Thái | Hacker | Kỹ sư tin tặc

Thái | Hacker | Kỹ sư tin tặc is a Substack focused on cybersecurity, technological innovation, and the personal experiences of a Vietnamese engineer navigating the tech industry. It covers online security challenges in Vietnam, ethical hacking, personal journeys within the tech sector, and insights on living a balanced life amidst tech advancements.

Cybersecurity Technological Innovation Personal Development Vietnamese Technology Scene Ethical Hacking Career Growth Cultural Insights Online Privacy

The hottest Substack posts of Thái | Hacker | Kỹ sư tin tặc

And their main takeaways

A day at work

0 implied HN points 23 Oct 20
🕹 Technology Crypto Programming Workplace Security
  1. Performance reviews can be nerve-wracking but can lead to unexpected surprises, like a promotion
  2. Facing technical challenges at work can be frustrating but also rewarding when solved, like deciphering a cryptogram
  3. Taking breaks, exploring new strategies, and collaborating with teammates are key in problem-solving and personal growth

Web Hacking Challenge - WOWHacker CTF

0 implied HN points 25 Aug 09
🕹 Technology Hacking
  1. The challenge involved a classic PHP local file inclusion attack where setting certain parameters led to file inclusion in the vulnerable script.
  2. There was confusion over the server type which delayed the solution; mistaking Apache for IIS led to a significant setback in the hacking process.
  3. The hack involved accessing log files in a Windows environment to reveal a secret script and required simple SQL injection for bypassing authentication.

Advisory: security issues in AWS KMS and AWS Encryption SDKs

0 implied HN points 25 Sep 20
🕹 Technology Security Encryption Vulnerabilities
  1. Security vulnerabilities in AWS KMS and AWS Encryption SDKs included information leakage, ciphertext forgery, and robustness issues.
  2. The vulnerabilities required the release of a new version, 2.0.0, for fixes, highlighting the importance of regularly updating software for security measures.
  3. The vulnerabilities exposed potential attacks related to ciphertext decryption, key replacement, and non-committing property issues, emphasizing the critical need for secure encryption practices.

Vụ lộ 160 triệu tài khoản của VNG

0 implied HN points 01 May 18
🕹 Technology Data Breach Cybersecurity Privacy Internet Information Security
  1. A data breach of VNG exposed around 160 million accounts, including sensitive information like passwords and personally identifiable information (PII) like names, birthdates, emails, phone numbers, and more.
  2. The breached data was poorly protected, with passwords stored in an easily crackable format, allowing for over 124 million accounts to be decrypted in just two days using basic software on a standard laptop.
  3. The impact of such breaches can be severe, as many individuals use the same password across multiple accounts, making them vulnerable to further security risks if exposed in one breach.

Reminder: Livestream trò chuyện với Hieupc

0 implied HN points 16 Sep 20
🎭️ Culture Livestream Conversation Hacking Internet Safety Q&A
  1. Livestream event featuring Hieupc, Huân Trương, and Junnie Nguyễn discussing hacking, fraud, and online safety on Saturday, 19th September.
  2. The event will cover topics like Hieupc's hacking journey, lessons learned, and future plans for societal contributions.
  3. Participants will delve into the issue of fraud, impersonation, and identity theft on social media, with insights from a former Facebook employee, Junnie Nguyễn.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

Bóng bàn cấp xóm

0 implied HN points 26 Aug 13
🎾 Sports
  1. The post is about a neighborhood ping pong competition with at least 3 participants.
  2. The event is documented through images and is shared multiple times within the post.
  3. The post author emphasizes the participation of over 3 people in the competition.

tiễn người ra cửa rồi

0 implied HN points 15 Jul 10
⛪ Faith & Spirituality Reflection Love Loss Desire Emotions
  1. Ignoring those who adore us and loving those who ignore us can lead to loneliness and heartache.
  2. Rejection can make one understand and sympathize with others facing unreciprocated love.
  3. Loss of a cherished moment or relationship due to misunderstanding or inability to appreciate true feelings can create an unpayable emotional debt.

