Een aantal talks uit NJ2018 toegevoegd en geupdate
This commit is contained in:
parent
873b87a87b
commit
70985fa2f4
|
@ -97,7 +97,7 @@ event_schedule:
|
|||
talk:
|
||||
speaker: Pieter Jenniskens
|
||||
title: "Microservices, containers and Kubernetes"
|
||||
link:
|
||||
link: talks/pieter-jenniskens-microservices-containers-and-kubernetes/
|
||||
- column:
|
||||
talk:
|
||||
speaker: Jan-Piet Mens
|
||||
|
@ -107,7 +107,7 @@ event_schedule:
|
|||
talk:
|
||||
speaker: Martijn van Lom
|
||||
title: "Fragile cyber-world: will fragmentation kill cybersecurity?"
|
||||
link:
|
||||
link: talks/martijn-van-lom-fragile-cyber-world-will-fragmentation-kill-cybersecurity/
|
||||
- row:
|
||||
columns:
|
||||
- column:
|
||||
|
@ -188,7 +188,7 @@ event_schedule:
|
|||
talk:
|
||||
speaker: René Ladan
|
||||
title: "Decoding the DCF77 time signal on a Raspberry Pi"
|
||||
link:
|
||||
link: talks/rene-ladan-decoding-the-dcf77-time-signal-on-a-raspberry-pi/
|
||||
- column:
|
||||
talk:
|
||||
speaker: Arjan Widlak
|
||||
|
@ -245,7 +245,7 @@ event_schedule:
|
|||
talk:
|
||||
speaker: Ben Gras
|
||||
title: "TLBleed: When Protecting Your CPU Caches is Not Enough"
|
||||
link:
|
||||
link: talks/ben-gras-tlbleed-when-protecting-your-cpu-caches-is-not-enough/
|
||||
- row:
|
||||
columns:
|
||||
- column:
|
||||
|
|
|
@ -0,0 +1,31 @@
|
|||
---
|
||||
categories:
|
||||
- presentaties
|
||||
date: 2018-11-15T10:31:43+02:00
|
||||
description: ""
|
||||
layout: event-talk
|
||||
tags:
|
||||
- tlbleed
|
||||
title: "Ben Gras - TLBleed, when Protecting Your CPU Caches is Not Enough"
|
||||
speakers:
|
||||
- ben-gras
|
||||
presentation:
|
||||
filename: 2018-11-15-ben-gras-tlbleed-when-protecting-your-cpu-caches-is-not-enough.pdf
|
||||
recording:
|
||||
platform: youtube
|
||||
url: https://www.youtube.com/watch?v=d63I7fHdI_U
|
||||
---
|
||||
|
||||
## Abstract
|
||||
|
||||
We present TLBleed, a novel side-channel attack that leaks information out of Translation Lookaside Buffers (TLBs). TLBleed shows a reliable side channel without relying on the CPU data or instruction caches. This therefore bypasses several proposed CPU cache side-channel protections, such as page coloring, CAT, and TSX.
|
||||
|
||||
Our TLBleed exploit successfully leaks a 256-bit EdDSA key from cryptographic signing code, which would be safe from cache attacks with cache isolation turned on, but would no longer be safe with TLBleed. We achieve a 98% success rate after just a single observation of signing operation on a co-resident hyperthread and just 17 seconds of analysis time. Further, we show how another exploit based on TLBleed can leak bits from a side-channel resistant RSA implementation.
|
||||
|
||||
We use novel machine learning techniques to achieve this level of performance. These techniques will likely improve the quality of future side-channel attacks. This talk contains details about the architecture and complex behavior of modern, multilevel TLB's on several modern Intel microarchitectures that is undocumented.
