Comprehensive guide for iOS app security testing and reverse engineering.

The first text-based CAPTCHA ( we’ll call it just CAPTCHA for the sake of brevity ) was used in 1997 by AltaVista search engine. It prevented bots from adding Uniform Resource Locator (URLs) to their web search engine.

Back then it was a decent defense measure. However the progress can't be stopped, and this defense was bypassed using OCR available at those times (for example FineReader).

CAPTCHA became more complex, noise was added to it, along with distortions, so the popular OCRs couldn’t recognize this text. And then OCRs custom made for this task appeared. It costed extra money and knowledge for the attacking side. The CAPTCHA developers were required to understand the challenges the attackers met, what distortions to add, in order to make the automation of the CAPTCHA recognition more complex.

The misunderstanding of the principles the OCRs were based on, some CAPTCHAs were given such distortions, that they were more of a hassle for regular users than for a machine.

OCRs for different types of CAPTCHAs were made using heuristics, and the most complicated part of it was the CAPTCHA segmentation for the stand along symbols, that subsequently could be easily recognized by the CNN (for example LeNet-5), also SVM showed a good result even on the raw pixels.

In this article I’ll try to grasp the whole history of CAPTCHA recognition, from heuristics to the contemporary automated recognition systems. We’ll figure out, if a CAPTCHA is still alive.

I’ll review the yandex.com CAPTCHA. The Russian version of the same CAPTCHA is more complex.

The article is an abstract of my book [1] based on previously presented publications [2], [3], [4], [5]

The published material is in the Appendix of my book [1]

Modern civilization finds itself at a crossroads in which to choose the meaning of life. Because of the development of technology, the majority of the world's population may be "superfluous" - not in demand in the production of values. There is another option, where each person is a supreme value, an absolute individual and can be indispensably useful in the technology of the collective mind.

In the eighties of the last century, the task of creating a scientific field of "collective intelligence" was set. Collective intelligence is defined as the ability of the collective to find solutions to problems more effectively than each participant individually. The right collective mind must be...

Some time ago I discovered that Django has the ability to auto-register ModelAdmins. Since this is not common knowledge and carries a number of benefits, I decided to write an article about it to bring it to the attention of the Django community.

I guess, it's not a big deal to say that Wi-Fi (IEEE 802.11 standards) is the one of the most popular and most spread communication technology of the current day. Especially indoors. The growing number of Wi-Fi devices still remains that leads to the overcrowded spectrums: both 2.4 GHz and 5 GHz.

This fact means increasing of demand for some optimization routines for utilization of resources. And therefore some RRM (Radio Resource Management) systems become required.

Hello, I am Aleksandr Ivanov, CTO at Quadcode. We came to Habr to show the Fintech “kitchen”; we’ve been at it for 8 years, so we can already share our experience. In our blog we will talk about architectures, technologies, tools and life hacks.

WebRTC integrations have emerged as a game-changer in the Video Calling Technology over the years. The protocol has redefined the way real-time video communications take Developers can integrate WebRTCs commonly available as JavaScript APIs to add audio and video solutions to their apps. place. Developers can integrate WebRTCs commonly available as JavaScript APIs to add audio and video solutions to their apps. This tutorial will take you through the steps in developing a two-way video call between two devices. 

WebRTC (Web Real-Time Communication) is a set of rules that can establish bidirectional and full-duplex communication between our two devices using JavaScript. It connects your devices and enables transfer of unlimited real-time audio and video across any operating system. However, the WebRTC agents created for both devices do not know any information about each other inorder to establish the media exchange. At this point, a third, mutually agreed-upon server is introduced. This server which connects the devices to transfer data with necessary information about the endpoints is known as the Signaling Server. 

Before we start off with the steps, it is necessary to become familiar with the basics of the integration process. 

Queries in PostgreSQL. Index scan

In previous articles we discussed query execution stages and statistics. Last time, I started on data access methods, namely Sequential scan. Today we will cover Index Scan.

