Hi guys! We’re less than a week
away from #HITB2012AMS
and we’re super excited to welcome you there!
HITBSecConf2012
- Amsterdam, our third annual outing in Europe
will be at the prestigious Hotel Okura Amsterdam and this year marks our first ever week-long
event with what we think is a simply awesome line-up of trainings,
speakers, contests and hands-on showcase activities. There should be pretty
much something to keep everyone happy!
The HITB crew is pretty excited
and there’s very little else we talk about these days, so when IOActive invited
us to write a blog post with complete free rein - we can’t help but name a
couple of event highlights the crew are particularly looking forward to and we
think you’ll be equally excited about.
Here’s a little lot of
what’s in store in less than T minus 7 days’ time:
Hands on Technical Training
Sessions
May 21st - May 23rd: Training
Day 1, 2 & 3
As always, we kick things off
with our hands-on training days. This year, trainings stretch across a
three-day period and will feature all new 1-day-only courses covering a
gamut of topics from wireless security, SQL injection attacks and mobile
application hacking. This will be followed by several 2-day intensive hands-on classes
featuring some of our popular trainers. Laurent Oudot will be Hunting Web
Attackers alongside Jonathan Brossard who’ll be conducting a course on Advanced
Linux Exploitation Methods. Next door Shreeraj Shah will be running his
ever popular Advanced Application Hacking training. As usual, trainees
come braced for intense headache filled days with these hands-on courses
crammed to the brim with real-life cases plus new, next-gen attack and defense
tools and methods.
Quad Track Conference - The
Pièce de résistance
May 24th - May 25th:
Conference Day 1 & 2
Big Ideas - Big Picture...
It’s always hard selecting
keynote speakers - especially at HITBSecConf, where our audience expects
nothing but absolutely killer content filled with awesome! Andy
Ellis, CSO of Akamai we feel will deliver a talk that fulfills that and will be
kicking off Conference Day 1 with a keynote on Getting Ahead of the Security Poverty Line - sharing a behind-the-scenes
look at Akamai’s in-house security program and how it has evolved over the
years to protect over 105,000 servers in 78 countries.
On Day 2, a man who needs no
introduction and who has the rare distinction of having delivered keynote at
all the locations of HITBSecConf events held around the globe, Bruce Schneier,
CISO of BT Counterpane will deliver the second keynote. Bruce’s talk on Trust, Security and Society will deliver a big picture look at how
in any system of trust, there will always be abuses. Understanding how moral
systems, reputational systems, institutional systems, and security systems work
and fail in today’s society is essential in understanding the problems of our
interconnected world.
An Apple a Day...
One of the indisputable
highlights this year and perhaps the one item the HITB Crew is most
looking forward to is the first ever appearance by the full four-member
iOS Jailbreak Dream Team (@p0sixninja, @pod2g, @planetbeing and @pimskeks)
plus world famous, iPhone Dev Team member @MuscleNerd.
They will be rocking Amsterdam
with three talks (and maybe a new jailbreak?), two of which will primarily focus
on the detailed inner workings behind the Corona (A4) and Absinthe (A5) jailbreaks. Apple fans and jailbreak
enthusiasts will be well pleased to hear the team plans to cover pretty much
everything a jailbreaker would want to know including:
iOS security basics
iOS format string attacks
iOS kernel heap overflows
iOS profile command injections
iOS application sandbox escape
How to bypass ASLR & DEP for all
exploits listed above
In the third and separate talk,
MuscleNerd will dive into the inner workings and most recent changes to the iPhone baseband comparing it against its earlier
hardware and software incarnations. His presentation will cover everything
baseband related - from baseband ROP to activation and baseband tickets: The
mechanism Apple uses to authorize use with specific carriers and authenticates
software updates to the baseband. He will also look at the current attack
surfaces comparing iPhone4 vs iPhone4S hardware-based protection mechanisms. Tasty.
I want my MTV...
And here’s another personal crew
favourite - Adam Gowdiak. Is. Back. The man who first brought Microsoft
Windows to its knees in 2003 as part of the LSD Group and later became the
world’s first to present a successful and widespread attack against the mobile
Java platform is back at HITBSecConf! This time he will demonstrate the first ever successful attack against digital satellite set-top-box equipment implementing the Conax
Conditional Access System with advanced cryptographic pairing function. Yes,
we’re talking major security flaws in digital satellite TV
set-top-boxes and DVB chipsets used by many satellite TV providers worldwide.
