fredag 19 september 2014

Appearance in the Swedish news

On Friday the 12th of September there was an article in Sweden about the Swedish nationalist party leader Jimmie Åkesson being a notorious gambler. I noticed that although the journalists claimed they had bank card records, nothing in their reveal proved that. Instead everything in their reveal proved to me that the bank card reference only was a diversion and that a gambling company was the source.

I contacted Sweden's largest daily news paper who initially didn't believe me but after speaking to another IT-security expert accepted my claims and wrote an article about it.

Link: http://www.dn.se/valet-2014/akesson-avslojande-vacker-upprorda-kanslor

Translation of my parts
"According to IT-security expert Siavosh Zarrasvand, who has experience working for both gaming companies and banks, the latter lack the ability to track which employee have accessed what information.
- Their systems aren't built for that and it is harder to tie a specific person to a specific lookup the way banks can do it. I have even been contacted by gaming companies who needed custom keyloggers to monitor the activity of some of their employees.
Both Siavosh Zarrasvand and Kalle Zetterlund point to the fact that revelations regarding the nationalist party leaders gaming habits cannot be known through bank transfer slips but must have come from the gaming companies."

söndag 25 maj 2014

Dennis Yurichev's new RE-beginners book covers it all

I started this blog because I found almost every book teaching assembly, reversing and debugging to be unacceptably inferior. My idea was to teach the mapping between c-code and assembly at compile time with easy understandable tutorials. Due to lack of time that work has been slacking behind a lot.

However, some weeks ago Dennis Yurichev solved the problem for now. His newly released (free) book Reverse Engineering for Beginners is a very good introduction to the compiler processes that map C to assembly.

It start with various instruction sets and covers up to ARM 64. Then moves on to some architecture specifics for ARM, discusses compiler optimization (including instrinsics) and instruction set extensions such as SIMD and FPU. Covers a good deal of debugging techniques as well as SMT-solvers. This is truly a fantastic alternative to the inferior beginner reversing books out there. Quite frankly, the only other books who match this book when it comes to focus on instruction sets and how processors and compilation really work are those written by the excellent russian reverse engineer Kris Kaspersky, like Code Optimization: Effective Memory Usage.

tisdag 21 januari 2014

Reversing challenge

We released a beginner reversing challenge at Sensepost today. You can find the challenge at http://sensepost.com/blog/10067.html.

If you struggle I'm sure I can help, just ping me.

Happy hacking!
/Ani