Call for Papers 2024

t2 infosec has been pushing the boundaries of security research for two decades and it don’t stop. We’re back April 18-19, 2024 – Helsinki, Finland.

CFP and registration are both open

This is an event for newcomers, established merchants of dual use computer code, beginners of vulndev, cyber vagabonds, retired or redacted, and hackers of all sorts. If you have new original security research targeting old, current or future technology, please submit your talk.

Got 99 problems but an 0day ain’t one.

— The Advisory Board

Helsinki offers a Northern European mood, with the resilience built by using Linux on the desktop since 1991, fueled by IRC, demoscene, VHS tapes, invention of modern backpropagation, a lot of memes and sauna. This is the country, which exports Alan Wake 2, quantum computers, and solitude.

As regularly as seasons change, new technology is introduced, vulnerabilities – old and new are discovered, lessons of tradecraft are learned and teachings of the old slowly forgotten. To foster the passion for advancement of (in)security and to keep that fire burning bright for future generations, we gather an intimate crowd of people every year to enjoy the advance of offensive research, share lessons of coming back from the edge, and build those valuable human connections.

Whether your research tackles LLMs, qubits, Azure/AWS/GCP, iOS internals, the market leading or lagging EDR products, access control systems, SoC, BTLE, tipping ChatGPT or something else, which is surprising to either humans or computers, we’d like to hear about it. Security researchers, you know the rules and so do we.

This is an event for the community, by the community. Our focus is on technical excellence, not politics or player hating. Come as you are. The advisory board will be reviewing submissions until 2024-02-04. Slide deck submission final deadline 2024-04-02 for accepted talks.

First come, first served. Submissions will not be returned.

Quick facts for speakers

  • presentation length 60-120 minutes, in English
  • complimentary travel and accommodation for one person[6]
  • decent speaker hospitality benefits
  • no marketing or product propaganda

Still not sure if this is for you? Check out the blast from the past.

[0] hunter2
[6] except literally @nudehaberdasher and @0xcharlie

How to submit
Fill out the form at https://if.t2.fi/action/call_for_papers

How to register
Buy your ticket from https://t2.fi/registration/

Forgot about t2 | Program beta out now

It’s pretty crazy that even Dr Dre managed to release new music since the last time t2 was organized. The 3.5 years without a conference definitely put a dent on the proverbial ’64 Impala, despite a steady stream of releases from our favorite artists. Even FSMCs performed live!

“They wanna know if AB still got it,
They say confs’ changed, they wanna know how we feel about it”

— Still t2

Coming back from the cold, CFP was one of the hardest ones we’ve had so far. The most brutal reviews and expectations for whether we curated a relevant program consisting of decent content or not comes from within the AB. “Why is that?” you ask sitting on a comfortable lobby bar sofa.

The Advisory Board of t2 has always had an aspirational goal of some day achieving certified status with the prestigious Security Vacation Club, yet we have decided to not submit an application until we can demonstrate a track record of at least twenty successful events.

On practical terms, using random puzzle pieces to put together a sensible picture, isn’t just dependent on the quality of individual pieces. It also depends on other ones on the table at the same time.

Right now we feel there’s a credible set of heavy hitters to warrant publishing our program in beta. Having said that, we are still working on it to make sure there’s the right recipe in the mix to facilitate those lobby bar discussions.

We still have about 25 tickets left. If you plan on attending and have not yet bought a ticket, it’s more or less the perfect moment (and second-to-last chance to do). The closer the event gets, the more likely it is someone comes and just buys 5+ at a time.

And yes, it’s on – with additional small print: a t2 Scarab challenge winner who uses a white ’86 Testarossa for ground transportation during the whole duration of t2’23 receives a free entry to t2’24 and t2’25.

Call For Papers 2023

Tired of your bosses suspecting conference trips to exotic locations being just a ploy to partake in Security Vacation Club? Prove them wrong by coming to Helsinki, Finland on May 4-5 2023! Guaranteed lack of sunburn, good potential for rain or slush. In case of great spring weather, though, no money back.

CFP and registration both open. Read further if still unsure.

Maui, Miami, Las Vegas, Tel Aviv or Wellington feel so much sunnier once you’ve experienced the lack of infinity pools in Northern Europe. Instead of pools and palms trees, we can offer you actual saunas and a high tech environment, which is a weird combination of demoscene, widespread Linux adoption, mobile Internet with uncapped flat rate data and a long history of IRC and imageboards.

