Difference between revisions of "Brisbane"

From OWASP
Jump to: navigation, search
(Chapter Meetings)
 
(2 intermediate revisions by 2 users not shown)
Line 12: Line 12:
 
== Chapter Meetings  ==
 
== Chapter Meetings  ==
  
'''Next Brisbane Chapter Meeting - Tuesday February 4, 2014'''
+
'''Next Brisbane Chapter Meeting - Tuesday August 18, 2015'''
  
 +
In August's meeting, David Jorm will present on the topic "Red Star OS".
  
In February's meeting, David Jorm will present on the topic "Amateur Satellite Intelligence: Watching North Korea".
+
Red Star OS is the North Korean Linux distribution of choice. Originally discovered by a Russian exchange student in Pyongyang, several versions have now been leaked. Red Star includes several interesting packages, including what looks like an anti-virus program. Analysis of the most recent leaked release shows that while it looks like AV - since it is intercepting file read/write hooks - it is far more sinister. The package is in fact fingerprinting certain files when they are read and viewed, allowing state security agents to construct an audit log of who viewed and distributed "illicit" media, such as regime-destroying South Korean soap operas. This presentation will briefly describe the offending package and community analysis efforts, and then explore the implications for North Korea's regime and security apparatus in detail.
  
North Korea is one of the most secretive, and fascinating, places on Earth. Details about the country emerge fleetingly: through the testimony of refugees, from unconfirmed South Korean sources, and from the largely dubious reports of the regime's official mouthpiece, the KCNA. To fill the information vacuum, a vibrant online community of North Korea watchers has emerged. This community makes innovative use of publicly available remote sensing data and other sources of information to fill in the many blanks left by the official accounts.
+
David has been involved in the software industry for the last 15 years, with a focus on security. By day, he manages product security for IIX, as well as several open source projects such as OpenDaylight and ONOS. By night, he indulges his horrible fascination with North Korea, and has been quoted by a major newspaper as saying the North Korean nuclear program is "ready to rock".
  
This talk will outline various investigations undertaken by the North Korea watcher community, and the technologies and techniques it employs. Commercially-available satellite imagery has been used to pre-empt rocket launches well ahead of corporate media, track development and new construction, as well as to map out prison camps such as Yodok in conjunction with the accounts of refugees. More recently, the community has produced an atlas that defines the various sub-national jurisdictions of the country in the absence of officially defined GIS data. Interceptions of North Korean television are analyzed for political and economic developments, as are the first-hand accounts and photo galleries of western tourists. The North's satellite launch in December 2012 has been closely watched by the community, with many members tracking the satellite's trajectory and attempting to receive and decode its transmissions. Even the North's computing systems have been analyzed, for example via leaked copies of the Red Star OS Linux distribution. Screenshots from official government presentations confirm that this OS is indeed used across the country (that's right, pariah states use KDE!). Finally, this talk will cover my own research into using remote sensing to track North Korean food production, and thereby verify (or refute) the official figures that are periodically released by the regime.
 
  
  
Line 26: Line 26:
 
''Time:'' 5:30pm for a 6pm start.  Lifts to Level 1 will be locked after 6pm.  Please arrive before then!   
 
''Time:'' 5:30pm for a 6pm start.  Lifts to Level 1 will be locked after 6pm.  Please arrive before then!   
  
''Date:'' Tuesday 4th February
+
''Date:'' Tuesday 18th August
  
''Close:'' Session is expected to be completed by 7:00pm.  
+
''Close:'' Session is expected to be completed by 7:30pm.  
  
 
''RSVP:'' There are limited seats. Please RSVP at http://owasp-brisbane.eventbrite.com
 
''RSVP:'' There are limited seats. Please RSVP at http://owasp-brisbane.eventbrite.com

Latest revision as of 18:40, 9 August 2015

OWASP Brisbane

Welcome to the Brisbane chapter homepage. The chapter leaders are Anne Luk, Wade Alcorn, Glyn Geoghegan and David Jorm
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

funds to OWASP earmarked for Brisbane.

Local News

Presenters and Presentations

We are forever looking for volunteers to present at the chapter meetings, so if you've seen something interesting or you have something to say, please let us know.

Often, when we approach potential presenters, we tend to get the following response – “I don’t think my topic is interesting enough”. We just want to stress that as long as the topic is security related – we’re all ears! We’re just a bunch of nice people wanting to learn/share our knowledge of the security domain. So if you would like to present or know of someone that does, please contact us.

Presentations must be vendor agnostic (no selling of products or services), and please review the Speaker Agreement linked above.

Chapter Meetings

Next Brisbane Chapter Meeting - Tuesday August 18, 2015

In August's meeting, David Jorm will present on the topic "Red Star OS".

Red Star OS is the North Korean Linux distribution of choice. Originally discovered by a Russian exchange student in Pyongyang, several versions have now been leaked. Red Star includes several interesting packages, including what looks like an anti-virus program. Analysis of the most recent leaked release shows that while it looks like AV - since it is intercepting file read/write hooks - it is far more sinister. The package is in fact fingerprinting certain files when they are read and viewed, allowing state security agents to construct an audit log of who viewed and distributed "illicit" media, such as regime-destroying South Korean soap operas. This presentation will briefly describe the offending package and community analysis efforts, and then explore the implications for North Korea's regime and security apparatus in detail.

David has been involved in the software industry for the last 15 years, with a focus on security. By day, he manages product security for IIX, as well as several open source projects such as OpenDaylight and ONOS. By night, he indulges his horrible fascination with North Korea, and has been quoted by a major newspaper as saying the North Korean nuclear program is "ready to rock".


Venue: Red Hat Offices, Level 1, 193 North Quay, Brisbane.

Time: 5:30pm for a 6pm start. Lifts to Level 1 will be locked after 6pm. Please arrive before then!

Date: Tuesday 18th August

Close: Session is expected to be completed by 7:30pm.

RSVP: There are limited seats. Please RSVP at http://owasp-brisbane.eventbrite.com


There will be a social gathering at a local hostelry afterwards. Everyone is welcome to attend!

Brisbane OWASP Chapter Leaders

The chapter leaders are Anne Luk, Wade Alcorn, Glyn Geoghegan and David Jorm