“Früher war Sicherheit einfach Firewalls, und fertig.” Thomas Konrad berichtet im DigitalMondayBlog über einfache Fehler mit tausendfacher Auswirkung und die Verschmelzung zweier Welten.

Ganzer Artikel

sec4dev: Konferenz und Bootcamp

Um sich genau diesen Themen zu widmen, hat SBA Research, die sec4dev für Softwareentwickler*Innen geschaffen: Von 25. bis 27. Februar 2019 verwandelt sich der Campus Gußhaus der TU Wien in einen Hotspot für regen Austausch und Weiterbildung rund um das Thema sichere Softwareentwicklung. Die sec4dev-Konferenz bietet praxisorientierte Vorträge, Workshops und ganztägige Bootcamps zu den Bereichen sicheres Coding, sicherer Betrieb, Security-Testing und vieles mehr. Die Teilnehmer*Innen können dabei direkt auf das Wissen und die Erfahrung von Sicherheitsexpert*Innen, Softwareentwickler*Innen und Softwarearchitekt*Innen zugreifen.

What better way to start the New Year than with three new Bridge Projects.

Wellfort is about secure storage, a trusted analysis environment, and combining data from different companies for analysis while respecting user privacy.

KnoP-2D (lead SCCH) is about creativity and AI. SBA will look at distributed learning and privacy as well as access control mechanisms that should evolve automatically.

ISaFe is about injecting security features into constrained embedded firmwares.

“If HTTPS Were Secure, I Wouldn’t Need 2FA – End User and Administrator Mental Models of HTTPS” by Katharina Krombholz (CISPA Helmholtz Center (i.G.)), Karoline Busse (University of Bonn), Katharina Pfeffer (SBA Research), Matthew Smith (University of Bonn) and Emanuel von Zezschwitz (University of Bonn) has been accepted at the 40th IEEE Symposium on Security and Privacy (IEEE S&P 2019). The paper investigates users’ and administrators’ mental models of HTTPS and how these interfere with secure configurations and usage behavior. The conference will be held from May 20-22, 2019 in San Francisco, CA.

Looking back upon the past year, we would like to acknowledge those who have helped us transform ideas into projects and shape our business. Thank you for a successful year!

We wish you all the best as you embark on 2019!

While everyone seeks to be on the cutting edge of hacks and bugs, the number of rather basic issues remaining unsolved appears to flat line. The SBA Security Meetup on January 17, 2019 strives to explain why basic security measures have the potential to solve a good number of existing threats and which of them should be prioritized.

Link to Event: https://www.meetup.com/Security-Meetup-by-SBA-Research/

“Measuring Cookies and Web Privacy in a Post-GDPR World” by Adrian Dabrowski, Georg Merzdovnik, Johanna Ullrich, Gerald Sendera and Edgar Weippl has been accepted at the 20th Passive and Active Measurements Conference (PAM). The paper investigates the impact of the General Data Protection Regulation (GDPR) on the use of browser cookies. The conference will be held March 27-29, 2019 in Puerto Varas, Chile.

PAM