Celine's first law: National Security is the chief cause of national insecurity
Slovak Information Service (SIS) repeatedly has proposed the draft for interception of an encrypted communication - the duty to give off the encryption keys for the given non-specified devices.
Leaked information from Wikileaks has shown Slovak and Czech's government considered to buy or bought the spying malware from Gamma group and Hacking Team - both companies with the bad reputation because of selling the same spying malware to the dictatorship countries for spying of innocent people. The Slovak government has rejected this information, Czech Secret Police has confirmed this fact and see no problem in doing the business with dictatorship supporting company because they use this software for "legal reasons". The new Slovak legislation legitimizes the use of spying software for the particular government agencies and strongly criminalized use by others that may lead to the criminalization of legal business activities of IT security companies.
The goal of this presentation is to show why it is immoral to buy and use spying malware from dictatorship supporting companies. Why whistleblowing remains the only way to find out the unethical behavior of secret government agencies and why all government's tries to regulate cryptographic systems drastically degrade our digital privacy.
And therefore, why the government is the biggest privacy threat for their citizens.
Pavol Lupták
CEO, Certified IT Security Professional
He gained his BSc. at the FEI-STU in Bratislava and MSc in Computer Science at the Czech Technical University with master thesis focused on ultra-secure systems. He holds many prestigious security certifications including CISSP and CEH, he is Slovak OWASP chapter leader, co-founder of Progressbar and SOIT organizations where he is responsible for IT security.
Pavol uses to have regular presentations at various worldwide security conferences (in Netherlands, Luxembourg, Berlin, Warsaw, Krakow, Prague). In the past, he demonstrated vulnerabilities in the public transport SMS tickets in all major cities in Europe, together with his colleague Norbert Szetei he practically demonstrated vulnerabilities in Mifare Classic RFID cards. He has 14 years experience in IT security, penetration testing and security auditing including social engineering and digital forensic analysis.
He is co-author of the OWASP Testing Guide v3, has a deep knowledge of the OSSTMM, ISO17799/27001 and many years experience in seeking vulnerabilities. He has a knowledge of many programming languages (ASM, C, C++, XSLT, Perl, Java, PLSQL, Lisp, Prolog, scripting languages) and operating systems. He is also focused on VoIP and interesting IT security research.