|
||||
|
||||
## Biography
|
||||
|
||||
Ben Gras has been in the systems security research group of the VU Amsterdam since 2015. He has worked on software reliability, defensive research projects, and most recently, offensive research. Offensive research was most noticeably making cross-VM Rowhammer exploitation reliable and a cache-based ASLR-breaking MMU sidechannel attack, both of which have been widely reported on, perhaps most prominently in Wired and Arstechnica. At Cisco, he developed a infrastructure-as-a-target defensive system.
|
||||
|
||||
Ben is currently working on a PhD in systems security research. He is frequently asked for expert commentary on cpu flaws, most recently by Wired.com, BBC, Dutch national newspapers, and HBO Vice news tonight.
|
|
@ -0,0 +1,33 @@
|
|||
---
|
||||
categories:
|
||||
- presentaties
|
||||
date: 2018-11-15T10:31:43+02:00
|
||||
description: ""
|
||||
layout: event-talk
|
||||
tags:
|
||||
- dcf77
|
||||
- time
|
||||
- raspberry-pi
|
||||
title: "Martijn van Lom - Fragile cyber-world: will fragmentation kill cybersecurity?"
|
||||
speakers:
|
||||
- martijn-van-lom
|
||||
presentation:
|
||||
filename: 2018-11-15-martijn-van-lom-fragile-cyber-world-will-fragmentation-kill-cybersecurity.pdf
|
||||
recording:
|
||||
platform: youtube
|
||||
url: https://www.youtube.com/watch?v=OX18MNVNsdA
|
||||
---
|
||||
|
||||
## Abstract
|
||||
|
||||
Cybersecurity has reached a junction and needs a decision where it goes next. The choice we make will shape the future of our industry and the security of cyberspace for years to come, so we need to make the right one.
|
||||
|
||||
Today we stand in the middle of a storm. Not just a geopolitical one, but a cyberpolitical one. It feels like no-one trusts anyone anymore, and suspicion and confusion reign across our fragile cyber-world. Which way do we turn? Do we choose the road for ‘Balkanization’: the fragmentation and isolation of an industry? Or are we brave enough to enter the other road? One of collaboration and shared intelligence?
|
||||
|
||||
## Biography
|
||||
|
||||
Martijn is sinds 2010 in dienst bij Kasperky. Hij is begonnen als Managing Director voor de Benelux en Head of Corporate Sales in de Nordics. In 2012 werd hij benoemd tot General Manager voor zowel de Benelux- als de Nordic-regio. Sinds eind 2014 heeft Van Lom zich als General Manager Kaspersky Lab Benelux volledig gericht op de Benelux om deze regio maximaal te kunnen laten groeien.
|
||||
|
||||
Daarnaast schrijft hij regelmatig columns en artikelen voor onder andere Computable, DutchCowboys, Business & IT, BlogIT, Executive People en Dutch IT-Channel en spreekt hij op evenementen over security-gerelateerde onderwerpen.
|
||||
|
||||
Martijn heeft eerder voor Kaspersky Lab gewerkt als Sales Manager voor de Benelux van 2005 en 2008. Buiten zijn dienstverband bij de leverancier van cybersecurityoplossingen was Van Lom werkzaam bij verschillende IT-organisaties en leverde hij als freelance management consultant diensten aan organisaties als BenQ, Fujitsu, Siemens en Heineken.