Reminder: Tìm việc ở Thung lũng Silicon

0 implied HN points 29 Aug 20
💼 Business Career development Networking Job Market Tech industry
  1. An event is happening today focusing on job opportunities in Silicon Valley, with diverse guests including engineers, managers, researchers, from big companies to startups.
  2. The event will cover topics like career preparation, interviews, salary negotiations, and the experience of living in Silicon Valley.
  3. Organizers and guests include professionals from top tech companies like Tesla, Google, Salesforce, Pinterest, and NASA, offering valuable insights and opportunities.

TetCon News

0 implied HN points 02 Dec 15
💼 Business Events Training Funding
  1. Submit to TetCon before the CFP deadline, which is by the end of this week.
  2. Sign up for training classes at TetCon now, as a minimum of 10 attendees is required per class.
  3. TetCon is looking for sponsors to help cover costs; if interested, reach out to the organizer for more details.

It's official: TetCon 2016 will be at Sheraton Saigon

0 implied HN points 04 Dec 15
🏝 Travel Event
  1. TetCon 2016 will be held at the Sheraton Saigon hotel in the heart of Saigon.
  2. A deal was secured with Sheraton for the event, thanks to a helpful individual who may be a regular reader of the blog.
  3. Tickets for the event will go on sale tomorrow, with the event scheduled for January 4, 2016, at Sheraton.

Trả lời phỏng vấn BBC Việt Ngữ về Bluezone

0 implied HN points 07 Aug 20
🕹 Technology Security Privacy Contact Tracing Mobile Applications
  1. Bluezone is a mobile app that helps with contact tracing for COVID-19 in Vietnam by using Bluetooth Low Energy technology.
  2. The privacy of Bluezone users has been a concern, but recent versions have addressed some security vulnerabilities.
  3. It is important for the government and developers of data-tracking apps like Bluezone to ensure data is only used for pandemic control purposes and establish independent oversight.

hacker vs hiệp sĩ

0 implied HN points 03 Sep 10
🎭️ Culture
  1. Hackers and knights have different perspectives and motives for their actions.
  2. The hacker manifesto explores the psychological aspects and motivations behind hacking.
  3. The knight's declaration sheds light on the romanticized ideals of knights, contrasting with the gritty reality of their actions.

Cập nhật về Bluezone

0 implied HN points 03 Aug 20
🕹 Technology Security Government Data Privacy Software Development Mobile Applications
  1. Bluezone app has made important security improvements by automatically changing the user ID and stopping collection of Bluetooth Classic addresses.
  2. Only Bluezone developers and the Vietnamese government can gather user information now, ensuring better privacy for users.
  3. It's advised for end users to install Bluezone if they trust the developers and government, while developers should commit to deleting data post-pandemic and enhance data protection measures.

TetCon 2016 CFP

0 implied HN points 04 Oct 15
🚌 Education Conference Travel Languages Scholarships
  1. The TetCon 2016 Call for Papers submission window will be open from October 6, 2015, to December 6, 2015.
  2. TetCon offers reimbursement for travel expenses for speakers, accommodation at the official conference hotel, and free conference passes to all speakers.
  3. The conference organizers encourage submissions from student or female researchers and provide support for those needing assistance with their work.

Ẹo

0 implied HN points 11 Mar 21
🕹 Technology Blogging
  1. The post is about vnhacker.substack.com and the content shared
  2. The post includes images and links for sharing on social media platforms like Facebook and email
  3. There is a note section and options beyond just sharing the post, like copying the link

Bad Life Advice: Never Give Up - Replay Attacks Against HTTPS

0 implied HN points 08 Dec 15
🕹 Technology Security Web Cybersecurity Networking
  1. Self-help advice of 'Never Give Up' can sometimes lead to vulnerabilities like replay attacks against HTTPS.
  2. Browsers like Chrome automatically retry failed requests, creating an opportunity for attacks by duplicating and replaying HTTPS traffic.
  3. TLS may protect against replay attacks, but there can still be mismatches between what it promises and what is actually deployed, requiring additional server defenses.

Tại sao các công ty nên gửi người đến TetCon

0 implied HN points 26 Dec 15
🕹 Technology Cybersecurity Conferences Training Company Culture Professional development
  1. Companies should invest in sending their employees to specialized conferences like TetCon to ensure their cybersecurity knowledge is up-to-date.
  2. Quality of software security in devices like FireEye is often not guaranteed, posing significant risks due to vulnerabilities like remote command execution.
  3. Establishing a culture of professional development by sponsoring employees to attend conferences and trainings is crucial for enhancing expertise in cybersecurity.

