Confidence

CONFidence 2.0 19-20 listopad Warszawa

Zapraszamy wszystkich na kolejna edycje CONFidence, która odbędzie się w Warszawie

Szczegóły na stronie: http://200902.confidence.org.pl

CONFidence 2009 finished!

These were really great two days, full of learning, gaining new skills, as well as having tons of fun . 15th May started at 8 a.m. when our lovely hostesses opened the registration for the 5th edition of CONFidence The crowd was huge as all of CONFidence 450 registered attendees wanted to see the first talk of the day – keynote by Bruce Schneier. He is the world’s top security experts and his work is well-known by everybody in the industry, thus his trip to Poland was something that we all have been waiting for. Bruce shared his views on security with CONFidence attendees and was very open to hear their opinion and answer the questions. His talk was followed by Joanna Rutkowska, CONFidence keynote and frequent quest, who talked about trusted computing. She introduced TPM (Trusted Platform Module) and tried to encourage to take better care of security on hardware level. There were more interesting talks during the first day of CONFidence such as Introducing Heyoka: DNS Tunneling 2.0 by Alberto Revelli and Nico Leidecker; Alexander Konrbrust lecture about Oracle SQL Injection in we application or the talk by Michal Sajdak, who showed in practise how easy it is to hack home routers.

The second day was opened by Jacob Appelbaum, who talked about TOR (The Onion Routing ), a free software implementation of second-generation onion routing that enables users to communicate anonymously in the Internet. You can read the interview with Jacob and find out more about TOR project here.Jacob was followed by speakers such as Tavis Ormandy, a member of Google Security Team, who specializes in finding holes in UNIX systems; Alessio L.R. Pennasilico, who talked about the issue of attacks based on botnets and introduced some OpenBSD ideas as a way of defending against those threats. The speakers also included: Christian Heinrich, the leader of Google Hacking project, Mike Kemp, who talked about rootkits and Raoul Chiesa, who showed dangerous links between security and intelligence.

The lectures were not the only thing that we have organized for CONFidence attendees. For all those who needed a brake there was a soccer table and old fashioned games to play (including Teken!). Jaroslaw Sajko from pentesters.pl and Andres Riancho from Bonsai - information security organized Capture the Flag. There were 15 different tasks from networking, web and forensics and the competition was very tough. Finally, Gynvael Coldwind and Mateusz ‘j00ru’ Jurczyk won! Gynvael was definitely the most active hacker at CONfidence as he won also the ESET crackme contest, organized by ESET, CONFidence Gold Sponsor. Congratulations! As you can see, the sponsors did their best to entertain our attendees. F5 also organized a contest (Try to break F5 security) and free workshops about solutions based on F5 BIG-IP infrastructure.

Many people say that during conferences social networking, meeting people from the industry and sharing experience is sometimes even more important than the lectures. Well, we took care of that, too. There was lots of chances to talk to the peers not only during the conference, but also at the before party (Hackers’ Movie Night), at the after party or in the Hackers’ Squad (two hostels rent just for CONFidence hackers).

The whole CONFidence team would like to thank all of you for coming to Krakow and for creating such a great atmosphere at CONFidence 2009. Thanks for being here with us! We are especially grateful to those who travelled the long way to get to CONFidence. More than 1/3 of all 450 attendees came from abroad, from countries such as Germany, Russia, Sweden, Czech Republik, Slovakia, Ukraine, Spain etc.

Important note! The slides and audio from the lectures will be available on our web page soon. The movies will appear a bit later. If you took photos during CONFidence, please share them with us! Send the pics to Anna, at anna.kolodziejczyk(at)proidea.org.pl and we will be forever grateful ;).

We wants to thank CONFidence sponsors and media partners for their support














Try to break F5 Security

  1. Start at 16:00.
  2. Target is APPLICATION accessible on http://217.8.182.235
  3. End is 20:00.
  4. Attacks on OS, DB, network, DoS, DDoS are not allowed. Any attacks against any other component except APPLICATION are not allowed.
  5. The goal is to find vulnerability in APPLICATION logic.
  6. First person, who find it and send it to l.formas@f5.com wins.
  7. Announcement of winner tomorrow about 14:00-14:30.
  8. Normal use of application is:
    1. Register user
    2. Login form main page
    3. Making activities – buy, sell etc.
    4. Use buttons to send request (example “Submit query”)

Ham radio operator

If You are ham radio operator or radio enthusiast feel free and join to our community! QRG simplex 145.525 FM CTCSS 67Hz. You are welcome!

Workshop

We would like to invite all of you for a workshop held by Marcin Filipiak as a part of Hands-on track on 16 may.

Workshop is held in the form of presentation for architects and administrators of solutions based on F5 BIG-IP infrastructure and people willing to find out more about the capabilities of iRules script language.

You can find more information and registration form here…

“Try to break F5 security”

We are glad to announce that during the first day of CONFidence conference a “Try to break F5 security” contest will be organised. Coorganizer of this competition is F5 Company. The aim of the contest is to break application’s security. Registration of the participants will take place at Confidence website starting on Tuesday (2009.05.12) 8.00 p.m. The first 30 people to register will enter the contest. You can find more details and the registration form here…

ESET crackme

The “ESET crackme” is a small program designed to test a reverse engineering skills. The challenge is to find the correct password in specially crafted executable file.The first person to send the correct password to praca@eset.pl wins.

The competition starts at 12:30 P.M., Friday, 15th May.

Attach a short information about you to the solution.

Hackers’ Movie Night

We decided that After Party is not enough for us and we’re throwing Before Party, too :) Lets meet on 14 May in Kijow Club, have some beers and watch the movies that have created the image of hackers in pop culture. We’re going to see some classics like Wargames, every hacker’s mandatory viewing, as well as Metropolis, Fritz Lang’ science fiction masterpiece that has inspired the creators of Star Wars and Matrix. Than we’re going to move on to PI, to find out how we can understand the world through numbers and patterns they create, and an excellent Enemy of the State with Will Smith, Gene Hackman and US government as Big Brother. As an antidote to all paranoia and showing hackers as evil monsters, we’re going to see real hackers in H4ck3rs Are People Too – the best security movie of 2008 and great documentary about our community.

Stop by on 14 May at 9 pm. and bring popcorn ;)

CONFidence Security Evangelist Contest Participant wins a free pass for CONFidence

We would like to thank all, who took part in the CONFidence Security Contest (CSE). All votes will be counted and we will announce the results on the 15th of May, during the first day of CONFidence Conference.

We drew a free CONFidence pass among all CSE participants and the lucky winner is Borys Lacki! Congratulations Borys and see you at CONFidence 2009!

Remember, that you can vote in CSE for only few more days! Vote now!

CONFidence Security Evangelist Contest launched!

We would like to invite you all to take part in the contest that aims at dermining who is leading IT security community and really pushing it forward. We want you to choose which hackers, blogs and vortals are making the most to promote IT security. You can vote now for categories:

Check out http://2009.confidence.org.pl/konkurs to see who the leaders of IT security community are. You can submit candidates and vote in all categories until 10 May, 2009. Vote now! The outcome of the contest is in your hands!