About René Pfeiffer

System administrator, lecturer, hacker, security consultant, technical writer and DeepSec organisation team member. Has done some particle physics, too. Prefers encrypted messages for the sake of admiring the mathematical algorithms at work.

1301, 2014

DeepSec 2013 Video: Psychology of Security – a Research Programme

René Pfeiffer/ January 13, 2014/ Conference

The DeepSec 2013 keynote presentation featured the cultural background of China in order to better understand the news about impending „cyber doom“. The past year has shown that you need a lot more than hands-on information security if you want to make sense of incidents. Next to history and culture there is psychology. In his talk at DeepSec 2013 Stefan Schumacher make a good case for combining psychology and the scientific approach with topics of information security. Watch his talk online!

0201, 2014

Applied Crypto Hardening (ACH) Project

René Pfeiffer/ January 2, 2014/ Communication, Security

DeepSec 2013 featured a talk about the Applied Crypto Hardening (ACH) project. In the wake of the discussion about attacks on cryptography itself and implementations of cryptographic standards almost every aspect of encrypted communication needs to be reviewed. Since system administrators, developers, and other IT staff usually has not the same expertise as crypto experts, the ACH project was formed. Its goal is to compile a reference for the best practice configuration of systems that use cryptographic components. The ACH guide covers SSL/TLS, virtual private network (VPN), algorithms, key sizes, (pseudo) random generators, and more. The advice is targeted at everyone seeking to improve the cryptographic capabilities of software and appliances. Hardening crypto is part of the basic security measures everyone should take care of. It needs to become a habit, just like everything

3112, 2013

DeepSec wishes you a Happy New Year 2014!

René Pfeiffer/ December 31, 2013/ Misc

The DeepSec team wishes you a Happy New Year 2014! We hope that you will put your ideas for the coming 12 months into reality. We have some New Year’s resolutions as well, and we hope to implement them in the months to come. Supporting rookie security researchers and fostering the scientific approach to, well, research in information security. If you call yourself a researcher, then you should employ scientific methods. It’s simple, and we will explain in ample depth what this is all about. Don’t party too hard! 😉 There’s work to be done.

2012, 2013

DeepSec 2013 Keynote – “Cultural Learning Of China To Make Benefit Glorious Profession Of Infosec”

René Pfeiffer/ December 20, 2013/ Conference

Our video team gave us an early Christmas present, fresh from the rendering farm. The keynote of DeepSec 2013 by Wim Remes is already online. His keynote talk puts information security into a broader context. More often than not blaming China seems to be an easy way to “explain” digital attacks or to silence legitimate questions. Wim explores the cultural side and history in order to improve what we know about the context. Since the Internet is a global network information security experts need to broaden their horizon. For every complex problem there is an answer that is clear, simple, and wrong. Attacks, persistent or not, can become complex, and dealing with the attribution problem is definitely no easy task. We heard about it at past DeepSec conferences. So enjoy Wim’s talk, have some

1212, 2013

Recordings and Slides from DeepSec 2013

René Pfeiffer/ December 12, 2013/ Administrivia, Conference

We are still dealing with the administrative tasks of DeepSec 2013, and we would like to give a short update on the publication of the slides. We have published all PDFs from the talks on our web server. Some speakers are still refining their documents. We will add them to the collection as soon as we get the files. There are audio and video recordings as well. Both are in post-production in order to ensure that the content is ok and everything works (we had some troubles with broken media files and storage containers in the past). We will put the audio recordings on our web site, too. The videos will be published on our Vimeo account soon. So, thank you for attending and speaking at DeepSec 2013! We hope to see you again

2111, 2013

DeepINTEL 2014 – 3rd Security Intelligence Conference – Call for Papers is open!

René Pfeiffer/ November 21, 2013/ Administrivia, Call for Papers, Security Intelligence

Good news everyone, there will be a DeepINTEL conference in 2014, and we are looking for presentations! DeepINTEL 2014 will be held in September at the same location as in 2013. This single track two day event addresses mainly critical infrastructure, state organizations (administrative and law enforcement), accredited CERTs, finance organizations and trusted parties and organizations with a strong relation or partnership to the aforementioned. Due to the sensitive topics and the nature of the participants and speakers we will have a vetting process for participants. We’d like to know our audience, so that we all can talk freely and openly during the event. If you have questions on this, please contact us directly via deepsec@deepsec.net or the contact information given on our web site. Here is the Call for Papers for DeepINTEL 2014:

2111, 2013

The DeepSec 2013 Conference – „Secrets, Failures, and Visions“

René Pfeiffer/ November 21, 2013/ Conference

Welcome to the DeepSec 2013 In-Depth Security Conference! The seventh DeepSec has just started. We welcome everyone at the conference venue and everyone else Out There™ connected by networks. If you have a Twitter account, make use of the hashtag #DeepSec. We will have an eye on tweets throughout the conference. So if you have feedback or want to comment something, feel free to do so! Enjoy DeepSec 2013!

