Category Archives: News

t2’16 Challenge to be released 2016-09-10 10:00 EEST

Everybody is a fan of disruption until it hits them personally.

Background

Unicorns attract competitors, copycats and charlatans. For a VC, the road to losing the principal is paved with poor decisions, bad luck and ultimately betting on the wrong horse. One of the challengers in the unregulated pay-per-hitchhike app industry, Astley Auto Association, has been trying to raise a C round. Its founder and CEO, a controversial character, is claimed to represent the darker side of the booming startup scene. While his fans cheer the sticking-it-to-the-man attitude R. Astley has demonstrated to the regulators, there are critics, including many notable venture capitalists and angel investors, who say the man embodies the lack of integrity and honesty.

With circumstances as messy as those of a publicly funded open source project, it gets even messier. An unknown actor has compromised the e-mail server of Astley Auto Association. To prove they have the whole archive, chosen mails from CEO of AAA, R. Astley, and other employees were collected to a dump.
A disgruntled employee, competitor, VC trying to bring down the valuation, angry customer, or a random opportunist – clearly an attribution question so difficult it can only be solved by world leading threat intelligence companies.

Luckily we are more interested in a good hacklog and thorough compromise. A properly placed string tells sometimes defenders and investigators more than thousand words in a compliance report. The mission, should you choose to accept it, is to analyse the e-mail dump and uncover the clues left by the unknown actor, which demonstrate the devastating level of control they have over the environment.

Details

The first person to recover all flags will win a free ticket to t2’16 conference. In addition to this, the creators of the Challenge will select another winner among the next ten correct answers. The criteria for the other selection is the elegance of the answer. In short, you can win with both speed and style.

The Challenge will be released on 2016-09-10 10:00 EEST right here at t2.fi

t2’16 schedule now online

Where did the last 365 days go? Time flies when you’re up all night cybering, and t2’16 is now just around the corner. The schedule for this year has been released, and we’ve reserved one slot for a wildcard – stay tuned for updates.

This week’s nation-state hackback / Counter Computer Network Exploitation / HUMINT op who-knows-what makes Peter Kosinar’s talk on Thursday more than relevant. We promise this is a total co-incidence! To prevent your C&C business intelligence server from getting compromised, coming early enough to check out the keynote is a good idea.

While t2-as-a-Service is not yet on our drawing board, opening up the registration together with the CFP seemed to be a popular move. Around 30% tickets were sold over the summer, and based on purchasing patterns of previous years, majority will be sold during the next 4-6 weeks. Last year was sold out a month before the conference – if you want to confirm your attendance, now is the time to do so.

As always, creating a conference schedule from CFP entries is not as easy as one might think. Balancing the content to cater to a varied audience means, unfortunately, leaving out quality submissions. The Advisory Board would like to thank each and everyone who submitted a talk this year – a conference is nothing without the speakers.

Call for Papers 2016

If you are tired of any of the following: 1) conferences where coffee service equals one coupon (= cup) per day, 2) conferences with crazy-ass lines making world’s busiest transit hubs seem like a pleasurable life experience, 3) conferences showcasing talks indistinguishable from sponsored content, or 4) conferences which overcharge and underdeliver, please continue reading.

t2 has throughout its history offered speakers and guests an intimate atmosphere where ideas can be exchanged with fellow hax0rz. We take pride in treating speakers as guests of honor – presenting a talk at t2 and visiting Helsinki is something we want you to both remember and enjoy.

Finland is a country, which has pioneered things such as the first web browser with a GUI[1], has no embassy in New Zealand and has introduced the world some minor tech stuff such as Linux and SMS. In case your bucket list contains BDSM with complete strangers, just submit a paper, come to Helsinki and ask for Finnish sauna [2].

While Helsinki cannot offer you sunshine, resorts or palm trees, we can compensate that with cold weather, eternal winter, darkness, and snow if you’re lucky. According to the latest OECD statistics[3], Finland has as many metal bands as France has wine producers, but more metal subgenres than there are wine regions.

t2’16 offers you an audience with a taste for technical security presentations containing original content. This is your chance to showcase the latest research and lessons in offensive offense, enterprise compromise, ambiguous APT-attribution, nation state lulz, anti-anti-anti-forensics, blacklisted research, crafting digital munitions, defense strategy and tactics that actually work, tampering anti-tamper units, competitive barbecue and/or doping in professional sports. Topics outside the listed categories are accepted as long as you promise to share love and happiness.

The advisory board will be reviewing submissions until 2016-07-01.
First come, first served. Submissions will not be returned.

Quick facts for speakers

  • presentation length 60-120 minutes, in English
  • complimentary travel and accommodation for one person [4]
  • decent speaker hospitality benefits
  • no marketing or product propaganda

Still not sure if this is for you? Check out the blast from the past:
https://t2.fi/schedules/

ps. If you are one of those dedicated hardcore t2 visitors and want to ensure your place in the audience even before speakers are announced.. The registration is now open!

How to submit
Fill out the form at https://t2.fi/action/cfp

References
[0] https://en.wikipedia.org/wiki/Erwise
[1] http://www.visitfinland.com/article/10-sauna-tips-for-beginners/
[2] https://www.google.com/search?q=site:oecd-nea.org+filetype:php
[3] With the exception of Charlier Miller and Chris Valasek
[4] Yes, we know

 

Call for Artists

t2 is looking for an artistically gifted professional interested in refreshing the visual brand language of the conference. The task entails renewing the whole look and creating online+offline assets accordingly.

Understanding what infosec events and the participants are all about is a plus. Throughout the past decade t2 has worked hard to provide a first class conference in an intimate setting – we’re taking that a step further by making everything more pleasing to the eye.

What is this all about ?

  • influence over visual identity (the t2 logo being the only exception)
  • ascii, RGB, CMYK
  • compensation provided (don’t expect platinum grills and a Maybach)
  • small gfx tasks every once in a while
  • fun times with the annual schwag extravaganza

Preferably you will have non-existent or very limited skills in developing weaponized multiplatform 0days for common picture formats.

If you know who Robert Bringhurst is, know demoscene, like stickers, prefer black or like old skool rap you’re given definite bonus points.

Those interested in applying, please e-mail to info-2016@lists.t2.fi with an application and a link to your drive-by ex^H^H^H^H^H^H^H^H^H^H portfolio.

The deadline for applications is 2016-05-01 16:20 UTC+2