this introduced any vulnerabilities. AFLGo, a fuzzer that can focus on those changes, has a higher chance of exposing the regression. static analysis report verification by setting statements as targets that a static analysis reports as potentially dangerous or vulnerability-inducing. When assessing the security of a program, static analysis tools might identify dangerous locations, such as critical system calls. AFLGo can generate inputs that actually show that this is indeed no false positive. information flow detection by setting sensitive sources and sinks as targets. To expose data leakage vulnerabilities, a security researcher would like to generate executions that exercise sensitive sources containing private information and sensitive sinks where data becomes visible to the outside world. A directed fuzzer can be used to generate such executions efficiently. crash reproduction by setting method calls in the stack-trace as targets. When in-field crashes are reported, only the stack-trace and some environmental parameters are sent to the in-house development team. To preserve the user's privacy, the specific crashing input is often not available. AFLGo could help the in-house team to swiftly reproduce these crashes.

The Controversial Speck Encryption Code Will Indeed Be Dropped From The Linux Kernel Written by Michael Larabel in Linux Kernel on 4 September 2018 While Google got the NSA-developed Speck into the Linux kernel on the basis of wanting to use Speck for file-system encryption on very low-end Android (Go) devices, last month they decided to abandon those plans and instead work out a new "HPolyC" algorithm for use on these bottom-tier devices due to all the concerns over Speck potentially being back-doored by the US National Security Agency. After Google reverted their plans to use Speck for file-system encryption, it was called for removal from the Linux kernel with no other serious users of this code... Speck had been added to the crypto code in Linux 4.17 and then to the fscrypt bits for file-system encryption with Linux 4.18. But during the Linux 4.19 merge window that ended a week ago, the removal of Speck never occurred. While it didn't happen for this current kernel cycle, I noticed today that the speck removal patch has been merged into the development crypto code base by subsystem maintainer Herbert Xu. The patch merged overnight strips the kernel of Speck. This along with the start of other early crypto code will end up being merged into the next kernel cycle though the patch is also marked for stable back-porting to currently supported stable series. Sursa: https://www.phoronix.com/scan.php?page=news_item&px=Speck-Dropping-Next-Kernel

Sunt foarte multe persoane care sunt genii in domeniul info sec si nu au nici un fel de acreditare(menita sa iti ia banii). "Cei care nu sunt buni in domeniul lor, predau" - regula universala. Acestea fiind spuse, topic closed. PS: In loc sa faceti ceva util pentru voi(macar pentru voi, ca pentru comunitate...), stati si futeti menta aiurea.