High Entropy

Screening of “A Good American” in Vienna with Bill Binney

Posted by on November 9, 2016 at 11:05 am

There will be a screening of the documentary A Good American in Vienna tomorrow. We highly recommend watching this film, even if you are not directly connected to information security. Threat intelligence has far-reaching consequences, and in the case of the world’s biggest intelligence agency it also affects you. A Good American will be shown […]

Of Clouds & Cyber: A little Story about Wording in InfoSec

Posted by on September 5, 2016 at 5:15 pm

In case you ever received a message about our calls for papers, you may have noticed that we do not like the word cyber. Of course we know that it is used widely. Information security experts are divided if it should be used. Some do it, some reject it, some don’t know what to do […]

Information Warfare: “Breaking News” considered harmful

Posted by on August 31, 2016 at 4:13 pm

Eight years ago the stocks of UAL took a dive. Apparently a six year old news article resurfaced via Google. Googlebot, which is used to index news sites, confused one of the most popular web articles of The Sun-Sentinel with breaking news. The story contained the words United Airlines Files for Bankruptcy. Unfortunately a software […]

Transforming Secure Coding into Secure Design

Posted by on August 21, 2016 at 6:09 am

Secure Coding is the way to go when you develop applications for the real world. Rename errors and bugs into failures. Turn #fail to #win. Instant karma. In addition there are lots of best practices, checklists, and documents around that will tell you what to anticipate. However the design of an application precedes the code […]

A Perspective on Code and Components – assert(), don’t assume()

Posted by on July 21, 2016 at 12:43 pm

Have you ever looked closely at the tools you use on a daily basis? Taking things apart and putting them back together is an integral part of understanding the universe. Scientists do it all of the time (well, at least some do, there are things that can’t be put together easily once taken apart). So […]

Intelligence on the Silver Screen: A Good American Kickstarter Campaign

Posted by on July 21, 2016 at 11:54 am

Surveillance has a bad reputation. No one likes to be watched. Yet infosec researchers, sysadmins, and developers talk a lot about log files. We need to watch stuff for various reasons. You got your mail logs, diagnostic messages, performance metrics, network addresses, and more painstakingly sorted by timestamps and maybe geolocation. Log data is part […]

The Internet of Threats revisited

Posted by on July 14, 2016 at 1:12 pm

Everyone is talking about the Internet of Things. Connecting household applications (yes, applications, appliances is so 1990s) to a network hasn’t been more fun than now. Also measuring things is great. Today most sensors are deployed to generate endless streams of data because we can, not because there is a need for it. And I […]

The Didactic Side of Information Security

Posted by on May 18, 2016 at 2:40 pm

Explaining complicated topics with a lot of dependencies is hard. Even the operation of devices such as computers, telephones, or cloud(ed) applications can’t be described in a few sentences. Well, you can, if you use the tried and true lie-to-children method coined by Jack Cohen and Ian Stewart. If you really want to dive into […]

Return of the Penguin Challenge – ELF (?) Binary (?)

Posted by on April 5, 2016 at 10:03 pm

Our friends from BSidesLondon have set up a challenge for you. It’s a little ELF binary with some odd properties. That’s all we will tell you. Have a look for yourself. In case you are forensically inclined, we might have a little Call for Papers email for you. There is a lot of strange code […]

FBI, NSA, DoD and CDC join forces to combat Cyber Pathogens

Posted by on April 1, 2016 at 2:26 pm

The world economy is threatened by a new strain of microorganisms. These so-called cyber pathogens spread via networks and the touch of digital devices. They can also lie dormant for days and months, only to spring to life when the victim’s immune system is at its weakest point. It is widely believed that cyber pathogens […]

“A Good American” opens next Week in Austrian Theatres

Posted by on March 11, 2016 at 1:37 pm

For everyone attending DeepSec 2015 we organised a private screening of the film “A Good American”. Everyone else now gets the chance to see this film in theatres beginning on 18 March 2016. Next week there will be the premiere in Vienna, Linz, and Innsbruck here in Austria. Bill Binney will be present himself, and […]

DeepSec Video: HackingTeam – How They Infected Your Android Device By 0days

Posted by on February 20, 2016 at 8:15 am

Backdoors are very popular these days. Not only cybercrime likes extra access, governments like it too. There’s even a lucrative market for insecurity. You can buy everything your IT team defends against legally. Hacking Team is/was one of the companies supplying 0days along with intrusive software to take over client systems. Attila Marosi explained at […]

DeepSec Video: Cryptography Tools, Identity Vectors for “Djihadists”

Posted by on February 5, 2016 at 8:35 am

Wherever and whenever terrorism, „cyber“, and cryptography (i.e. mathematics) meet, then there is a lot of confusion. The Crypto Wars 2.0 are raging as you read this article. Cryptography is usually the perfect scapegoat for a failure in intelligence. What about the facts? At DeepSec 2015 Julie Gommes talked about results of the studies done […]

National-Security-in-the-Middle Attack – the Crypto Wars continue

Posted by on December 3, 2015 at 3:29 pm

National security has officially reached the SSL/TLS infrastructure – at least in Kazakhstan. The Google cache features an article published by the Kazakhtelecom JSC where the introduction of a so-called national security certificate for Internet users was proudly announced. We show you some parts of the original text for educational purposes, because we have never seen the announcement […]

Terrorism – No Time for Backdoors

Posted by on November 18, 2015 at 10:41 am

Every successful project needs proper planning and a good project management. You know this from your business life, probably. Projects can’t be done without tools for communication. We all use these day by day. Email, telephone, collaboration platforms, social media, instant messengers, and more software is readily available. Access to communication tools has spread. Exchanging […]