Posted in Uncategorized
My company, Subgraph, has just launched a new website. We’ve opened up a little about what we’re doing. Check it out.
Posted in Uncategorized
Hi!
Sorry. Blog not dead. It’s just been summertime. In Montreal. If you live here, you’ll understand.
The biggest event of the summer for us was throwing Recon 2010. Preparations had me so busy that I didn’t even blog about it. Recon is a well-known Montreal security / reverse engineering (i.e. hacking, by the original and only real definition) conference that has existed since 2005. 2010 was our biggest conference ever – an enormous success and a lot of fun. We had six training sessions and 3 days of conference. The conference schedule was packed with speakers from all over the world. The Recon party, which was legendary, had guests such as monochrom and int80 from Nerdcore group Dual Core. Here’s a clip.
We also had a contest organized by Tipping Point’s ZDI that was totally new for Recon 2010. It was like having a CTF, but without all of the setup, and much closer to the heart of what Recon is all about. ZDI awarded 20,000$ in prize money. Not bad. Props to ZDI / Tipping Point for coming up with the contest idea, it was a great and I hope we do it again next year.
We closed out Recon 2010 with a party at my place for speakers, trainers, and anyone left over who we could round up. I had about 50-55 people from maybe 20 countries in my house on Sunday night. No complaints or police. Pretty amazing.
Looking forward to next year.
MTLSEC July took a break and returned in August. We held it last week. I’ll return to announcing them here for September’s meeting.
Also, check out Next Montreal, a blog about Montreal technology scene stuff run by people in the scene.
It’s August 17 and Byron Sonne is still in jail on bullshit charges. Byron is one of us, a well-liked member of hacklab.to. His ongoing detention is outrageous, even if you don’t agree with his political views. Byron is not a terrorist. If you are unfamiliar with this ongoing case, educate yourself. Spread the word.
Yulbiz June is tonight. It will be held at Le Massillia, 4543, avenue du parc. There will be pastis, pétanque, sun and fun. Starts at 17h30.
RSVP to the Facebook event.
8LGM. SATAN. SANTA. Phrack P49-14. CERT. Eugene Spafford. RSAREF. NSAKEY. LD_PRELOAD. NLSPATH. IFS. Tripwire. Ranum. That day Thomas Lopatic broke ipf. LDT call gates on i386, LSD-PL, and Argus Systems. L0phtCrack. Crack. Strobe, by Julian Assange (yeah, that Julian Assange). Your presence is required this evening at MTLSEC if any of the above are familiar. Optional, but greatly encouraged, if not. In all seriousness, if information security interests you, come hang out with us.
Tonight is MTLSEC June. It’s being held at the Old Dublin, 636 Cathcart. Gets started around 5:30. Today is the anniversary of the day that the Watergate scandal broke. Bunch of sneaky people getting together to celebrate being sneaky on an auspicious day of sneakiness. It’s also Jello Biafra’s birthday. Same time. Same place. Different month.
RSVP HERE: http://events.linkedin.com/Mtlsec-Juin-Mtlsec-June/pub/347483
JOIN THE GROUP HERE: http://www.linkedin.com/groups?home=&gid=2400731
MTLSEC is a monthly informal meeting in the Citysec spirit of information security professionals and those interested in the field. Topics for discussion vary from high-level (risk management, governance, strategy) to low level (exploit research, intrusion detection, malware analysis, etc) en Français, English or Franglais.
Ok, so this isn’t Montreal related, but I haven’t posted in a while. I’m giving a presentation on a side-channel attack affecting block ciphers operating in CBC mode at the OWASP Ottawa chapter meeting tonight. This is based on work presented by researchers and friends Juliano Rizzo and Thai Duong at Black Hat Europe in 2010. Probably the last time I give this presentation.
So I’ll be explaining the crypto attack clearly, in full detail (it’s really cool). I’ll also be demonstrating POET, the padding oracle exploitation tool. Thus spoke tqbf, on this attack:
CBC padding oracles: the official “Attack That Looks In Real Life Most Like When Someone Breaks Decryption In A Movie”.
Here are the details. It’s 6pm. On the West side of Ottawa, apparently in the middle of nowhere, according to Google Maps. We’ll be downtown later.
Oh yah, MTLSEC is Thursday. Will post about that tomorrow.
Interested in computer security? Studying it? Been using a 4096-bit RSA key since 2000? Forced to wear a tie and do internal audits at work, but your overly-secure-for-no-good-reason computer at home is OpenBSD or Linux + grsecurity? Do you interpret ADIDAS as ‘All day I dream about sniffing’?
Yes, MTLSEC May is tonight. 17h30. Old Dublin. 636 Cathcart. Metro McGill. We’ll be announcing the speaker lineup at Recon 2010.
MTLSEC is a monthly informal meeting in the Citysec spirit of information security professionals and those interested in the field. Topics for discussion vary from high-level (risk management, governance, strategy) to low level (exploit research, intrusion detection, malware analysis, etc) en Français, English or Franglais.
It ends whenever.
