About Us
The Open Society was Formed to bring more Open Ideas and information on Open Implementations. Some of theses include Creative Commons Licensed Music/Films/Images/Podcast.
Were a group of like minded people from all walks of life in and around Dundee. The society aims is to promote open source licensing and open source software to new and
experienced users.
We have regular fortnightly meetings in Dundee. It's membership is split between students and non students,
and everyone is welcome to join.
Our ties with the Tayside LUG (Linux User Group) and The Ethical Hacking Society are very strong indeed as many of our members attend there as well,
we have in recent months shared the same meeting as TayLug which has worked very well indeed.
You don't have to have any Linux or Open Ideas experience to come to a meeting and you will find lot's of people who enjoy discussing these freedoms
Our
meetings normally consist of a informal presentation on numbers of subjects relating to Creative Commons, Android, GeoCaching, F.L.O.S.S (Free, Libre, Open-Source, Software) and
current events happening in the Open Source/Creative world.
The Meetings usually last about an hour with a friendly and relaxed approach and with a variety of experience a good discussion is normally always expected.
Our meetings are held every other Thursday at 7pm, and we are reasonably easy to find:
University of Abertay Dundee, Bell Street, Dundee
We meet in the Foyer of the Main building (Kydd building)
After the meeting you are welcome to join us for a beer (or whatever you drink in the Union bar) and a good old chin-wag.
Meeting Details - 1st December 2011 : A Salesman's Guide to Social Engineering
by Gavin Ewan
Talk this week by Gavin Ewan, this is the talk I have submitted for BerlinSides in September (heres hoping). You'll be able to say you seen it first right here at the Society!
Social Engineering is currently one of the buzz terms within the hacking field. Like children with new toys, hackers everywhere white hat, black hat and everything in between are rushing to learn just what Social Engineering is and how they can add it to their arsenal.
In this talk, I will show how lessons can be learned from one of the oldest, most durable professions, that of the salesman. I will talk about the true master salesman, one who can quickly identify their customer's train of thought and what signals they will respond to in order to gain a sale and show how many useful parallels there are between a good sales process and a Social Engineering attack/penetration test.
I will briefly go through some models that have been taken from psychology and applied to sales, but I will use them to apply directly to Social Engineering. You will be surprised how well they fit and how little alteration is needed!
I will show how everything from searching for information on buyers to handling objections to a sale can be used in an a SE attack (Same process for researching a target? Objection handling for dealing with curious/vigilant security?).
For those of you who are more comfortable behind a computer screen than in front of people, don't worry, I will also show exactly how you can apply these techniques and why those who seem to be 'gifted talkers' fail almost everytime.
Once I have looked at the attack vectors I will do the only right thing and show exactly how these very attacks can be better defended against. I will show you how a process that is used every day by organisations, big and small, can be tweaked and applied to your organisation in order to protect you, your employees and importantly your customers and their data against Social Engineering attacks.
By the end of this talk you will be left with plenty of food for thought from your time with an multi-award winning salesman turned ethical hacker. You will have categorised yourself according to one of my key people types and know what SE would be more effective against you. You will also be able to start looking for those same signals in others, your friends, your workmates, your targets? You will be armed with the process that I use in an SE attack and the tools to do some thinking and research to make your own similar process.
Meeting Details - 17th November 2011 : PGP Encryption
by Stuart McCulloch
You have probally heard about PGP but what is it? At next weeks meeting (17th Nov) I will take you thru the solent points: What is it?, Why use it?, How does it work?, What is a Key Signing party? and Web of Trust vs SMINE certificate authoritys
There will also be the chance to ask questions and if your lucky there might be some answers kicking about
Meeting Details - 3rd November 2011 : IDS Evasion
by Arron Finnon
Intrusion Detection Systems or IDS for short have been sold for many years as a solution to stop attackers from both the "inside" of a network, and the "outside". There is little doubt that the capabilities of these devices have been over sold, and at their very heart is some implementation problems that have no simple fixes.
The talk looks at one of the underlying problems an IDS faces when conducting packet inspection, reassembly.
The aim of Reassembly evasion techniques is to confuse an IDS system during packet inspection, by either supplying data to an IDS that will never be factored in at the receiving end (insertion), or by confusing an IDS's very process of reconstructing the data stream. In essence Reassembly evasion techniques attack the very process of inspection.
From the insertion of rogue nulls, to over-lapping, and over-writing the contents of packets, mean that an IDS has very little chance of being able to catch all bad traffic. Many IDS systems are geared to dealing with a high traffic volume, and any reassembly is going to be both difficult and taxing on system resources, whilst slowing the network down. With very little enumeration a potential attacker can utilise a number of reassembly evasion techniques to aid in the escape of otherwise prohibited traffic.
With the aim of educating the attendees of the talk on what to look out for, and how to better understand the threat faced by IDS's. In short this talk looks at: Getting The Fragments Out"
Meeting Details - 20th October 2011 : Intro to Django
by James Carter
Introduction to the Django Web Framework. A demonstration and evaluation of django, a python but not necessarily pythonic rapid web application development framework with a view to fostering collaborative development of an Open Society community site.
Meeting Details - 6th October 2011 : Anual General Meeting
We will be holding our AGM where all our officers will be elected and
members dues will be determined along with getting some feedback from
the floor about what you guys want to see over the next few weeks.
I will also be giving a quick run down on how to put Ubuntu on a USB
stick using Windows as I think it's the best way to get started for
those new to linux.
Meeting Details - 22th September 2011 : Freshers Introduction to Free Software
Welcome to new members and freshers alike. Talking about what the society is here for and what free software is all about
Meeting Details - 17th September 2011 : Software Freedom Day
Software Freedom Day Event : 13 talks on 2 tracks for all to come and see more details @ sfd.the-os.org.uk