The 5 best events you might have missed at the RSA and BSides(SF) conferences
We attended many talks and lectures over the course of the week, and these are the ones we liked the most (unfortunately, not all of them have videos available online).
1. Mainframe hacks. The specialist known as Soldier of Fortran exposed many mainframes that actually face the Internet, and can pose a threat to their owners. This talk showed that companies in various fields ignore their older systems’ security. The best part of this talk was when Soldier of Fortran asked for the crowd’s help in telling which mainframe portal belonged to which company – the results were pretty shocking.
2. TEMPEST hacks. Lev Pachmanov from Tel Aviv University talked about a breakthrough in the field of emission-based data theft. Pachmanov is part of a group of Israeli researchers who managed to steal an encryption key using rather basic equipment. He reviewed this interesting side-channel attack and showed that it doesn’t take a government-sized budget to intercept emissions and turn them into a valid attack vector. Wim van Eck would be proud.
3. Cloud security. Tim Prendergast from Evident.io gave a great talk about the differences between old-school data center protection and cloud protection, from an infrastructure point of view. He showed how to build and maintain security tools in cloud platforms such as AWS.
4. Apple vs. the FBI. The Electronic Frontier Foundation (EFF) hosted a panel that included their privacy, civil liberty, policy analysis and activism specialists. The very first question was about the Apple-FBI standoff. The panel addressed several other hot topics that every security firm should be aware of, such as the Wassenaar Arrangement, encryption laws, and coders who sell exploits.
5. Hacking Honeypots. Dean Sysman, our CTO, talked about the ways in which honeypots can be detected and hacked by attackers.