What defines a conference? For t2 it has always been that intimate welcoming atmosphere of a small event, which makes both audience and speakers approachable. There are enough regulars to create the feeling of a community, but not too many that a first-comer would feel being left out. On the content side, we have always been and always will be a technical security conference, emphasizing the cutting edge, world class research. This is an event for the community. Our focus is on technical excellence, not politics or player hating.

t2’23 offers you an audience with a taste for technical security presentations containing original content. This is your chance to showcase the latest research and lessons in EDR simulation and healthcheck spoofing, hardware insecurity, inferring information from interference, cloud-scale forensics or persistance automation, new vulnerability classes, AI exploitation, virtual machines inside parsers, elegant exploitation of old vulnerability classes, modern defense, dropping zero days during presentations, state of the art memory corruption mitigation bypasses, evasions, safe cracking, satellite and space security, remote vehicle access, or whatever research lights up the eyes of seasoned conference visitors. For the hackers by the hackers.

The advisory board will be reviewing submissions until 2023-03-17. Slide deck submission final deadline 2023-04-20 for accepted talks.

First come, first served. Submissions will not be returned.

Quick facts for speakers
+ presentation length 60-120 minutes, in English
+ complimentary travel and accommodation for one person[6]
+ decent speaker hospitality benefits
+ no marketing or product propaganda

Still not sure if this is for you? Check out the blast from the past.

The total amount of attendees, including speakers and organizers is limited to 99. Advisory Board recognize the OG Finnish sauna culture is an acquired taste and can promise the lack of sweaty, partially or fully nude sauna-goers at all conference functions.

[0] hunter2
[6] except literally @nudehaberdasher and @0xcharlie

How to submit
Fill out the form

Call for papers 2019

We’re back. October 24-25 in Helsinki. CFP and ticket sales are now open.

Looking for an event worthy of your 0days or world class research? Prefer conference disclosure over jumping through hoops with uninterested vendors? Worried of sponsors doing shady backroom deals to block your talk? We’ve got your back. As an independent, vendor-neutral, practically-non-profit conference we value freedom of information and our guests over everything else – ethos, which has kept us going for the past fifteen years.

Organized for hackers by hackers, we’re the oldest technical security event in Finland. Our goal of providing audience with high quality technical content and a welcoming atmosphere, competitive on a global scale, brings people to Helsinki annually from all around the globe. Whether you’re coming from US, Israel, Russia, Germany, UK, France, Singapore, or heaven forbid, even Sweden, you’re guaranteed to find like-minded people to share ideas or drinks with.

“What happened in Vegas does not happen in Finland”

— Eevil Stöö


Never heard of Finland? No worries, we’re used to it! In addition to being the home country of Slush, we have a vibrant Moomin based import-export relationship with Japan. Luckily the Finnish language is as easy to learn as Japanese, only less popular. Here, in the home country of Linux, technology is so ingrained into our culture that even gangsta rappers know what’s up. As a nation, we’re also very comfortable with the idea of having a meeting naked – as long as traditional Sauna is involved.

t2’19 offers you an audience with a taste for technical security presentations containing original content. This is your chance to showcase the latest research and lessons in playing Jenga with memory allocators, practical cryptographic attacks against hardware, blinking the wrong LEDs, DIY torque vectoring, stealing Wu-Tang albums with Bill Murray, bypassing modern exploit mitigation techniques, combining policy work with offensive/defensive technology, running a Whisk(e)y distillery, having a complicated relationship with nation states, efficient data analysis of Internet traffic streams on botanical continent level, hacking space shuttles, catching bad guys with SIGNIT, nondestructive / covert entry, professional shitposting, elegant cyber crime or any other relevant research containing the type of love and happiness appreciated by seasoned conference attendees.

The advisory board will be reviewing submissions until 2019-07-31. Slide deck submission final deadline 2019-09-11 for accepted talks.

First come, first served. Submissions will not be returned.

Quick facts for speakers
+ presentation length 60-120 minutes, in English
+ complimentary travel and accommodation for one person[6]
+ decent speaker hospitality benefits
+ no marketing or product propaganda

Still not sure if this is for you? Check out the blast from the past.

