Pavol Luptak PRO
CEO of Nethemba - Slovak IT security company founded in 2007, primarily focused on web application security and various penetration tests.
Internetová cenzúra, plošné špehovanie nakupovacích návykov všetkých občanov (e-Kasa), sledovanie a blokovanie finančných tokov, zákaz anonymných SIM a platobných kariet, možnosť štátneho sledovania pohybu obyvateľov pomocou mobilnej triangulácie bez ich súhlasu ako aj bez súdneho príkazu, obmedzenie používania hotovosti a crypto-unfriendly legislatíva, nedostatočne anonymizované informácie o COVID-19 pacientov a štátnej contact-tracing aplikácie "Zostaň doma". Stále si myslíte, že digitálna totalita sa Vás netýka?
The lecture describes the current as well as predicted impacts of crypto-anarchism and the sharing economy on the future of human society. What was the situation in this area during 2013-2020? Where have we moved from now on, and where do we head over the next few years? You will learn about the possibilities of anonymous cryptologists that bring financial freedom, but also about the risks associated with the development of the political situation in the world.
Apps that can make your life more independent, private and secure. In this demo session, we will fly over the best two-factor authenticators, privacy browsers, decentralized and encrypted messengers, password managers, opensource privacy-aware Facebook and Twitter front-ends, alternative opensource repository, anonymous number service provider for crypto, anonymization networks, anonymous crypto mixers, privacy-aware crypto wallets, secure video calls, SSH and VPN services, privacy enhancers, offline OpenStreetMaps, secure firewall, secure YouTube frontend, opensource Google services alternatives, secure email client with PGP and S/MIME support.
HCPP20 speaker's introduction
HCPP20 speaker's introduction
HCPP20 speaker's introduction
Internet censorship, massive financial surveillance (e-Kasa, EET), monitoring and blocking of financial flows, prohibition of anonymous SIM and payment cards, tracking citizens' movement by mobile triangulation without their consent and without court order, cash ban and restrictions of crypto use. Unfriendly legislation, insufficiently anonymized information about COVID-19 patients and the state contact-tracing application "Stay at Home". Do you still think that digital totalitarianism does not concern you?
HCPP20 speaker's introduction
The goal of the presentation is to describe privacy and IT security trends for CTOs/CIOs: * Current trends in private secure communication. * Inevitability of using 2FA from the security perspective * Pasword Managers * Penetration Tests & Security Audits * Social Engineering
The goal of the presentation is to describe privacy and IT security trends for CTOs/CIOs: * Current trends in private secure communication. * Inevitability of using 2FA from the security perspective * Pasword Managers * Penetration Tests & Security Audits * Social Engineering
The goal of the presentation is to describe privacy and IT security trends for CTOs/CIOs: * Current trends in private secure communication. * Inevitability of using 2FA from the security perspective * Pasword Managers * Penetration Tests & Security Audits * Social Engineering
Internetová cenzúra, plošné špehovanie nakupovacích návykov všetkých občanov (e-Kasa), sledovanie a blokovanie finančných tokov, zákaz anonymných SIM a platobných kariet, možnosť štátneho sledovania pohybu obyvateľov pomocou mobilnej triangulácie bez ich súhlasu ako aj bez súdneho príkazu, obmedzenie používania hotovosti a crypto-unfriendly legislatíva, nedostatočne anonymizované informácie o COVID-19 pacientov a štátnej contact-tracing aplikácie "Zostaň doma". Stále si myslíte, že digitálna totalita sa Vás netýka?
Presentation based on Larken Rose's publication 'What's not Anarchy'
Vision for PP2020
Všetko o hacku e-Kasa, čo sa nikdy nedozviete od Finančnej správy
Useful lessons from the life of one hacker
Useful lessons from the life of one hacker
NAPRIEK TOMU, ŽE RÔZNE INTERNETOVÉ HROZBY SPÔSOBENÉ VÍRUSMI, MALVÉRMI ALEBO CIELENÝMI ÚTOKMI SÚ DOBRE ZNÁME, VÄČŠINA ĽUDÍ SI NIE JE VEDOMÁ PRETRVÁVAJÚCICH RIZÍK, KTORÉ PRESADZUJE VLÁDNA LEGISLATÍVA. CIEĽOM PREZENTÁCIE JE POPÍSAŤ TIETO HROZBY, AKO SÚ MASÍVNE ŠPEHOVANIE OBČANOV, GLOBÁLNA CENZÚRA A ĎALŠIE POTENCIÁLNE NEBEZPEČNÉ PRÁVNE PREDPISY. SME SVEDKAMI ZAUJÍMAVÉHO PARADOXU, KEDY SA VLÁDY, ZODPOVEDNÉ ZA NOVÉ PRÁVNE PREDPISY O OCHRANE SÚKROMIA (GDPR, ČLÁNOK 11/13 ZÁKONA EÚ O AUTORSKOM PRÁVE), ZÁROVEŇ STÁVAJÚ NAJNEBEZPEČNEJŠOU HROZBOU PRE SÚKROMIE SVOJICH OBČANOV.
