Category Archives: Lectures

TallinnSec meetup: HW Crypto, RCE and Bug Bounty programs

Tuesday, February 20, 2019, 17:00 to 20:00 at k-space.ee.

Agenda:
17:15 – Stefano Alberico (Crip.to): Communication solution based on end-to-end hardware encryption
18:00 – Silvia Väli (Clarified Security): Only an Electron away from code execution
18:45 – Joakim Tauren (Visma): Stories from a bugbounty program

Links:
https://www.meetup.com/TallinnSec/events/245824754/

TallinnSec meetup: DevSec, 4G broadband modem pwning, Database Hoarding and Certbot

Tuesday, December 12, 2017, 17:00 to 20:00.
Technopolis Ülemiste, Lõõtsa 6, 2nd floor
Room name: Helsinki

Agenda:
17:10 – Sponsor greetings from Märt Ridala (Solita OÜ)
17:20 – Antti Virtanen: DevSec
17:50 – Iiro Uusitalo: WAN-to-LAN exploitation of 4G broadband modem
18:10 – Shamil Alifov: Database Hoarding. For fun and profit.
18:40 – Joona Hoikkala: Road ahead for encrypted web with Certbot and Let’s Encrypt
19:10 – Stefano Alberico: Communication solution based on end-to-end hardware encryption

Links:
https://www.meetup.com/TallinnSec/events/244711668/

Oxford Training Session: Cyberspace and the State

This 3-day training session is centred around the topics of opportunities and threats emerging in an information society, involving discussions about digital services, personal authentication methods, international cyber threats and e-elections. These discussions are not only important from a technical point of view, but also need to take into account political, governance, social and legal aspects.
This training session is mostly aimed at students with non-IT background, who, as future leaders and experts in their own respective fields should still be aware of the opportunities created by the information technology, as well as of the risks involved.
The first two days of the training session contains topical lectures, on the third day of the event, a practical cyber crisis simulation exercise will be carried out.
The training session is offered free of charge, graduates will receive a certificate from the University of Tartu (2 ECTS), as well as a certificate of attendance by the University of Oxford

DAY 1: FRIDAY, APRIL 28
09:30 – 10:00 Registration to the training session
10:00 – 10:30 Welcoming and course introduction (Lucas Kello, Oxford)
10:30 – 12:00 Lecture 1: Computing and Networks: The Basics (Ivan Martinovic, Oxford)
12:00 – 13:00 Lunch break
13:00 – 14:20 Lecture 2: Computer Security: Authentication and Biometrics (Ivan Martinovic, Oxford)
14:20 – 14:30 Short break
14:30 – 16:00 Lecture 3: An Independent Assessment of the Procedural Components of the Estonian Internet Voting System (Jason Nurse, Oxford)
16:00 – 16:20 Short break
16:20 – 17:30 Lecture 4: National and International Security in the Cyber Age (Lucas Kello, Oxford)

DAY 2: SATURDAY, APRIL 29
08:30 – 09:00 On-site registration
09:00 – 10:20 Lecture 5: Russian Cyber Operations: Disruption and Subversion (Lucas Kello, Oxford)
10:20 – 10:30 Short break
10:30 – 12:00 Lecture 6: Government as a Platform (Robert Krimmer, Tallinn Univ. of Technology)
12:00 – 13:00 Lunch break
13:00 – 14:20 Lecture 7: Law Enforcement’s Access to Extraterritorial Data (Anna-Maria Osula, University of Tartu)
14:20 – 14:30 Short break
14:30 – 16:00 Lecture 8: Strategic Dilemmas in Cyberspace (Max Smeets, Oxford)
16:00 – 16:20 Short break
16:20 – 17:00 Simulation exercise briefing (Lucas Kello, Oxford)

DAY 3: SUNDAY, APRIL 30
08:45 – 09:00 On-site registration
09:00 – 09:30 Simulation exercise set up (Oxford teaching staff)
09:30 – 13:00 Cyber Crisis Simulation Exercise
13:00 – 14:30 Lunch break and group discussion
14:30 – 15:30 Post-exercise debriefing: Decision-making in a Crisis (Lucas Kello, Oxford)
15:30 – 15:50 Short break
15:50 – 17:00 Course conclusion (Lucas Kello, Oxford)

Links:
https://sisu.ut.ee/oxfordsessions/overview?lang=en
https://www.facebook.com/events/1144747528981361/

Ahto Truu presentation “Next-gen Key Infrastructure with Smart-ID”

XII. Tartu Software Development Guild Meeting, Friday, January 13, 2016, 18.00 – 20.00, Turu 2 (Tasku), 5th Floor, SaleMove Office

Presenter: Ahto Truu (Software Architect at Guardtime)
Title: Next-gen Key Infrastructure with Smart-ID
Abstract: With more and more people using smartphones and tablets as their computing devices of choice, and with the upcoming migration away from physical SIM cards, a question arises: what will replace the ID-cards and mobile-ID SIM cards as the carriers of the private keys for Estonian national digital signature infrastructure? In this talk we will look at the Smart-ID solution recently jointly proposed by Sertifitseerimiskeskus and Cybernetica. There will be quite a bit of math in the talk, but we will start with a crash course of the basics of the current systems for those who either missed it in school or have since forgotten the details.

About Ahto
During his three decades in ICT, Ahto has worked in hardware installations and user support, as a software developer and architect, and as a systems analyst. Currently he is busy helping Guardtime’s customers preserve the integrity of their important data. Outside his day job he coaches Estonia’s team to the high school students’ programming competitions. He has also been writing programming columns for the popular science magazines A&A and Horisont.

