===
NCC Group Security Open Forum - San Francisco

DATE: Thursday, February 11, 2016
TIME: 6:00pm-9:00pm
LOCATION: Heroku Offices, Main Kitchen
650 7th Street
San Francisco, CA 94105
standard visitor NDA required at the door

Please RSVP via https://www.meetup.com/NCCOpenForumSF/ if you wish to attend!

technical managers and engineers only please
food and beverage provided

===
AGENDA

SPEAKER: Daed Latrope / Head of Security / Heroku

PRESO TITLE: Dead Man's Switch: practical challenges to post-mortem data security

PRESO SUMMARY: Securely deleting or publishing one's data after death is fraught with challenges. Few tools are available, cloud companies are often ephemeral, and a shocking number of them have simply never considered this most inevitable of use cases. In this talk I take a look at some of the few companies who have tried to make provisions for it, and compare their approaches to some low tech classics.

SPEAKER BIO: Daed has been doing security to the cloud since 2009. Currently head of security for Heroku, previously a member of product security at the mothership (Salesforce), and started off in the industry as a wet-behind-the-ears QA convert at iSEC Partners Back In The Day™.

-=-=-

SPEAKERS: Rob Witoff / Director / Coinbase
Olaf Carlson-Wee / Head of Special Projects / Coinbase

PRESO TITLE: Security through Consensus: Connecting the World to Bitcoin

PRESO SUMMARY: The introduction of fully decentralized digital currency is changing the underlying assumptions of value transfer and enabling new developments in financial cryptography, distributed networking, and payments. Enabling these opportunities requires that we bridge the gap between the future of finance and existing payment networks. This gives us the unique chance to rethink systems from the ground up. This talk will explore the new use-cases we're enabling, trends in the bitcoin industry, and how we're rethinking risk and security to safely innovate in our clouds.

SPEAKER BIOS: Rob is a director at Coinbase and building systems that connect you with (what may be) the future of finance. His team is responsible for the systems that collect, stream, power and analyze the data supporting transactions globally. Previously, he led Data Science from the IT CTO's office at NASA's Jet Propulsion Laboratory. In this capacity he helped to expand the agency's access, opportunities and capabilities with their data. This work included the systems powering massive martian telemetry + imagery analysis, developing data capabilities for the Astronaut Office and modernizing space mission infrastructure. He has also worked to extend earth's interstellar bandwidth as a lead engineer on the International Space Station's laser communication system, OPALS. Rob led SpaceX Launch Systems and Space Station Systems Engineering. His work contributed to the first successful american optical communication link with the International Space Station. When his head is out of the clouds, Rob is a longtime entrepreneur, endurance runner, and Y Combinator founder of Apigy inc.

Olaf is the Head of Special Projects at Coinbase, the largest bitcoin company in the world, where he was the first employee. After building a 40 person operations team and conducting agent training for the FBI, HSI, and Treasury Department, he designed fraud prevention and account security mechanisms protecting billions of dollars in transactional value occurring in over 30 countries. He received a BA from Vassar College after completing his thesis on distributed networking, the implications of the mass adoption of bitcoin, and the development of open source cryptographic technologies. He is an expert in decentralized ledger protocols, crypto-based financial instruments, and anti-fraud systems at scale.

-=-=-

SPEAKER: Jack Leadford / Associtate Security Consultant / NCC Group

PRESO TITLE: Android's ANT Problem

PRESO SUMMARY: In this presentation, we will detail security-focused research revolving around ANT+, a proprietary, low-energy radio protocol used primarily in fitness devices and, of course, Sony and Samsung's flagship phones. Starting with exploring the protocol itself, we ll move into some of its oddities, how we practically poked at these oddities, and research that is currently in progress. You ll get a demo of our open-source toolkit, ANTRaid, and get to watch some wearables and their hosts crash and burn.

SPEAKER BIO: Jack Leadford is an Associate Security Consultant at NCC Group. Any facet of software defined radio, cryptography, hardware hacking, or anonymity interests him. When not getting a backlight tan, he can be found in a warehouse-near-you™ playing drum and bass with his friends.

===
About the NCC Group Security Open Forum

The NCC Group Security Open Forum is an informal and open venue for the discussion and presentation of security related research and tools, and an opportunity for security researchers from all fields to get together and share work and ideas.

The Forum meets quarterly in the Bay Area, Seattle, New York City, and Austin. Forum agendas are crafted with the specific needs/interests of its members in mind and consist of brief 20-30 minute talks. Talks are not product pitches or strongly vendor preferential. Attendance is limited to engineers and technical managers. Any area of security is welcome including reversing, secure development, new techniques or tools, application security, cryptography, etc.