Re: Boot loader uses INT 13h [WAS BIOS call fallback]
>>Returning back to the discussion where I suggested it would be nice to >>build OS kernels that would fail deliberately when virtualized to close >>off that class of malware, especially on the new Intel Skylake chips >>that have fixed so many virtualization bugs that they can (reportedly) >>run VT inside VT and nest virtualization so efficiently you can >>virtualize ridiculous numbers of VMs even inside each other, with so >>little overhead and few virtualization artifacts that they are nearly >>undetectable when virtualized. >There are at least two issues here. > >First, some of us *want* to run OpenBSD in a virtualised environment, so there would have to be multiple code paths/sysctl to deal with this. Also, what you're asking for is very x86 specific. These days, I would guess more stuff runs virtualized than not. A kernel compile/build time configuration would be sufficient here. Yes, and even more specific than that, I am concerned about the latest Skylake generation x86 and follow ons - earlier processors have readily documented bugs that can be used to identify hypervisors. (and these can be used independently of the specific brand of hypervisor) > >Second, it is simply not true that virtualisation is nearly undetectable. This is of course a moving target, but I'd be amazed if close examination of processor features made a VM undetectable. Mostly VMs go out of their way to let >the guest OS know they're running in a VM, so paravirtual drivers can be used. > Since we are talking about malicious applications of hypervisors, and virtualization features, we can assume that a specialized hypervisor backdoor, will probably try to not be so blatant and may not be as easy to detect as a garden variety VM. A small hypervisor, that limits its scope to interfering with only a few specific functions would not leave so many artifacts to detect, in effect passing through most functionality to the real hardware. (see example below) >The virtualised hardware has a passing relation to actual hardware. Taking the easy way out, insist on any server hardware being based on Nehalem or later chipsets, and you'd immediately block the use of Xen, KVM, and >probably most other VMs. Until reasonably recently, a Xen HVM domU features a modern (post pentium 3) processor attached to a 440BX chipset. This is, of course, non existent in the real world. There are many, many other >quirks that identify VMs, they do not make a serious effort to hide their presence. This is a lot of hand waving ("many") without actual details. Xen, bhyve and lots of other, ahem, simpler, VM systems have unique documented quirks (how's that for understatement). I'm concerned mostly about the more complex and less quirky and fingerprintable HyperV, VMware, or derivatives thereof with the identification APIs removed or disabled, but primarily the threat lurks in unknown small, specialized hypervisors which might have a very small footprint to identify. Ideally I'm looking for something that will work across all hypervisors, to detect virtualization generically instead of VM implementation specific quirks or tricks and even better if it works across multiple chipsets, but as stated above I am primarily concerned with the latest generation of x86 chips where the principal threat lies, as a long set of VM and chipset specific checks sounds like an ugly to maintain mess (see tricks below). I concede this may not be possible but we won't know until looking for such. Here is an example of a small, difficult to detect custom hypervisor (though this one is used for defensive purposes) and a pretty cool research paper which also discusses things relevant to this topic: http://www-brs.ub.ruhr-uni-bochum.de/netahtml/HSS/Diss/WillemsCarsten/diss.pd f Some approaches: Timing loops have always been suggested as a first idea, but in practice are unwieldy and inaccurate. Network packet timing has also been suggested, but again I don't know if these approaches will work anymore in new high efficiency virtualization. Other folks have suggested looking for memory layout anomalies introduced by virtualization. This seems to me to hold the most promise. For reference I include below some documented tricks to identify common VMs. These tricks in the end are crap. They are just signatures for a snapshot of a moving target and would not really be useful for defense. I am hoping someone might have some other clever ideas, and that looking at the list below might stimulate some creativity. Memory layout integrity seems to me to be the only avenue that may be feasible right now, but maybe someone else has some other approach that hasn't been considered yet, as there are a lot of smart folks here. Cheers, --dr Tricks (but not much treats) Ed Skoudis and Tom Liston enumerated many VM detection tools and some anti-anti-VM techniques in their now quite dated 2006 paper: http://handlers.sans.org/tliston/ThwartingVMDetection_Liston_Skoudis.pdf
Re: Boot loader uses INT 13h [WAS BIOS call fallback]
The right link to PacSec slides (sorry): Mickey's and Jesse's slides from PacSec: http://goo.gl/Rgcwud -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Dragos Ruiu Sent: December 23, 2015 8:24 PM To: 'Tinker' Cc: 'Read, James C' ; 'Theo de Raadt' ; 'OpenBSD general usage list' ; owner-m...@openbsd.org Subject: Re: Boot loader uses INT 13h [WAS BIOS call fallback] >On 2015-12-23 10:04, Dragos Ruiu wrote: >> Ok let me short circuit this meta discussion by saying that AFAIK now >> that the new Intel Skylake chips fixed many virtualization bugs > >Curious, where can I read about this, URL? The canonical reference is still (and I looked for better summaries but none are found): http://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32 -architectures-optimization-manual.pdf http://goo.gl/Aq59Lm Its dense with info and tough to pull relevants bits out, but some clues are in there. My comments are based on verbal discussions with other non OBSD OS kernel developer, Intel folks who have boasted about running hundreds of VMs efficiently on a single (albeit Xeon) chip, and multiple folks who are doing security audits of different vendor's Virtualization Cores, that have all corroborated this not very well documented info, commenting especially that Intel had pulled back some not so ready for the real world features originally promised but eventually deprecating them in Broadwell (haven't checked the processor errata for details yet), which were now finally working in Skylake. Coincidentally tonight, this seemingly related and interesting new paper by Joanna Rutkowska (@rootkovska) "Intel x86 Considered Harmful" was released which proposes an intriguing security solution that sounds appealing at first, getting rid of all state in laptops - until you realize that doing this is almost impossible. For a counter example we had a great paper at PacSec this year from Intel's Mickey Shkatov and Jesse Michael discussing and enumerating many of the hidden state / firmware / processors in modern architectures that can be attacked and used as springboards including examples of pwnage using this soft, delicate, and unprotected underbelly of our computers. Modern