Od štátom riadenej ekonomiky k decentralizovanej peer-to-peer spolocnosti
Crypto Mass - Grand Opening of Parallel Polis in Bratislava 2018.
Despite the fact that random Internet threats caused by various viruses, malware or targeted attackers are well known, most people are not aware of persistent risks enforced by governments and their legislation. The goal of the presentation is to describe these induced threats - massive spying of citizens, global censorship and other potentially dangerous legislation. Revealing an interesting paradox - governments responsible for new privacy legislation (like GDPR) are becoming the most dangerous threat to the privacy of their citizens.
1. Choose the suitable country for your permanent residency. 2. Choose the suitable country for your company. 3. Eliminate the centre of interest in your home country (divorce, sell all your properties, become homeless). 4. Close your bank accounts. 5. Switch to crypto, prefer truly anonymous cryptocurrencies, embrace crypto friendly services. 6. Choose your global healthcare insurance. 7. Choose your world mobile operator. 8. Embrace sharing economy. 9. Check DAO. 10. Help your friends to opt out of the system and move them to a parallel society.
The growing complexity of both hardware and software makes more difficult to detect security vulnerabilities or backdoors than ever before. Critical unexpected vulnerabilities have recently emerged in all-available processors (Meltdown / Specter). Browsers with lots of extensions are becoming the most complex Internet applications on your desktop or smartphone. The current architecture and used programming language make practically impossible to eliminate their hidden and unidentified vulnerabilities. Even the safest hardware wallets contain critical security vulnerabilities. Disk encryption, antivirus or anti-malware solutions running on compromised hardware or software are ineffective. In my presentation, I will try to explain how to survive in this wilderness and use compartmentalization to minimize the impact of unexpected black swans.
Real digital privacy starts with protecting your financial transactions. Leaving no traces. Making impossible to see or intervene your voluntary economic interactions. With the rise of anonymous cryptocurrencies, for the first time in our human history, we can do a global business and stay anonymous. Anonymous prediction markets, anonymous anti-government insurance, anonymous crowdfunded whistleblowing, decentralized cryptomarkets - all these crypto technologies will undermine the current authoritative systems. And make the significant change. Silently. With no violence or politicians. It's time. Liberate yourself.
Pohľad na GDPR z alternatívnej perspektívy, ktorú ste doteraz nevideli a nepočuli.
The lecture describes the current as well as predicted impacts of crypto-anarchism and the shared economy on the future of human society. What was the situation in this area in 2015? Where have we moved from now on, and where do we head over the next few years? You will learn about the possibilities of anonymous cryptologists that bring financial freedom, but also about the risks associated with the development of the political situation in the world.
GDPR from the alternative perspective (you haven't heard or seen before)
From the government-controlled economy to a decentralized peer-to-peer society
The first popular cryptomarket (Silk Road) was of course unique, but relatively simple - a single server with no decentralization, no multi-sig or anonymous cryptocurrency support. The goal of the presentation is to show that government financial dictatorship leads to significant improvement of cryptomarket security. Police and government agency raids were the main reason all cryptomarkets had to improve their overall security to survive and keep their business running. A new generation of cryptomarket uses multi-sig to prevent governments from seizing it's users deposits by utilizing integrated webmail PGP clients, I2P anonymization networks in addition to ""the government well-known"" Tor. They are fully decentralized (e.g. Axis Mundi, Bitmarkets, Shadow Markets), and therefore practically impossible to shut down by government agencies.The new anonymous, untraceable cryptocurrencies (e,g, monero, zcash) are ready for cryptomarket adoption with no possibility of revealing transaction history. The weakest point - cryptocurrency exchanges that governments can regulate and shut down can be reinforced by the use of decentralized crypto exchanges (e.g. bitsquare).
HCPP17 Opening
Every new government's regulation, restriction or embargo that makes impossible for people to trade, do business or increase their expenses, creates a demand for any market solution that helps to bypass these obstacles. The fact - how many entrepreneurs or ordinary citizens consider the given law to be unethical, willing to avoid with the least risk as possible, determines an economic feasibility of the 'avoidance' solution.
The lecture describes the current as well as predicted impacts of crypto-anarchism and the shared economy on the future of human society. What was the situation in this area in 2015? Where have we moved from now on, and where do we head over the next few years? You will learn about the possibilities of anonymous cryptologists that bring financial freedom, but also about the risks associated with the development of the political situation in the world.
