Welcome to DC4420, aka Defcon London.

.reality [2015 edition] Meetings are normally the last Tuesday of the month, except December... July 28th August 25th September 29th October 27th November 24th December tbc New attendees welcome, just come along! (There are no entry fees, and no tickets to book.)

July 28th 2015

+++ 1st Talk (short): Financial Crime and infosec - what has happened before and what is yet to come Speaker: Marcelo Mansur, @thatinfosecrec, thatinfosecrec@redbluesecurity.org Synopsis: This talk will cover a number of financial crimes from boiler room investment scams and stock fraud to insider trading and false rumour spreading. Taking a look at the rise of hedge funds after the tech bubble burst and detailing a number of methods used to cover their tracks, I will be explaining how the ever-growing number of cyber criminals will be more equipped than ever to profit from their business. +++ 2nd Talk (short): This should not exist: WebEMV Speaker: Yvan Janssens, @friedkiwi Synopsis: Everybody knows that attaching a chip&pin card with a PIN code next to it to the internet is probably not a good idea. But that doesn't mean it can't be done. Today I will be presenting the 1.0 release of a web-based EMV-CAP OTP generator, as used in battery operated form by several large banks. We will explore all the design flaws in my implementation, possible ways to fix them and caveats which might need some creativity to work around. Source code included! Bio: Yvan is perennially running out of storage space to store IBM minicomputers. His friends tend to see him as a very elaborate schemer, with a thorough experience in payment systems and bullshitting his way out of messy situations. Paperclips are his favourite glitching tool. +++

Talk nights

Format is usually two talks: a primary 1 hour (ish) and, a secondary 30 minutes (ish). Talks start at 19:30, but we have the room from about 18:30 to 23:00.

Speakers Wanted

Typically our programme has a technical talk (~1 hr) and lighter talk (~30 min). Once or twice a year we have a "Lightning Talk" format, with shorter talks up to ~15 minutes, with anyone who wants to speak on the night. The qualifications for speakers are simple, have a subject of interest to fellow technical & InfoSec people. The subject can be on technical or security issues, social interaction with technology, based on the current events, or just something entertaining to our attendees. As a speaker you can be an expert, a student, someone learning a new area, maybe a regular speaker on the conference circuit, but we also love to have new & occasional speakers. Send your talk / activity proposals to talks@dc4420.org You are very welcome to propose running activities other than talks, such as hands-on workshop or an infosec pub quiz, or something else relevant to our techie audience! We also welcome occasional company pitches, to sell or recruit, but to regulate the frequency of these we ask you to buy a round of drinks. Also please discuss with Major Malfunction or Tony beforehand! Previous talks


The Phoenix, Cavendish Square Nearest tube (Bakerloo, Central and Victoria lines) and bus stops are at Oxford Circus. Transport for London have a journey planner http://www.tfl.gov.uk/


We've got this handy Google Calendar thing here Twitter : @dc4420, use the tag #dc4420 Facebook: DC4420 IRC: #dc4420 on Freenode Mailing List: Get on the mailing list: here (Note: don't set your address to dc4420@ as that won't work.) Linkedin : dc4420 group - 680 & growing (June 2015). Do you read the notes there? (No recruiters allowed on unless they've been to the meetings and intro'd themselves to tony and major.) Talks: Send your info to talks@dc4420.org Want to change the website? Submit a pull request