architectures have so many mutable bits and embedded CPUs/PICs/FPGAs etc... that removing (or even locking them) is a task I daresay is beyond our reach at the moment - at least without making the computers nearly useless bricks. For another example, consider things like your keyboard controller, which is probably a National Semiconductor chip with yet another embedded 8051 core, and then some more of those in your mice and keyboards, and USB and other controllers, and so on. As a matter of fact just counting only the 8051 cores alone in a modern PC is so hard you are nearly guaranteed to miss a few on your first cut. Joanna's paper: http://goo.gl/8xhMo8 Mickey's and Jesse's slides from PacSec: http://goo.gl/8xhMo8 Returning back to the discussion where I suggested it would be nice to build OS kernels that would fail deliberately when virtualized to close off that class of malware, especially on the new Intel Skylake chips that have fixed so many virtualization bugs that they can (reportedly) run VT inside VT and nest virtualization so efficiently you can virtualize ridiculous numbers of VMs even inside each other, with so little overhead and few virtualization artifacts that they are nearly undetectable when virtualized. The prevailing attitude that this isn't in scope to worry about - to which I counter that if you don't worry about the overall platform security and just put blinders on to the hard problems, avoiding defensive mitigations for the weak architecture areas then you have already lost the security and integrity of your computers, and you are at the mercy of the sophisticated attackers. They aren't your computers anymore, you are just using them under the graces of what attack teams more advanced than you allow you to do. (bracing) This is an area where Win10 is clearly leading the pack based on the effort I see they are putting into repeatedly auditing all their codebase with smart outside experts and adding interesting new mitigations like wrappering and shimming vulnerable unchecked AMD microcode updates, and other weak hardware parts like USB etc... - and who would have guessed I would be saying that a few years ago! Yes, I put on my Nomex flame retardant suit before typing that sentence suggesting that OpenBSD development might actually take some cues from Windows, heresy I know, on an OpenBSD list. But this is just one person's opinion based on what I've seen, and the people I've talked to. I'll certainly continue to seek this kind of functionality and try to add it to my OpenBSD kernels myself if no-one else has anythi
Re: Boot loader uses INT 13h [WAS BIOS call fallback]
>On 2015-12-23 10:04, Dragos Ruiu wrote: >> Ok let me short circuit this meta discussion by saying that AFAIK now >> that the new Intel Skylake chips fixed many virtualization bugs > >Curious, where can I read about this, URL? The canonical reference is still (and I looked for better summaries but none are found): http://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32 -architectures-optimization-manual.pdf http://goo.gl/Aq59Lm Its dense with info and tough to pull relevants bits out, but some clues are in there. My comments are based on verbal discussions with other non OBSD OS kernel developer, Intel folks who have boasted about running hundreds of VMs efficiently on a single (albeit Xeon) chip, and multiple folks who are doing security audits of different vendor's Virtualization Cores, that have all corroborated this not very well documented info, commenting especially that Intel had pulled back some not so ready for the real world features originally promised but eventually deprecating them in Broadwell (haven't checked the processor errata for details yet), which were now finally working in Skylake. Coincidentally tonight, this seemingly related and interesting new paper by Joanna Rutkowska (@rootkovska) "Intel x86 Considered Harmful" was released which proposes an intriguing security solution that sounds appealing at first, getting rid of all state in laptops - until you realize that doing this is almost impossible. For a counter example we had a great paper at PacSec this year from Intel's Mickey Shkatov and Jesse Michael discussing and enumerating many of the hidden state / firmware / processors in modern architectures that can be attacked and used as springboards including examples of pwnage using this soft, delicate, and unprotected underbelly of our computers. Modern architectures have so many mutable bits and embedded CPUs/PICs/FPGAs etc... that removing (or even locking them) is a task I daresay is beyond our reach at the moment - at least without making the computers nearly useless bricks. For another example, consider things like your keyboard controller, which is probably a National Semiconductor chip with yet another embedded 8051 core, and then some more of those in your mice and keyboards, and USB and other controllers, and so on. As a matter of fact just counting only the 8051 cores alone in a modern PC is so hard you are nearly guaranteed to miss a few on your first cut. Joanna's paper: http://goo.gl/8xhMo8 Mickey's and Jesse's slides from PacSec: http://goo.gl/8xhMo8 Returning back to the discussion where I suggested it would be nice to build OS kernels that would fail deliberately when virtualized to close off that class of malware, especially on the new Intel Skylake chips that have fixed so many virtualization bugs that they can (reportedly) run VT inside VT and nest virtualization so efficiently you can virtualize ridiculous numbers of VMs even inside each other, with so little overhead and few virtualization artifacts that they are nearly undetectable when virtualized. The prevailing attitude that this isn't in scope to worry about - to which I counter that if you don't worry about the overall platform security and just put blinders on to the hard problems, avoiding defensive mitigations for the weak architecture areas then you have already lost the security and integrity of your computers, and you are at the mercy of the sophisticated attackers. They aren't your computers anymore, you are just using them under the graces of what attack teams more advanced than you allow you to do. (bracing) This is an area where Win10 is clearly leading the pack based on the effort I see they are putting into repeatedly auditing all their codebase with smart outside experts and adding interesting new mitigations like wrappering and shimming vulnerable unchecked AMD microcode updates, and other weak hardware parts like USB etc... - and who would have guessed I would be saying that a few years ago! Yes, I put on my Nomex flame retardant suit before typing that sentence suggesting that OpenBSD development might actually take some cues from Windows, heresy I know, on an OpenBSD list. But this is just one person's opinion based on what I've seen, and the people I've talked to. I'll certainly continue to seek this kind of functionality and try to add it to my OpenBSD kernels myself if no-one else has anything useful to add. Bottom line: Sigh. Cheers, --dr P.S. Go ahead and tell me why I'm such an idiot now. But you have the data too, come to your own decisions, those are my current conclusions and plans.