|
|
@ -5,13 +5,12 @@ date: 2018-11-15T10:31:43+02:00
|
|||
description: ""
|
||||
layout: event-talk
|
||||
tags:
|
||||
- cloud
|
||||
- workloads
|
||||
- automation
|
||||
title: "Mike Ciavarella - Shaved Yaks, Saving an endangered species"
|
||||
speakers:
|
||||
- mike-ciavarella
|
||||
presentation:
|
||||
filename: 2018-11-15-john-yani-arrasjid-cloud-evolution-and-revolution-catering-for-mission-critical-workloads.pdf
|
||||
filename:
|
||||
recording:
|
||||
platform: youtube
|
||||
url: https://www.youtube.com/watch?v=zn_AS9QWbU8
|
||||
|
|
|
@ -0,0 +1,31 @@
|
|||
---
|
||||
categories:
|
||||
- presentaties
|
||||
date: 2018-11-15T10:31:43+02:00
|
||||
description: ""
|
||||
layout: event-talk
|
||||
tags:
|
||||
- microservices
|
||||
- containers
|
||||
- kubernetes
|
||||
title: "Pieter Jenniskens - Microservices, containers and Kubernetes"
|
||||
speakers:
|
||||
- pieter-jenniskens
|
||||
presentation:
|
||||
filename: 2018-11-15-pieter-jenniskens-microservices-containers-and-kubernetes.pdf
|
||||
recording:
|
||||
platform: youtube
|
||||
url: https://www.youtube.com/watch?v=6t1tX0lz_M8
|
||||
---
|
||||
|
||||
## Abstract
|
||||
|
||||
Containers have been around for a while now. But how do you use them to migrate your software from a traditional architecture to a more microservices oriented architecture? And what about management and scaling once your containers number in the hundreds?
|
||||
|
||||
In this talk we will have a look at microservices, how it uses containers and how kubernetes manages all this. Using a webshop as an example, we will look under the hood of kubernetes and see how it all works together.
|
||||
|
||||
## Biography
|
||||
|
||||
Pieter encountered Linux and Open Source software for the first time in 1992 and never let go. During his studies he played around a lot with Linux and BSD.
|
||||
|
||||
Pieter worked in Linux consultancy for most of his adult life and only recently started to work for SUSE as a Sales engineer. In this role he talks about Linux and Open Source all day but still gets to play with the new technologies out there.
|
|
@ -0,0 +1,40 @@
|
|||
---
|
||||
categories:
|
||||
- presentaties
|
||||
date: 2018-11-15T10:31:43+02:00
|
||||
description: ""
|
||||
layout: event-talk
|
||||
tags:
|
||||
- dcf77
|
||||
- time
|
||||
- raspberry-pi
|
||||
title: "René Ladan - Decoding the DCF77 time signal on a Raspberry Pi"
|
||||
speakers:
|
||||
- rene-ladan
|
||||
presentation:
|
||||
filename: 2018-11-15-rene-ladan-decoding-the-dcf77-time-signal-on-a-raspberry-pi.pdf
|
||||
recording:
|
||||
platform: youtube
|
||||
url: https://www.youtube.com/watch?v=O7-l6EU1oCU
|
||||
---
|
||||
|
||||
## Abstract
|
||||
|
||||
This talk will introduce the DCF77 time station located near Mainflingen, Germany. This station transmits the time every minute with one bit per second (except for the last second of the minute) at a carrier frequency of 77.5 kHz.
|
||||
|
||||
Topics will include:
|
||||
|
||||
* How can the raw radio signal be converted to bits? This is harder than you think!
|
||||
* How can we decode the time information transmitted each minute and deal with reception errors?
|
||||
* DCF77 also transmits information from third parties (mostly commercial weather forecasts), how can we decode these?
|
||||
* Design of the software
|
||||
* High-level history of the software and future ideas
|
||||
* Demo time :)
|
||||
|
||||
## Biography
|
||||
|
||||
René studied computing science at the Eindhoven University of Technology where he graduated in 2006. After that he worked at various companies (including the university itself), some involving Linux, others Windows-based.
|
||||
|
||||
He started his open source shadow career with some small projects on Sourceforge but it really took off when he started to work on FreeBSD in 2004. Meanwhile, he has been awarded both a documentation and a ports commit bit and is now part of the Ports Management Team (aka portmgr@). After visiting too many instances of EuroBSDCon, he was drawn into the accompanying Foundation and now assumes the role of secretary.
|
||||
|
||||
When not doing BSD stuff and still in nerd mode, he likes to tinker with his DCF77 receiver which runs on a Raspberry Pi 1B (and still runs FreeBSD or Linux as its operating system).
|
Reference in a new issue