Considering many of our visitors know what they want and trust us to deliver, we’re making their life easy.. The registration is now open!

The total amount of attendees, including speakers and organizers is limited to 99.

How to submit
Fill out the form at https://t2.fi/action/cfp

[0] {“enableDebug”:true, “password”:”changeme”}
[6] Except literally @nudehaberdasher and @0xcharlie

Call for Papers 2018

Join us for the 15th anniversary celebrations on Oct 25-26! CFP and ticket sales are now open.

To truly appreciate the full spectrum of cyber, one simply needs to visit Helsinki. Sooner or later you need a break from the sunshine and warmth, and it is exactly that contrast we can provide. Located halfway between Miami and Singapore (the long way round), just 3200 km NNW of Tel-Aviv, we can offer you a wintry experience which has almost nothing to do with those cities[0]. More than once the first snow has fell in Helsinki during t2, making the small and intimate conference a tiny bit comfier.

What is Finland all about? In addition to having won 2018 U18 ice hockey world championship[1], the latest UN studies[2] describe Finland as the happiest country in the world. Sauna, sisu[3] and perkele – the three pillars of a small, yet resourceful nation which created Linux kernel, ice skates, and the safety reflector. In the capital city Helsinki a reasonable person can walk safely in the middle of the night, enjoy clean tap water and partake in naked[4] swimming.

At t2 we embrace that national essence – punctuality and reliability. We organize this conference out of love and do our best to make it a memorable experience to both speakers and audience alike. If you’re in doubt, just send questions with #t2infosec hashtag on Twitter for an (un)biased opinion. This is an event from hackers to hackers.

t2’18 offers you an audience with a taste for technical security presentations containing original content. This is your chance to showcase the latest research and lessons in memory manipulation, practical cryptographic attacks, subverting secure hardware, exploitation of artificial intelligence, avoiding murder mysteries and train robberies, targeting needles from haystacks, securing the enterprise, secdevops/devsecops, industrial control systems, remote centrifuge operation, upstream collection, covert entry, TLAs or any other relevant research containing the type of love and happiness appreciated by seasoned conference attendees.

The advisory board will be reviewing submissions until 2018-07-31.
First come, first served. Submissions will not be returned.

Quick facts for speakers
+ presentation length 60-120 minutes, in English
+ complimentary travel and accommodation for one person[6]
+ decent speaker hospitality benefits
+ no marketing or product propaganda

Still not sure if this is for you? Check out the blast from the past.

Considering many of our visitors know what they want and trust us to deliver, we’re making their life easy.. The registration is now open!

The total amount of attendees, including speakers and organizers is limited to 99.

How to submit
Fill out the form at https://t2.fi/action/cfp

[0] We do have running water and electricity (as of writing)
[1] https://en.wikipedia.org/wiki/IIHF_World_U18_Championship even in the
medal statistics we’re the neutral buffer between the West and the East
[2] http://www.bbc.com/news/world-43414145
[3] https://en.wikipedia.org/wiki/Sisu
[4] https://www.hel.fi/helsinki/en/culture/sports/indoor/swimming/yrjonkatu-swimming-hall
[5] hunter2
[6] Except literally @nudehaberdasher and @0xcharlie

Dave Aitel keynote

Those who actually read the CFP announcement might have noticed the fine print in the footnote section where we announced this year’s keynote. Like having an IRC gateway from a BBS group chat, we’re trying to stay modern and understand that since time is money and everybody wants a TL;DR which fits a tweet, we need to provide one:

Breaking: Dave Aitel giving the headline keynote at t2’17! #t2infosec #cyber #leftoflaunch #dailydave #voiceofreason #buffythevampireslayer

In other words, we’re continuing the tradition of inviting former @stake / NSA employees / DailyDave posters  to speak at t2. If you’ve been reading mailing lists and not just clicking on random links from Twitter, you will probably agree that people who have been long enough in the game often have the kind of insight you can only get by having been there and done that. It is our pleasure to welcome Dave Aitel to deliver the keynote this year.

In case you were born after Miami Vice originally aired, do some googling and figure out a way to mention GOBBLES and our keynote speaker in the same sentence.

