Tag Archive

Administrivia Update: Regulations, Ticket Shop, and DeepSec

Published on May 29, 2020 By René Pfeiffer

Clear guidelines for events and conferences slowly emerge here in Austria. We have some news on how DeepSec, DeepINTEL, and ROOTS will look like in November. We will compile the set of regulations in a separate document and publish it on our web site. The constraints set by the authorities contain no show-stoppers for the […]

Update on DeepSec / DeepINTEL / ROOTS 2020 with regards to Covid-19

Published on May 2, 2020 By René Pfeiffer

Lacking time travel we have no way to know what will happen in November 2020. That’s not news to us. We closely follow the development of the current Covid-19 crisis, and we constantly evaluate our plans for DeepSec, DeepINTEL, and ROOTS 2020. Given the current state of affairs and the experiments in various countries (including […]

First DeepSec 2020 Trainings confirmed

Published on May 2, 2020 By René Pfeiffer

We haven’t been idle in the past weeks. The Austrian government is reducing the lock-down rules to see how normal business and private life can go on. We take this as an opportunity to announce the first three confirmed trainings for DeepSec 2020. The preliminary descriptions can be found on our schedule web site. Black […]

Contact Tracing and the Security of Things

Published on April 17, 2020 By René Pfeiffer

The spread of Sars-Cov-2 keeps everyone on their toes. Given the emotional state after weeks and months of physical distancing (which we recommend; social distancing has been the norm for decades). We have closed our office in March and heavily rely on telecommunication. Fortunately we did not need to reinvent the Internet. Many of you […]

Continuous Integration Ticket Shop for Conference Tickets is now open – book often, book early!

Published on February 26, 2020 By René Pfeiffer

Running an event is a highly dynamic operation. This is especially true for (information security) conferences, even more so for trainings. We have seen our share of sad faces when the training of your choice didn’t happen, because people booked the ticket too late. In order to avoid great disappointments, the ticket shops for DeepSec […]

DeepSec 2020 Call for Papers is open!

Published on February 26, 2020 By René Pfeiffer

We are looking for presentations and trainings for the next DeepSec In-Depth Security Conference. DeepSec 2020 will explore the focus masquerade. Attribution is hard. To make matters worse for everyone connected to information security – masquerade is ubiquitously present in hardware and software. You might also call some of it disinformation, which was the world […]

DeepSec 2020 Scholar Program – Call for Applications

Published on February 11, 2020 By René Pfeiffer

DeepSec 2020 wants to support your project. We have teamed up with partners to foster research in information security. We already support the BSidesLondon Rookie Track, support the Reversing and Offensive-oriented Trends Symposium (ROOTS), publish the DeepSec Chronicles, and support individuals in their research. Now we want to go one step further. Purpose: To encourage […]

Secure Design – Combining Information Security with Software Development

Published on February 5, 2020 By René Pfeiffer

Information security researchers usually see software fail. Sometimes they try to make software fail on purpose. The result is a bug description, also called vulnerability report in case the bug has a security impact. The the best case scenario this information reaches the software developers who in turn fix the problem. Then the cycle continues. […]

DeepSec, DeepINTEL, and ROOTS in 2020

Published on February 1, 2020 By René Pfeiffer

We took some time off to deal with the administrative side of running the DeepSec conference. Additionally some of us were engaged in project work. 2020 started early this time. There is a lot to do behind the scenes, especially in times where reading the news doesn’t help you to navigate the rest of the […]

Save the date: DeepINTEL / DeepSec 2020 – 17 to 20 November

Published on December 21, 2019 By René Pfeiffer

We fixed the dates for DeepINTEL and DeepSec 2020. As promised there will be no collision with Thanksgiving. DeepINTEL 2020 will be on 18 November 2020. The DeepSec trainings will be on 17/18 November 2020. The DeepSec conference will be on 19/20 November 2020. The Calls for Papers will open in February 2020. Have a […]

DeepSec 2019 Keynote: Computer Security is simple, the World is not – Raphaël Vinot and Quinn Norton

Published on November 27, 2019 By sanna

Information security is too often seen as a highly technical field in computer science, and one where the more technical someone is, the more right they are likely to be. But security is part of systems of life, that not only include computers and phones, but systems of living, cultures, history, politics, and interpersonal relationships. […]

DeepSec 2019 Talk: How To Create a Botnet of GSM Devices – Aleksandr Kolchanov

Published on November 26, 2019 By sanna

There are different types of GSM-devices: from GSM-alarms for homes and cars to industrial controllers, remote-controlled electric sockets and smartwatches for kids. Also, often they are vulnerable, so GSM-devices are interesting targets for hackers and pranksters. But it is easier to hack a device than to find these devices (usually, you should make a call, […]

DeepSec 2019 Talk: Abusing Google Play Billing for Fun and Unlimited Credits! – Guillaume Lopes

Published on November 22, 2019 By sanna

In 2017, the estimated global in-app purchase revenue was projected to exceed $37 billion. Just in the Google Play Store, for 2018, more than 200 000 apps are offering in-app purchases. However, the Google Play Billing API is vulnerable by design and allows an attacker to bypass the payment process. I analyzed several android games […]

DeepSec2019 Training: Incident Response Detection and Investigation with Open Source Tools – Thomas Fischer & Craig Jones

Published on November 20, 2019 By sanna

Defences focus on what you know! But what happens when the attackers gain access to your network by exploiting endpoints, software or even you people. Under the assumption that you have been breached, how do you work backwards to gain knowledge of what happened? How can you find those adversaries in your infrastructure? IR detection […]

DeepSec 2019 Talk: Demystifying Hardware Security Modules – How to Protect Keys in Hardware – Michael Walser

Published on November 20, 2019 By sanna

[Editorial note: Cryptography is one of our favourite topics. This is why we invited experts from sematicon AG to show some of their skills and help you navigate through the jungle of false promises by vendors, magic bullets, and misuse of the word „crypto“.] A secure crypto-algorithm is based on the fact that only the […]