So many CFP entries, so little time. The schedule for 2015 is ready
and finalized, and as always, we’re pretty excited! There’s a mix of
high level and low level, offense and defense, cocktails and
networking. ..and by the way, our keynote speaker is @headhntr.
This year we’re continuing the tradition of not having dedicated
tracks – therefore Thursday’s string of OPSEC presentations is just a glitch in the random number generator. The same glitch also caused Alexander Bolshev and Boris Ryutin to receive two one hour slots for their exploit development workshop. AVR microcontrollers have never been this interesting!
As anybody who’s been to security conferences during the last decade knows, it takes something special to have a solid fuzzing presentation – Nils‘ “Windows kernel fuzzing” definitely
hits the mark. Speaking of awesomeness previously available only with nation state budgets, the guys from Tel Aviv university are
demonstrating what EMSEC means in practice. You probably want to take notes with pencil and paper this time.
The hard limit of 99 attendees (including the speakers and t2 staff)
is again in full effect. No exceptions, no excuses. Early registration
is definitely recommended. As always, t2’15 will take place in Radisson Blu Royal Hotel Helsinki.
Making predictions is easy when you have friends in low places. They indeed helped us secure a solid 5/5 performance for our 2015
predictions already during H1. It’s all about making your own luck –
Lady Fortune is not that random when you know what’s happening in the operational area.
To summarize what has happened during the past few months:
This brings us to the CFP – it’s still open a couple of weeks and waiting for your submissions. If you want to present your research to a technical audience, enjoy cold weather in Helsinki and/or meet hacker-minded people from all over the world, t2 is definitely your conference.
The registration will open soon after the first rounds of CFP has been accepted. Last year we sold all of the seats well before the event – if you are looking to buy 5 or more tickets, please contact us now.
Unlike the on-going / upcoming cyber cold war involving nation states, image boards, corporate entities and drunk hackers, 2014 has run its course. In the private and public sector this means it’s time to start drafting those e-mails about next t2 infosec being included in the 2015 training budget. While not all our attendees are dependent on the fiscal calendar, we see fit to remind those who are. Our offensive friends can think of it as adding your backdoor into the target’s build environment.
Looking back at the past couple of years, the content has, more than once, been ahead of the times. A recent example would be the IMSI catcher hulabaloo in Norway a couple of months after @raviborgaonkar‘s and Swapnil’s t2 presentation.
Without a doubt, 2015 will give us more vulns with funny names and fancy websites, the Internet Of pwned Things, the doomsday clock getting closer to midnight and horrifying yet awesome nation state capabilities. To sum this up with an out-of-context quote from the 1950s:
“It must be obvious… that there is a contradiction in wanting to be perfectly secure in a universe whose very nature is momentariness and fluidity.”
— Alan Watts, The Wisdom of Insecurity
ps. despite several requests to add BTC, gift cards, pieces of eight or crash triggers as payment methods, we’re still sticking to the credit card payments. Getting those prepaid cards is not that hard really. On a final note, invoices have been marked as obsolete and our next release might not support them.
In real life, technical superiority is one thing and an ability to present your work is another.
So, without further ado – best write-ups for t2’14 Challenge:
Merry Christmas and Happy New Year!
Year after year we hear stories about people who annually almost attend t2. The intention is always there, but when the time comes to register for the event, they find themselves in the middle of a floppy disk inventory or some other significant crisis at (work|home|garden).
The question for many of these people then remains – was it any good, should I attend next year? The advisory board is certainly too biased to answer this question; we are like winemakers who think each year qualifies as a vintage. The regulars and other long-time conference goers gladly reminisce past events, while wearing some obscure and highly collectible t-shirt from ’04. In our view, a first time speaker’s opinion is probably a good objective yardstick.
Patrick Wardle, flying half-way across the globe to deliver two talks in the cold and snowy Helsinki, was kind enough to share his experiences in this Synack lab’s blog post. For other t2 coverage, see #t2infosec on Twitter