About René Pfeiffer

System administrator, lecturer, hacker, security consultant, technical writer and DeepSec organisation team member. Has done some particle physics, too. Prefers encrypted messages for the sake of admiring the mathematical algorithms at work.

1207, 2019

Thoughts on Geopolitics and Information Security

René Pfeiffer/ July 12, 2019/ Call for Papers, DeepIntel, Discussion, High Entropy

Geopolitics is a rather small word for very complex interactions, strategies, tactics, and the planning (of lack thereof) of events. Reading about topics connected to it is probably familiar to you. Few news articles can do without touching geopolitic aspects. Since politics has less technological content for most people, the connection to information security may not be obvious. Malicious software such as Stuxnet/WannaCry has changed this. Due to the events connected to their outbreak (or attack) the motivations of national agendas on the international stage have created awareness. There is a lot more to explore which is not on the radar of most experts, even in the field of information security. The current trade wars have a major impact on technology and ultimately information security. When it comes to vendors there is a bias

1107, 2019

Training Teaser: Black Belt Pentesting a.k.a. Bug Hunting Millionaire – Mastering Web Attacks with Full-Stack Exploitation

René Pfeiffer/ July 11, 2019/ Conference, Training

Modern web applications consist of far more components than HTML content and a few scripts. In turn properly attacking web applications requires a diverse set of skills. You need to know how the back-end and the front-end works. This includes all of the scripting languages, data storage technologies, user interface peculiarities, frameworks, hosting technologies, and many more layers. DeepSec 2019 will feature a full-stack web exploitation dojo enabling you to understand the security of web applications, how to break them, and how to protect them. The training will be hosted by Dawid Czagan, expert in the field. He will guide you through every technology and attack method relevant to information security of web applications such as: REST API hacking AngularJS-based application hacking DOM-based exploitation Bypassing Content Security Policy (CSP) Server-side request forgery Browser-dependent exploitation

0807, 2019

Reminder – Call for Papers DeepSec & DeepINTEL – Send your submissions!

René Pfeiffer/ July 8, 2019/ Call for Papers

We have been a bit radio silent since BSidesLondon. This is due to the hot weather in Austria, the preparations for the next DeepSec Chronicles book, some interesting features for DeepSec, and of course because of the submissions we received so far. We have a shortlist for the trainings which we will publish in the next few days. The Call for Papers still runs until 31 July 2019. So if you have some idea of how to fix the SKS keyserver infrastructure, know something about nation state hacking, broke a couple of things, have angered software developers by putting their code to the test, or have some general and very specific information to share, then send us your submission! The focus of DeepINTEL 2019 will be on the geopolitical aspects of information security. This

2505, 2019

Use Handshake Data to create TLS Fingerprints

René Pfeiffer/ May 25, 2019/ Discussion, Security

While the whole world busily works on the next round of the Crypto Wars, the smart people work on actual information security. TLS has always been in the focus of inspection. Using on-the-fly generated certificates to look inside is a features of many gadgets and filter applications. Peeking at the data is moot if you control either the server or the client. If you have to break TLS on purpose (hopefully) inside your own network, you probably have to deal with software or system you cannot control. In this case TLS is the least of your security problems. Dealing with a lot of network traffic often uses a metadata approach in order not to process gigantic amounts of data. Enter TLS fingerprinting. The TLS handshake contains a lot of parameters such as version numbers,

2405, 2019

Getting ready for BSidesLondon – Support the Rookie Track!

