This year’s program is indeed great! There are many familiar names – almost an alumni meeting of sorts, but also those who are making their t2 debut. Speaking of debuts, our new sponsor Beyond Security will also be present and available to discuss SecuriTeam Secure Disclosure.
The last week of the challenge is starting – there is still time left to claim the free ticket to t2’17. Registrations have continued steadily, and 70% of available tickets have been sold. If you are planning to attend, we recommend booking your seat now.
There are two open speaking slots, and trust us, we are working on those. History has thought us to leave options on the table, and that’s exactly what we are doing. While focus of t2 is heavily on the networking and human interaction, we take curating conference program very seriously – a good mix of thought-provoking and hardcore tech presentations gives a fitting backdrop for the lobby bar chats.
It’s a little over two months until t2’17 and over 50% tickets have been sold already. Coincidentally, that’s also about 50% increase from last year. Opening up the ticket sales early has proved to be popular, and you can expect us to continue doing so in the future.
To ensure a seat in the audience, we recommend registering your attendance sooner than later. For those interested in a free admission, the challenge is still open!
In this 2015 keynote headhntr aka Morgan Marquis-Boire philosophizes on nation state attacks, their history, how hackers operate, and the nature of the Internet. As with all philosophical content and/or keynotes, very little has fundamentally changed since the talk.
Is modern technology the Panopticon? What is the East Germany tipping point of today? Do you agree with Morgan at all? Watch the keynote and let us know on the Twitter with #t2infosec !
This year’s pre-conference challenge will be a t2 exclusive bug bounty. For more information on how to participate, please see the t2’17 Challenge page. As we’ve been organizing challenges for over a decade, you might wonder why change now? For several years in a row, the challenge participant numbers have been steadily declining, despite increased efforts put into creating the technical puzzles, challenge descriptions and back stories, and actual promotion. It’s not just the number of submissions, but also the downloads and page views. Thomas Malmberg kindly pointed out that with conference challenges we’re competing for people’s time – this is the arena where also bug bounties play. It was time for us to either adapt or perish. This being t2, failure was not an option and quitting is something you do for apps, not in real life. With conference budgets one simply does not organize a bug bounty – you need friends’ help for that. That is the reason we partnered up with LocalTapiola to provide you a t2 exclusive bug bounty, targeting a real world business application running in production environment. To make sure the spirit of t2 challenges is still there, we are emphasizing the vulnerability quality and proof of exploitability. The challenge is not a speed competition – the most elegant and meaningful vulnerability submission will receive the free ticket, and we have adjusted the whole bug bounty process to reflect that. Once you convert someone else’s medium severity local file read into unauthenticated remote code execution, you start to value proper analysis and investigation into the technical details of a vulnerability. In other words, 2002 called – they want their apache-scalp.c back. The 15 year anniversary is a pure co-incidence, as is Dave Aitel’s headline keynote at t2’17, the stars just happened to align the right way, like good exploitation primitives after putting in the time and effort. The challenge is dead. Long live the challenge. We hope you enjoy the reinvigorated format!