0104, 2019

Network Security right from the Beginning – Introducing DHCP-over-TLS (DoT)

René Pfeiffer/ April 1, 2019/ High Entropy

Every security researcher knows: If you want to secure a system, do it as early as possible. This is why Trusted Computing, Secure Boot, Trusted Execution Technology, and many more technologies were invented – to get the operating system safely off the ground right at boot time. After the booting process additional components have to be initialised. Dependencies are common in this stage. The second most important resource next to the local machine is the network. Most modern programming languages highly rely on network connection to get any work done. Local storage and memory is merely a big cache for temporary data to them. So how do you create a trusted boot process beyond the initial network configuration? The answer is easy. You just combine two highly mature and reliable protocols – Dynamic Host

Read More

2603, 2019

Remembering Mike Kemp (@clappymonkey)

René Pfeiffer/ March 26, 2019/ High Entropy

This blog post has no tags, because we cannot come up with any. Mike Kemp, also known as @clappymonkey on Twitter, has died. He spoke at the DeepSec conference back in 2012. We regularly saw him at other events and kept in touch. We have lost a great colleague. It is impossible to express what he was to you, us, and his family and friends. Our sympathies are with all of you who lost him as partner, friend, companion, mentor, and relative. We will miss him dearly.

0803, 2019

The fine Art of Mentorship

René Pfeiffer/ March 8, 2019/ Discussion, Security

We will support the Rookie Track at BSidesLondon in 2019 again. This is a perfect way for rookies to get started on presenting at a conference. However it is much more – the stages before the presentation is held. Preparing for 15 minutes of talk will keep you busy for ten or twenty times the amount you spend presenting. It depends on the research you have to do, the illustrations you have to create, the code samples, the tests, and a lot more things that need to be sorted out. That’s not an easy task. But you do not have to do it alone. BSidesLondon is looking for rookies and mentors. If you have experience in IT security, being on stage for presentations, research, and preparing materials for workshops and talks, then you should

Read More

1802, 2019

Translated Press Release: IT Security is increasingly dominated by Geopolitics

Sanna/ February 18, 2019/ Call for Papers, Conference, DeepIntel, ROOTS

DeepSec and DeepINTEL conference open call for papers – submission for lectures and trainings are in demand.Anyone who reads the technology part of their favourite magazine can hardly escape the promises of future network technologies. Your own car becomes a smartphone. The talking fridge becomes a therapist. 5G mobile networks promise high-speed fibre optic streaming of data on the speed-limited electric scooter. The second reading reveals the meaning of the letter G in 5G – it stands for geopolitics. As part of the network expansion, there are discussions about hidden killswitches for emergency shutdowns, entire networks and backdoors to eavesdrop on customers. In November, the DeepSec In-Depth Security Conference addresses the technical challenges of the Internet of Things, emerging network technologies, and geopolitical constraints dictated by key events of the last 6 years. 5G

Read More

1802, 2019

DeepSec 2019 – Call for Papers – Security Research Results wanted!

René Pfeiffer/ February 18, 2019/ Call for Papers, Conference

The DeepSec 2019 In-Depth Security Conference is calling for presentations and trainings. We are interested in your information security research. Since 2007 DeepSec has aimed to provide in-depth analysis of design flaws, vulnerabilities, bugs, failures, and ways to improve our existing IT ecosystem. We need more high quality reviews of code and concepts we rely on every day. Digital processing power and network connections have become ubiquitous. So the focus of this year’s DeepSec will be on the Internet of Things (IoT), processing/moving data (small and big), infrastructure (critical and convenient), the statistics of data analysis (also called machine learning), real artificial intelligence (not statistics or clever use of Markov chains), and the current state and future of information security research. Due to past and current geopolitical events affecting information technology and the security

Read More

1402, 2019

Supporting BSidesLondon “My Machine is not Learning” 2019

René Pfeiffer/ February 14, 2019/ Conference

This year’s BSidesLondon is pondering the most important question of machine learning. What is my machine doing and learning? Well, it might be that “My Machine is not Learning” at all. Sounds a lot like the intelligence we all know from living beings. So, armed with this new motto, BSidesLondon is turning 9, and we will support the Rookie Track again. The winner gets a trip to Vienna and free entry to DeepSec 2019. Get going and get started with your presentation! It’s worth it, and we love to welcome you in Vienna! Ask @5w0rdFish about it. If you are looking for research topics, please drop us a line. We have some ideas about good questions and things to explore. See you in London!

0802, 2019

Save the Date for DeepINTEL and DeepSec 2019

René Pfeiffer/ February 8, 2019/ Administrivia, Conference, DeepIntel

We did some clean-up and dealt with the administrative issues of past and future events. Finally we can announce the dates for DeepINTEL 2019 and DeepSec 2019. Grab or calendars or log into them: DeepSec 2019 Trainings – 26/27 November 2019 DeepSec 2019 Conference – 28/29 November 2019 DeepINTEL 2019 – 27 November 2019 The conference hotel is the same as for every DeepSec. We haven’t changed our location. As for the date, yes, we announced at the closing ceremony that we won’t collide with thanksgiving. We tried hard to avoid this, but given the popularity of Vienna as a conference and event city we had no choice. For 2020 and consecutive years we will do early reservations in order to avoid the week of Thanksgiving. The call for papers opens soon, as does

Read More

0801, 2019

Translated Article: Campaign of the Spy Alliance “Five Eyes” against WhatsApp and Co