René Pfeiffer/ May 24, 2019/ Security

Deadlines are great. They serve as a great syscall. Everything must be ready and be written to disk. The schedule of BSidesLondon was already stored and forwarded. Have a look! It’s worth it! The titles sound great. We recommend having some IPv6 as a starter (IPv4 is really getting scarce these days). The main dish should have some pieces of cloud platforms, RF hacking, SOCs, and power grid. Emotet, GPUs, and Windows Event Log forensics. Don’t forget to support the rookies by attending their presentations. They put a lot of effort into the preparation, and they have lots of interesting topics ready for you. The 15 minute slots are great to get an in-depth introduction into the topic. In addition the rookies rely on the feedback of everyone of you, especially the exploit-hardened veterans

0404, 2019

Eth(er)ical Hacking – Hacker Defined Radio and analysing Signals

René Pfeiffer/ April 4, 2019/ Call for Papers, High Entropy

There is a lot going on in the wireless world. 5G is all the fashion, because frequencies are being auctioned. This is only the tip of the iceberg. Wireless protocols have become ubiquitous. The IEEE 802.11 family is one widespread example. Bluetooth, mobile networks, ZigBee, Z-Wave, and other wireless transmissions are widely used. If you go looking for signals, your first stop are usually industrial, scientific and medical (ISM) radio bands. But there is much more. It’s well worth to passively scan what’s all around you. The equipment is often the main obstacle preventing hacker from doing something. When it comes to radio waves you need a suitable antenna (or a couple thereof) plus the hardware to drive it. Even if you limit yourself to passive operation you still need something to catch, amplify,

0304, 2019

BSidesLondon Rookie Track – Personalities, Stories, Presentations

René Pfeiffer/ April 3, 2019/ Communication, Conference

In past articles we have written about the BSidesLondon Rookie Track. We also spread to call for mentors a while ago. Let’s talk about the people who will present at the Rookie Track and who haven’t spoken at conferences yet. While there exist a lot of helpful advice out there on how to speak, how to prepare, how to structure your presentation, there is one thing that can’t be created from scratch – your personality. It defines a lot of what you will be doing on the stage. It will also be a key component of your talk, so you should spend some time to think about this important factor. Social media, blogs, and discussions sometimes mention the term infosec rock star. This label carries a lot of different meanings. More often than not

0204, 2019

Ongoing DeepSec Call for Workshops – Trainers welcome!

René Pfeiffer/ April 2, 2019/ Call for Papers, Training

The Call for Workshops for the DeepSec conference in November 2019 is still open. If you have something to teach, let us know as soon as possible! We intend to inform potential trainees in the beginning of May about their options. This allows for a better planning and preparation, because we receive early requests for workshop content every year. So if you have something to teach, please let us know! You don’t need to use the Call for Papers manager in case you have content ready in a different format or just want to send us teaser materials. Topics we are looking for include (applied) cryptography, secure software development & design, helpful in-depth hints for penetration testers, sensible guides for combining machine learning/artificial intelligence with information security, in-depth network knowledge, threat hunting, and strategic

0104, 2019

Network Security right from the Beginning – Introducing DHCP-over-TLS (DoT)

René Pfeiffer/ April 1, 2019/ High Entropy

Every security researcher knows: If you want to secure a system, do it as early as possible. This is why Trusted Computing, Secure Boot, Trusted Execution Technology, and many more technologies were invented – to get the operating system safely off the ground right at boot time. After the booting process additional components have to be initialised. Dependencies are common in this stage. The second most important resource next to the local machine is the network. Most modern programming languages highly rely on network connection to get any work done. Local storage and memory is merely a big cache for temporary data to them. So how do you create a trusted boot process beyond the initial network configuration? The answer is easy. You just combine two highly mature and reliable protocols – Dynamic Host

2603, 2019

Remembering Mike Kemp (@clappymonkey)

René Pfeiffer/ March 26, 2019/ High Entropy

This blog post has no tags, because we cannot come up with any. Mike Kemp, also known as @clappymonkey on Twitter, has died. He spoke at the DeepSec conference back in 2012. We regularly saw him at other events and kept in touch. We have lost a great colleague. It is impossible to express what he was to you, us, and his family and friends. Our sympathies are with all of you who lost him as partner, friend, companion, mentor, and relative. We will miss him dearly.

