I'm posting this on behalf of my friend Adrian Steinmann. Hope it's not considered off-topic! Anyway, if interested, please participate in the doodle. I'll post the final date & place to the list. Enjoy!-- Simon.
------------------------------ snip ------------------------------
Landon Noll http://www.isthe.com/chongo/bio.html will be in Zurich, Switzerland Sept 18-20 and has prepared a 40-minute talk which he would enjoy presenting to us, if there is interest.
Failures of Shallow, Inconsistent & Incomplete Security
With a number of best security practices, great security concepts and sincere security implementations, why do security systems fail? Many fail because the security is trivial, inconsistent and/or incomplete.
Trivial security may be ridiculed as being useless. Inconsistent security may be blamed on logic faults, or on the poor implementation of a sound idea. But of the three, it is the incomplete security flaws that are often the hardest to identify and most difficult to fix. Worse still, attacks on systems with incomplete security often produce the most devastating results.
We will look at security failures, from the historic to the modern, for examples of the trivial, inconsistent and incomplete security: with takeaway lessons that will help you avoid repeating those mistakes.
Please fill out the poll
http://doodle.com/uhend5rbrkw5ewsu
so I can gauge interest. I will finalize by mid September, starting time would be 18:00 unless a majority of you mention in comment that it should be later.
Thanks Adrian
Date & venue have now been defined for this talk:
Wednesday 18 September 18:15 - 19:30 Location: SWITCH, Werdstrasse 2 (near Stauffacher), Zurich room "Rigi" (1st floor)
Please continue to use the Doodle link to register if you would like to attend, so that we know how many people to expect.
Also, please try to be there on time.
------------------------------ snip ------------------------------
Landon Noll http://www.isthe.com/chongo/bio.html will be in Zurich, Switzerland Sept 18-20 and has prepared a 40-minute talk which he would enjoy presenting to us, if there is interest.
Failures of Shallow, Inconsistent & Incomplete Security
With a number of best security practices, great security concepts and sincere security implementations, why do security systems fail? Many fail because the security is trivial, inconsistent and/or incomplete.
Trivial security may be ridiculed as being useless. Inconsistent security may be blamed on logic faults, or on the poor implementation of a sound idea. But of the three, it is the incomplete security flaws that are often the hardest to identify and most difficult to fix. Worse still, attacks on systems with incomplete security often produce the most devastating results.
We will look at security failures, from the historic to the modern, for examples of the trivial, inconsistent and incomplete security: with takeaway lessons that will help you avoid repeating those mistakes.
Please fill out the poll
http://doodle.com/uhend5rbrkw5ewsu
[...]