Author Archive

#efail, Crypto, HTML, PDF, and other complex Topics

May 14, 2018

You probably have noticed the #efail hashtag that came with the claim that the crypto world of PGP/GPG and S/MIME is about to end. Apocalyptic announcements were made. The real news is due for 15 May 2018 (i.e. the publication with all the facts). There was even the advice to stop using encryption until more […]

Tags: ,
Posted in High Entropy, Security No Comments »

Reminder: DeepINTEL and DeepSec Call for Papers are still open

May 14, 2018

We have been a bit radio silent. We have to deal with the General Data Protection Regulation (GDPR), and we are moving our infrastructure across the Internet. The blog is already moved. Further services wait for their transport. The reason is simple maintenance work and hosting our data a bit more privacy-friendly. For example our […]

Tags: ,
Posted in Call for Papers No Comments »

Manufacturers integrate Blockchain into Processors to counter Spectre and Meltdown

April 1, 2018

The Spectre and Meltdown security vulnerabilities gathered a lot of attention in January. Processor manufacturers have rushed to fix the design of the chips and to patch products already in production. The vulnerabilities show that secure design is critical to our modern infrastructure. Computing has become ubiquitous, so has networking. The current fixes change the […]

Tags: , ,
Posted in Discussion, High Entropy No Comments »

Metrics, Measurement, and Information Security

March 28, 2018

Metric is a great word. Depending how you use it, it changes its meaning. The metric of a network path is quite different from the metric system. When it comes to measuring something, the might be an agreement. Why bother? Because we have heard of the term security metrics being used for something which should […]

Posted in Discussion, High Entropy, Security No Comments »

Advanced and In-Depth Persistent Defence

March 26, 2018

The attribution problem in digital attacks is one of these problems that get solved over and over again. Of course, there are forensics methods, analysis of code samples, false flags, mistakes, and plenty of information to get things wrong. This is nothing new. Covering tracks is being done for thousands of years. Why should the […]

Tags: , , ,
Posted in Discussion, Security Intelligence No Comments »

Upgrade to HTTP2

March 23, 2018

We are busy with a little housekeeping. Among other things we have changed the way you can access our blog. It is now using HTTP2. We also added encryption and redirect all HTTP requests to HTTPS. Search engines should update their caches as soon as they refresh the pages. Hopefully this does not break anything. […]

Tags: ,
Posted in Administrivia No Comments »

Support for BSidesLondon’s Rookie Track

February 27, 2018

We are proud to support the Rookie Track at BSidesLondon in 2018 again. This means that one of us will be present at the Rookie Track and that the winner will get to attend DeepSec in November. It’s hard to get a start, so we like to help the rookies with that. We also like […]

Tags: , ,
Posted in Security No Comments »

Change of Ticket System for DeepSec and DeepINTEL

January 31, 2018

We have made some changes behind the scenes, as always when preparing the new events for the year. This time we decided to change the ticket shop for both DeepINTEL and DeepSec. The reason for the new shop is its focus on privacy and security. Most shops are part of a social media network or […]

Tags: ,
Posted in Administrivia, Conference No Comments »

DeepSec 2018 calls for Trainings and Content – Focus Mobility

January 31, 2018

The DeepSec 2018 Call for Papers is open. The focus for this year is mobility. Mobile networks and mobile devices have established themselves firmly in our society. And mobility doesn’t end here. Transport is transforming into new technologies by incorporating access to data networks (yes, that’s the „Cloud“), the power grid (think electric vehicles), drones, […]

Tags: , ,
Posted in Call for Papers, Conference, Discussion No Comments »

Secret Router Security Discussion in Germany

January 26, 2018

Routers are the main component when it comes to connect sites, homes, and businesses. They often „just“ take care of the access to the Internet. The firewall comes after this access device. The German Telekom suffered an attack on their routers on 2016. The German Federal Office for Information Security now tries to create a […]

Tags: ,
Posted in Internet, Security No Comments »

Save the Dates for DeepSec 2018 and DeepINTEL 2018

January 24, 2018

While everyone was busy with the holidays, Meltdown and Spectre, we did some updates behind the scenes. DeepSec 2018 will be held from 27 to 30 November 2018. We tried not to collide with Thanksgiving, so that you can come to Vienna after being with your family. As always, the first two days will be […]

Tags: , ,
Posted in Administrivia, Conference No Comments »

Meltdown & Spectre – Processors are Critical Infrastructure too

January 6, 2018

Information security researchers like to talk about and to analyse critical infrastructure. The power grid belongs to this kind of infrastructure, so does the Internet (or networks in general). Basically everything we use has components. Software developers rely on libraries. Usually you don’t want to solve a problem multiple times. Computer systems are built with […]

Tags: , ,
Posted in Discussion, High Entropy No Comments »

DeepSec 2017 Presentation Slides

December 1, 2017

While the videos are on their way to the rendering farm, the presentation slides for DeepSec 2017 can already be downloaded. We put them online as soon as we get the final version from our speakers. If you do some guessing URL-wise you can also find the presentations of past conferences at the very same […]

Tags: ,
Posted in Administrivia, Conference No Comments »

DeepSec 2017 thanks you and DeepSec 2018 is almost ready

November 22, 2017

We caught up on sleep and are right in the middle of post-processing DeepSec 2017. Thanks to you all for attending, presenting, sending feedback, and being part of a great event. The slides will be online soon. The videos are being converted. We will upload them as bandwidth permits. All speakers and attendees will get […]

Tags: , ,
Posted in Administrivia, Conference, Mission Statement Comments Off on DeepSec 2017 thanks you and DeepSec 2018 is almost ready

Notes on the ROOTS Schedule and the Conference

November 14, 2017

We are all set for the conference on Thursday. We did some last minute changes to the schedule due to some speakers running into issues, but we can confirm almost all presentations.You may have noticed the ROOTS schedule. It’s a bit shorter than DeepSec’s, but both events are not competing. The review for ROOTS is […]

Tags: ,
Posted in Administrivia, Conference, Discussion Comments Off on Notes on the ROOTS Schedule and the Conference