t2 information security conference » Talks

Nils to talk about Smart Phone Vulnerabilities

Tomi Tuominen — Mon, 23 Aug 2010 18:52:23 +0000

In this talk Nils will demonstrate (read: show nifty exploits) how much trust you can put into your smart phone. The talk will specifically look at two popular mobile platforms: Google Android and Palm WebOS.

t2 staff thinks that in addition to Nils being a rock star (like 'Prince' or 'Madonna') he is extremely talented security researcher. If you would like to see how Palm Pre can be used as a secret bugging device, this talk is for you.

Please see the schedule for details.

Sami Koivu to talk about Java Sandbox (in)Security

Tomi Tuominen — Tue, 10 Aug 2010 18:03:09 +0000

In this talk, Sami Koivu will first explain how Java sandbox security works and how it doesn't work. Then the audience will learn how Java security has been broken in the past and how it will continue to be broken in the future.

t2 staff thinks that Sami Koivu's research is absolutely groundbreaking and he is The Man when it comes to Java (in)security. However, we are not the only ones - he just won the Pwnies award for his work! For more details please see: Pwnie for Best Client-Side Bug.

Please see the schedule for details.

Confirmed Speakers for t2′10

Tomi Tuominen — Tue, 10 Aug 2010 17:28:06 +0000

As some of you have already noticed, confirmed speakers for t2'10 (October 28 - 29, Helsinki, Finland) are starting to appear, check out the Schedule.

As usual, we will also post a short commentary for each talk and explain why you should come and see it.

Christien Rioux to Talk About Finding New Types of Vulnerabilities Via Binary Analysis

Tomi Tuominen — Tue, 27 Oct 2009 16:23:39 +0000

Christien Rioux from Veracode will talk about finding new types of vulnerabilities via binary analysis - with discussion of identification, exploitation and remediation. Christien has long history with security industry spawning e.g @stake, L0pht Heavy Industries.

Please see the schedule for details.

Mark Debenham to talk about Virtualization

Tomi Tuominen — Sun, 25 Oct 2009 08:43:45 +0000

Mark Debenham from Microsoft will take the audience through some of the risks associated with the reliance on virtualization from a security perspective with a demo or two along the way.

T2 staff thinks that this talk will be an important lesson for those of you dealing with virtualization. Don't miss the demo train!

Please see the schedule for details.

Schedule Rearrangement

Tomi Tuominen — Sun, 25 Oct 2009 08:41:54 +0000

We are extremely sorry about the short notice but we had to rearrange the schedule.

Effectively this means that Nishad Herath's talks will be replaced by Mark Debenham and Mikko Hyppönen.

We apologize for the possible inconvenience. The updated schedule will be online shortly.

Jarno Niemelä to talk about Spying via Bluetooth

Tomi Tuominen — Wed, 02 Sep 2009 13:27:35 +0000

Jarno Niemelä from F-Secure will explain us why all those people who think that their mobile phone is being spied on are not necessary crazy. This presentation gives an overview of just what is possible do over Bluetooth once the attacking device is trusted, what spy can do over Bluetooth and what can be done to prevent it.

T2 staff thinks that this talk defines quite well what "trust" really means.

Please see the schedule for details.

Rafael Dominguez Vega to talk about USB Attacks

Tomi Tuominen — Wed, 02 Sep 2009 13:04:24 +0000

Rafael Dominguez Vega from MWR InfoSecurity will go through the dangers of USB devices. The presentation will cover a wide range of security considerations for USB devices. However, it will specifically focus on the evolution of an attack that can be delivered through a malicious USB device. The talk will also include discussion about the methods that can be used to identify and exploit vulnerabilities in USB drivers and their advantages and disadvantages.

T2 staff thinks that you should think twice before you use a USB stick from a security conference ... :)

Please see the schedule for details.

Juhani Eronen to talk about Real World Incidents

Tomi Tuominen — Wed, 02 Sep 2009 12:52:02 +0000

Juhani Eronen from CERT-FI will present post-mortem studies on incident and vulnerability coordination projects he has been involved with, including recent CERT-FI disclosures.

T2 staff thinks that this talk will be an important lesson for everybody, especially those working for product development. If you or your organization would like to avoid some of the pitfalls — this talk is for you!

Please see the schedule for details.

Scott McIntyre to talk about Why Security Fails

Tomi Tuominen — Wed, 02 Sep 2009 11:13:20 +0000

Scott McIntyre from XS4ALL will explain why security fails. Handling of recent threats, the role of "disclosure", governance, FUD and the ever present (and increasing) threat of government over-regulation stifling innovation are just some of the topics which will be covered during this keynote.

We all suffer the fallout from IT security failures, and understanding the far-reaching consequences to our actions is critical if we're ever going to have a safer Internet experience for the masses.

T2 staff thinks that if you have ever wondered how an ISP copes with all the threats passing through their network (including at layer-8), yet still manages to love the technology they provide to you -- this talk is for you!

Please see the schedule for details.

Nishad Herath to talk about Optical Disk DRM/Forensics and Malware in GPU

Tomi Tuominen — Wed, 02 Sep 2009 10:58:51 +0000

Nishad Herath from Novologica will be on the stage twice. In the keynote Nishad will show us how the very same real world optical disc DRM technologies, created with perhaps the best of intentions, can be used extremely effectively for anti-forensic purposes.

In the second presentation Nishad will demonstrate techniques and code which illustrates the various processing options available to modern malware both inside and outside the PC, far away from the CPU.

T2 staff thinks that both of these talks are quite groundbreaking. This is the kind of stuff that you don't see every day.

Please see the schedule for details.

t2′09 Final Schedule Published

Tomi Tuominen — Wed, 02 Sep 2009 09:28:59 +0000

The final schedule for t2'09 has been published. We might sound like a broken record but T2 staff thinks that we have extremely good program for this year (again :)

We would also like to thank all the people that sent in their talk proposals. Please remember that even if your presentation did not get approved it does not mean that we did not want it. In order to have an interesting event we try our best to make sure that the program has “something for everyone”.

Hope to see you soon!