Funemployed

0 implied HN points 12 Oct 10
💼 Business Career Opportunities Resignation
  1. The author resigned as the chief information security officer of DongA Bank and is looking forward to new opportunities.
  2. The author is not sure about their next steps but is open to new ideas and opportunities.
  3. The author encourages reaching out if there are any deals or opportunities to discuss.

Hacking không chỉ dành cho đàn ông

0 implied HN points 04 Mar 07
🕹 Technology Hacking Cybersecurity Tech Events Gender Diversity
  1. Hacking is not just for men, as demonstrated by female hackers like Joanna Rutkowska.
  2. Joanna Rutkowska has proven her expertise multiple times in cybersecurity, showcasing her abilities in preventing forensic investigation of malware.
  3. Females like Joanna Rutkowska are making significant impacts in the hacking and cybersecurity field, challenging stereotypes.

Another update on memset()

0 implied HN points 29 Dec 15
🕹 Technology Coding Security Programming
  1. Unit tests for submissions run through standard C tests with a function pointer, so function must work properly in a C program.
  2. Special compiler options or attributes to reduce code size are not used in unit tests.
  3. When sharing an implementation for testing, providing shellcode is preferred over an .asm file.

Ubuntu: từ A đến Z

0 implied HN points 05 Mar 07
🕹 Technology Linux Operating Systems Tutorials
  1. The post provides a detailed introduction to Ubuntu, covering installation, configuration adjustments, and adding common software.
  2. The tutorial encourages considering Ubuntu as an alternative to Windows for a secure system without DRM restrictions, running even on older hardware, and with all software free of charge.
  3. The article aims to assist people willing to switch to Linux in setting up a Linux desktop that fully replaces their Windows desktop.

Hacker họ là ai vậy?

0 implied HN points 17 Jul 07
🕹 Technology Hacking Programming Community Ethics Security
  1. Hacker culture has specific characteristics like programming skills, tool knowledge, and a passion for music.
  2. Hackers are not limited to one specific type and can wear black, grey, blue, or white hats.
  3. Hacking involves a wide range of activities from financial crimes to stock trading, and hackers differ greatly in their skills and interests.

Here come the winners

0 implied HN points 29 Dec 15
🕹 Technology Coding Awards Software Development
  1. Manh Luat Nguyen won by creatively implementing memcpy with pop instructions to save space in the code.
  2. Pham Viet Hoa received a special prize for a 10-byte implementation that didn't pass unit tests, but was appreciated by Bruce.
  3. The organizers granted full scholarships to all young participants despite an oversight in booking a small room for the event.

Bài này tự hay

0 implied HN points 03 Apr 12
🕹 Technology Security Hacking Social media
  1. The post discusses lesser-known security vulnerabilities that can spread easily on social networks.
  2. It mentions potential harm these vulnerabilities can cause and references a talk at TetCon 2012.
  3. The emphasis is on the importance of being aware of such vulnerabilities to prevent widespread damage.

Security through obscurity

0 implied HN points 17 Jul 07
🕹 Technology Security
  1. Sometimes utilizing 'security through obscurity' can be beneficial.
  2. It may be strategic to withhold dangerous information from adversaries.
  3. Choosing to keep certain vulnerabilities hidden can buy you time to strengthen your defenses.

Nhiều website ngân hàng bị “hổng”

0 implied HN points 17 Jul 07
🕹 Technology Security Banking
  1. Some bank websites have serious vulnerabilities that could compromise customer data and the bank's reputation.
  2. It raises questions about the legitimacy and legality of companies like BKIS conducting independent security checks.
  3. If independent security checks lead to damage, who holds responsibility?

DNS Rebinding Attacks

0 implied HN points 08 Aug 07
🕹 Technology Cybersecurity Networking
  1. DNS Rebinding Attacks can subvert the same-origin policy and turn browsers into open network proxies.
  2. These attacks have the potential to bypass firewalls and gain access to internal documents and services.
  3. It takes less than $100 to temporarily hijack 100,000 IP addresses for purposes like sending spam and defrauding pay-per-click advertisers.