Seems that Ahto plans to describe the underlying details of key generation in the Smart-ID solution.

Links:
https://www.facebook.com/events/225528061227851/

The head of SMIT’s security department Tiit Hallas gives public lecture on cryptography

tiit-hallas

The public lecture will be held in the building of the IT College, Raja 4C, auditorium 314, Tuesday, October 18, at 13:00. The public lecture will also be broadcast live on the website of the IT College.

The main purpose of Tiit Hallas public lecture is to answer various question on the topic. Tiit will talk about cryptography related terms, describe the overall level of how cryptography works and the need for cryptography to ensure the security. Tiit has promised to bring sophisticated content to listeners as simply
and understandably as possible.

Tiit Hallas has worked in information security for over eight years in both public and private sector and has gained plenty of practical as well as theoretical experience in the field. He has a BA in Information System Development from IT College and an MSc in Cyber Security from Tallinn University of Technology. As well as delivering lectures and talks on the subject, Tiit is involved with Information Security in his daily work as the Head of Information Security at the IT and Development Centre of the Ministry of the Interior, where he not only manages staff but is also engaged with finding solutions to practical information security issues.

The lecture will be in Estonian.

Links:
http://www.itcollege.ee/blog/2016/10/12/smiti-infoturbeosakonna-juhataja-tiit-hallas-peab-kuberturvalisuse-kuu-raames-it-kolledzis-avaliku-loengu-kruptograafiast/
https://www.youtube.com/watch?v=KLhbaSRjz2s

UT Seminars on Blockchain Technology

university_of_tartu_logo

bitcoin_logo

The course will consist of a number of seminars given by invited lecturers. Lecturers will be both from the University and from the industry companies. They will present the research results along with the practice best experiences and examples of the application of the blockchain and smart contract technology.

Kick-off seminar:
3.October, 10:15-12:00: Smart contracts and identity on blockchain – using e-Residency in Ethereum, Speaker: Thomas Bertani, Oraclize.it

Regular seminars (Tuesdays 18.15-20.00, Liivi 2-404, Tartu):

25.October: Introduction to Smart Contracts and Applications
Speaker: Kristo Käärmann, TransferWise

1.November: Blockchain as an Enabling Technology for Businesses
Speaker: Frederik Payman Milani, University of Tartu

8.November: Lightweight BPMN engine on ethereum
Speaker: Luciano Garcia Banuelos, University of Tartu

15.November: Cryptographic Foundations of Bitcoin
Speaker: Michal Zajac, University of Tartu

29.November: Introduction to KSI blockchain
Speaker: Andreas Sisask, Guardtime

6.December: Creation of Smart-Contracting Collaborations for Decentralized Autonomous Organizations
Speaker: Alex Norta, Tallinn Technical University

Links:
https://courses.cs.ut.ee/2016/blockchain/fall/Main/Seminars

Public lecture at Estonian IT College by CyberOlympics winner Jaanus Kääp

Jaanus_Kaap_kyberolumpia

On Thursday, 19 November at 15.00, the winner of CyberOlympics, Jaanus Kääp, will give a free public lecture at the IT College. The Olympic champion will share what he learned at world famous security conferences and talks about finding security errors and developing the necessary skills.

The first CyberOlympics were organised by the Information Technology Foundation for Education, the Ministry of Defence, the Estonian Information Technology College, and Vequrity Ltd and it was won by Jaanus Kääp, a second-year student of IT systems development at the Estonian Information Technology College and data security expert at Clarified Security. The grand prix was the opportunity to participate at the prestigious “Black Hat Europe 2015” information security conference in Amsterdam. At the public lecture, the Olympic champion Jaanus will share the more interesting tips and tricks for finding security errors that were presented at the Black Hat Europe and Defcon security conferences and talk about the application of skills to finding security errors during the CyberOlympics and elsewhere.

The public lecture will take place in the IT College building in Mustamäe (Raja 4C, Tallinn, lecture hall 316).

Cybersec.ee already informed about hacking competition CyberOlympics 2015.

Links:
https://www.facebook.com/events/1645832179012356/
https://www.youtube.com/watch?v=3hitj0R1bHY

Webinar “Cybersecurity Risk Management: Estonia Experiences”

webinar_Estonia_Experiences_cybersecurity_risk_management

The Organization of American States (OAS) in partnership with the Estonian Information System Authority (RIA), would like to invite you to register for our next webinar on “Cybersecurity Risk Management: Estonia Experiences”.

Invited Expert: Sven Kivvistik, Head of Risk Control and Advisory Department, Estonian Information System Authority
Thu, Oct 8, 2015 17:00-18:00 EEST

Links:
https://www.sites.oas.org/cyber/EN/Pages/Events/eventsdet.aspx?docid=71
https://vimeo.com/141810655

Talk by IT law and data protection specialist professor Lee Bygrave

Lee A. Bygrave

The IT law programme invites you to a discussion with a distinguished IT law and data protection specialist professor Lee Bygrave from Oslo University. He will give his talk on Friday, October 9, 2015, from 14.15 to 17.30 at the University of Tartu, Faculty of Law, Näituse 20 room 103. The talk will cover the following topics:

  • the US-EU cleavage on data protection regulatory policy;
  • the extent to which data protection rules can and ought to apply to use of human biological material;
  • regulatory policy on privacy-enhancing technology and privacy/data protection by design.

Lee Bygrave’s visit to Estonia is organized by the IT Law Programme. Additional information: Helen Eenmaa-Dimitrieva, Director of the IT Law.

Links:
http://www.ut.ee/itlaw
http://www.jus.uio.no/ifp/english/people/aca/lee/