Sanna/ January 8, 2019/ Discussion, High Entropy, Security

Feldzug der Spionageallianz „Five Eyes“ gegen WhatsApp und Co for fm4 by Erich Moechel The current scattered news and reports on “encryption” belong together. The military secret services of the “Five Eyes” conduct a global campaign; in Australia they’ve already reached their first milestone. Every two years, around the same time, a campaign of the espionage alliance “Five Eyes” against encryption programs takes place. Unlike in 2016, the new campaign has reached its first goal in a flash. In early December, a bill was passed in the Australian Parliament obliging Internet companies to break up encrypted communications. The providers of Whatsapp, Snapchat, and Co are hereby required to build surveillance interfaces into their apps to give hidden access to the Australian law enforcement. In a parliamentary coup – without discussion or amendments – the “Assistance

Read More

0701, 2019

ROOTS 2018: Library and Function Identification by Optimized Pattern Matching on Compressed Databases – Maximilian von Tschirschnitz

Sanna/ January 7, 2019/ ROOTS

[Editor’s note: This article belongs to the Reversing and Offensive-oriented Trends Symposium 2018 (ROOTS). It was misplaced, so we publish it today. Maximilian’s talk was recorded and can be watched on Vimeo.] The goal of library and function identification is to find the original library and function to a given machine-code snippet. These snippets commonly arise from penetration tests attacking a remote executable, static malware analysis or from an IP infringement investigation. While there are several tools designed to achieve this task, all of these seem to rely on varied methods of signature-based identification. In this work, the author argues that this approach is not sufficient for many cases and propose a design and implementation for a multitool called KISS. KISS uses lossless compression and highly optimized pattern matching algorithms to create a very

Read More

0401, 2019

Analysing Data Leaks and avoiding early Attribution

René Pfeiffer/ January 4, 2019/ High Entropy

The new year starts with the same old issues we are dealing with for years. German politicians, journalists, and other prominent figures were (are) affected by a data leak. A Twitter account started tweeting bits from the leaked data on 1 December 2018 in the fashion of an Advent calendar. The account was closed today. You will find articles describing single parts of what may have happened along with tiny bits of information. Speculation is running high at the moment. So we would like to give you some ideas on how to deal with incomplete information about a security event floating around in the Internet and elsewhere. Attributing data leaks of this kind is very difficult. Without thoroughly understanding and investigating the situation, proper attribution is next to impossible. Given the method of disclosure

Read More

2112, 2018

Merry XSSmas and a successful new mktime() Syscall

René Pfeiffer/ December 21, 2018/ Administrivia, High Entropy

The holidays are coming, next to Winter (hopefully). Thank you all for attending and contributing to DeepSec and DeepINTEL 2018! All slides we got are online. The videos have almost left post-production (except one recording which is being fixed audio-wise) and are on the way to the content distribution network. The ROOTS videos will be first. You will find all videos in their albums. Make sure you look for collections, too. We will set-up a tip jar for our video team again, so if you want to leave a small thank you for the crew, please do so. We are going to deal with infrastructure and upkeep of our to-dos. Plus we will spend some time off-line. Or maybe just in local networks to do some well-deserved hacking. The dates for DeepSec and DeepINTEL

Read More

2012, 2018

Encryption, Ghosts, Backdoors, Interception, and Information Security

René Pfeiffer/ December 20, 2018/ Discussion, High Entropy

While talking about mobile network security, we had a little chat about the things to come and to think about. Compromise of communication is a long-time favourite. Hats of all colours need to examine metadata and data of messages. Communication is still king when it comes to threat analysis and intrusion detection. That’s nothing new. So someone pointed toward a published article. Some of you may have read the article titled Principles for a More Informed Exceptional Access Debate written by GCHQ’s Ian Levy and Crispin Robinson. They describe GCHQs plan for getting into communication channels. Of course, “crypto for the masses” (yes, that’s crypto for cryptography, because you cannot pay your coffee with it) or “commodity, end-to-end encrypted services” are also mentioned. They explicitly claim that the goal is not to weaken encryption

Read More

1112, 2018

Need something to read? – First Batch of DeepSec 2018 Presentation Slides online

René Pfeiffer/ December 11, 2018/ Administrivia, Conference

Do you fear reading the news? Fancy some facts? Well, we have something different for you to read. We have collected presentation slides from DeepSec 2018 and put the first batch online. You can find them in this rather nostalgic directory listing. We have renamed the files with their title and the name of the presenters. They are mostly PDF, but two presentations consist of a HTML slideshow. We have created a PDF document containing the link to the original presentation for your convenience. The directory will be filled with the remaining documents as soon as we get them.

0312, 2018

Thank you all for attending and speaking at DeepSec 2018!

René Pfeiffer/ December 3, 2018/ Conference, Security

DeepSec 2018 is over. Thank you for attending and presenting at our conference! Without your interest and your configuration there would be no talks, no workshops, and no one else present.We had a great time, and we hope you enjoyed everything. We are now dealing with the administrative backlog, the metric ton of receipts, the post-processing of the video recordings, and lots of other things. Among the tasks is the feedback you gave us. We will try to improve, so the next DeepSec conference will feature some or all of your suggestions. Dates for DeepSec and DeepINTEL 2019 will be available soon. We will publish this information on Twitter, on our web site, and on our blog. As for the video recordings, please give us some time. The post-production has to deal with the

Read More

2911, 2018

Opening & Keynote – DeepSec 2018 has started

René Pfeiffer/ November 29, 2018/ Administrivia, Conference

So, now is the opening and the keynote presentation by the magnificent Peter Zinn. This means that DeepSec 2018 has officially started. Since we do not live stream the talks, we will be away from the blog and mostly from Twitter until the end of the conference. Communication in meatspace has full priority. In case of urgent messages, use the contact information on our web site. We still use telephones, you know. In case you are at DeepSec and wish to comment on content, discussions, or summarise a presentation, please do. Post it on Twitter and mention us (or use a meaningful hashtag), we will retweet and pick up your thoughts later on the blog. Enjoy the conference!