[Noisebridge-discuss] iSEC Open Forum tonight [was: Radical Technologists meeting tonight]

Chris Palmer chris at noncombatant.org
Thu Dec 11 21:33:05 UTC 2008


There is also the iSEC Open Forum. We have free food and beer, and cool
speakers, including Jennifer Granick from EFF. (iSEC is my current job, and
EFF was my previous job.)

Normally we only have 0 or 1 iSEC presentation, and more outside people --
anyone is invited to give a technical presentation! Just email Zane Lackey
(zane at isecpartners.com) to propose a topic for the next meeting (we have
these roughly quarterly).


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
iSEC Open Forum
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 

DATE:       Thursday, December 11, 2008
TIME:       6:00pm-9:00pm
LOCATION:   iSEC San Francisco Office
            444 Spear Street Suite 105, San Francisco, CA 94105

Please RSVP to rsvp at isecpartners.com if you wish to attend!

***technical managers and engineers only please*** ****food and beverage
provided****

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
AGENDA
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 

SPEAKER: Riley Hassell / Senior Security Consultant / iSEC Partners PRESO
TITLE: "Exploiting Rich Content - An assessment of file formats used by Rich
Internet Applications"
PRESO SUMMARY: "iSEC performed an assessment of file formats used in Rich
Internet Applications (RIA). To perform this assessment iSEC developed a
custom toolkit to audit the software implementations that render these rich
file formats. The tools, methodology and results of this assessment will be
discussed in depth during the course of this presentation. iSEC will also
discuss the how often harmless bug classes can be exploited to compromise
the browser security model."


SPEAKER: Jennifer Granick / Civil Liberties Director / Electronic Frontier
Foundation PRESO TITLE: "The DMCA, computer security, cell phones and you"
PRESO SUMMARY: "Every three years the Copyright Office considers exemptions
to the anti-circumvention provisions of the Digital Millennium Copyright
Act.  This year is a rulemaking year, and Jennifer Granick will talk about
three of the proposed exemptions, one for computer security research into
DRM, one for cell phone unlocking, and one for jailbreaking"


SPEAKER: Alex Vidergar / Security Consultant / iSEC Partners PRESO TITLE:
"Concurrency Attacks in Web Application Controls"
PRESO SUMMARY: .Concurrency flaws occur when access to shared resources is
not managed properly . something that is easy to do when the development
environment purposefully encapsulates and abstracts the resources that need
to be managed.  When manipulating those resources carries a security impact,
the attackers take notice.
This presentation will identify the ease with which concurrency flaws can be
introduced into systems, offer guidance on evaluating the security impact of
such flaws, and go beyond previously discussed flaws such as database
corruption and show how access control flaws may occur even if database data
maintains integrity..
 


Interested in presenting at a future Forum? Email forum at isecpartners.com.
Talks should be 20-30 minutes max.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
About the iSEC Open Security Forum
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

The iSEC Open Security Forum is an informal and open venue for the
discussion and presentation of security related research and tools, and an
opportunity for security researchers from all fields to get together and
share work and ideas. The Forum meets quarterly in both the Bay Area and
Seattle. Forum agendas are crafted with the specific needs/interests of its
members in mind and consist of brief 20-30 minute talks.   Talks are not
product pitches or strongly vendor preferential. Attendance is by invite
only and is limited to engineers and technical managers. Any area of
security is welcome including reversing, secure development, new techniques
or tools, application security, cryptography, etc.


Davidfine writes:

> A group of activist geeks has arranged a meeting at Orbit Room, tonight 
> at 7pm. I'll be pitching NB to everyone, and you're all invited to come 
> spread the love!
> --D
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
-- 
http://www.noncombatant.org/
http://hemiolesque.blogspot.com/




More information about the Noisebridge-discuss mailing list