Thiago N. C. Cardoso

• Federal University of Minas Gerais

Updated version of the talk presented at Black Hat Asia 2019.

Múltiplas vulnerabilidades graves foram detectadas nos últimos Testes Públicos de Segurança da urna eletrônica brasileira. Quando combinadas, comprometeram o sigilo do voto e a integridade do software, as principais propriedades de segurança do sistema. O armazenamento inseguro de chaves criptográficas, inseridas diretamente no código-fonte e compa...

This talk presents a detailed and up-to-date security analysis of the voting software used in Brazilian elections by more than 140 million voters. It is based on results obtained recently by the authors in a restricted hacking challenge organized by the Superior Electoral Court (SEC), the national electoral authority. During the event, multiple ser...

Múltiplas vulnerabilidades graves foram detectadas nos últimos Testes Públicos de Segurança da urna eletrônica brasileira. Quando combinadas, comprometeram sigilo do voto e integridade do software, as principais propriedades de segurança do sistema. O armazenamento inseguro de chaves criptográficas, inseridas diretamente no código-fonte e compartil...

Capture the Flag (CTF) competitions are increasingly important for the Brazilian cybersecurity community as education and professional tools. Unfortunately, CTF platforms may suffer from security issues, giving an unfair advantage to competitors. To mitigate this, we propose NIZKCTF, the first open-audit CTF platform based on non-interactive zero-k...

This paper presents a detailed and up-to-date security analysis of the voting software used in Brazilian elections. It is based on results obtained by the authors in a recent hacking challenge organized by the Superior Electoral Court (SEC), the national electoral authority. During the event, multiple serious vulnerabilities were detected in the vo...

Redes Sociais Online se tornaram extremamente populares e têm gerado um enorme volume de dados. Saber as características demográficas desses usuários pode ser útil, por exemplo, para direcionamento de campanhas de marketing. Ao contrário da maioria das abordagens, nós propomos a utilização de Inferência Ecológica para entender características demog...

We introduce a new paradigm for Ranked Batch-Mode Active Learning. It relaxes traditional Batch-Mode Active Learning (BMAL) methods by generating a query whose answer is an optimized ranked list of instances to be labeled, according to some quality criteria, allowing batches to be of arbitrarily large sizes. This new paradigm avoids the main proble...

The user generated content available in online communities is easy to create and consume. Lately, it also became strategically important to companies interested in obtaining population feedback on products, merchandising, etc. One of the most important online communities is Twitter: recent statistics report 65 million new tweets each day. However,...

In this poster paper, we present an overview of CiênciaBrasil, a research social network involving researchers within the Brazilian INCT program. We describe its architecture and the solutions adopted for data collection, extraction, and deduplication, and for materializing and visualizing the network.

Social networking websites provide a suitable environment for interaction and topic discussion. With the growing pop-ularity of online communities, estimulated by the easiness with which content can be created and consumed, some of this content became strategical for companies interested in obtaining population feedback for products, personalities,...

Verification is one of the most critical stages in integrated circuit development. Given the current market conditions, a wise manner to improve verification results would be concentrating resources in error-prone modules. In this paper a novel method of attaching information to commit messages is introduced. Through the use of a simple and parseab...