From 54b76daf6fd8feecfd55b7a7d87b08582a10ba2c Mon Sep 17 00:00:00 2001 From: Patrick Reijnen Date: Sat, 22 Jul 2023 21:55:38 +0200 Subject: [PATCH] Updates op bestaande talks en twee nieuwe NJ2019 talks --- .../nluug/najaarsconferentie-2019/_index.md | 6 ++-- ...dreas-hulsing-post-quantum-cryptography.md | 2 -- ...ercrime-analysis-using-visual-analytics.md | 2 -- .../talks/carlo-berto-an-update-on-rpki.md | 30 ++++++++++++++++ .../carlo-meijer-self-encrypting-deception.md | 34 +++++++++++++++++++ ...sre101-lessons-from-a-parallel-universe.md | 2 -- 6 files changed, 67 insertions(+), 9 deletions(-) create mode 100644 content/evenementen/nluug/najaarsconferentie-2019/talks/carlo-berto-an-update-on-rpki.md create mode 100644 content/evenementen/nluug/najaarsconferentie-2019/talks/carlo-meijer-self-encrypting-deception.md diff --git a/content/evenementen/nluug/najaarsconferentie-2019/_index.md b/content/evenementen/nluug/najaarsconferentie-2019/_index.md index bf76d7b..24d4e6b 100644 --- a/content/evenementen/nluug/najaarsconferentie-2019/_index.md +++ b/content/evenementen/nluug/najaarsconferentie-2019/_index.md @@ -125,8 +125,8 @@ event_schedule: - column: talk: speaker: Carlo Meijer - title: "SSD self-encrypting deception" - link: + title: "Self-encrypting deception" + link: talks/carlo-meijer-self-encrypting-deception/ - column: talk: speaker: Hagen Bauer @@ -203,7 +203,7 @@ event_schedule: talk: speaker: Carlo Berto title: An update on RPKI - link: + link: talks/carlo-berto-an-update-on-rpki/ - column: talk: speaker: Michiel Leenaars diff --git a/content/evenementen/nluug/najaarsconferentie-2019/talks/andreas-hulsing-post-quantum-cryptography.md b/content/evenementen/nluug/najaarsconferentie-2019/talks/andreas-hulsing-post-quantum-cryptography.md index d28ea16..e6e0275 100644 --- a/content/evenementen/nluug/najaarsconferentie-2019/talks/andreas-hulsing-post-quantum-cryptography.md +++ b/content/evenementen/nluug/najaarsconferentie-2019/talks/andreas-hulsing-post-quantum-cryptography.md @@ -5,8 +5,6 @@ date: 2023-07-03T10:31:43+02:00 description: "" layout: event-talk tags: -- shell -- scripting title: "Andreas Hülsing - Post-quantum cryptography" speakers: - andreas-hulsing diff --git a/content/evenementen/nluug/najaarsconferentie-2019/talks/bram-cappers-eventpad-cybercrime-analysis-using-visual-analytics.md b/content/evenementen/nluug/najaarsconferentie-2019/talks/bram-cappers-eventpad-cybercrime-analysis-using-visual-analytics.md index f059706..1c75e93 100644 --- a/content/evenementen/nluug/najaarsconferentie-2019/talks/bram-cappers-eventpad-cybercrime-analysis-using-visual-analytics.md +++ b/content/evenementen/nluug/najaarsconferentie-2019/talks/bram-cappers-eventpad-cybercrime-analysis-using-visual-analytics.md @@ -5,8 +5,6 @@ date: 2023-07-03T10:31:43+02:00 description: "" layout: event-talk tags: -- shell -- scripting title: "Bram Cappers - Eventpad: Cybercrime Analysis Using Visual Analytics" speakers: - bram-cappers diff --git a/content/evenementen/nluug/najaarsconferentie-2019/talks/carlo-berto-an-update-on-rpki.md b/content/evenementen/nluug/najaarsconferentie-2019/talks/carlo-berto-an-update-on-rpki.md new file mode 100644 index 0000000..7c5c63c --- /dev/null +++ b/content/evenementen/nluug/najaarsconferentie-2019/talks/carlo-berto-an-update-on-rpki.md @@ -0,0 +1,30 @@ +--- +categories: +- presentaties +date: 2023-07-03T10:31:43+02:00 +description: "" +layout: event-talk +tags: +title: "Carlo Berto - An update on RPKI" +speakers: +- carlo-berto +presentation: + filename: 2019-11-21-carlo-berto-an-update-on-rpki.pdf +recording: + platform: youtube + url: https://www.youtube.com/watch?v=l_BJP5wHoJc +--- + +## Abstract + +In this presentation Carlo will provide an update on the current state of routing security and routing hijacks from the perspective of RIPE NCC. + +He will share statistics on the quality of the Internet Routing Registry and explains what Resource Public Key Infrastructure (RPKI) is, the difference between signing and validating resources and how to do this. + +Finally, Carlo will share some insights from actual RPKI deployments. + +## Biography + +Carlo Berto is Customer Service Analyst at the RIPE