HTCIA Asia Pacific Chapter
Evening Presentations in June
The committee would like to apologise for the lack of a chapter meeting recently. We originally were scheduled to have Jeroen Wester speak to us, but due to the volcanic activity in Europe closing airspace we were forced to cancel.
We will be having two evening presentations in June in order to catch up. The first will be by chapter president Richard Kershaw on Wednesday, June 9th (details below). The second will be by Stefan Fleischmann on June 22nd. Further details of Stefan's presentation will be provided closer to the time.
We look forward to seeing you next week.
Topic: Tracking Email from Outlook to a Blackberry Handset
Speaker: Richard Kershaw, Asia Managing Director, Catalyst Repository Systems
Date: 6.30pm, June 9th, 2010
Venue: Hong Kong Police Officers' Club
Blackberry handsets have become ubiquitous in the corporate environment. Hundreds of emails per day are composed and read on them - email which could be relevant to an investigation. However, email is not retained on the handsets for more than a few days, or weeks at most. Information regarding emails kept in Blackberry logs do not provide sufficient information for one-to-one mapping. This presentation will provide an overview of how a Blackberry Enterprise Server forwards emails between Outlook and the handset, how tracking IDs are assigned, and tips and pitfalls in conducting such an investigation.
Space is limited, so please reply to Frank Law if you would like to reserve a seat ( This e-mail address is being protected from spambots. You need JavaScript enabled to view it )
Presentations uploaded to members' area
Both Jon Evans and Ryan Connolly have kindly agreed to provide their presentations for the reference of the Chapter. These are available in the Members' Area. We only ask that you remember some of the materials are sensitive and treat them with the appropriate discretion. Not a bad deal for the quality of the presentations provided!
2nd Evening Talk of 2010
On March 2nd the Chapter was very pleased to welcome back another friend and previous speaker, Mr Ryan Connolly. With his extensive background in network security, Ryan is former Team Cymru and served as their Asia representative, where he focused on spreading security awareness and providing security training. He has recently set up his own consultancy based out of Kuala Lumpur, and we were fortunate he agreed to volunteer an evening of his time in Hong Kong.
The topic of the evening was the challenges the Fast Flux phenomenon presents to internet investigations. We had another good turnout, filling the by now familiar Microsoft 23rd floor conference room. Ryan's very thorough presentation covered the usual way in which internet sites operate, and then went on to explain how Fast Flux enables criminals and unethical internet-based vendors to conceal the servers hosting their services through a mask of shifting compromised computers. Ryan finished off by explaining how the functionality which enables use of Fast Flux also enables the investigator to spot that a Fast Flux system is being operated. There followed a lively Q&A session from the membership. Ryan has kindly agreed to make the presentation available to the membership, which will be uploaded shortly.