CONFidence 4

16-17 maj 2008

Centrum Sztuki i Techniki Japońskiej Manggha




About conference

The 4th edition of CONFidence took place in a rather unusual location - the Manggha Center of Japanese Art and Technology in Krakow. However, it worked great, just like the old-new speaker team. Among them, you could once again witness Joanna Rutkowska, whose presentation of "Security Challenges in Virtualized Economics" was received immeasurably warmly. Joanna had to answer a lot of questions from those interested in the topic. The morning session began with a lecture on phishing by Angelo Rosiello. Later, Sarah Deacon, Łukasz Bromirski and Felix Kronlage performed. The lecture by Alberto Revelli on SQL Injections was particularly interesting. Confidence's after-party at the end of the first day has become a tradition by now. This time, it took place in the Old Town, in Społem and Coyote Bar.

CONFidence once again offered participants interesting competitions. This time the goal was to guess the names of the three kings, previously chosen. To do this, you had to use the hacker's weapon - a computer with the Internet. However, it was forbidden to attack servers and other computers on the network. Tasks related to the security of Web Applications were also the subject of WarGame. Both contests were crowned with attractive prizes, but for the participants themselves, the prize was also to establish unusual acquaintances and check their knowledge against them.

In order for each participant to rest and gain strength to participate in the further part of CONFidence, at lunchtime we prepared a barbecue feast for everyone. An hour lunch break was a great opportunity to talk to the speakers while having a beer, in a chill atmosphere. In the garden of Manggha and on the terrace with a beautiful view at Wawel, attendees held sharp discussions and asked questions regarding the talks.

The second day of the conference started just after 9 am. Although most of us spend some long hours at the afterparty the room was full during the lecture of Adrian Pastor, and then Petko d. Patkova of GNUCITIZEN. Equally high emotions were caused by a lecture by Dinis Cruz regarding the OWASP project, which is becoming more and more popular in Poland. After the presentation, the OWASP stand was very popular, with Dinis answering questions on where to buy the OWASP Testing Guide. A strong point at the end of the conference was Wojciech Świątek's presentation on the security of wireless networks. Particulary interesting was the discussion of the speaker with Joanna Rutkowska, which lasted long after the lecture. In addition to excellent, professional presentations, during the conference, you could also play old-school games, including Tekken on the real Commodore and International Karate on flippers, which we remember from our youth. Original gadgets could be purchased at the OpenBSD booth and in the CONFidence store. During the conference, the Capture the Flag and WarGame competitions were also held.


Dzień pierwszy, piątek, 16 Maj
Poranna kawa
9.30-10.45 Joanna Rutkowska Keynote - Security Challenges in Virtualized Environments
10.50-11.50 Dan Griffin Hacking Windows Vista
11.55-12.55 Alessio L.R. Pennasilico MacOS hacX
12.55-13.55 Przerwa obiadowa
13.55-14.55 Angello Rosiello Antiphishing Security Strategy
15.00-15.30 Sarah Deacon Are we ready for Cyber war? NATO case study
15.35-16.35 Alberto Revelli Building the bridge between the WebApp and the OS: GUI access through SQL Injection
16.35-16.45 Przerwa kawowa
16.45-18.00 Łukasz Bromirski Welcome to the new IP reality - Best practices that failed for YouTube
18.00-18.45 Felix Kronlage Keeping your OpenBSD machines easily up-to-date
Dzień drugi, sobota, 17 Maj
Poranna kawa
9.30-10.30 Adrian Pastor Cracking into embedded devices and beyond!
10.35-11.35 Petko d. Petkov Client-side Security
11.40-12.30 Dinis Cruz TBD
12.30-13.25 Przerwa obiadowa
13.25-14.25 Grzegorz Wróbel SPAM against the world!
14.30-15.30 Raoul Chiesa, Alessio L.R. Pennasilico SCADA Security
15.35-16.15 John Fitzgerald , Tomasz Miklas Code and Money - the source of all evil
16.15-16.25 Przerwa kawowa
16.25-17.15 Dr. Elisa Bortolani, Raoul Chiesa, Alessio L.R. Pennasilico The Hackers Profiling Project
17.15-18.05 Wojciech Świątek Wireless security
18.05-18.15 Zakończenie konferencji