t2'18 | t2 infosec conference

2020-02-02

Hacking ML in images (and everywhere else)

This time we’re looking back into our archives to bring you a presentation from Guy Barnhart-Magen and Ezra Caltum. In their t2’18 talk the BSidesTLV co-founders cover offensive research possibilities when it comes to machine learning systems. Do you know which ML attacks have the most business impact? Watch the video to learn more.

The presentation will be answering questions such as “what does it mean to hack a machine learning system?” and “what would you actually target?”, with an emphasis on the methodology and the way Guy and Ezra approached the problem.

We have always enjoyed these types of talks, as the shared knowledge powers the audience to do research and find their own zero days. Speaking of research and zero days – don’t forget to checkout BSidesTLV, coming July 2 2020!

2018-10-21

Halvar Flake keynote

The advisory board and organizers of t2 are honored and pleased to have Halvar Flake deliver the headlining keynote for the 15th anniversary edition of the event. His speaking history with t2 starts in 2005, and Halvar is certainly recognized as one the luminaries in the field. The following teaser provides a taste of what to expect.

Risks, Damn Lies, and Probabilities

IT continues to bring pervasive change to our societies, industries, and everyday life. This transformation also brings individualized and complicated risks to individuals, companies, and to societies.

IT security is, to some extent, charged with managing these risks. But for an industry tasked with managing risk, we are pretty unstructured in thinking about risk, accounting for risk, and most of all: Holding ourselves and other tech executives accountable for estimates of risks and their probabilities.

The IT industry is often incentivized to incur risks on behalf of others – and to underestimate the actual magnitude of these risks. Customers are either not empowered or not incentivized to challenge excessively rosy risk estimates. Entire executive careers in IT are built on underestimating risks incurred for others.

This talk will cover my observations about the ways we think sloppily about risk and harm, about the IT industries’ lack of risk management for systemic risks, and some thoughts about holding IT industry executives accountable for their risk estimates and decisions.

— Halvar Flake

2018-08-16

t2’18 schedule online

The schedule for 2018 is now online.

We are extremely excited to have two excellent keynote speakers. The headlining keynote comes from none other than Halvar Flake himself, and Friday starts with a live action keynote by Viss. While we don’t officially have tracks as such, the themes revolve this year around machine learning, hardware, and vulnerability research, with a mix of exploitation and lessons learned.

It’s funny how things come together – we were never going for a classic t2 lineup, but ended up getting one nevertheless. Regular visitors and long time friends might notice that the list of speakers revisits 2005, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, and 2017. All in all, seven talks out of thirteen are given by people who have been with us before, many of them several times. As such, we feel this suits the 15th anniversary celebrations well.

Slightly over 30% of the tickets were sold during the summer, and since 2014 we’ve been sold out one to two months before the event. Register now.

For an A side, there is @t2_fi Helsinki.

— Travis Goodspeed (@travisgoodspeed) August 16, 2018

2018-08-09

t2’18 challenge winner announced

This year we altered the challenge format once again, and ran it in the form of a free-format application over e-mail between the 4th of July and 4th of August. Neither attempts at bribery nor cheating were noticed, which was a slight but acceptable disappointment for the Advisory Board.

As it has been the case in the past, the same names often show up in the Hall of Fame. Whether it’s the technical talent, persistent effort or being in the right place at the right time, Fortune favors the bold.

Congratulations Carl “Zeta Two” Svensson! Well done!

To demonstrate what it took to receive the ticket, here are selected highlights from his long application:

Running Midnight Sun CTF online and offline
Organizing weekly alma matter CTF meetups
Livestreaming the solving of a hardware CTF challenge (including failure)
Youtubing AVR firmware reverse engineering (challenge from RHme2 CTF, 6th place)
3rd place in LabyREnth 2017
Several writeups for different challenge and CTF qualifiers

We would also like to thank everybody who participated in the challenge this year. Your submissions were greatly appreciated. In other news, the ticket sales have been active during the summer and we are expecting a flood of registrations once the preliminary schedule is released. To make sure you don’t miss out, register now to guarantee your place at the 15th anniversary edition of t2.

