Greetings everyone,

On Saturday last week I had the pleasure of delivering a workshop on IPv6 networking at the MRMCD2015 conference in Darmstadt, Germany. It goes without saying that the atmosphere was quite amicable; as usual at CCC-related events. What definitely impressed me the most was the diversity of the audience. There were around thirty attendees representing several age groups and all with seemingly differing backgrounds.

Continue reading “IPv6@MRMCD2015”

Continue reading

SSL Tidbits at the BASTA.NET

A while a go Dominik and I gave an introductory presentation about SSL at the BASTA.NET conference, a developer-oriented event held in Darmstadt twice a year. At that time there were quite some enthusiastic participants but recently we’ve also gotten some inquiries asking for the relevant materials. Although there’s no recording of the session, we’ve decided to put the slides here for those interested who didn’t make it to the talk.

“Who should have a look at the slides?” you ask, well, if you’ve been wanting to get a sense for what the idea behind SSL is, where it is used, how it is usually leveraged and what problems could arise when poorly employed, you will certainly find the slide-deck interesting. Although the session was meant to slowly get participants up to speed in matters SSL, it’s still likely that more informed folks will still find it interesting, even if just as a refresher about key and certificate formats, PKI 101, SSL stripping, secure cookies, and other topics.

Without further, here’s slide deck.

For the hungry, here are some other interesting resources we suggested to attendees willing to go a bit deeper on the topic after the talk.

OWASP – SSL für Alle
OWASP – Transport Layer Protection Cheat Sheet
Mozilla – Server Side TLS

For those attending to the BASTA.NET next autumm, we’re looking forward to meeting you. But for the time being, that’s going to be pretty much it.

Thanks for reading and let us know what you think.

Continue reading

MLD, a tale on Complexity in IPv6

The purpose of this blog post is to elucidate how and why MLD, an IPv6 protocol we’ve been lately talking quite a bit about, is an unnecessarily complex beast  . This article should also serve to summarize a couple of points we’ve mentioned during our talks about MLD but which because of time constraints never make it into the main discussion. We’ve talked about other aspects of MLD in previous posts. So, have a look at those if this is a topic which you find interesting. Without further ado, let’s start for today.

Continue reading “MLD, a tale on Complexity in IPv6”

Continue reading

Wrap-Up: A Memorable Week at Black Hat and DEFCON in Las Vegas

Information security conferences are known to be attended because of several reasons. For some it’s the technical content, for others the networking potential and for some others simply meeting old friends. Pinpointing our motives is clearly a challenging task, but the following wrap-up ought to share our personal highlights of the week we spent visiting Black Hat USA 2014 and DEFCON 22 in Las Vegas.

Continue reading “Wrap-Up: A Memorable Week at Black Hat and DEFCON in Las Vegas”

Continue reading