At CSA, I was talking about hypervisors, breakouts and an overview of security measures to protect the host. (Slides)
This ranged from the basic features some hypervisors provide out of the box to advanced features like SELinux, device domain models and XSM-FLASK. Continue reading “CSA Summit CEE and BSides Ljubljana 2017”
Just a short recap from my side regarding this year’s BSide in Las Vegas, NV. It was my first time there and I pretty much enjoyed it. After entering the venue on the first con day (Tuesday) I was a little bit shocked, as the staff sent me to the “end of the line just around the corner” – the end being many corners and many floors away 😉 Speaking to some guys while standing in line, time quickly passed by and before finally hitting the registration desk, there were already some people from the staff giving away the conference badges to the waiting folks. The waiting time was no comparison to last year’s DEF CON, where I (and obviously all the other “humans”, how attendees at DEF CON are called) had to wait nearly _four_ hours to get a badge to enter the con. DEF CON staff already calls this the annual “Line Con”. Enough bashing, back to topic 😉
The opening keynote was held by Lorrie Cranor, who spoke first and Michael Kaiser, who did the second part. I enjoyed Lorrie’s part which was about frequent password changes in environments like companies or universities. She talked about studies that revealed, many people who have to change passwords frequently use patterns by changing their passwords, like shifting letters or iterating numbers. This behavior mostly provides only a little security benefit or could otherwise also decrease security, she said.
I’m back from London where I gave a talk about security evaluation of proprietary network protocols. I had a great time at InfoSecurity Intelligent Defence and BSides London, many thanks for inviting me and giving me the opportunity to speak to so much nice people.
Find the abstract and the download link to the slides after the break.