[FD] New BlackArch Linux ISOs (2016.04.28) and Installer released

Hi Andreas!

Hey Patrick, what do you think about another kind of 'Hack-PA-ton'.
Former TIS hires Igor and me for one day hacking and pentesting
Southtyrols PA in public, so people can watch over our shoulders, ask
questions and get answers like RTFM or a talk about measures against ROP
Gadgets?

As far as I understood from Igor at the CyberSecurity event, the target
has to sign a kind of agreement with those, who will do the testing. A
kind of waiver.

This means, only the Department of Information Technologies of the
Autonomous Province of Bolzano could organize this kind of activities.

Best regards,
Patrick

Yepp, it is common practice (and common sense).

There are "security tests" that can be conducted without an explicit
authorization (protocol analisys and reverse engineering, mobile app and
all other "client-side" things that doesn't involve trying to break into
third party systems), but still you can be summoned by some zealous
company..

Well, now is cool for the big companies (gugl, ebay, fb, ..) to have
"bug bounties" programs[1], which allow you to attack some
applications/targets (usually there are scopes and rules to respect).

[1]: https://en.wikipedia.org/wiki/Bug_bounty_program

cheers,
Igor