More Labs / More Signal
Intelligence
Forming our third track in our
quad-track line up, only a maximum of 75 attendees will get to experience these
intensive, mini training sessions, so get to the doors early if you wanna join
in. Audience interaction is expected so bring your laptops with you! What kind
of brain mashing kungf00 can you expect?
Hacking Using Dynamic Binary Instrumentation by Intel’s Gal Diskin promises
an insight into extracting metadata and other hidden goodies from public
documents using FOCA 3 and bad nasty things one can do with malformed portable executable (PE) files and Didier Stevens, Security Consultant,
Contraste Europe NV will be talking about the reverse of the kind
of shellcode we all know and love - White Hat Shellcode: Not for Exploits.
Still hungry for more bytes? Grab
your coffee, real world bites and head into the SIGINT sessions - our version of lightning talks
which run for 30 minutes during coffee and lunch breaks. The SIGINT sessions
this year are twice as long as usual as we want you to truly savour the
appetising morsels we’ve lined up.
24TH MAY 2012
25TH MAY 2012
Lawfully
intercepting your packets...
After 2 days
of conference awesomeness, Ms. Jaya Baloo, Verizon’s in-house lawful interception expert and our first-ever lady closing keynoter will
wrap things up in a yet to be announced keynote.
We’re not
done yet …
If it isn’t already difficult
enough to pick which talks to go to, we’ve got even more things lined up to
keep you busy outside of the main conference tracks - With an expanded
technology showcase area, our all new CommSec Village is going to be packed to the brim with
more hacky-goodness than you can shake a Kinect at!
CommSec
Village
Last year, LEGO Mindstorm robots
ruled the roost and this year, the HITB CommSec Challenge is bringing the world
of motion capture into the tinkering hands of Benelux hackerspaces. Seven
hackerspaces from Belgium and the Netherlands will work with Microsoft’s all new Kinect for Windows platform and battle head to head to translate
their body movements into words at the highest rate of character output. Yep -
expect to see lots of physical action here as the various participants
battle it out for the grand prize of EUR1000.
HackWEEKDAY
HackWEEKDAY: Turbo Edition will see code junkies and working over
a 12 hour period on this year’s theme of ‘Browsers and Extensions’ - Sponsored
again by Mozilla and organized by the HITB.nl Crew, participating developers
stand a chance to walk away with a prize of EUR1337 for the best coder!
Capture The Flag -
Bank0verflow
Capture The Flag: Bank0verflow will see eleven teams - 5 home grown
teams from The Netherlands: Mediamonks and four Vubar teams battle it out
against French team C.o.P. Also, for the first time two Russian teams will be
joining the battleground including the much ‘feared’ winners of #CODEGATE2012’s
Capture The Flag - Leetchicken
Lock Picking Village by
TOOOL.nl
The ever popular Lock Picking Village returns this years with crowd
favourite TOOOL.nl at hand to showcase best and latest picking, shimming,
bumping and safecracking techniques. Hands on as usual, come with deft fingers
and your own locks to see how (in)secure that house or fiets lock of yours
really is!
Sogeti Social Engineering
Challenge
This year for the first time
Sogeti is introducing Sogeti Social Engineering and CTF Challenge
(#SSEC2012). This will be HITB’s first ever social engineering game so we’re
pretty excited to say the least! Participants will be flexing their wit and
wits against the top 100 Dutch companies via in-live-studio phone calls and
conference attendees plus members of the public can check out the game in
progress via the Listening Post. Blag for swag - and the best
‘wit-hacking’ engineer walks away with a swanky new iPad 3 sponsored by
Sogeti!
Hackers On
The Far Side of the Moon with Microsoft and IOActive
It would not be a proper HITBSecConf
if there was no killer party to cap things off. This year we plan to blast off
to the dark side of the moon with IOActive’s Keith Myers providing the choons!
Sponsored as always by Microsoft,
conference hackers,
heroes, dudes and dudettes will make their way to the Wyndham Apollo Hotel for
three solid hours of food, music and of course, copious amounts of alcohol
thanks to additional alco_pwn support by the kind folks at IOActive! \o/
IOActive’s DJ Keith Myers will be
delivering the ear pounding dance floor madness with a warm up set by Roy Verschuren of Elevator Passion - all this
at the only spot in Amsterdam where the city’s five famous grachts meet!
Bring. On. The. Madness.
See you next week!
- The HITB Crew
Lots of information!!!
ReplyDeleteHopefully free visit Wireless security system