2018-07-04

t2’18 challenge

Regular visitors and friends of t2 know our struggles with the annual challenge. The main purpose behind the puzzle has always been to find and recognize passionate people who have the talent, but sometimes lack the necessary budget to attend the event. We strongly believe in paying it forward and this tradition is something we want to hold on to.

For t2’18 the annual challenge will take a new form. To showcase technical excellence and prove you deserve a free ticket, all you need to do is submit an open application (preferably in ASCII format) over e-mail. Whether it’s your tool repository on github, awesome local meetup presentation, craziest exercise in memory manipulation, a recent bug bounty submission or something completely different, let us know. Supporting evidence goes a long way.

Rules of the challenge

The Advisory Board will select 0-2 ticket recipients out of the submissions
Challenge deadline is August 4, 2018 @ 23:59:59 UTC
Submissions must be sent to info-2018@lists.t2.fi
Criteria for selection is unscientific, tough but fair and may change at any time
Participants unestablished in the security industry will receive a scoring multiplier
The free ticket entitles to the same perks as a single regular ticket
Travel costs (if required to participate) are not covered by the prize
Decisions are final, but we still love you. It’s not you, it’s us. We hope we can still be friends.

2018-05-09

Call for Papers 2018

Join us for the 15th anniversary celebrations on Oct 25-26! CFP and ticket sales are now open.

To truly appreciate the full spectrum of cyber, one simply needs to visit Helsinki. Sooner or later you need a break from the sunshine and warmth, and it is exactly that contrast we can provide. Located halfway between Miami and Singapore (the long way round), just 3200 km NNW of Tel-Aviv, we can offer you a wintry experience which has almost nothing to do with those cities[0]. More than once the first snow has fell in Helsinki during t2, making the small and intimate conference a tiny bit comfier.

What is Finland all about? In addition to having won 2018 U18 ice hockey world championship[1], the latest UN studies[2] describe Finland as the happiest country in the world. Sauna, sisu[3] and perkele – the three pillars of a small, yet resourceful nation which created Linux kernel, ice skates, and the safety reflector. In the capital city Helsinki a reasonable person can walk safely in the middle of the night, enjoy clean tap water and partake in naked[4] swimming.

At t2 we embrace that national essence – punctuality and reliability. We organize this conference out of love and do our best to make it a memorable experience to both speakers and audience alike. If you’re in doubt, just send questions with #t2infosec hashtag on Twitter for an (un)biased opinion. This is an event from hackers to hackers.

t2’18 offers you an audience with a taste for technical security presentations containing original content. This is your chance to showcase the latest research and lessons in memory manipulation, practical cryptographic attacks, subverting secure hardware, exploitation of artificial intelligence, avoiding murder mysteries and train robberies, targeting needles from haystacks, securing the enterprise, secdevops/devsecops, industrial control systems, remote centrifuge operation, upstream collection, covert entry, TLAs or any other relevant research containing the type of love and happiness appreciated by seasoned conference attendees.

The advisory board will be reviewing submissions until 2018-07-31.
First come, first served. Submissions will not be returned.

Quick facts for speakers
+ presentation length 60-120 minutes, in English
+ complimentary travel and accommodation for one person[6]
+ decent speaker hospitality benefits
+ no marketing or product propaganda

Still not sure if this is for you? Check out the blast from the past.

Considering many of our visitors know what they want and trust us to deliver, we’re making their life easy.. The registration is now open!

The total amount of attendees, including speakers and organizers is limited to 99.

How to submit
Fill out the form at https://t2.fi/action/cfp

[0] We do have running water and electricity (as of writing)
[1] https://en.wikipedia.org/wiki/IIHF_World_U18_Championship even in the
medal statistics we’re the neutral buffer between the West and the East
[2] http://www.bbc.com/news/world-43414145
[3] https://en.wikipedia.org/wiki/Sisu
[4] https://www.hel.fi/helsinki/en/culture/sports/indoor/swimming/yrjonkatu-swimming-hall
[5] hunter2
[6] Except literally @nudehaberdasher and @0xcharlie