Re: Boot loader uses INT 13h [WAS BIOS call fallback]
Sure you could spend the rest of your life checking all the firmware and trying to design separate specialized tools for the myriad of devices in a modern PC - and there is a lot more than your simple list, see the presentation Mickey Shkatov and Jesse Michael from Intel did which enumerated some of the attack vectors. The list is much longer than your short list - and some of it is impossible to verify on today's hardware. Or you could build a diagnostic into your kernel and identify problems as a heuristic and aid. But I get it, it's hard, so you can throw up your hands and give up by saying that's not our problem, not an OS issue. However at the end of the day, it is a user issue, and a system security problem. If you aren't paranoid enough to worry about it, then you've already lost. Cheers, --dr -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Peter Kay Sent: December 23, 2015 12:37 AM To: Dragos Ruiu ; 'Read, James C' ; 'Theo de Raadt' ; Dragos Ruiu ; 'Read, James C' ; 'Theo de Raadt' Cc: 'OpenBSD general usage list' ; 'OpenBSD general usage list' Subject: Re: Boot loader uses INT 13h [WAS BIOS call fallback] On 23 December 2015 02:04:01 GMT+00:00, Dragos Ruiu wrote: >I would be interested in any code that can knowingly break inside a VM >to verify unvirtualized status, esp. on Skylake. Older processors can >probably use the virtualization bugs in the hardware for this function. Who cares? Yes, there will be processor quirks that can be used, and often hypercalls to verify you're running under a hypervisor. Beyond that, a VM has a large degree of difference from a physical PC - I would not be confident of hiding this from the OS. It's not OpenBSD's problem, though. If you don't know if you're running in a VM the most probable causes are trojaned install media (to the point it verifies the hash) or a hacked BIOS. If it's a BIOS you need to verify the BIOS, the NIC boot ROM, the graphics card ROM, the disk controller ROM, the disk drive itself, and any remote access/baseboard management controller that exists. If you're that paranoid, you need a specific tool to find the source of the issue, not OpenBSD
Re: Boot loader uses INT 13h [WAS BIOS call fallback]
Ok let me short circuit this meta discussion by saying that AFAIK now that the new Intel Skylake chips fixed many virtualization bugs and it's possible to efficiently nest VMs there might not be a way to discover if you are running on bare metal. I too would find it useful to be able to lock a kernel so it only runs on bare metal not a VM, but according to folks who know more about this than I do it is now very hard to do this given you can run VT inside VT, and very efficiently on Xeons. I would be interested in any code that can knowingly break inside a VM to verify unvirtualized status, esp. on Skylake. Older processors can probably use the virtualization bugs in the hardware for this function. Cheers, --dr P.s. Also interested in code that can detect emulated UEFI. -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Read, James C Sent: December 22, 2015 9:51 AM To: Theo de Raadt Cc: OpenBSD general usage list Subject: Re: Boot loader uses INT 13h [WAS BIOS call fallback] >> a security consideration, as far as I can see the bootloader loads >> using INT >> 13h calls. How can the kernel be sure it is really operating in ring >> 0 and not >> in some VM given that this is the case? >Hey, it looks like you are just trying to be a dick. On the assumption that you are not suggesting I would like to change my name to Richard I can only reply that I have never tried to stick my head into a warm and wet but very smelly hole for pleasure and/or to attempt to reproduce with it. >Does your mother know? Given that she is deceased I find that highly unlikely. However, insults reminiscent of primary school days aside, you may or may not be surprised to find that actually that was a genuine question.
Re: can't boot from USB3.0 flash memory
It might also be a bios setting issue. (Many BIOS have settings for which systems are enabled by the BIOS code) Try enabling "Legacy USB Support" or similar. Cheers, --dr -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Nick Holland Sent: November 26, 2015 3:59 AM To: misc@openbsd.org Subject: Re: can't boot from USB3.0 flash memory On 11/26/15 08:25, freeu...@ruggedinbox.com wrote: > I have USB3.0 flash memory.(SANDISK) > "OpenBSD 5.8 amd64/i386 on USB3.0" > > 1.USB3.0 flash memory connect to USB2.0/1.0 > boot: It's fine. > 2.USB3.0 flash memory connect to USB3.0 > boot: can't boot! > > anyone don't need boot from USB3.0? LOTS of details missing here, but if you are saying that under whatever mysterious circumstance you can not get the USB3 device to boot it doesn't try to boot at all, this is not an OpenBSD issue. OpenBSD's boot process is dependent upon the system BIOS until the kernel is loaded. So, if there is no attempt to boot, you have a BIOS issue. I've certainly seen this. The answer is a BIOS upgrade that probably doesn't exist, because many manufacturers barely test this feature. Nothing OpenBSD can do to fix it if the HW won't grab and run the boot code. Nick.
