Merry XSSmas and a successful new mktime() Syscall

René Pfeiffer/ December 21, 2018/ Administrivia, High Entropy

The holidays are coming, next to Winter (hopefully). Thank you all for attending and contributing to DeepSec and DeepINTEL 2018! All slides we got are online. The videos have almost left post-production (except one recording which is being fixed audio-wise) and are on the way to the content distribution network. The ROOTS videos will be first. You will find all videos in their albums. Make sure you look for collections, too. We will set-up a tip jar for our video team again, so if you want to leave a small thank you for the crew, please do so. We are going to deal with infrastructure and upkeep of our to-dos. Plus we will spend some time off-line. Or maybe just in local networks to do some well-deserved hacking. The dates for DeepSec and DeepINTEL

Read More

Encryption, Ghosts, Backdoors, Interception, and Information Security

René Pfeiffer/ December 20, 2018/ Discussion, High Entropy

While talking about mobile network security we had a little chat about the things to come and to think about. Compromise of communication is a long time favourite. Hats of all colours need to examine metadata and data of messages. Communication is still king when it comes to threat analysis and intrusion detection. That’s nothing new. So someone pointed into the direction of an published article. Some of you may have read the article titled Principles for a More Informed Exceptional Access Debate written by GCHQ’s Ian Levy and Crispin Robinson. They describe GCHQs plan for getting into communication channels. Of course, “crypto for the masses” (yes, that’s crypto for cryptography, because you cannot pay your coffee with it) or “commodity, end-to-end encrypted services” are also mentioned. They explicitly claim that the goal is

Read More

Need something to read? – First Batch of DeepSec 2018 Presentation Slides online

René Pfeiffer/ December 11, 2018/ Administrivia, Conference

Do you fear reading the news? Fancy some facts? Well, we have something different for you to read. We have collected presentation slides from DeepSec 2018 and put the first batch online. You can find them in this rather nostalgic directory listing. We have renamed the files with their title and the name of the presenters. They are mostly PDF, but two presentations consist of a HTML slideshow. We have created a PDF document containing the link to the original presentation for your convenience. The directory will be filled with the remaining documents as soon as we get them.

Thank you all for attending and speaking at DeepSec 2018!

René Pfeiffer/ December 3, 2018/ Conference, Security

DeepSec 2018 is over. Thank you for attending and presenting at our conference! Without your interest and your configuration there would be no talks, no workshops, and no one else present.We had a great time, and we hope you enjoyed everything. We are now dealing with the administrative backlog, the metric ton of receipts, the post-processing of the video recordings, and lots of other things. Among the tasks is the feedback you gave us. We will try to improve, so the next DeepSec conference will feature some or all of your suggestions. Dates for DeepSec and DeepINTEL 2019 will be available soon. We will publish this information on Twitter, on our web site, and on our blog. As for the video recordings, please give us some time. The post-production has to deal with the

Read More