Monday, November 16, 2009

Día Internacional de la Seguridad en Cómputo

El DISC 2009 México será celebrado el 30 de noviembre de 2009 teniendo como sede el Instituto de Investigaciones en Materiales, localizado dentro de las instalaciones de Ciudad Universitaria.

El DISC es el Día Internacional de la Seguridad en Cómputo. Es una celebración convocada por la Association for Computing Machinery (ACM) en el año de 1988 con el propósito de incrementar el nivel de conciencia en relación a los problemas de la seguridad en cómputo. Con el paso de los años ha ido aumentando a nivel mundial el interés por este día. El Departamento de Seguridad en Cómputo/UNAM-CERT de la Dirección General de Servicios de Cómputo Académico es el organismo oficial en México encargado de celebrar el DISC desde 1994.

En esta emisión, el tema principal del DISC será "La primera defensa eres tú".


CAPTCHA Security: A Case Study

"CAPTCHAs have been widely used across the Internet to defend against undesirable or malicious bot programs. In this article, the authors describe the security of a CAPTCHA reported in a recent peer-reviewed paper and deployed on the Internet. They show that although this scheme was effectively resistant to one of the best optical character recognition programs on the market, they could break it with a success rate of higher than 90 percent by using a simple but novel attack. In contrast to early work that relied on sophisticated computer vision or machine learning algorithms, they used simple pattern recognition algorithms that exploited fatal design errors. The main contribution of their work is that simply counting the pixels in a CAPTCHA's characters can be a very powerful attack."

Link to e-article.

Friday, October 23, 2009

Friday, October 16, 2009


One of the founding members of, Adrian Roselli, has provided the archive as well as its support through his company, Algonquin Studios.
Lots of legacy browsers...

Wednesday, August 19, 2009

Seminario de seguridad en la UNAM

La Facultad de Ingeniería a través de la División de Ingeniería Eléctrica hace una atenta invitación a:

Seminarios impartidos por:

Ing. Pavel Ocenasek, graduating PhD candidate
Brno University of Technology, Czech Republic

Sala de videoconferencia del Centro de Docencia, Anexo de la Facultad de Ingeniería

21, 24 y 25 de Agosto 2009, de 12:00 a 14:00

Seminarios sobre los tópicos:

- Security Protocols and Authentication/Key Distribution Schemes
- Evolutionary Computation in Network Communication
- Evolutionary Algorithms in Security Design
- Computer Networks and Security
- CISCO Networking technologies (routers, switches, LAN, WAN, ...)
- Web Technologies and Security
- Web Accessibility
- Electronic Commerce, Payment Systems and Payment Protocols

Wednesday, August 12, 2009

New semester

Today is the third day of a new semester at UNAM (both Bs and Ms). I have 6 students at "selected topics of security", we will be working with OSSTMM and vulnerability analysis, as well as fuzzing and other cool topics. The first challenge we met as teachers is to learn the names of the students, I only have 6 now, but used to be 40 when teaching other classes, I found a link with useful steps to remember most of the names, it's here.

Thursday, June 11, 2009

Security Flaw Hits VAserv; Head of LxLabs Found Hanged

"The discovery of 24 security vulnerabilities may have contributed to the death of the chief of LxLabs. A flaw in the company's HyperVM software allowed data on 100,000 sites, all hosted by VAserv, to be destroyed. The HyperVM solution is popular with cheap web hosting services and the attacks are easy to reproduce, which could lead to further incidents."

Link to the news