0803, 2019

The fine Art of Mentorship

René Pfeiffer/ March 8, 2019/ Discussion, Security

We will support the Rookie Track at BSidesLondon in 2019 again. This is a perfect way for rookies to get started on presenting at a conference. However it is much more – the stages before the presentation is held. Preparing for 15 minutes of talk will keep you busy for ten or twenty times the amount you spend presenting. It depends on the research you have to do, the illustrations you have to create, the code samples, the tests, and a lot more things that need to be sorted out. That’s not an easy task. But you do not have to do it alone. BSidesLondon is looking for rookies and mentors. If you have experience in IT security, being on stage for presentations, research, and preparing materials for workshops and talks, then you should

1802, 2019

DeepSec 2019 – Call for Papers – Security Research Results wanted!

René Pfeiffer/ February 18, 2019/ Call for Papers, Conference

The DeepSec 2019 In-Depth Security Conference is calling for presentations and trainings. We are interested in your information security research. Since 2007 DeepSec has aimed to provide in-depth analysis of design flaws, vulnerabilities, bugs, failures, and ways to improve our existing IT ecosystem. We need more high quality reviews of code and concepts we rely on every day. Digital processing power and network connections have become ubiquitous. So the focus of this year’s DeepSec will be on the Internet of Things (IoT), processing/moving data (small and big), infrastructure (critical and convenient), the statistics of data analysis (also called machine learning), real artificial intelligence (not statistics or clever use of Markov chains), and the current state and future of information security research. Due to past and current geopolitical events affecting information technology and the security

1402, 2019

Supporting BSidesLondon “My Machine is not Learning” 2019

René Pfeiffer/ February 14, 2019/ Conference

This year’s BSidesLondon is pondering the most important question of machine learning. What is my machine doing and learning? Well, it might be that “My Machine is not Learning” at all. Sounds a lot like the intelligence we all know from living beings. So, armed with this new motto, BSidesLondon is turning 9, and we will support the Rookie Track again. The winner gets a trip to Vienna and free entry to DeepSec 2019. Get going and get started with your presentation! It’s worth it, and we love to welcome you in Vienna! Ask @5w0rdFish about it. If you are looking for research topics, please drop us a line. We have some ideas about good questions and things to explore. See you in London!

0802, 2019

Save the Date for DeepINTEL and DeepSec 2019

René Pfeiffer/ February 8, 2019/ Administrivia, Conference, DeepIntel

We did some clean-up and dealt with the administrative issues of past and future events. Finally we can announce the dates for DeepINTEL 2019 and DeepSec 2019. Grab or calendars or log into them: DeepSec 2019 Trainings – 26/27 November 2019 DeepSec 2019 Conference – 28/29 November 2019 DeepINTEL 2019 – 27 November 2019 The conference hotel is the same as for every DeepSec. We haven’t changed our location. As for the date, yes, we announced at the closing ceremony that we won’t collide with thanksgiving. We tried hard to avoid this, but given the popularity of Vienna as a conference and event city we had no choice. For 2020 and consecutive years we will do early reservations in order to avoid the week of Thanksgiving. The call for papers opens soon, as does

0401, 2019

Analysing Data Leaks and avoiding early Attribution

René Pfeiffer/ January 4, 2019/ High Entropy

The new year starts with the same old issues we are dealing with for years. German politicians, journalists, and other prominent figures were (are) affected by a data leak. A Twitter account started tweeting bits from the leaked data on 1 December 2018 in the fashion of an Advent calendar. The account was closed today. You will find articles describing single parts of what may have happened along with tiny bits of information. Speculation is running high at the moment. So we would like to give you some ideas on how to deal with incomplete information about a security event floating around in the Internet and elsewhere. Attributing data leaks of this kind is very difficult. Without thoroughly understanding and investigating the situation, proper attribution is next to impossible. Given the method of disclosure

About René Pfeiffer

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: