[GLLUG] OSHUG #31 -- Privacy and Security, 20th February 2014.

adam@geekism.co.uk adam at geekism.co.uk
Tue Feb 4 07:20:16 UTC 2014

Does anyone have any? 

On a similar note. Anyone know where I can get penguin (Linux themed ties) my new job allows me to not have a uniform 


Sent from my HTC

----- Reply message -----
From: "JLMS" <jjllmmss at googlemail.com>
To: "The mailing list for the Greater London Linux User Group" <gllug at mailman.lug.org.uk>
Subject: [GLLUG] OSHUG #31 -- Privacy and Security, 20th February 2014.
Date: Mon, Feb 3, 2014 22:47

Me too. Should we wear penguin lapel pins?

On 3 February 2014 18:45, Tom Taylor <tom at tommyt.co.uk> wrote:

Me +1 
On 3 Feb 2014 18:44, "adam at geekism.co.uk" <adam at geekism.co.uk> wrote: 

Is anyone planing on going to this?


Sent from my HTC

----- Reply message -----

From: "Andrew Back" <andrew at carrierdetect.com>
To: "The mailing list for the Greater London Linux User Group" <gllug at mailman.lug.org.uk>

Subject: [GLLUG] OSHUG #31 -- Privacy and Security, 20th February 2014.
Date: Sun, Feb 2, 2014 21:04


Details below of the first OSHUG meeting of 2014, which those with an 
interest in privacy, security and RFID hacking may wish to head along 




Event #31 -- Privacy and Security (Security protocols in constrained 
environments, RFIDler, Indie Phone) 

20th February 2014, 17:30 - 20:30 at BCS London, 1st Floor, The 
Davidson Building, 5 Southampton Street, London, WC2E 7HA. 

Registration: http://oshug.org/event/31 

The thirty-first OSHUG meeting is dedicated to privacy and security, 
with talks on implementing security protocols in constrained 
environments, an SDR RFID reader/writer/emulator, and a new initiative 
that will use design thinking and open source to create a truly 
empowering mobile phone. 

-- Security protocols in constrained environments 

Implementation of security protocols such as TLS, SSH or IPsec come 
with a memory and compute overhead. Whilst this has become negligible 
in full scale environments it's still a real issue for hobbyist and 
embedded developers. This presentation will look at the sources of the 
overheads, what can be done to minimise them, and what sort of 
hardware platforms can be made to absorb them. The benefits and 
potential pitfalls of hardware specific implementations will also be 

Chris Swan is CTO at CohesiveFT where he helps build secure cloud 
based networks. He's previously been a security guy at large Swiss 
banks, and before that was a Weapon Engineering Officer in the Royal 
Navy. Chris has tinkered with electronics since pre-school, and these 
days has a desk littered with various dev boards and projects. 

-- RFIDler: A Software Defined RFID Reader/Writer/Emulator 

Software Defined Radio has been quietly revolutionising the world of 
RF. However, the same revolution has not yet taken place in RFID. The 
proliferation of RFID/NFC devices means that it is unlikely that you 
will not interact with one such device or another on a daily basis. 
Whether it's your car key, door entry card, transport card, 
contactless credit card, passport, etc. you almost certainly have one 
in your pocket right now! 

RFIDler is a new project, created by Aperture Labs, designed to bring 
the world of Software Defined Radio into the RFID spectrum. We have 
created a small, open source, cheap to build platform that allows any 
suitably powerful microprocessor access to the raw data created by the 
over-the-air conversation between tag and reader coil. The device can 
also act as a standalone 'hacking' platform for RFID 
manipulation/examination. The rest is up to you! 

Adam "Major Malfunction" Laurie is a security consultant working in 
the field of electronic communications, and a Director of Aperture 
Labs Ltd., who specialise in reverse engineering of secure systems. He 
started in the computer industry in the late Seventies, and quickly 
became interested in the underlying network and data protocols. 

During this period, he successfully disproved the industry lie that 
music CDs could not be read by computers, and wrote the world's first 
CD ripper, 'CDGRAB'. He was also involved various early open source 
projects, including 'Apache-SSL' which went on to become the de-facto 
standard secure web server. Since the late Nineties he has focused his 
attention on security, and has been the author of various papers 
exposing flaws in Internet services and/or software, as well as 
pioneering the concept of re-using military data centres (housed in 
underground nuclear bunkers) as secure hosting facilities. 

Andy Ritchie has been working in the computer and technology industry 
for over 20 years for major industry players such as ICL, Informix, 
British Airways and Motorola. Founding his first company, Point 4 
Consulting at the age of 25, he built it into a multi-million pound 
technology design consultancy. Point 4 provided critical back end 
technology and management for major web sites such as The Electronic 
Telegraph, MTV, United Airlines, Interflora, Credit Suisse,BT, 
Littlewoods and Sony. Following Point 4 he went on to found Ablaise, a 
company that manages the considerable intellectual property generated 
by Point 4, and Aperture Labs. In his spare time he manages the worlds 
largest and longest running security conference, Defcon. Andy's 
research focuses on access control systems, biometric devices and 
embedded systems security, and he has spoken and trained at 
information security conferences in Europe and the US publicly and for 
private and governmental audiences. He is responsible for identifying 
major vulnerabilities in various access control and biometric systems, 
and has a passion for creating devices that emulate access control 
tokens either electronic physical or biometric. Andy has been 
responsible both directly and indirectly for changing access control 
guidelines for several western governments. Andy is currently a 
director of Aperture Labs Ltd, a company that specialises in reverse 
engineering and security evaluations of embedded systems. 

-- Indie: a tale of privacy, civil liberties, and a phone 

Can a phone really help protect our civil liberties? Aral Balkan 
thinks so. And he's embarked on an audacious journey to make one. Join 
us to hear the introduction of a two-year story that is only just 

Aral Balkan is is founder and designer of Indie Phone, a phone that 
empowers mere mortals to own their own data. 

Note: Please aim to by 18:15 as the first talk will start at 18:30 prompt. 

Andrew Back 

GLLUG mailing list 
GLLUG at mailman.lug.org.uk 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20140204/a060ebc3/attachment.html>

More information about the GLLUG mailing list