The presentation demonstrates a typical attack on a web application. Starting with securing the anonymity of the attacker, finding critical vulnerabilities, breaking passwords, ending up with a gained local administrator, cleared tracks, and created backdoors.
Introduction to truly anonymous cryptocurrency. Digital privacy starts with protecting our digital personal data and financial transactions; making impossible to see or intervene the voluntary economic interactions. With the rise of anonymous cryptocurrencies, for the first time, it is possible to do a global business and stay anonymous. I will explain why Bitcoin is pseudo-anonymous and show you how the real anonymous cryptocurrency (Monero) works. I will compare the Bitcoin and Monero to show the differences in their security, traceability, signatures and the ways you can manage these cryptocurrencies.
What is the most serious threat to your digital privacy?
Real digital privacy starts with protecting your financial transactions. Leaving no traces. Making impossible to see or intervene your voluntary economic interactions. With the rise of anonymous cryptocurrencies, for the first time in our human history, we can do a global business and stay anonymous. Anonymous prediction markets, anonymous anti-government insurance, anonymous crowdfunded whistleblowing, decentralized cryptomarkets - all these crypto technologies will undermine the current authoritative systems. And make the significant change. Silently. With no violence or politicians. It's time. Liberate yourself.
The first implementation of asymmetric cryptography (PGP) at the beginning of the 90s, created a cypherpunks' belief that digital privacy is an integral part of ourselves and should be absolute. Simply no one has a right to intervene to our digital liberty. Since the 90s, the Internet has been changed a lot. It has become the government and social manipulation tool over the entire population. In 2006 Data Retention Directive was applied to all EU citizens. Few years after, other laws prohibiting using cash above specific thresholds were also adopted. Of course allowing financial surveillance of all people who use bank accounts. Many European countries started to use central government reporting systems (e.g. Czech EET) which can be misused to gain sensitive correlations about shopping habits, money flows or customers' solvency. The close cooperation of mobile network operators with the governments allows locating and targeting of almost all citizens, their movements, calls, and messages. Draconian privacy laws as the UK 'Snooper's charter' allow government backdoors to any communication. Digital dictatorship is here. In the EU. The following moral & philosophical questions arise: * How deep should we care about our digital privacy? And how much of our digital privacy are we willing to sacrifice for "social welfare"? How much anti-privacy draconian laws can we tolerate? * If our personal details, personal communication or personal data are the inevitable part of our digital privacy, does it also include our personal financial transactions in cryptocurrencies? * If not, which part of our digital privacy 'belongs' to governments and which not? * And who defines these borders of digital privacy? * Or do we deserve absolute digital privacy? Just because it is technologically feasible?
The first popular cryptomarket (Silk Road) was of course unique, but relatively simple - a single server with no decentralization, no multi-sig or anonymous cryptocurrency support. The goal of the presentation is to show that government financial dictatorship leads to significant improvement of cryptomarket security. Police and government agency raids were the main reason all cryptomarkets had to improve their overall security to survive and keep their business running. A new generation of cryptomarket uses multi-sig to prevent governments from seizing it's users deposits by utilizing integrated webmail PGP clients, I2P anonymization networks in addition to ""the government well-known"" Tor. They are fully decentralized (e.g. Axis Mundi, Bitmarkets, Shadow Markets), and therefore practically impossible to shut down by government agencies.The new anonymous, untraceable cryptocurrencies (e,g, monero, zcash) are ready for cryptomarket adoption with no possibility of revealing transaction history. The weakest point - cryptocurrency exchanges that governments can regulate and shut down can be reinforced by the use of decentralized crypto exchanges (e.g. bitsquare).
Uberization (allowing anyone to provide any service to anyone) is embracing our lives. Peer to peer relationships together with the global world's competition allow offering skilled hackers' services even to small and medium-sized companies for a reasonable price. Thanks to omnipresent mobile technology, a rise of Internet of Things (IoT) and dying perimeter security; everything is online and can be a potential target for malicious hackers. Often, a relationship between hackers and companies is strongly asymmetrical. Usually, one defender responsible for patching all vulnerabilities has to face the army of skilled blackhat hackers who need to reveal just one critical vulnerability. Bug bounties programs change this paradigm; they allow you to use the crowd of ethical whitehat hackers, use their knowledge to protect your applications and systems.
Since 2007 when Nethemba was started, we have begun to focus on public research projects. One of the reasons was that we were aware of a lack of security in technologies most people use daily, the second one, was a need of being different compared to our IT security competition, especially in Czech and Slovak republic. During the period 2007-2015, we published many security-related articles, blogs, and papers. We would like to discuss the most important ones with the considerable impact.
Evolution of sharing economies
Why freedom should be a new standard for all small consultancy companies if they want to attract top experts and provide high-quality services to their customers.
Company Introduction