Friday, August 30, 2019

Event: BarCamp Kuwait 7

Looks like we're able to bring you another barcamp event this year, and we're very excited as we already have speakers lining up!

Barcamp is an "unconference" where people gather and share projects/talks at no prior specific times. First come, first serve, time slots and each talk is limited to 10 minutes followed by 5 minutes of Questions and Answers.

Join us in this open community event: https://barcampkw.wordpress.com/2019/08/30/barcamp-kuwait-seven-registration/

This event is hosted by and at Coded's place. They're an awesome company providing programming bootcamps, and host many talks with startup founders over the years.

Thursday, August 1, 2019

KOC Cyber Security Summit

Kuwait Oil Company (KOC) has announced a 2-day event around online security with awesome speakers who are well known in the industry:


The event will be on August 24th and 25th (Saturday and Sunday), and consists of 2 talks per day followed by a Capture The Flag (CTF) competition. Event details here.

The talks and the CTF competition are free and open to the public, and I highly encourage every student, fresh graduate, and employee to attend. The talks will not be too technical, and should appeal to the general public.

The CTF is open to everyone, both locals and expats, as long as they're already in Kuwait. Winners of the CTF will qualify to compete in the regional competition in Egypt later, and winners will qualify for the international CTF competition in Japan.

If you're trying to register and your school or educational organization isn't listed, pick anything, then email support "at" cybertalents.com and tell them which school your chose, and the name of your actual school for them to add it to the list.



Location: KOC Tent, Ahmadi. Don't let the name fool you. The tent is massive and is well ventilated.


Updates:

  • Update 0 - Aug 3: Added email contact for CTF.

Wednesday, June 5, 2019

Windows 10 Shares Data with Microsoft Insecurely

Apart from the fact Windows 10 (Win10) is sending search data, even though I had disabled Cortana, it's also sending the data to Microsoft using certificates whose authenticity aren't proven.


First, Kaspersky intercepted this traffic going to: dubaivm1.uaenorth.cloudapp.azure.com
It's obviously owned by Microsoft. Details about its usage are in the Detailed Report below.

There's an additional connection that goes to: exo-ring.msedge.net
This is also related to Cortana search. (which is disabled)




These are details of the certificate. It's signed by DigiCert to Microsoft CA, then to: azwanp.trafficmanager.net


As extra precaution, I have Kaspersky set to use Mozilla's certificate store rather than Microsoft's.  At least I can trust that Mozilla won't inject stuff behind my back.