What we're about

SecTalks is the largest non-profit security community that expands across multiple continents. SecTalks hosts free monthly sessions on technical security topics, and practical security challenges. We have a mix of sessions for both beginners and seasoned professionals.

SecTalks has three formats (http://www.sectalks.org/formats/), Talk & long CTF, Talk & short CTF, and a Ninja Night.

To present or contribute: fill up SecTalks CFP (http://j.mp/sectalkscfp) or SecTalks CTF (https://forms.gle/GMg8uCtPHWQDww898) forms.

To support: visit SecTalks sponsorship (http://www.sectalks.org/sponsor/) page.

New to CTF: check our CTF101 workshops (http://www.sectalks.org/ctf101/).

Away from Sydney? check out SecTalks in other cities (http://www.sectalks.org/#where).

Thanks to our Sponsors: SecDim (https://j.mp/1qgPo0a), PWC (https://j.mp/2wCGPH1), Atlassian (https://bit.ly/2Hk2qX1), Google (https://bit.ly/2IiKrCm)

Upcoming events (1)

SecTalks SYD0x43 (62nd) - Whack-a-Meltdown: a Micro-Architectural Game

# Call for Volunteers and annual feedback In a year that most events were cancelled, we consistently host SecTalks every month. Thanks to our organising team and your supports! In 2021, we need your help. We are looking for volunteers, speakers, sponsors, and your feedback. Please use the following form to share your thoughts and interests. https://forms.gle/TR5m5fgJ3vvJMxV1A # Presentation: Whack-a-Meltdown: a Micro-Architectural Game Out-of-order execution is a processor feature that allows varying the order of instruction execution to increase CPU utilisation. For two decades, out-of-order execution has been considered a harmless performance enhancement. However, the Meltdown attack demonstrated a weakness in implementations of out-of-order execution that allows adversaries to bypass the security guarantees of the processor. Countermeasures for Meltdown have been published concurrently with the attack's public disclosure in early 2018., However, further variants of the Meltdown attack demonstrated that these countermeasures are limited. Since then, the cycle continues. Existing countermeasures are overcome with newer attack variants, requiring newer countermeasures, which are again proven insufficient. This presentation reviews the history of Meltdown attack variants and proposed countermeasures. It identifies a core cause for all Meltdown-like vulnerabilities, and argues that as long as proposed countermeasures address symptomatic effects rather than this core cause, the Whack-a-Mole game we have witnessed over the last three years is likely to continue. by Dr. Yuval Yarom Yuval Yarom is senior lecturer the School of Computer Science at the University of Adelaide and a Researcher at Data61, CSIRO. His main research interests are computer security and cryptography, with a current focus on microarchitectural attacks and their mitigation. He received his PhD from the University of Adelaide and an M.Sc. and a B.Sc. from the Hebrew University of Jerusalem. # NN0x0A CTF walkthrough and NN0x0B CTF challenge - stay tuned for confirmation. # Sponsors PWC (https://pwc.to/2FcpqF4) Atlassian (https://j.mp/313gJJZ) Google (https://bit.ly/2IiKrCm) SecDim (https://j.mp/1qgPo0a) Amazon Information Security (https://j.mp/3eiTfEC) For sponsoring SecTalks Sydney, Please contact [masked] for more detail.

Photos (118)

Find us also at