Category: Talks

Posted on

Nano-Scale Red Teaming

If you want to learn how to apply defensive measures to protect offensive operations and your capabilities, Jacob Torrey’s “Nano-Scale Red Teaming: Making REs Cry With Device-Specific Opaque Execution” from t2’16 is the presentation to watch.

The wealth of knowledge presented on how to create trusted implants via physically uncloneable functions and encrypted execution is not limited to just theory as Jacob and Assured Information Security, Inc have released PUFlib on GitHub.

Live long and persist!

Posted on

t2’16 schedule now online

Where did the last 365 days go? Time flies when you’re up all night cybering, and t2’16 is now just around the corner. The schedule for this year has been released, and we’ve reserved one slot for a wildcard – stay tuned for updates.

This week’s nation-state hackback / Counter Computer Network Exploitation / HUMINT op who-knows-what makes Peter Kosinar’s talk on Thursday more than relevant. We promise this is a total co-incidence! To prevent your C&C business intelligence server from getting compromised, coming early enough to check out the keynote is a good idea.

While t2-as-a-Service is not yet on our drawing board, opening up the registration together with the CFP seemed to be a popular move. Around 30% tickets were sold over the summer, and based on purchasing patterns of previous years, majority will be sold during the next 4-6 weeks. Last year was sold out a month before the conference – if you want to confirm your attendance, now is the time to do so.

As always, creating a conference schedule from CFP entries is not as easy as one might think. Balancing the content to cater to a varied audience means, unfortunately, leaving out quality submissions. The Advisory Board would like to thank each and everyone who submitted a talk this year – a conference is nothing without the speakers.

Posted on

Electronic emanations explained

Some of us are young/old enough to have spent too much time browsing through Cryptome archives in the late 90s and being amazed by documents about ECHELON and TEMPEST. Yet, it only took a couple of decades to see those unravel before our very eyes.

Compared to many other security topics, open source information available on electromagnetic intelligence cannot be described as extensive nor comprehensive. Luckily, the talented researchers from Tel Aviv took public research to a new level by demonstrating their 300 USD pita bread.

The setup brings practical attacks to class rooms and coffee shops near you. This time paper and pencil are recommended for taking notes.

Posted on

t2’15 schedule now online

So many CFP entries, so little time. The schedule for 2015 is ready
and finalized, and as always, we’re pretty excited! There’s a mix of
high level and low level, offense and defense, cocktails and
networking. ..and by the way, our keynote speaker is @headhntr.

This year we’re continuing the tradition of not having dedicated
tracks – therefore Thursday’s string of OPSEC presentations is just a glitch in the random number generator. The same glitch also caused Alexander Bolshev and Boris Ryutin to receive two one hour slots for their exploit development workshop. AVR microcontrollers have never been this interesting!

As anybody who’s been to security conferences during the last decade knows, it takes something special to have a solid fuzzing presentation – Nils‘ “Windows kernel fuzzing” definitely
hits the mark. Speaking of awesomeness previously available only with nation state budgets, the guys from Tel Aviv university are
demonstrating what EMSEC means in practice. You probably want to take notes with pencil and paper this time.

The hard limit of 99 attendees (including the speakers and t2 staff)
is again in full effect. No exceptions, no excuses. Early registration
is definitely recommended. As always, t2’15 will take place in Radisson Blu Royal Hotel Helsinki.

Posted on

Covert entry

In a time where so many conferences are focusing on cybering, A/S/L and the potholes on the information superhighway, t2’14 has two speakers demonstrating how IT security and physical access walk hand in hand. For the first time in the history of t2, we have a lockpicking presentation in the program. Actually, make it two – one man’s exploit is another man’s lockpick.

To prevent manufacturers from getting the wrong idea, the abstracts are vague on details – the presentations themselves will not be.

 

Posted on

Mobile track

Traditionally we have not had any named tracks per se, but this year it is quite impossible to avoid the fact that we do in fact have a mobile track on Thursday. What else can you call a set of presentations covering Android OEM vulnerabilities, iOS app reversing and low-cost IMSI catching?

If history is about to repeat itself, there will be a strong chance of mysterious mobile phone problems during the conference. Pack your burner and memorize the code words. Remember “FIST FIGHT in the TOOL ROOM” = “Drinks at the lobby bar”

Posted on

Jan Saggiori and Murdoch’s Pirates

Those who weren’t too hung over from the night before might remember how Dmitry Nedospasov’s integrated circuit analysis talk last year concluded with the recommendation to read Murdoch’s Pirates.

This being t2, we noted down the name and went online to order one. Except you cannot order the book in physical form anywhere in Europe. Kindle is too new school for us as we prefer our books like our whisky – cask strenght with a drop of water and no APT. Eventually we got some from Australia and the content blew us away.

This year we have no other than Jan Saggiori himself giving an insight
into the world of pay-tv security. If you haven’t read the book yet, you should.