Reminder, today is the deadline for CanSecWest CFP submissions, (conf March 18-20)
So send something in very soon if you want it considered. Hope all of you have a Happy New Year. Cheers, --dr
EUSecWest 2012 - Amsterdam, Sept 19/20 featuring Mobile PWN2OWN - CFP Deadline June 15
EUSecWest 2012, Amsterdam, September 19/20, Featuring Mobile PWN2OWN CALL FOR PAPERS - Deadline June 15 2012 AMSTERDAM, Nederland -- The seventh annual EUSecWest applied technical security conference - where the eminent figures in the international security industry get together share best practices and technology - will be held in downtown Amsterdam near Leidseplein Square on September 19/20, 2012. The most significant new discoveries about computer network hack attacks and defenses, commercial security solutions, and pragmatic real world security experience will be presented in a series of informative tutorials. This year the EUSecWest conference will also host dedicated security coverage of mobile devices, and host the first mobile device only focused PWN2OWN competition, where researchers get to demonstrate live vulnerability attack code against designated targets and, if successful, get to keep the target hardware and cash prizes. The EUSecWest meeting provides international researchers a relaxed, comfortable environment to learn from informative tutorials on key developments in security technology, and collaborate and socialize with their peers in one of the world's most scenic cities - a short walk away from several large hotels and the Leidseplein entertainment and shopping district, conveniently close to many famous museums, convenient transport, Vondel Park, and a plentitude of restaurants and bars. The EUSecWest conference will also feature the availability of the Security Masters Dojo expert network security sensei instructors, and their advanced, and intermediate, hands-on training courses - featuring small class sizes and practical application excercises to maximize information transfer. We would like to announce the opportunity to submit papers, courses, and/or lightning talk proposals for selection by the EUSecWest technical review committee. This year we will be doing one hour talks, and some shorter talk sessions. Please make your proposal submissions before June 15th, 2012. Some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and accommodations for the speakers. If you have a proposal for a tutorial session then please make your submission by mailing a plain text version of the information along with any other supporting material or formats to synopsis of the material and your biography, papers and, speaking background to "secwest12 [at] eusecwest.com" Only slides will be needed for the September paper deadline, full text does not have to be submitted - but will be accepted if available. This year we will be opening up the presentation guidelines to include talks not in English (particularly Dutch, Chinese, French, Russian, and Spanish) which we will offer to translate for the speaker if they are not a native English speaker. The EUSecWest 2012 conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and new education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product pitches. Some commercial content is tolerated, but it needs to be backed up by a technical presenter - either giving a valuable tutorial and best practices instruction or detailing significant new technology in the products. Paper proposals should consist of the following information: 1. Presenter, and geographical location (country of origin/passport) and contact info (e-mail, postal address, phone, fax). 2. Employer and/or affiliations. 3. Brief biography, list of publications and papers. 4. Any significant presentation and educational experience/background. 5. Topic synopsis, Proposed paper title, and a one paragraph description. 6. Reason why this material is innovative or significant or an important tutorial. 7. Optionally, any samples of prepared material or outlines ready. 8. Will you have full text available or only slides? 9. Language of preference for submission. 10. Please list any other publications or conferences where this material has been or will be
CanSecWest 2012 Mar 7-9; 2nd call for papers, closes next week, Monday. Dec 5 2011
So after a dozen years or so organizing conferences, you get the urge to pull levers and try experimenting with things. So this year I sent out the CanSecWest CFP only over Twitter, and G+ publicly. Just curious as to the adoption and information dispersion rate, and some estimate of the attention these newer channels are getting. So after this experiment I hear about people having submissions and missing the CFP. So for my control set, here is the normal announce message to different e-mail lists. We'll do a Second CanSecWest CFP, but a brief one. Send us your proposal by the end of Monday next week, December 5, 2011. The questions and information needed is the same as usual (see website), also for my curiosity could you include: 12. Where did you hear about the CFP from? cheers, --dr -- World Emerging Security Technology Vancouver, March 7-9 http://cansecwest.com pgpkey http://cansecwest.com/ kyxpgp
Final Penultimate last Call for Papers for CanSecWest 2011 (deadline Jan. 17th, conf March 9-11)
"First they ignore you, then they ridicule you, then they fight you, then you win." -- Mahatma Ghandi. Well if Fox's new comedy show "Breaking In" is any indication, infosec has now entered Ghandi's second stage. http://goo.gl/ZpLDp [youtube] (hat tip to Adam O'Donnell for this humorous find, and Sam Bowne for the quote/quip) But on a slightly more serious note. CanSecWest is nearing in the second week of March, and this year I've waited on sending out the CFP note/reminder. It's been up on the site for a while with a Dec 29 deadline, but this is the real last call for submissions. If you don't get them in by this weekend they won't make the selections review process next week. We'll try to announce the selections the week following. After 11 years, most of you should know the drill, but for those who haven't submitted or attended before, the fine print and usual further information is attached below. Other info: We are doing more dojo training courses than ever this year (17!) and they will be up for registration next week. I've also confirmed with Aaron/TippingPoint/HP that we will again be holding PWN2OWN with both browser and mobile targets, so stand by for some announcements there. There will also be some other new experiments and conference goings on, some fascinating keynotes that have been invited, as well as some interesting new sponsors exhibiting new