The Call for Papers of DeepSec 2014 is still open. Since its motto is the power of knowledge we address everyone having knowledge. Information is the „cyber“ weapon of the 21rst century, we have heard. So if you know about the 0day that affects half the Internet, you should definitely think about presenting it at DeepSec 2014. ☻
Seriously, we have chosen this motto, because a lot of issues in information security deal with knowledge. If your IT staff knows about the latest threats, the capabilities of the defences, the state of the systems, and how to deal with problems, then you have a distinct advantage. Not knowing is usually the first step of running into problems. In this tradition we prefer disclosure of security-related knowledge. The dreaded CVE-2014-0160 is a good example. Imagine OpenSSL deployments still had the Heartbleed bug (which some of them still do, sadly) and no one knew about this. Ignorance isn’t always bliss. Disclosing this information will eventually render offensive tools ineffective. This was discussed by fx in his keynote for DeepSec 2012.
The submissions we received so far look very promising. Can you think of ways how knowledge can affect information security for better or worse? We bet you can, so let us know.