It was a remarkable conference, for the first time organized outside of Poland. Thanks to our partners we were able to organize lectures and workshop sessions in Czech Republic’s capital – Prague.
The whole day of lectures included speeches from Juraj Malcho, Deviant Ollam, Brad “RenderMan” Haines, Mario Heiderich, Johannes Hofmann, Juraj Bednar, Pavol Luptak and Marcell Major. While the first track was filled with enlightening lectures, the second hall was transformed into a chill zone with video games, places to rest, a “Hackers for Charity” Roulette, and a brmlab stand. As soon as Deviant Ollam started his workshop on lock-picking, the conference hall filled with people interested in learning more about physical security. Why did he bother to talk about it? Well, as he said, people don’t put enough attention to the physical security of the equipment they use. As he demonstrated, opening most of the locks takes only a few seconds. During this workshop, people could grab lock-picking tools, or whatever they could find (including a high heel shoe) and try to break a variety of locks, boxes and even real handcuffs. After some training, there was a contest for the newborn lock-pickers.
The lectures have finished around 7:30 and the first day of the conference was over... or wasn’t it? Actually, it is a tradition to hold a CONFidence after-party between two days of the conference. It couldn’t be different here in Prague so everyone headed to the place named Styx – an underground club full of beer, lights, dancing, electronic music and with a huge dog crawling around the place. The party finished very late at night or as some people may say – early in the morning.
And here came the second day of the conference, starting with a small contest for “early birds”, prizes were given to attendees who arrived first at the conference hall. This day lectures were divided into two parallel tracks, the first presentations were delivered by Raoul Chiesa on track 2 and Mateusz Drygas and Tomasz Nowak on track 1. Starting from Cybercrime and CyberWar theories to the specific use of biological sequence alignment in protocol discovery.
That day we had the opportunity to listen to talks by Nick Nikiforakis, Johannes Dahse, Chema Alonso, Andrzej Dereszowski, László Tóth, Tomáš Zaťko, Dmitry Sklyarov, Łukasz Bromirski, Alexey Sintsov, Alexandr Polyakov and Sharon Conheady. Not so often do we have the opportunity to host so many specialists as here at CONFidence.
At the very end of the conference, we had a closing ceremony with a lot of prizes for attendees. ESET, our Platinum Sponsor and Organizer of the ESET CrackMe contest funded a prize for the person who first broke into their test application. We also had awards given for people who filled the evaluation forms, for the best photo of the conference and some lock-picking gifts from Deviant. The conference was over, but it didn’t mean the end of talks – in the evening everyone was invited to a pub near Prague’s Main Market for last chats before departing back homes.
|Dzień pierwszy, 29 Listopada 2010
|08:20 – 09:20
|09:20 – 09:30
|09:30 – 10:30
|Jak poznałem Twoją dziewczynę
|10:40 – 11:40
|2010 – Rok exploitów
|11:50 – 12:50
|10 rzeczy, które każdy powinien wiedzieć na temat Lockpickingu i fizycznego bezpieczeństwa
|13:00 – 14:00
|802 NOT 11
Brad “RenderMan” Haines
|14:00 – 15:00
|15:00 – 16:00
|Głusi i ślepi (Dev and blind)
|16:10 – 17:10
|Zarządzanie serwerem z użyciem DSSH: więcej niż hasła
|17:20 – 18:20
|Nowe podatności w masowo wykorzystywanych technologiach
|18:30 – 19:30
|Jak napisać swój łamacz haseł
|21:00 – …
|Dzień drugi, 30 Listopada 2010
|09:50 – 10:00
|Rozpoczęcie drugiego dnia konferencji
|10:00 – 11:00
|Odkrycie i wizualizacja protokołów sieciowych za pomocą narzędzi do wyrównywania sekwencji biologicznych
|Cyberprzestępczość, cyberwojna, wojna informacyjna: o co w tym wszystkim chodzi z punktu widzenia hakera? Nowe zasady dla nowego świata
|11:10 – 12:10
|Łamanie aplikacji internetowych w środowiskach dzielonego hostingu
|SQLi filter evasion and obfuscation
|12:20 – 13:20
|Ukierunkowane ataki: od bycia ofiarą do kontrataku
|13:20 – 14:20
|14:20 – 15:20
|Oracle post exploitation techniques
|Paranoja czy zawyżone standardy bezpieczeństwa?
|15:30 – 16:30
|Fałszowanie Original Decision Data w aparatach Canon
|16:40 – 17:40
|Głupie błędy. Luki w architekturze i logice biznesowej
|Przyszłość inżynierii socjalnej
|17:40 – 17:50
|Game 0ver Party