security wares that you'll see announced on the conference site in the coming weeks, but for now, get your talk proposals in so that our grumpy, cynical, and battle-scarred reviewers can complain about them, err, I mean provide informative feedback.;-) cheers, --dr (@dragosr) The usual CFP boilerplate info: Call For Papers The CanSecWest 2011 CFP is now open. Deadline is January 17th, 2011. CanSecWest CALL FOR PAPERS VANCOUVER, Canada -- The twelfth annual CanSecWest applied technical security conference - where the eminent figures in the international security industry will get together share best practices and technology - will be held in downtown Vancouver at the the Sheraton Wall Centre on March 9-11, 2011. The most significant new discoveries about computer network hack attacks and defenses, commercial security solutions, and pragmatic real world security experience will be presented in a series of informative tutorials. The CanSecWest meeting provides international researchers a relaxed, comfortable environment to learn from informative tutorials on key developments in security technology, and to collaborate and socialize with their peers in one of the world's most scenic cities - a short drive away from one of North America's top skiing areas. The CanSecWest conference will also feature the availability of the Security Masters Dojo expert network security sensei instructors, and their advanced, and intermediate, hands-on training courses - featuring small class sizes and practical application exercises to maximize information transfer. We would like to announce the opportunity to submit papers, and/or lightning talk proposals for selection by the CanSecWest technical review committee. This year we will be doing one hour talks, and some shorter talk sessions. Please make your paper proposal submissions before January 17th, 2011. Some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and accommodations for the speakers. If you have a proposal for a tutorial session then please make your submission by emailing a synopsis of the material and your biography, papers and, speaking background to secwes...@cansecwest.com . Only slides will be needed for the March paper deadline, full text does not have to be submitted - but will be accepted if available. This year we will be opening CanSecWest presentation guidelines to include talks not in English (particularly Chinese and Korean) which we will offer to translate for the speaker if you are not a native English speaker. The CanSecWest 2011 conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and new education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product pitches. Some commercial content is tol
EUSecWest 2010 MiniCFP (conf Jun 16/17) and PacSec 2010 CFP (conf Nov 10/11, deadline July 30)
-- World Security Pros. Cutting Edge Training, Tools, and Techniques Amsterdam, Netherlands, June 16/17 2010 http://eusecwest.com Tokyo, Japan, November 10/11 2010 http://pacsec.jp Vancouver, Canada, March 9-11 2011 http://cansecwest.com pgpkey http://dragos.com/ kyxpgp EUSecWest 2010 MiniCFP (PacSec CFP Follows) One of our presenters was unable to get corporate approval for his travel and cancelled out. As such we are opening up one or two available slots for last minute submissions. We are also offering a referral bounty of a free conference registration for high quality replacement papers on short notice. (The Conference is on June 16/17 at the Melkweg in Amsterdam.) Please forward submissions to secwest10 [at] eusecwest.com, and please include the name of the referrer for the bounty award. The current confirmed speakers for EUSecWest are: Special party (16th) musical guests: Plump DJs (others TBA) Legic Prime: Obscurity in Depth Karsten Nohl & Hendryk Plvtz, Security Research Labs Having fun with Apple's IOKit Ilja Van Sprundel, IOActive Escaping the Sandbox Stephen Ridley, Matasano Milking a horse or executing remote code in modern Java web frameworks Meder Kydryraliev, Google Hacking Printers for fun and profit Andrei Constin DarunGrim - A Tool for Binary Diffing and Automatic Vulnerabilities Pattern Matching Jeongwook (Matt) Oh Immature Femtocels Ravishankar Borgaonkar & Kevin Redon, Technical University of Berlin Defending the Poor - Flash Defense Journ Bratzkei, Recurity Labs BlackBerry Proof-of-Concept malicious applications Mayank Aggarwal, SMobile Systems Fighting PDF Malware with ExeFilter Philipe Lagadec, NATO/NC3A Rainbow Tables Reimplemented Sebastian "naxxatoe" Graf Hacking Oracle from Web Apps Sumit Siddharth, 7Safe - PacSec 2010 Conference The 8th annual PacSec conference will be held Nov 10/11 2010, at Aoyama Diamond Hall in Tokyo, Japan. PacSec CALL FOR PAPERS TOKYO, Japan -- To address the increasing importance of information security in Japan, the best known figures in the international security industry will get together with leading Japanese researchers to share best practices and technology. The most significant new discoveries about computer network hack attacks will be presented at the eighth annual PacSec conference to be discussed. The PacSec meeting provides an opportunity for foreign specialists to be exposed to Japanese innovation and markets and collaborate on practical solutions to computer security issues. In an informal setting with a mixture of material bilingually translated in both English and Japanese the eminent technologists can socialize and attend training sessions. Announcing the opportunity to submit papers for the PacSec 2010 network security training conference. The conference will be held November 10/11th in Tokyo. The conference focuses on emerging information security tutorials - it is a bridge between the international and Japanese information security technology communities.. Please make your paper proposal submissions before July 30th, 2010. Slides for the papers must be submitted for translation by October 1, 2010 (Which, oh so rarely, happens so we are going to start asking for them earlier :-P --dr). A some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and accomodations for the speakers. If you have a proposal for a tutorial session then please email a synopsis of the material and your biography, papers and, speaking background to secwest10 [at] pacsec.jp . Tutorials are one hour in length, but with simultaneous translation should be approximately 45 minutes in English, or Japanese. Only slides will be needed for the October paper deadline, full text does not have to be submitted. The PacSec conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product pitches. Some commercial content is tolerated, but it needs to be backed up by a technical presenter - e
