Tag Archive

Mythbusting: Anti-Virus Research considered dangerous

Published on August 18, 2017 By sanna

Everyone doing research in information security or doing any work in this field takes some risks. Since most of the „cyber stuff“ is black magic to others not working in this context, there are a lot of problems and severe misunderstandings. The Crypto Wars still haven’t been decided in favour of mathematics. Real people prefer […]

DeepSec 2017 Schedule, ROOTS, and Closing of Call for Papers

Published on August 3, 2017 By lynx

Thanks a lot for your submissions! We are currently in the final phase of the review. Expect the first draft of the schedule for the end of the week. Important: Don’t forget that the Call for Papers for the 1st Reversing and Offensive-oriented Trends Symposium 2017 (ROOTS) is still open and was extended to 15 […]

ROOTS 2017, DeepSec, and DeepINTEL Call for Papers are still open

Published on June 26, 2017 By lynx

Our wonderful world of technology is full of surprises, bugs, intentional weaknesses, adversaries, defenders, vendors, and users. Some software just got more lines of code instead of a decent audit or refactoring. Everything is turning smart, but no one knows what smart really means. Big Data is all the fashion, Big Knowledge still isn’t. So […]

The Future of Entangled Security States – Quantum Computing Conference in Berlin

Published on May 25, 2017 By lynx

Quantum computing is a fashionable term these days. Some IT news articles are talking about post-quantum cryptography, qbits, and more quantum stuff. If you don’t know how the terms relate to each other, what entangled states in quantum physics are, and what everything has to do with computing, then you will have a hard time […]

Call for Papers: 1st Reversing and Offensive-Oriented Trends Symposium (ROOTs) 2017

Published on May 1, 2017 By lynx

ROOTs 2017 The first Reversing and Offensive-Oriented Trends Symposium (ROOTs) 2017 opens its call for papers. ROOTs is the first European symposium of its kind. ROOTS aims to provide an industry-friendly academic platform to discuss trends in exploitation, reversing, offensive techniques, and effective protections. Submissions should provide novel attack forms, describe novel reversing techniques or […]

DeepINTEL Update, Science First Campaign, Early Birds, and other News

Published on April 28, 2017 By lynx

The Easter break is over. We didn’t sleep (much), and we did not look for Easter eggs in software either. Instead we did a bit of work behind the scenes. DeepSec 2017 will have some more content due to the co-hosted ROOTs workshop. The full call for papers will be ready on 1 May 2017. […]

Putting the Science into Security – Infosec with Style

Published on January 27, 2017 By lynx

The world of information security is full of publications. It’s like being in a maze of twisted little documents, all of them alike. Sometimes these works of art lack structure, deep analysis, or simply reproducibility. Others are perfectly researched, contain (a defence of) arguments, proofs of concept, and solid code or documentation to make a point. […]

FHOÖ supports DeepSec 2016 Conference!

Published on November 1, 2016 By lynx

We are glad to announce that the University of Applied Sciences Upper Austria supports the DeepSec 2016 conference! Their motto teaching and learning with pleasure – researching with curiosity fits perfectly to information security. Their courses cover more than just computer science. If you are interested in engineering, economics, management, media, communications, environment, or energy, […]

DeepSec 2016 Talk: TLS 1.3 – Lessons Learned from Implementing and Deploying the Latest Protocol – Nick Sullivan

Published on October 19, 2016 By sanna

Version 1.3 is the latest Transport Layer Security (TLS) protocol, which allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery. TLS is the S in HTTPS. TLS was last changed in 2008, and a lot of progress has been made since then. CloudFlare […]

Firmware Threats – House of Keys

Published on September 10, 2016 By lynx

SEC Consult, our long-term supporter, has updated a report on the use of encryption keys in firmware. These hardcoded cryptographic secrets pose a serious threat to information security. The report features 50 different vendors and has some interesting statistics. The results were coordinated with CERT/CC in order to inform the vendors about the problem. The […]

Deep Sec2016 Talk: DROWN – Breaking TLS using SSLv2 – Nimrod Aviram

Published on September 5, 2016 By sanna

In the past years encrypted communication has been subject to intense scrutiny by researchers. With the advent of Transport Layer Security (TLS) Internet communication via HTTP became a lot more secure. Its predecessor Secure Sockets Layer (SSL) must not be used any more. The real world has its own ideas. SSLv2 and SSLv3 is still […]

Intelligence on the Silver Screen: A Good American Kickstarter Campaign

Published on July 21, 2016 By lynx

Surveillance has a bad reputation. No one likes to be watched. Yet infosec researchers, sysadmins, and developers talk a lot about log files. We need to watch stuff for various reasons. You got your mail logs, diagnostic messages, performance metrics, network addresses, and more painstakingly sorted by timestamps and maybe geolocation. Log data is part […]

BSides London 2016 – Schedule

Published on June 4, 2016 By lynx

In case you haven’t noticed, the London BSides schedule is up. The Rookie track starts right with the most important part of information security – opsec. Behaviour is on a par with expensive security hardware and your favourite protection software. Wearables, video games, hidden data, malware mythbusting, and more follow next. The main schedule features […]

The Didactic Side of Information Security

Published on May 18, 2016 By lynx

Explaining complicated topics with a lot of dependencies is hard. Even the operation of devices such as computers, telephones, or cloud(ed) applications can’t be described in a few sentences. Well, you can, if you use the tried and true lie-to-children method coined by Jack Cohen and Ian Stewart. If you really want to dive into […]

Reminder: DeepINTEL 2016 – Call for Papers – Beat Big Data and Full Take with Brains

Published on March 15, 2016 By lynx

We already published a Call for Papers for the upcoming DeepINTEL 2016. Here are some thoughts to get your creativity going. Standard solutions and off-the-shelf products to solve your security needs are remains from the 1990s. Everything else has gone smart, and that’s how you have to address security problems in the future. NSA director […]