15 May 2019
Following the roaring success of our London meetup, we're excited to launch our first Cyber Security meetup in Nottingham!
Provisional running order
18:00 Drinks, networking
19:00 Announcements and first speaker
19:50 Pizza, drinks, networking
20:10 Second speaker
21:00 Head down the road to the Canalhouse to continue chatting
All times become increasingly "ish" as the evening continues.
Vendor-free Cyber Nottingham, hosted by Capital One is the first of what we hope will be many fun and interesting evenings. If you have any suggestions on how to make the evening more enjoyable or want to present, please let us know!
You can find us at Trent House on Station Street, beside the Train Station and the Council House. Please bring ID and meet us in the main building reception.
The usual (and perhaps less usual) free refreshments will be available: beer, wine, soft drinks, pizza.
Speaker 1: Graham Sutherland (@gsuberland)
Talk synopsis: Transport layer security, otherwise known as TLS or SSL, has historically been a tricky protocol to properly manage and secure. Most organisations will have, at some point in time, received a pentest report containing a litany of issues regarding protocol version support, insecure cipher suites, missing security extensions, deprecated hash functions, and so forth. These issues can be difficult to navigate due to the naturally terse nature of cryptography, the depth of historical reasoning that went into the TLS protocol design, and the diverse nature of implementations. It should come as a relief, then, that TLS 1.3 brings with it a new design mindset where (comparative) simplicity is seen as one of the cornerstones of secure protocol design. This talk discusses the changes and new features introduced with TLS 1.3, how these changes benefit both users and administrators, and some of at the challenges faced by those who wish to adopt this new protocol version.
Bio: Graham works as a senior security researcher at Nettitude, where he is currently focusing on marine and offshore technologies. In previous roles he reviewed cryptographic standards for an international network appliance vendor and wrote SSL/TLS assessment tooling for pentesters. Graham's areas of specialism include cryptography, hardware, and Windows internals.
Speaker 2 - David Lodge (@tautology0)
Talk synopsis: The rise of cheap, low powered communication technology has been most prominent in the fields of locks, where the traditional model of a key, RFID reader or magnetic stripe does not work for many use cases. This talk will be demonstrating how many smart locks fail to fully think out security and in many ways make the smart locks weaker than its low-tech equivalent.Some of these methods will be destructive, as much as can be done in an unventilated room at least.
Bio: David is a grumpy Yorkshireman who has been doing this sort of stuff for too long. Pen tester by day, pretender at hardware by night. Likes taking stuff apart, but is unable to get it back together afterwards.