Category Archives: Talks

Building a Reasonably Safe Travel Burner Laptop

International travel can be difficult, and for a security conscious person especially so.

In this video from t2’15 Georg Wicherski demonstrates a way of solving many problems related to carrying a personal computing device with you. For a person crossing borders on a regular basis or otherwise in need of heightened security for their laptop, this is a must see. Enjoy!

Do note that this has been actually implemented in practice instead of being just intellectual mastu^H^H^H a mental exercise. For more details about the setup, refer to the github repository. The setup has been since updated to support TPM remote attestation.

If Attackers Can Use Graphs, Then Why Can’t We?

Those in the business of securing enterprises and organizations should definitely watch OlleB‘s presentation from t2’15. Moving from point-in-time <insert-product-name-here> scans to a more structured approach using graphs, attack models, understanding and eradicating vulnerability classes or using safety/assurance cases is a long-term security investment.

Taking your defensive game to the next level requires trying out new approaches to old problems and sometimes challenging the conventional wisdom. This video should give you food for thought – it’s one of our favorites!

Nano-Scale Red Teaming

If you want to learn how to apply defensive measures to protect offensive operations and your capabilities, Jacob Torrey’s “Nano-Scale Red Teaming: Making REs Cry With Device-Specific Opaque Execution” from t2’16 is the presentation to watch.

The wealth of knowledge presented on how to create trusted implants via physically uncloneable functions and encrypted execution is not limited to just theory as Jacob and Assured Information Security, Inc have released PUFlib on github.

Live long and persist!

t2'16 schedule now online

Where did the last 365 days go? Time flies when you’re up all night cybering, and t2’16 is now just around the corner. The schedule for this year has been released, and we’ve reserved one slot for a wildcard – stay tuned for updates.

This week’s nation-state hackback / Counter Computer Network Exploitation / HUMINT op who-knows-what makes Peter Kosinar’s talk on Thursday more than relevant. We promise this is a total co-incidence! To prevent your C&C business intelligence server from getting compromised, coming early enough to check out the keynote is a good idea.

While t2-as-a-Service is not yet on our drawing board, opening up the registration together with the CFP seemed to be a popular move. Around 30% tickets were sold over the summer, and based on purchasing patterns of previous years, majority will be sold during the next 4-6 weeks. Last year was sold out a month before the conference – if you want to confirm your attendance, now is the time to do so.

As always, creating a conference schedule from CFP entries is not as easy as one might think. Balancing the content to cater to a varied audience means, unfortunately, leaving out quality submissions. The Advisory Board would like to thank each and everyone who submitted a talk this year – a conference is nothing without the speakers.