mini conference - date is not set

Hello folks, I hope this message finds you all in good form. It’s been quite a while since this particular meetup group has had a meeting (duh!), as we start to see our way out of the pandemic restrictions, we might want to consider the possibility of holding a meeting when and only if it is entirely safe to do so.

As some of you are aware, prior to the initial lockdown, several Ph.D candidates had formed a grouping within QUB. There were a number of ideas put forward and we did have a meeting scheduled for late March 2020, obviously this did not take place. In light of this and the bloody state of the word at the moment. I am going to put forward a number of ideas; anyone who has an idea or a view, please feel free to air it.

Unfortunately, there is only a handful of this group who have had the opportunity to attend the Chaos Computer Congress in recent years; it’s quite an experience when you mix technology with politics, philosophy and art. We end up with lots of weird talks and even weirder people (Ahoy Fado, Fich et al. 😉. With that in mind I’d like to propose a CryptoParty mini-conference day/half-day or just a meeting; covering a number of topics that not only deal with the core ideas and implementation of cryptography, but also the following embryonic/suggested/rough ideas:

1. Reverse engineering - (Static and Dynamic analysis) with real-world examples.
2. Reverse engineering – core concepts, evolution from 68000 to i386 to ARM.
3. New developments in cryptography and segmented mass storage solutions.
4. Encrypted chat – a balance between security and convenience.
5. QubesOS – how and why you should use it.
6. Tails - no persistence, no evidence- errr… not quite
7. TOR – Is it still Anonymous? Current attacks and Opsec defences.
8. Zero day exploit – a real-world example.
9. Open source intelligence – how to track anyone.
10. Legislation for state backdoors (the argument for and against).
11. A legal perspective of surveillance and encryption by a practising lawyer/barrister.
12. Surveillance Capitalism, review and key points in the aforementioned book.
13. N.I. – A historical tale of local hackers who hack for a living. (permission-based).
14. Ethical hacking – there are no ethics, just business!
15. Hardware hacking, JTAG/UART and beyond the oscilloscope probes.
16. I.O.T. – The Internet shit?
17. Backdooring Android for fun.
18. Mobile MiTM – your mobile phone never sleeps.
19. International speakers on various infosec topics.
20. Intervention/Hackerhouse/State funding - an exercise in grooming?
21. Compromised? – How to respond to hackers or law enforcement.
22. SecureDrop – what to do and what you don’t do (past compromises and how to avoid them).
23. Uncomfortable? Good! – Does discrimination, ideology, gender or personalities play a part within infosec employment?
24. S3 – from Zero to pwn hero!
25. From shell to hell – this is not the shell you’re looking for.

These are just initial ideas; as you can tell from some of them, it’s an attempt to avoid more industry-based talks that at suited to Bsides. In-line with the standards by which a CryptoParty event is held, there should not be any sponsorship; in my view, we don’t need it, nor should we want it.

So the event would not strictly be confined to the application and understanding of cryptography. Given so much of information security necessarily involves encryption, there is an unavoidable bleed-over into hackery/pwnage/red, blue & purple teams/white, grey & blackhat tools/methodologies- it would be a pretty poor event if we restricted a day or half day to obscene levels of crypto nerdiness. 😊

Forgive any typos…