1907, 2013

Reminder: DeepSec – the Book: Call for Papers

Sanna/ July 19, 2013/ Administrivia, Call for Papers

Dear DeepSec speakers, this reminder goes out to you! We will publish a book about past and present DeepSec topics – To make this book a bummer we need your help! The book will be a summary, a factual overview on what’s been going on at our annual event, from 2008 – 2012, a collection of the most compelling talks and captivating topics we’ve featured at our conference so far. We want you to send us the abstracts of the talk you held at DeepSec – and we ask you to open up your topic once again. What’s been going on in the very special field you held your talk about? Have there been some new developments? Is your talk still up to date or does it seem kind of antiquated to you? If

Read More

1707, 2013

Musings about PRISM and the Like, or an Appeal to Reasoning

Mika/ July 17, 2013/ Discussion, Mission Statement, Security Intelligence

Spying and Distrust are not new, Full Stop. We are old enough to have witnessed many large spying programs in “real time”, starting in the 90ies and continuing until now. Everybody spies on everybody else, everybody tries to use every resource available to gain any kind of intelligence useful for the very own benefit. Alliances, treaties and promises (or vows if you take it more seriously) only have secondary value when it’s about the own advantage. This is true for most aspects of our life, be it private, business or international political affairs. Spouses (sometimes) distrust each other. Business partners (sometimes) negotiate with most detailed contracts to leave as little room as possible to deviate from the expectations, trusting in legal frameworks, lawyers and neutral judges to enforce the expectations. In international affairs (sometimes)

Read More

1607, 2013

DeepINTEL 2013 – Preliminary Schedule

René Pfeiffer/ July 16, 2013/ Conference, Schedule, Security Intelligence

The preliminary schedule of the DeepINTEL conference is ready! We have selected the presentations carefully and tried to address in-depth threats to (y)our infrastructure and (y)our data. Here are the abstracts of the talks (in alphabetical order, according to the speakers name), that we are allowed to publish publicly: Compliance and Transparency of Cloud Features against Security Standards (Yury Chemerkin) Nowadays cloud vendors provide a solid integration, virtualization and optimization in many fields (for example medical, business, and education) for online services. Such services operate with sensitive data which attracts attackers. There are quite different security controls and metrics for every Cloud service provider. It is generally known that several industrial organizations are focused on keeping an appropriate security level by offering solutions to improve the transparency of Cloud security controls among different vendors.

Read More

0507, 2013

„Cyber Cyber Cyber“ revisited – Information Warfare

René Pfeiffer/ July 5, 2013/ Discussion, Security

So far we haven’t commented on the ongoing season of the Game of Spooks miniseries. We wait for the break after the last episode – provided there is one. However we have written about information warfare and espionage in this blog. Enter secrets. During DeepSec 2012 the concept of „cyber war“ was heavily explored. Eventually it led to the phrase „cyber cyber cyber“ due to the sheer popularity of this very word. „Cyber“ and „war“ hide the fact that information is the prime good that is being accessed or copied and put to a fresh use¹. Take a look at the published articles in the past weeks to see misplaced information at work. A couple of misplaced presentation slides can cause more uproar than a data leak of  medical records of a nation –

Read More

0407, 2013

Products, Vendors, Security, and Bias

René Pfeiffer/ July 4, 2013/ Discussion, Mission Statement, Security

The DeepSec conference is meant to be a neutral event where security related topics can be discussed without bias. Periodically we have discussions with companies about this issue. Our web site states that DeepSec is a non-product, non-vendor-biased conference event. In short this simply means that the topics discussed at DeepSec are all about facts not ads. We are looking for honest talks about security: If something breaks, tell us about it. If you can repair it, tell us about it. If you discovered something, tell us about it. That’s our goal. The DeepSec conference is not a trade fair – but it’s a place to mention what you have researched or what you have created. We are all about information security and want everyone to talk about it. We invite everyone to share results of

Read More