EUSecWest Amsterdam 2010 Call For Papers (short deadline May 5 - conf June 16/17)
EUSecWest CALL FOR PAPERS AMSTERDAM, Nederland -- The sixth annual EUSecWest applied technical security conference - where the eminent figures in the international security industry will get together share best practices and technology - will be held in downtown Amsterdam at the the Melkweg Multimedia Center near Leidseplein on June 16/17, 2010. The most significant new discoveries about computer network hack attacks and defenses, commercial security solutions, and pragmatic real world security experience will be presented in a series of informative tutorials. The EUSecWest meeting provides international researchers a relaxed, comfortable environment to learn from informative tutorials on key developments in security technology, and collaborate and socialize with their peers in one of the world's most scenic cities - a short walk away from several large hotels and the Leidseplein entertainment and shopping district, conveniently close to many famous museums, convenient transport, Vondel Park, and a plentitude of restaurants and bars. This year the first evening party will feature a special musical guest star. We will announce the performer(s) shortly. The EUSecWest conference will also feature the availability of the Security Masters Dojo expert network security sensei instructors, and their advanced, and intermediate, hands-on training courses - featuring small class sizes and practical application excercises to maximize information transfer. We would like to announce the opportunity to submit papers, and/or lightning talk proposals for selection by the CanSecWest technical review committee. This year we will be doing one hour talks, and some shorter talk sessions. Please make your paper proposal submissions before May 5th, 2010. Some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and accomodations for the speakers. If you have a proposal for a tutorial session then please make your submission by mailing a plain text version of the information along with any other supporting material or formats to synopsis of the material and your biography, papers and, speaking background to "secwest10 [at] eusecwest.com" Only slides will be needed for the June paper deadline, full text does not have to be submitted - but will be accepted if available. This year we -- will be opening up the presentation guidelines to include talks not in English (particularly Chinese) which we will offer to translate for the speaker if they are not a native English speaker. The EUSecWest 2010 conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and new education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product pitches. Some commercial content is tolerated, but it needs to be backed up by a technical presenter - either giving a valuable tutorial and best practices instruction or detailing significant new technology in the products. Paper proposals should consist of the following information: 1. Presenter, and geographical location (country of origin/passport) and contact info (e-mail, postal address, phone, fax). 2. Employer and/or affiliations. 3. Brief biography, list of publications and papers. 4. Any significant presentation and educational experience/background. 5. Topic synopsis, Proposed paper title, and a one paragraph description. 6. Reason why this material is innovative or significant or an important tutorial. 7. Optionally, any samples of prepared material or outlines ready. 8. Will you have full text available or only slides? 9. Language of preference for submission. 10. Please list any other publications or conferences where this material has been or will be published/submitted. IMPORTANT:Please include the plain text version of this information in your email as well as any file, pdf, sxw, ppt, or html attachments. Please forward the above information to "secwest10 [at] eusecwest.com" to be considered for placement on the speaker roster, or have your lightning talk scheduled. If you contact anyone else at our organization pl
EUSecWest 2009 (May27/28) London Agenda and PacSec 2009 (Nov 4/5) Tokyo CFP deadline: June 1 2009
EUSecWest 2009 Speakers Efficient UAK Recovery attacks against DECT - Ralf-Philipp Weinmann, University of Luxembourg A year in the life of an Adobe Flash security researcher - Peleus Uhley, Adobe Pwning your grandmother's iPhone - Charley Miller, Independent Security Evaluators Post exploitation techniques on OSX and Iphone and other TBA matters. - Vincent Iozzo,Zynamics STOP!! Objective-C Run-TIME. - nemo Exploiting Delphi/Pascal - Ilja Van Sprundel, IOActive PCI bus based operating system attack and protections - Christophe Devine & Guillaume Vissian, Thales Thoughts about Trusted Computing - Joanna Rutkowska, Invisible Things Lab Nice NIC you got there... does it come with an SSH daemon? - Arrigo Trulzi Evolving Microsoft Exploit Mitigations - Tim Burrell & Peter Beck, Microsoft Malware Case Study: the ZeuS evolution - Vicente Diaz, S21Sec Writing better XSS payloads - Alex Kouzemtchenko, SIFT Exploiting Firefox Extensions -Roberto Suggi Liverani & Nick Freeman, Security-Assessment.com Stored Value Gift Cards, Magstripes Revisited - Adrian Pastor, Gnucitizen, Corsaire Advanced SQL Injection to operating system control - Bernardo Damele Assumpcao Guimaraes, Portcullis Cloning Mifare Classic - Nicolas Courtois, University of London Rootkits on Windows Mobile/Embedded - Petr Matousek, Coseinc PacSec 2009 CALL FOR PAPERS World Security Pros To Converge on Japan TOKYO, Japan -- To address the increasing importance of information security in Japan, the best known figures in the international security industry will get together with leading Japanese researchers to share best practices and technology. The most significant new discoveries about computer network hack attacks will be presented at the seventh annual PacSec conference to be discussed. The PacSec meeting provides an opportunity for foreign specialists to be exposed to Japanese innovation and markets and collaborate on practical solutions to computer security issues. In an informal setting with a mixture of material bilingually translated in both English and Japanese the eminent technologists can socialize and attend training sessions. Announcing the opportunity to submit papers for the PacSec 2009 network security training conference. The conference will be held November 4/5th in Tokyo. The conference focuses on emerging information security tutorials - it is a bridge between the international and Japanese information security technology communities.. Please make your paper proposal submissions before June 1st, 