Archive for August, 2011

Talk: How Terrorists Encrypt

August 31, 2011

Encryption technology has always been regarded as a weapon, due to its uses in wars and espionage. Software used for encryption was banned for export to other countries in the US. The export regulations for strong cryptography were relaxed in 1996. Some countries still consider cryptographic software as a threat. Recently there have been discussions […]

Tags: , , ,
Posted in Conference Comments Off on Talk: How Terrorists Encrypt

Talk/Workshop: SAP Security In-Depth

August 31, 2011

No two SAP deployments are the same. If you run an SAP environment, then you will most certainly use customisations and a multi-tier architecture. You will have tied your SAP deployment to your assets. The typical setup features Development, Quality Assurance and Production (which is the minimal amount of tiers, you may have more). While the […]

Tags: , ,
Posted in Conference Comments Off on Talk/Workshop: SAP Security In-Depth

DeepSec 2011 Schedule and Description of Talks/Workshops

August 23, 2011

We’ve already published the preliminary schedule for DeepSec 2011. Most of the speakers have already confirmed their presence at the conference, but we are still waiting for e-mail. While preparing the schedule we’ve asked for more descriptions, and we will describe the talks and workshops in slightly more detail in the blog. We know that […]

Tags: , , , ,
Posted in Conference Comments Off on DeepSec 2011 Schedule and Description of Talks/Workshops

Cargo Cult Security

August 21, 2011

Here is a fictional story for you that bear no resemble to any living, dead or undead persons whatsoever. Imagine someone who is interested in establishing and maintaining a „medium“ to „high“ level of security for his or her business data. This person is a power user and uses harddisk encryption, an encrypted file server, […]

Tags: , , ,
Posted in High Entropy, Stories Comments Off on Cargo Cult Security

Discussion about Data Protection and the Game Industry at GamesCon

August 20, 2011

The GamesCon is taking place in Cologne. We were present at the first day in order to participate in a discussion about data protection in online games. Discussion partners were Konstantin Ewald, a lawyer and blogger (Online. Spiele. Recht) and Ulrich Lepper, North Rhine-Westphalia’s Commissioner for Data Protection and Freedom of Information. Online gaming is […]

Tags: , , ,
Posted in Report, Security Comments Off on Discussion about Data Protection and the Game Industry at GamesCon

Preliminary Schedule of DeepSec 2011 published

August 19, 2011

Finally we have reviewed all your submissions, and we have published a preliminary schedule on our web site. We have not filled all workshop slots, because some of the workshop submissions are still under review and some submitters have been asked for further material. We wish to express our deepest thanks for your submissions! We […]

Tags: , ,
Posted in Administrivia, Conference Comments Off on Preliminary Schedule of DeepSec 2011 published

Explaining Security to non-technical Audiences

August 7, 2011

A few days ago we had the opportunity to present a review of vulnerabilities in mobile phone networks and typical attack vectors to a non-technical audience (we announced the event in a previous blog posting, the event language was German). The background of the attendees was a spectrum of social sciences, political sciences, different technical […]

Tags: ,
Posted in Discussion, Report Comments Off on Explaining Security to non-technical Audiences