Call for papers 2017

Do you have a fear of being naked[0] in front of other people? Can you name a president[1] who has climbed a palm tree during an official state visit? Do you prefer small and efficient airports? Would you like to present world class research to a highly technical audience? If not sure yet, please continue reading.

t2 infosec is warmly welcoming you to Helsinki, on October 26-27 2017 – CFP is now open, and by submitting a talk, you get a chance to answer one or more of the previous questions.

Finland, the country in the heart of darkness, has managed to survive neutral and independent throughout its history despite facing pressure from the global superpowers due to her geopolitically strategic location. Dominance over the Baltic sea depends on controlling a handful of islands, Åland islands being one of the areas of importance. In a very typical Finnish fashion, we have embraced the 160 years of Åland islands demilitarization by drinking at home, alone, in our underwear[2]. Even Vogue[3] approves that.

While many people here would like to officially see us as the gateway between the East and the West – either through our land border with Russia or the fastest flights between Europe and Asia [4], the biggest advantage comes from the side alleys of the Internet. On the imageboards, the last sanctions for true freedom of speech, Finnish tactical meme capabilities hold a special stature – loved, admired, feared and hated, sometimes all of those at the same time. Classics like Spurdo spärde are shitposted with an intensity only a country with a long history in developing Linux, Internet protocols and mobile phones can provide, while new organic highly viral OC is pushed out at a rate comparable to major information warfare centers.

In addition to meeting the nation, which produces above average amounts of hackers, memelords and F1 drivers per capita, Helsinki in October offers you a mix of modern architecture and the Classics, saunas, casual foreign intelligence activities [5], early days of Northern European winter and cold weather, and chance to visit neighboring countries by just hopping onto a ferry at one of the harbors.

We organize this conference out of love and do our best to make it a memorable experience to both speakers and audience alike. If you’re in doubt, just send questions with #t2infosec hashtag on Twitter for an (un)biased opinion. This is an event from hackers to hackers.

t2’17 offers you an audience with a taste for technical security presentations containing original content. This is your chance to showcase the latest research and lessons in strategic offensive capabilities, practical applications for 48 Laws of Power, snakeoil-less security certifications, scientifically proven remote sensing, dropping zero days during presentations, scaling defense or buildings, detection mechanisms and tactics, preventing diamond heists, putting the ASL into ASLR, new vulnerability classes or something completely different containing love, happiness and traces of technical security.

The advisory board will be reviewing submissions until 2017-08-09.
First come, first served. Submissions will not be returned.

Quick facts for speakers

  • presentation length 60-120 minutes, in English
  • complimentary travel and accommodation for one person [6]
  • decent speaker hospitality benefits
  • no marketing or product propaganda

Still not sure if this is for you? Check out the blast from the past.

Considering many of our visitors know what they want and trust us to deliver, we’re making their life easy.. The registration is now open!

How to submit
Fill out the form at https://t2.fi/action/cfp

References

[0] No worries, we have saunas to cater to both nude or non-nude guests.
[1] Urho Kekkonen https://upload.wikimedia.org/wikipedia/commons/a/a1/Kekkonen-Tunis-1965.jpg
[2] https://toolbox.finland.fi/images/finland-emojis/kalsarikannit/
[3] http://www.vogue.com/article/finnish-trend-kalsarikannit-vogue-archive
[4] http://www.cnbc.com/2016/10/17/finnair-launches-singapore-to-helsinki-route-claiming-fastest-way-to-get-to-europe.html
[5] http://yle.fi/uutiset/osasto/news/finnish_intelligence_warns_foreign_powers_targeting_young_politicians/9540600
[6] Except literally @nudehaberdasher and @0xcharlie
[
42] Ladies, gentlemen, and hackers, this year our headlining keynote speaker is the voice of reason when it comes to cyber policies, offense and Buffy the Vampire slayer, the person who needs no introductions,  Dave Aitel!

Call for Papers 2016

If you are tired of any of the following: 1) conferences where coffee service equals one coupon (= cup) per day, 2) conferences with crazy-ass lines making world’s busiest transit hubs seem like a pleasurable life experience, 3) conferences showcasing talks indistinguishable from sponsored content, or 4) conferences which overcharge and underdeliver, please continue reading.

t2 has throughout its history offered speakers and guests an intimate atmosphere where ideas can be exchanged with fellow hax0rz. We take pride in treating speakers as guests of honor – presenting a talk at t2 and visiting Helsinki is something we want you to both remember and enjoy.