2009. Slides for the papers must be submitted for translation by October 1, 2009 (Which, oh so rarely, happens we are going to start asking for them earlier :-P --dr). A some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and accomodations for the speakers. If you have a proposal for a tutorial session then please email a synopsis of the material and your biography, papers and, speaking background to . Tutorials are one hour in length, but with simultaneous translation should be approximately 45 minutes in English, or Japanese. Only slides will be needed for the October paper deadline, full text does not have to be submitted. The PacSec conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product pitches. Some commercial content is tolerated, but it needs to be backed up by a technical presenter - either giving a valuable tutorial and best practices instruction or detailing significant new technology in the products. Paper proposals should consist of the following information: 1) Presenter, and geographical location (country of origin/passport) and contact info (e-mail, postal address, phone, fax). 2) Employer and/or affiliations. 3) Brief biography, list of publications and papers. 4) Any significant presentation and educational experience/background. 5) Topic synopsis, Proposed paper title, and a one paragraph description. 6) Reason why this material is innovative or significant or an important tutorial. 7. Optionally, any samples of prepared material or outlines ready. 8. Will you have full te
EUSecWest 2009 CFP (May 27/28, Deadline April 7 2009)
Call For Papers The EUSecWest 2009 CFP is now open. Deadline is April 7th, 2009. EUSecWest CALL FOR PAPERS LONDON, U.K. -- The third annual EUSecWest applied technical security conference - where the eminent figures in the international security industry will get together share best practices and technology - will be held in downtown London at the Sound Club in Leicester Square on May 27/28, 2009. The most significant new discoveries about computer network hack attacks and defenses, commercial security solutions, and pragmatic real world security experience will be presented in a series of informative tutorials. The EUSecWest meeting provides international researchers a relaxed, comfortable environment to learn from informative tutorials on key developments in security technology, and collaborate and socialize with their peers in one of the world's most most important technology hubs and scenic cities. The timing of the conference allows international travelers to travel to Berlin for FX's Ph-Neutral on the weekend, and Rennes the following week for SSTIC. We would like to announce the opportunity to submit papers, and/or lightning talk proposals for selection by the EUSecWest technical review committee. This year we will be doing one hour talks, and some shorter talk sessions. Please make your paper proposal submissions before April 7th, 2009. Some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and accommodations for the speaker (one speaker airfare and one room). If you have a proposal for a tutorial session then please email a synopsis of the material and your biography, papers and, speaking background to secwest09 [at] eusecwest.com . Only slides will be needed for the paper deadline, full text does not have to be submitted - but will be accepted if available. The EUSecWest 2009 conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and new education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product pitches. Some commercial content is tolerated, but it needs to be backed up by a technical presenter - either giving a valuable tutorial and best practices instruction or detailing significant new technology in the products. Paper proposals should consist of the following information: 1. Presenter, and geographical location (country of origin/passport) and contact info (e-mail, postal address, phone, fax). 2. Employer and/or affiliations. 3. Brief biography, list of publications and papers. 4. Any significant presentation and educational experience/background. 5. Topic synopsis, Proposed paper title, and a one paragraph description. 6. Reason why this material is innovative or significant or an important tutorial. 7. Optionally, any samples of prepared material or outlines ready. 8. Will you have full text available or only slides? 9. Language of preference for submission. 10. Please list any other publications or conferences where this material has been or will be published/submitted. Please include the plain text version of this information in your email as well as any file, pdf, sxw, ppt, or html attachments. Please forward the above information to secwest09 [at] eusecwest.com to be considered for placement on the speaker roster, or have your lightning talk scheduled. If you contact anyone else at our organization please ensure you also cc the submission address with your proposal or it may be omitted from the review process. cheers, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques London, U.K. May 27/28 2009 http://eusecwest.com pgpkey http://dragos.com/ kyxpgp
CanSecWest 2009 Speakers and Dojo courses (Mar 14-20)
Final Speaker Lineup for CanSecWest 2009 (March 18-20): === The Smart-Phones Nightmare - Sergio 'shadown' Alvarez Getting into the SMRAM: SMM Reloaded - Lomc Duflot Network design for effective HTTP traffic filtering - Jeff "rfp" Forristal, Zscaler Ninja Scanning - Fyodor, Insecure.org On Approaches and Tools for Automated Vulnerability Analysis - Tanmay Ganacharya & Nikola Livic & Abhishek Singh & Swapnil Bhalode & Scott Lambert, Microsoft Kicking It Old School: No DNS Packets Were Harmed In The Making Of This Presentation - Dan Kaminski, IOActive Binary Clone Wars: Software Whitelisting for Malware Prevention and Coordinated Incident Response. - Shane Macaulay, Sean Comeau, and Derek Callaway, Security Objectives .NET Rootkits - Erez Metula The Evolution of Microsoft's Exploit Mitigations - Matt Miller and Tim Burrell, Microsoft An overview of the state of videogame console security. - Victor Muqoz A Look at a Modern Mobile Security Model: Google's Android - Jon Oberheide Bug classes we have found in *BSD, OS X and Solaris kernels - Christer Oberg and Neil Kettle, Convergent Network Solutions Multiplatform Iphone/Android Shellcode, and other smart phone insecurities - Alfredo Ortega and Nico Economou, Core Platform-independent static binary code analysis using a meta-assembly language - Sebastian Porst & Thomas "halvar" Dullien, zynamics Persistent BIOS Infection - Anibal Sacco & Alfredo Ortega, Core Decompiling Dalvik and other JavaFX - Marc Schoenefeld Automated Real-time and Post