In this guide, I'd like to share with you tips and tricks about ActiveRecord preloading and how you can enhance it to the next level.

A similar article should have appeared earlier, about ten or fifthteen years ago, when Agile was just starting to be implemented in companies. How many mistakes, problems, conflicts could be avoided if managers immediately approached the issue correctly ...

But during this time, the experience of "implementing" Agile in different conditions, in different companies has accumulated, which should be generalized and widely disseminated.

Today we're talking multi-factor authentication, also known as two-factor authentication, and 2-step verification. It's got a few names but what is it?

Well, essentially it's proving your identity in more than one way. The principle being that if one of these authentication factors is defeated, that's not enough to give access to your data. So your data should be secure if someone steals your password for example. It's not enough to just log in twice. These different authentication factors have to work in a fundamentally different way. So you can't just use a second password or a password in a pin; because passwords and pins both rely on the same thing - your memory. So if they have to work in different ways, what different factors are available for us to use? Well, here are some of the common ones.

Sometimes programming with mutexes gets too complicated and messy. Maybe you need to meet a new friend — the Event Loop pattern.

According to the no-cloning theorem it is impossible to create an independent and identical copy of an arbitrary unknown quantum state. We cannot delete any quantum information as well. All changes in time of the state vector in quantum mechanics are described by the action of unitary operators. Accordingly, there must be an operator performing a deleting operation. The operator must be a zero matrix in order to nullify quantum information totally in all cases. But a zero matrix is not a uninaty or hermitian matrix. Therefore there is no such unitary operator that can delete information.

   This might be proven in another way. Let us imagine the double-slit thought experiment where interference exists when we do not know about the system and interference does not when we know about the system. Assume we have a storage where the data is stored and the experiment is being conducted with knowing about the system. Suppose we destroy the storage. What does the screen in the experiment show us? Quantum mechanics tells us that there must not be interference. Should it appear after the data is destroyed? Since the wave function has collapsed it cannot be restored. If there is a chance to delete the information in the experiment, it means that the wave function must go back to the initial state and show us interference, which is a contradiction.

   Based on the foregoing, we will consider the quantum eraser experiment. In that experiment information is neither erased nor disappeared. It is being changed. That is the key point. We increase entropy. If there is a 50 per cent chance to get interference then the entropy = 1 (max value). The same with a spin. If we change spins of elementary particles, for example in the Stern–Gerlach experiment with different axes measurements, we do not delete the information about the states of particles, we increase the entropy. Changing does not equal deleting. 

print(1 + 2)

N1Loader is designed to provide a simple way for avoiding N+1 issues
of any kind. Gladly, it's super easy to integrate with your GraphQL
API. Without further delay, let's look at a simple but yet detailed
example.

Different navigation message protocols are used for different navigation signal type. This is true even for a single system like NAVSTAR GPS. For example, L1C/A signals have a LNAV protocol, while L2C and L5 signals utilize a CNAV protocol. The newest L1C signal will use CNAV-2. 

The protocol defines a data distribution into frames, subframes, the subframes structure, transmission intervals, data resolution and so on. 

A navigation receiver use the navigation message data flow for several purposes:

1. The data flow allows to resolve a code ambiguity and set the signal time.

2. Ephemeris and clock values are used for the satellite position calculation, pseudorange corrections and coordinates computation.

3. The received data flow and navigation message data can be used for navigation symbols prediction. As result, we can use the wipe-off technique, expand discriminators and significantly increase tracking sensitivity:

Positive Hack Days 11 will begin in a matter of weeks. This international forum on practical security will be held on May 18–19 in Moscow.

As per tradition, PHDays will have three big tracks dedicated to countering attacks (defensive), protection through attack (offensive), and the impact of cybersecurity on business. It is our pleasure to present the first talks.

So you want to learn more about game engines and write one yourself? That's awesome! To help you on your journey, here are some recommendations of C++ libraries and dependencies that will help you hit the ground running.