Finland is a country, which has pioneered things such as the first web browser with a GUI[1], has no embassy in New Zealand and has introduced the world some minor tech stuff such as Linux and SMS. In case your bucket list contains BDSM with complete strangers, just submit a paper, come to Helsinki and ask for Finnish sauna [2].

While Helsinki cannot offer you sunshine, resorts or palm trees, we can compensate that with cold weather, eternal winter, darkness, and snow if you’re lucky. According to the latest OECD statistics[3], Finland has as many metal bands as France has wine producers, but more metal subgenres than there are wine regions.

t2’16 offers you an audience with a taste for technical security presentations containing original content. This is your chance to showcase the latest research and lessons in offensive offense, enterprise compromise, ambiguous APT-attribution, nation state lulz, anti-anti-anti-forensics, blacklisted research, crafting digital munitions, defense strategy and tactics that actually work, tampering anti-tamper units, competitive barbecue and/or doping in professional sports. Topics outside the listed categories are accepted as long as you promise to share love and happiness.

The advisory board will be reviewing submissions until 2016-07-01.
First come, first served. Submissions will not be returned.

Quick facts for speakers

  • presentation length 60-120 minutes, in English
  • complimentary travel and accommodation for one person [4]
  • decent speaker hospitality benefits
  • no marketing or product propaganda

Still not sure if this is for you? Check out the blast from the past:
https://t2.fi/schedules/

ps. If you are one of those dedicated hardcore t2 visitors and want to ensure your place in the audience even before speakers are announced.. The registration is now open!

How to submit
Fill out the form at https://t2.fi/action/cfp

References
[0] https://en.wikipedia.org/wiki/Erwise
[1] http://www.visitfinland.com/article/10-sauna-tips-for-beginners/
[2] https://www.google.com/search?q=site:oecd-nea.org+filetype:php
[3] With the exception of Charlier Miller and Chris Valasek
[4] Yes, we know

 

Fortuna Huiusce Diei

Making predictions is easy when you have friends in low places. They indeed helped us secure a solid 5/5 performance for our 2015
predictions already during H1. It’s all about making your own luck –
Lady Fortune is not that random when you know what’s happening in the operational area.

To summarize what has happened during the past few months:

This brings us to the CFP – it’s still open a couple of weeks and waiting for your submissions. If you want to present your research to a technical audience, enjoy cold weather in Helsinki and/or meet hacker-minded people from all over the world, t2 is definitely your conference.

The registration will open soon after the first rounds of CFP has been accepted. Last year we sold all of the seats well before the event – if you are looking to buy 5 or more tickets, please contact us now.

Call for Papers 2015

Why spend your valuable conference time in the longest lines you have seen in your life, getting a sun burn or totally lost in the canals with your rental boat, being deprived of chewing gum or waking up in Nong Palai without any recollection how you got there? Helsinki offers you the safe and comfortable low-temperature alternative with a chance of first snow. Finland, the home country of many things you thought came from Japan.

This is the country where the strong demo scene culture has spawned multiple globally successful game companies, rally cross is also known as winter commute and people are sometimes so silent you wonder whether their opsec is 6/5 or if they are just mute. Silence doesn’t mean social situations have to be totally awkward – just ask if anybody wants have a drink and go to a sauna, and soon you are sitting naked in a steamy hot room beating yourself with a bath whisk. Experiencing Finland is extremely safe due to standards compliance and decent level of government regulation.

t2’15 offers you an audience with a taste for technical security presentations containing original content. This is your chance to showcase the latest research and lessons in offensive cryptography, hardware hacking, art of developing and cultivating assets, next generation cyber-APT-attribution, compromising nation states, displaying calculators, blinking leds or making games run (in several wrong places), anti-forensics, covert entry, enterprise defense tactics and techniques, censored research..or something completely different warming the hearts of seasoned con-goers.

The advisory board will be reviewing submissions until 2015-07-15 23:59:59 UTC. First come, first served. Submissions will not be returned.

Quick facts for speakers
+ presentation length 60-120 minutes, in English
+ complimentary travel and accommodation
+ decent speaker hospitality benefits
+ no marketing or product propaganda

Still not sure if this is for you? Check out the blast from the past

How to submit
Fill out the form at https://t2.fi/action/cfp

ProTip: Incomplete submissions will not be reviewed.