Discussion

Lectures on Information Security

Posted by on July 1, 2020 at 9:25 am

It’s time for an editorial to end our premature Covid-19 induced Summer break. We (as in the staff behind DeepSec/DeepINTEL) were busy with projects, preparations, following the news about the pandemic, and collecting information for our event(s) in November. Personally I have been involved in teaching for decades. The past months have shifted the focus […]

Update on DeepSec / DeepINTEL / ROOTS 2020 with regards to Covid-19

Posted by on May 2, 2020 at 10:00 am

Lacking time travel we have no way to know what will happen in November 2020. That’s not news to us. We closely follow the development of the current Covid-19 crisis, and we constantly evaluate our plans for DeepSec, DeepINTEL, and ROOTS 2020. Given the current state of affairs and the experiments in various countries (including […]

Contact Tracing and the Security of Things

Posted by on April 17, 2020 at 9:15 am

The spread of Sars-Cov-2 keeps everyone on their toes. Given the emotional state after weeks and months of physical distancing (which we recommend; social distancing has been the norm for decades). We have closed our office in March and heavily rely on telecommunication. Fortunately we did not need to reinvent the Internet. Many of you […]

It’s April Fool’s Day – 7/24 and 365 Days of the Year

Posted by on April 1, 2020 at 3:25 pm

The first day of April is typically the time where you hide well-written pieces of misinformation to trick people into believing something that isn’t true. We published our share of April Fool’s Day articles in the past. While this was and still is fun we believe that it is time to break with this tradition. […]

Secure Design – Combining Information Security with Software Development

Posted by on February 5, 2020 at 9:00 am

Information security researchers usually see software fail. Sometimes they try to make software fail on purpose. The result is a bug description, also called vulnerability report in case the bug has a security impact. The the best case scenario this information reaches the software developers who in turn fix the problem. Then the cycle continues. […]

Thoughts on Geopolitics and Information Security

Posted by on July 12, 2019 at 5:47 pm

Geopolitics is a rather small word for very complex interactions, strategies, tactics, and the planning (of lack thereof) of events. Reading about topics connected to it is probably familiar to you. Few news articles can do without touching geopolitic aspects. Since politics has less technological content for most people, the connection to information security may […]

Translated Article: Reporters Without Borders protest against planned Criminalization of Tor Servers

Posted by on July 10, 2019 at 4:00 pm

Reporter ohne Grenzen protestiert gegen geplante Kriminalisierung von Tor-Servern for netzpolitik.org by Markus Reuter [Note: netzpolitik.org is a German news portal covering the impact of a networked world on society and digital rights. They rely on donations and welcome your support. We translated this article for them, because we both like their work and use […]

Translated Article: EU Prosecutors call for Security Holes in 5G Standards

Posted by on June 3, 2019 at 8:45 am

EU-Strafverfolger fordern Sicherheitslücken in 5G-Standards for fm4 by Erich Moechel The telecoms are to be forced to align the technical design of their 5G networks with the monitoring needs of the police authorities. In addition, security holes in the 5G protocols are required to enable monitoring by IMSI catchers. Gilles de Kerchove, EU counter-terrorism coordinator, […]

Use Handshake Data to create TLS Fingerprints

Posted by on May 25, 2019 at 1:45 pm

While the whole world busily works on the next round of the Crypto Wars, the smart people work on actual information security. TLS has always been in the focus of inspection. Using on-the-fly generated certificates to look inside is a features of many gadgets and filter applications. Peeking at the data is moot if you […]

The fine Art of Mentorship

Posted by on March 8, 2019 at 4:27 pm

We will support the Rookie Track at BSidesLondon in 2019 again. This is a perfect way for rookies to get started on presenting at a conference. However it is much more – the stages before the presentation is held. Preparing for 15 minutes of talk will keep you busy for ten or twenty times the […]

Translated Article: Campaign of the Spy Alliance “Five Eyes” against WhatsApp and Co

Posted by on January 8, 2019 at 10:23 am

Feldzug der Spionageallianz „Five Eyes“ gegen WhatsApp und Co for fm4 by Erich Moechel The current scattered news and reports on “encryption” belong together. The military secret services of the “Five Eyes” conduct a global campaign; in Australia they’ve already reached their first milestone. Every two years, around the same time, a campaign of the espionage […]

Encryption, Ghosts, Backdoors, Interception, and Information Security

Posted by on December 20, 2018 at 3:54 pm

While talking about mobile network security we had a little chat about the things to come and to think about. Compromise of communication is a long time favourite. Hats of all colours need to examine metadata and data of messages. Communication is still king when it comes to threat analysis and intrusion detection. That’s nothing […]

DeepSec2018 Talk: Manipulating Human Memory for Fun and Profit – Stefan Schumacher

Posted by on October 31, 2018 at 9:15 am

Manipulating the Human Memory for Fun and Profit, or: Why you’ve never met Bugs Bunny in DisneyLand Hacking is not limited to technical things — like using a coffee machine to cook a soup — but also makes use of social engineering. Social engineering is the (mis)use of human behaviour like fixed action patterns, reciprocity […]

Translated RadioFM4 Article: Hype about “Chinese Espionage Chips” stems from the Pentagon

Posted by on October 16, 2018 at 11:55 am

[Editor’s note: This article was originally published on the web site of the FM4 radio channel of the Austrian Broadcasting Corporation. We have translated the text in order to make the content accessible for our English-speaking audience, because the author raises some important questions.] In the FM4 fact check the sensational report by the business […]

Translated Press Release: Systemic Errors as Vulnerabilities – Backdoors and Trojan Horses

Posted by on October 9, 2018 at 9:01 pm

DeepSec and Privacy Week highlight consequences of backdoors in IT Vienna (pts009/09.10.2018/09:15) – Ever since the first messages were sent, people try to intercept them. Today, our modern communication society writes more small, digital notes than one can read along. Everything is protected with methods of mathematics – encryption is omnipresent on the Internet. The […]