1911, 2013

Last Changes to DeepSec 2013 Schedule

René Pfeiffer/ November 19, 2013/ Administrivia, Conference

Unfortunately we had to change our DeepSec 2013 schedule again. We promise that this will be the last changes before the conference starts (or a certain Murphy will get a talk slot). Marcus Ranum couldn’t make it to DeepSec. He apologised, and there really is no way he could have made it. We will invite him for DeepSec 2014, so you will have a good reason to come back next year. We are grateful for Aaron Kaplan from CERT.at who helps out with a presentation about better cryptography. In essence he talks about applied crypto hardening in order to help everyone deploying cryptography to improve the configuration and to Get Things Right™. We highly encourage you to attend his talk. For anyone interested in geopolitics: Wim Remes has kindly agreed to hold the keynote

1511, 2013

DeepSec 2013 Talk: Bypassing Security Controls With Mobile Devices

René Pfeiffer/ November 15, 2013/ Conference, Security

How do you counter threats emerging from a new trend? Well, standard practice is to buy a new appliance, add-on, or similar magic trick. People do this currently with the trend of Bring Your Own Device (BYOD). Once you say yes to BYOD, you just gave Santa Claus (or your chief financial officer) more options for Christmas presents. There is Mobile Device Management (MDM in short), plus you can do a lot of filtering at the edge of your network(s). Still mobile devices are a threat. At DeepSec 2013 Georgia Weidman of Bulb Security LLC will show you how the threats work in real environments. Testing if your wonderful BYOD playground works for attackers can be done by taking your MDM’s promises to the limits. Let’s see if your MDM has ever heard of

1511, 2013

DeepSec 2013 Talk: Supply Chain – The Exposed Flank

René Pfeiffer/ November 15, 2013/ Conference, Security, Stories

Securing your own perimeter is the prime task IT security teams are worried about. However there is Murphy’s Law of Firewalls, too. Given a sufficient amount of time, business requirements will pierce a lot of holes in your firewall and your defences. Once you work with suppliers, you will have to deal with their perimeters as well. Your opponents will go for the weakest link, and if the links on your end are strong, then they go for your suppliers and partners. Dave Lewis of Akamai Technologies will talk about this problem in his talk at DeepSec 2013. It’s not your immediate partners you have to think about. There are trading partner networks, code developed by off shore development centres and outsourced help desks. Even if you use security products you can get into

1311, 2013

DeepSec 2013 Talk: Building The First Android IDS On Network Level

René Pfeiffer/ November 13, 2013/ Conference, Development, Security

Being popular is not always a good thing and here’s why: As mobile devices grow in popularity, so do the incentives for attackers. Mobile malware and threats are clearly on the rise, as attackers experiment with new business models by targeting mobile phones. The threat to mobile devices, however, is not limited to rogue versions of popular apps and adware. Threat actors are also pouncing on mobile users’ banking transactions. Android continues to be a primary target for malware attacks due to its market share and open source architecture. Nowadays, several behaviour-based malware analysis and detection techniques for mobile threats have been proposed for mobile devices but only about 30 percent of all Android smart phones and tablets have security apps installed. At DeepSec 2013 Jaime Sanchez (@segofensiva) will present AndroIDS, a signature-based intrusion

1311, 2013

DeepSec 2013 Talk: Malware Datamining And Attribution

René Pfeiffer/ November 13, 2013/ Conference, Security

The production of code leaves traces in the final binary. There can be debugging symbols present, which give you a lot of information. Maybe the binary has some commonly used libraries or functions. A lot of fingerprinting can be done with software. Why is this of interest? Well, there is the attribution problem of attacks and malicious software. Identifying where malware comes from can be crucial for the assessment of risks and the impact of compromised systems. Michael Boman has researched this topic and will present his findings in his talk titled Malware Datamining And Attribution at DeepSec 2013. Stuxnet and related malware is a prime example where the source of the code is of fundamental interest. Even for more „mundane“ code malware authors use leaves traces in their work which can be used

1211, 2013

DeepSec 2013 Talk: My Name Is Hunter, Ponmocup Hunter

René Pfeiffer/ November 12, 2013/ Conference, Security

Defending one’s own resources against malicious software is daily business for information security professionals. Usually you deploy a range of measures and try to minimise the risk. It may or may not work, depending if you have to fear the mysterious Advanced Persistent Threat (APT). APTs are highly targeted, very stealthy and can greatly impact your security in terms of damage and level of compromise. Their stealth aspect makes them hard to detect and hard to counter. Tom Ueltschi from the Swiss Post has gained experience with these kind of attacks. This is why he will share his insights at DeepSec 2013. His talk is titled My Name Is Hunter, Ponmocup Hunter. Ponmocup is a strain of malicious software which forms its own botnet. It is known by a couple of names, depending on

1111, 2013

DeepSec 2013 Talk: Cultural Learning Of China To Make Benefit Glorious Profession Of Infosec

René Pfeiffer/ November 11, 2013/ Communication, Conference, Security Intelligence

If something happens in your network, it’s an established custom to blame it on China. This approach is tried and true among the Chief Information Officers (CIOs) who have some explaining to do. Throw in the inevitable Advanced Persistent Threat (APT) and you are set. No more explanations necessary. Why is that? Well, most people don’t know, therefore Wim Remes of IOactive will give you a thorough overview in his talk titled Cultural Learning Of China To Make Benefit Glorious Profession Of InfoSec. Geopolitics is a good start. The current debate about the role of China as a nation, in international hacking incidents and corporate espionage is framed in an almost exclusively US-centric narrative. Using your adversaries as scapegoat works well, provided you talk to like-minded people and nations. China, however, is a nation

1011, 2013

DeepSec 2013 Talk (U21): The Dark Side of the Internet

René Pfeiffer/ November 10, 2013/ Conference, Internet

You may have heard of background radiation. It’s the kind of ionizing radiation you are exposed when wandering around on this planet. The sources are radioactive isotopes in the air, the soil, our food, and the water. In addition there is cosmic radiation from outer space. So even without artificial radiation sources you will have a natural background radiation. The Internet has a similar phenomenon. The pendant of the fundamental particle in Nature is the packet. Internet traffic consists of data packets going from their source to a target address. Imagine a part of the Internet which isn’t used at all. Its address space isn’t advertised anywhere. It holds no services and no active hosts. This place is called Darknet. In theory there will be no packets. In practice there are. A student from

About René Pfeiffer

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: