Introducing Swiss Cyber Storm 2017 Speaker Jos Wetzels
The internet of things is all the rage and talks about the insecurity of smart devices and tech assistants are a constant companion at tech conferences these days. But it’s also a bit boring in the sense that the whole audience knows IoT is insecure and the presentations are often déjà-vus of stupid mistakes on cheap devices.
Jos Wetzels, Security Researcher
Things get different when you stop talking about toothbrushes and toasters and you turn to devices and control systems where security really matters in a direct way. Health is often quoted (think pacemakers with a remote control) and of course SCADA systems in high security environments.
Our Swiss Cyber Storm Speaker Jos Wetzels has seen a lot of these devices. His research with Twente University has focused on the protection of critical infrastructures such as electric, oil, gas and water utilities. Furthermore, it involved analysis of the operating systems used in cars, nuclear power plants and military fighter jets.
A lot of this work has been carried out under the seal of NDAs (sorry, no photo of Jos in a MIG cockpit). But some of the vulnerabilities can be disclosed and nothing prevents him from talking about structural problems he regularly encounters when working with industrial control systems and IoT devices. One such structural problem is the search for a decent source of entropy. Getting truly random numbers is hard and obtaining them in a controlled setting is a contradiction in itself. His recent CCC presentation exemplified this in great detail.
Jos Wetzels presenting his findings on random number generators at CCC in 2016
But Jos won’t stop at pointing out shortcomings in existing systems. His Swiss Cyber Storm presentation will also give advice on good IoT security. What you can do to improve the situation in constrained environments and where developers can make a difference.
Jos has been part of the European Union’s PREEMPTIVE project for the protection of critical infrastructure. He has taught hands-on offensive security classes at the Dutch Kerckhoffs Institute and he occasionally shows up at Capture the Flag events. On top of that, I can confirm that Jos is good company at a conference and I hope you get the chance to talk to him.
The early bird tickets for Swiss Cyber Storm are being sold until June 30, 2017. Head over to eventbrite to secure your ticket.
More about Jos Wetzels:
- Blog and website
- Video presentation at CCC
- Research paper: Broken keys to the kingdom: Security and privacy aspects of RFID-based car keys