Khoe ;-)

0 implied HN points 01 Mar 12
🕹 Technology Security Blogging
  1. The post is about celebrating an achievement related to web hacking techniques over several years.
  2. The post includes multiple links to resources discussing the top web hacking techniques of different years.
  3. There is a mix of images and text throughout the post, emphasizing the celebratory tone.

detecting snake oil

0 implied HN points 31 Mar 08
🕹 Technology Security Networking Cryptography Scalability
  1. Security-clueless companies often focus too much on fancy network devices like firewalls and IDS without considering the human element, a key weak point in security.
  2. Be cautious of companies that claim their products or solutions are 'secure' without specifying what threats they protect against or how they handle unexpected disasters.
  3. Companies that overlook scalability, high-availability, and the importance of cryptography in their security solutions may not fully understand the comprehensive nature of security.

o^i ho^`ng nhan

0 implied HN points 13 Apr 08
🎭️ Culture Personal Stories Work Life Family Dynamics Social Issues
  1. Life can be very different based on one's circumstances, like growing up in poverty or having a luxurious lifestyle.
  2. We often judge people's choices without understanding the challenges they face and the limited options available to them.
  3. It's important to consider the backgrounds and struggles of others before passing judgment on their decisions.

Viet InfoSec Mailing List

0 implied HN points 16 Mar 16
🕹 Technology Information Security Forums Community
  1. Creation of a mailing list for sharing information security news and discussions after TetCon 2016
  2. Viet InfoSec is an open forum for those interested in information security in Vietnam and globally, welcoming both Vietnamese and English speakers
  3. People can join the Viet InfoSec mailing list through a Google Groups link

(Báo Động Đỏ) Lỗi bảo mật đặc biệt nghiêm trọng, mọi người chú ý

0 implied HN points 22 Jul 08
🕹 Technology Security Internet DNS Cybersecurity Vulnerability
  1. A critical security vulnerability in DNS systems poses a serious threat to stealing online information and controlling internet activities.
  2. DNS, or Domain Name System, is crucial in mapping computer addresses to human-readable names on the internet.
  3. Temporary solution to mitigate the risk includes switching to DNS servers like OpenDNS, which have already fixed the vulnerability.

Solutions manual for NTB - 1.1 Divisibility and primality

0 implied HN points 07 Jul 09
🚌 Education Mathematics Proofs Number Theory Induction
  1. Check for divisibility between two numbers by comparing their multiples with another common multiple, often using integers.
  2. Composite integers have prime divisors that are less than or equal to the square root of the composite integer.
  3. The number of multiples of a given integer within a specified interval can be calculated using floor functions and division.

Một nghiên cứu thất bại

0 implied HN points 30 Mar 16
🕹 Technology Security Programming Research Cybersecurity Certificates
  1. Understand your tools and use them efficiently. Don't waste time trying to solve a problem in a complex way when a simple solution already exists.
  2. Experiment with your ideas without bias. Test all scenarios, even those that may disprove your initial hypothesis. Failure is part of the research process.
  3. Research and learn from existing studies before diving into a new project. Taking a few minutes to search for prior work can save time, money, and prevent investing in unfruitful ideas.

Mời đăng ký tham dự TetCon 2013

0 implied HN points 18 Nov 12
  1. TetCon 2013 will take place on January 15th, 2013 at the University of Technology, Ho Chi Minh City.
  2. Registration for TetCon 2013 has begun at the link provided.
  3. The event organizer expressed gratitude and anticipation for the upcoming TetCon 2013.

Solutions manual for NTB - 3.3. Basic integer arithmetic

0 implied HN points 26 Jul 09
🚌 Education Mathematics Algorithms
  1. The algorithm in Exercise 3.31 can efficiently determine if a given integer is a perfect power and compute its pair in a short amount of time.
  2. In the algorithm from the previous exercise, a more careful implementation can significantly reduce the total running time by decreasing the time each loop iteration takes.
  3. It is possible to convert between base-10 representation and the internal representation of an integer efficiently and quickly as shown in Exercise 3.32.