Author Archive

Use Handshake Data to create TLS Fingerprints

May 25, 2019

While the whole world busily works on the next round of the Crypto Wars, the smart people work on actual information security. TLS has always been in the focus of inspection. Using on-the-fly generated certificates to look inside is a features of many gadgets and filter applications. Peeking at the data is moot if you […]

Tags: , ,
Posted in Discussion, Security No Comments »

Getting ready for BSidesLondon – Support the Rookie Track!

May 24, 2019

Deadlines are great. They serve as a great syscall. Everything must be ready and be written to disk. The schedule of BSidesLondon was already stored and forwarded. Have a look! It’s worth it! The titles sound great. We recommend having some IPv6 as a starter (IPv4 is really getting scarce these days). The main dish […]

Tags: ,
Posted in Security No Comments »

Eth(er)ical Hacking – Hacker Defined Radio and analysing Signals

April 4, 2019

There is a lot going on in the wireless world. 5G is all the fashion, because frequencies are being auctioned. This is only the tip of the iceberg. Wireless protocols have become ubiquitous. The IEEE 802.11 family is one widespread example. Bluetooth, mobile networks, ZigBee, Z-Wave, and other wireless transmissions are widely used. If you […]

Tags: , , ,
Posted in Call for Papers, High Entropy No Comments »

BSidesLondon Rookie Track – Personalities, Stories, Presentations

April 3, 2019

In past articles we have written about the BSidesLondon Rookie Track. We also spread to call for mentors a while ago. Let’s talk about the people who will present at the Rookie Track and who haven’t spoken at conferences yet. While there exist a lot of helpful advice out there on how to speak, how […]

Tags: , ,
Posted in Communication, Conference No Comments »

Ongoing DeepSec Call for Workshops – Trainers welcome!

April 2, 2019

The Call for Workshops for the DeepSec conference in November 2019 is still open. If you have something to teach, let us know as soon as possible! We intend to inform potential trainees in the beginning of May about their options. This allows for a better planning and preparation, because we receive early requests for […]

Tags: , , ,
Posted in Call for Papers, Training No Comments »

Network Security right from the Beginning – Introducing DHCP-over-TLS (DoT)

April 1, 2019

Every security researcher knows: If you want to secure a system, do it as early as possible. This is why Trusted Computing, Secure Boot, Trusted Execution Technology, and many more technologies were invented – to get the operating system safely off the ground right at boot time. After the booting process additional components have to […]

Tags: , ,
Posted in High Entropy No Comments »

Remembering Mike Kemp (@clappymonkey)

March 26, 2019

This blog post has no tags, because we cannot come up with any. Mike Kemp, also known as @clappymonkey on Twitter, has died. He spoke at the DeepSec conference back in 2012. We regularly saw him at other events and kept in touch. We have lost a great colleague. It is impossible to express what […]

Posted in High Entropy No Comments »

The fine Art of Mentorship

March 8, 2019

We will support the Rookie Track at BSidesLondon in 2019 again. This is a perfect way for rookies to get started on presenting at a conference. However it is much more – the stages before the presentation is held. Preparing for 15 minutes of talk will keep you busy for ten or twenty times the […]

Tags: ,
Posted in Discussion, Security 1 Comment »

DeepSec 2019 – Call for Papers – Security Research Results wanted!

February 18, 2019

The DeepSec 2019 In-Depth Security Conference is calling for presentations and trainings. We are interested in your information security research. Since 2007 DeepSec has aimed to provide in-depth analysis of design flaws, vulnerabilities, bugs, failures, and ways to improve our existing IT ecosystem. We need more high quality reviews of code and concepts we rely […]

Tags: ,
Posted in Call for Papers, Conference No Comments »

Supporting BSidesLondon “My Machine is not Learning” 2019

February 14, 2019

This year’s BSidesLondon is pondering the most important question of machine learning. What is my machine doing and learning? Well, it might be that “My Machine is not Learning” at all. Sounds a lot like the intelligence we all know from living beings. So, armed with this new motto, BSidesLondon is turning 9, and we […]

Tags: ,
Posted in Conference No Comments »

Save the Date for DeepINTEL and DeepSec 2019

February 8, 2019

We did some clean-up and dealt with the administrative issues of past and future events. Finally we can announce the dates for DeepINTEL 2019 and DeepSec 2019. Grab or calendars or log into them: DeepSec 2019 Trainings – 26/27 November 2019 DeepSec 2019 Conference – 28/29 November 2019 DeepINTEL 2019 – 27 November 2019 The […]

Tags: , , , ,
Posted in Administrivia, Conference, DeepIntel No Comments »

Analysing Data Leaks and avoiding early Attribution

January 4, 2019

The new year starts with the same old issues we are dealing with for years. German politicians, journalists, and other prominent figures were (are) affected by a data leak. A Twitter account started tweeting bits from the leaked data on 1 December 2018 in the fashion of an Advent calendar. The account was closed today. […]

Tags: ,
Posted in High Entropy No Comments »

Merry XSSmas and a successful new mktime() Syscall

December 21, 2018

The holidays are coming, next to Winter (hopefully). Thank you all for attending and contributing to DeepSec and DeepINTEL 2018! All slides we got are online. The videos have almost left post-production (except one recording which is being fixed audio-wise) and are on the way to the content distribution network. The ROOTS videos will be […]

Tags:
Posted in Administrivia, High Entropy No Comments »

Encryption, Ghosts, Backdoors, Interception, and Information Security

December 20, 2018

While talking about mobile network security we had a little chat about the things to come and to think about. Compromise of communication is a long time favourite. Hats of all colours need to examine metadata and data of messages. Communication is still king when it comes to threat analysis and intrusion detection. That’s nothing […]

Tags: , ,
Posted in Discussion, High Entropy Comments Off on Encryption, Ghosts, Backdoors, Interception, and Information Security

Need something to read? – First Batch of DeepSec 2018 Presentation Slides online

December 11, 2018

Do you fear reading the news? Fancy some facts? Well, we have something different for you to read. We have collected presentation slides from DeepSec 2018 and put the first batch online. You can find them in this rather nostalgic directory listing. We have renamed the files with their title and the name of the […]

Tags: ,
Posted in Administrivia, Conference Comments Off on Need something to read? – First Batch of DeepSec 2018 Presentation Slides online