0106, 2011

Registration for DeepSec 2011 is now open!

René Pfeiffer/ June 1, 2011/ Administrivia, Conference

The registration for DeepSec 2011 is now officially open. You can register for the conference, workshops or both. We offer three booking phases: Early Bird, Regular and Last Minute. Please keep in mind that the Early Bird tickets are the cheapest. The longer you wait, the more you have to pay. Since the Call for Papers is still running the workshop slots are empty, but you can buy workshop or conference+workshop tickets now and decide which workshop you want later (when we publish the schedule). If you have any questions, drop us a few lines.

2705, 2011

DeepSec Conference Videos

René Pfeiffer/ May 27, 2011/ Administrivia, Conference

Finally we found some time to sort through the video recording legacy of past DeepSec conferences. We’ve been asked for video material repeatedly since we record all talks held at DeepSec (except those where the speaker does not want to be published on video). Let me explain what the state of our video archive is. All video recordings were done by different teams consisting of video professionals, volunteers from Metalab and students of the St. Pölten University of Applied Sciences. We used different camera equipment, sound feeds due to changes with the audio system on-site and various storage media because of different digital cameras on-site. The videos of DeepSec 2007 are on Google Video since June 2008. We have re-added them to our internal archive, and we noticed that killab66661 has added the videos

Read More

2305, 2011

DeepSec 2011 Focus: Security Management and IT Governance

René Pfeiffer/ May 23, 2011/ Administrivia, Conference

Have you lost track of the risks that may or may not impact your security? How good are the facts you base your security decisions on? Does your organisation follow defined procedures in terms of deploying, monitoring or evaluating security measures? Who decides what’s next and what’s being phased out? Is there a way to get more sleep while fencing off risk factors at the same time? It’s very easy to get lost in the details and drown in the various tools of the security trade. Every day something happens. A single 0day can ruin your meticulously designed schedule. It would be nice to get a grip on the dynamics and introduce more stability. CIOs need to address the Big Picture. That’s exactly why we mentioned security management in our CfP. We’d like to

Read More

1305, 2011

DeepSec 2011 Focus: IPv6 and Next Generation Networks

René Pfeiffer/ May 13, 2011/ Administrivia, Conference

Since 3 February 2011 the IPv4 pool is now officially and fully depleted. „Peak IPv4“ was a long time ago. IANA can no longer hand out any IPv4 address space. Everyone who needs more address space will be force to look to IPv6. What about security? Are there any benefits? Has IPv6 eliminated all the weaknesses known with IPv4? Those who attended DeepSec 2010 already know the answers to these questions. Mark Heuse conducted a workshop and held a talk about IPv6 security. There’s no doubt that IPv6 is coming to town. Due to tunnels some networks even have IPv6 connectivity, some without even knowing. Setting up a tunnel with a router in your local network is easy. The router will announce itself to local nodes which will in turn automatically grab addresses and

Read More

0205, 2011

DeepSec 2011 Focus: Mobile Computing and Communications

René Pfeiffer/ May 2, 2011/ Conference

Our Call for Papers announcement mentioned seven topics that we are focussing on. We’d like to explain what these topics are all about in a couple of blog postings since it is not easy to squeeze everything into a few lines. We begin with mobile computing and communication. Mobile computing incorporates mobile computing devices such as smart phones, tablets, cell phones, laptops, netbooks, wrist watches, navigation devices and similar computers. Most of us are now accustomed to frequently use portable computing. We want to know what bugs and security risks we carry around. A lot of users regard these mobile computers as appliance, therefore the thought of upgrading or fixing software on them is less widespread. You don’t do firmware upgrades on your microwave oven or water boiler, do you? Maybe you should. Mobile

Read More

1504, 2011

DeepSec 2011 – Call for Papers opened!

René Pfeiffer/ April 15, 2011/ Administrivia, Conference

For the fifth time the DeepSec In-Depth Security Conference invites security researchers and professionals to submit suggestions for talks and workshops for our conference which will take place in November 2011 in Vienna. Please visit our updated website for more details about the venue, the schedule and information about our past conferences. We’re currently migrating the old content and collect the data from the old server in order to present archives of the past conference web sites. The DeepSec offers a mix of different topics and aspects like current threats and vulnerabilities, social engineering and psychological aspects as well as security management and philosophy. Our speakers and trainers traditionally come from the security community, companies, hacker spaces and academic organisations. We’ve updated the CfP, and you can submit content for three categories: Talks for

Read More

0504, 2011

BSidesVienna: Call For Papers

René Pfeiffer/ April 5, 2011/ Administrivia, Conference

In the wake of the 23rd annual FIRST conference there will be a B-Sides Vienna event together with the NinjaCon 11, 3rd edition. The B-Sides Vienna will be on June 18th, as will be the NinjaCon 11. The Call For Papers is now open and we ask you to submit your material! At B-Sides Vienna aka NinjaCon 11, we’re looking forward to see a selection of trainings, hands-on workshops, 50-minute presetations and 15-minute lightning talks. As we understand ourselves as an open, international event, the official conference language for all talks, trainings and workshops (as well as submitted abstracts), as always, is English. Topics of interest include (but are in no way limited to) the following: Information technology, network security, web application security, virtualisation and cloud computing, innovative attack strategies, forensics, embedded devices, physical

Read More

1403, 2011

DeepSec 2011 – Call for Papers out soon

René Pfeiffer/ March 14, 2011/ Administrivia, Conference

We’re currently working on the Call for Papers for DeepSec 2011. The conference will take places from 15 to 18 November 2011, so you might want to save this date and mark it in your calendar. Mobile gadgets, the wonderful world of app stores filled with mal- and software, infrastructure and information war(rez)fare are top on the list of Things To Watch Out For™. We will sum up what we’re after in the CfP published on our new web site.

1501, 2011

FIRST Conference in Vienna

René Pfeiffer/ January 15, 2011/ Conference

2011 is already in full swing. That’s why we have an announcement for you. The 23rd annual FIRST Conference will take place in Vienna, Austria. We strongly recommend to participate. IT security never sleeps, and neither should you – at least when it comes to getting new ideas and get into touch with others. We will be there, so it would be great to meet you. Make sure you drop us a line, so we know you are around. If you have material for a lightning talk, there’s still time to get a slot. You just have to contact the conference office by e-mail. The address can be found on the conference program web site.

2712, 2010

27C3 and Misunderstandings about Security

René Pfeiffer/ December 27, 2010/ Conference, Security

We’ve hooked a computer to the video stream of the 27C3 conference. Currently we’re listening to the keynote speech which touches a relevant topic for security issue. Are you happy or are you unhappy? It sounds a bit strange, but usually happy people have nothing to worry about. So in turn it does make sense not to worry people. The examples given in the keynote were electronic voting machines. The process of selecting a government by anonymous voting is a cornerstone of democracies. This is exactly why electronic voting must not happen through black boxes. India has already threatened (and arrested) security researchers who analyse the security of the voting machines used in the country. Electronic voting is only one example. Another one is the publication about the broken chip and PIN design of

Read More

2611, 2010

DeepSec Photographs – have a look!

René Pfeiffer/ November 26, 2010/ Conference

There are some people running around with digital cameras here at the conference. Check out these impressions: Tienod’s preview Sven’s pictures ChrisJohnRiley @ Flickr If you have some photographs online, drop us a note. All your images are belong to us.