NCC. He helps new members request Internet number resources and acts as the first point of contact for all support queries. He is an expert in all questions related to the RIPE Database, RPKI, abuse complaints and billing. + +Carlo has over seven years of experience in Customer Services and was previously heading his own team at a global Telecommunications company. He holds a Bachelor in Statistics and Information Science from the University of Venice. Originally from Italy, Carlo speaks fluent Italian, Spanish and English. \ No newline at end of file diff --git a/content/evenementen/nluug/najaarsconferentie-2019/talks/carlo-meijer-self-encrypting-deception.md b/content/evenementen/nluug/najaarsconferentie-2019/talks/carlo-meijer-self-encrypting-deception.md new file mode 100644 index 0000000..2617add --- /dev/null +++ b/content/evenementen/nluug/najaarsconferentie-2019/talks/carlo-meijer-self-encrypting-deception.md @@ -0,0 +1,34 @@ +--- +categories: +- presentaties +date: 2023-07-03T10:31:43+02:00 +description: "" +layout: event-talk +tags: +title: "Carlo Meijer - Self-encrypting deception" +speakers: +- carlo-meijer +presentation: + filename: +recording: + platform: youtube + url: https://www.youtube.com/watch?v=skqFDQrOepY +--- + +## Abstract + +We have analyzed the hardware full-disk encryption of several solid state drives (SSDs) by reverse engineering their firmware. These drives were produced by three manufacturers between 2014 and 2018, and are both internal models using the SATA and NVMe interfaces (in a M.2 or 2.5“ traditional form factor) and external models using the USB interface. + +In theory, the security guarantees offered by hardware encryption are similar to or better than software implementations. In reality, we found that many models using hardware encryption have critical security weaknesses due to specification, design, and implementation issues. For many models, these security weaknesses allow for complete recovery of the data without knowledge of any secret (such as the password). + +BitLocker, the encryption software built into Microsoft Windows will rely exclusively on hardware full-disk encryption if the SSD advertises support for it. Thus, for these drives, data protected by BitLocker is also compromised. + +We conclude that, given the state of affairs affecting roughly 60% of the market, currently one should not rely solely on hardware encryption offered by SSDs and users should take additional measures to protect their data. + +## Biography + +Carlo is a PhD candidate at the Digital security group at the Radboud University Nijmegen. He is currently under supervision of Bart Jacobs. + +His research focuses on analysis of already-deployed cryptographic systems in the wild. As of today, many people rely on cryptographic systems on a daily basis. Be it your through web browser, your public transport e-ticket, or your wireless router. Some of these systems have gone through extensive scrutiny. However, many have not. + +Within this category, the systems are often difficult to analyze because proper documentation and/or source code is unavailable to the public. Sometimes the difficulty of analysis is even relied on for security, which is a terrible idea. Most of Carlo's research follows a pattern of uncovering the details and inner workings of a system through reverse engineering, and subsequently analyzing (and often breaking) its security. \ No newline at end of file diff --git a/content/evenementen/nluug/najaarsconferentie-2019/talks/david-blank-edelman-sre101-lessons-from-a-parallel-universe.md b/content/evenementen/nluug/najaarsconferentie-2019/talks/david-blank-edelman-sre101-lessons-from-a-parallel-universe.md index f255dd0..a6d712c 100644 --- a/content/evenementen/nluug/najaarsconferentie-2019/talks/david-blank-edelman-sre101-lessons-from-a-parallel-universe.md +++ b/content/evenementen/nluug/najaarsconferentie-2019/talks/david-blank-edelman-sre101-lessons-from-a-parallel-universe.md @@ -5,8 +5,6 @@ date: 2023-07-03T10:31:43+02:00 description: "" layout: event-talk tags: -- shell -- scripting title: "David Blank-Edelman - SRE101: Lessons from a Parallel Universe" speakers: - david-blank-edelman