Mortem Security Crash Analysis and Categorization - Jason Shirk & Dave Weinstein, Microsoft SSL, The Sequel: MD5 collisions and EV certificates - Alexander Sotirov & Mike Zusman Exploiting Unicode-enabled software - Chris Weber Chinese Infosec & Malware Overview - Wei "icbm" Zhao, 365menshen Hacking Macs for Fun and Profit - Dino Dai Zovi & Charlie Miller ...and a variety of lightning talks... Security Masters Dojo courses (March 14-17): Metasploit: Asymmetric Warfare - H D Moore, BreakingPoint Systems Advanced Honeypots - Thorsten Holz IPv6 Network Security - Nico Fishbach & Guillaume Valadon, COLT & CNRS Ultimate Web Hacking (One Day Edition) - Mike Andrews, Foundstone TCP/IP Network Security In Depth - Andrea Barisani, inverse path Effective Fuzzing using the Peach Fuzzing Platform - Michael Eddington, Leviathan Security Secure Java Programming and Auditing - Marc Schoenefeld Practical 802.11 WiFi (In)Security - Cidric Blancher, EADS Q/SSE Qualified/ Software Security Expert Certification Bootcamp - Security University Q/SA Qualified Security Analyst Penetration Tester - Security University Advanced Linux Hardening - Andrea Barisani & Jay Beale, inverse path & Intelguardians Physical Security and Lock Technology - Deviant Ollam The Exploit Laboratory - Advanced Edition - Saumil Shah, Net-Square Mastering the Network with Scapy - Phillipe Biondi, EADS Pwn2Own Contests: There will be TWO Pwn2Own contests this year. Generous cash prize(s) for exploits will be sponsored by Tipping Point, and a Sony VAIO P fresh from Japan and a new loaded Apple Macbook will be amongst the prizes. The targets this year will be mobile smart-phones, and browsers. Mobile targets: iPhone Android Symbian RIM/BlackBerry Windows Mobile Browser Targets: IE8 FF3 Safari Opera The contest will like in previous years feature a progressively expanding attack surface over the three day duration of the conference. Final prizes and rules will be announced shortly. Post-Conference Whistler Expedition: = We have secured some rooms at good rates at the Westin in Whistler and reserved a cluster of four, 3-5 bedroom, cabins for the weekend after the conference. Contact d...@kyx.net if you wish to be included in the planning, final accommodation rates will be announced shortly. Conference Hotel Block: === The room rates at the Sheraton Wall Center hotel where the conference is being held have been reduced from $183 to $169, and still includes a waived $15/day free internet access in the rate. Tenth Anniversary Gala Event: Since this is our tenth anniversary for the conference, we will be having a party on Thursday night. Venue TBD. We're pretty sure there will be a cake. No word yet on whether there will be dancers inside it. ;-) Day-Care Facilities will be available: = As a nod to the shifting demographic of early gen. security researchers we will be trying a new experiment this year and we will be providing day-care facilities for those traveling with kids. We will try to arrange some group discounts with our provider once we know how many kids and what ages and times will have to be accommodated. If you are interested in this service please send
CanSecWest 2009 CFP (March 18-20 2009, Deadline December 8 2008)
Call For Papers The CanSecWest 2009 CFP is now open. Deadline is December 8th, 2008. CanSecWest CALL FOR PAPERS VANCOUVER, Canada -- The tenth annual CanSecWest applied technical security conference - where the eminent figures in the international security industry will get together share best practices and technology - will be held in downtown Vancouver at the the Sheraton Wall Centre on March 18-20, 2009. The most significant new discoveries about computer network hack attacks and defenses, commercial security solutions, and pragmatic real world security experience will be presented in a series of informative tutorials. The CanSecWest meeting provides international researchers a relaxed, comfortable environment to learn from informative tutorials on key developments in security technology, and collaborate and socialize with their peers in one of the world's most scenic cities - a short drive away from one of North America's top skiing areas. The CanSecWest conference will also feature the availability of the Security Masters Dojo expert network security sensei instructors, and their advanced, and intermediate, hands-on training courses - featuring small class sizes and practical application exercises to maximize information transfer. We would like to announce the opportunity to submit papers, and/or lightning talk proposals for selection by the CanSecWest technical review committee. This year we will be doing one hour talks, and some shorter talk sessions. Please make your paper proposal submissions before December 8th, 2008. Some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and acommodations for the speakers. If you have a proposal for a tutorial session then please email a synopsis of the material and your biography, papers and, speaking background to secwest09 [at] cansecwest.com . Only slides will be needed for the March paper deadline, full text does not have to be submitted - but will be accepted if available. This year we will be opening up the presentation guidelines to include talks not in English (particularly Chinese) which we will offer to translate for the speaker if they are not a native English speaker. The CanSecWest 2009 conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and new education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product pitches. Some commercial content is tolerated, but it needs to be backed up by a technical presenter - either giving a valuable tutorial and best practices instruction or detailing significant new technology in the products. Paper proposals should consist of the following information: 1. Presenter, and geographical location (country of origin/passport) and contact info (e-mail, postal address, phone, fax). 2. Employer and/or affiliations. 3. Brief biography, list of publications and papers. 4. Any significant presentation and educational experience/background. 5. Topic synopsis, Proposed paper title, and a one paragraph description. 6. Reason why this material is innovative or significant or an important tutorial. 7. Optionally, any samples of prepared material or outlines ready. 8. Will you have full text available or only slides? 9. Language of preference for submission. 10. Please list any other publications or conferences where this material has been or will be published/submitted. Please include the plain text version of this information in your email as well as any file, pdf, sxw, ppt, or html attachments. Please forward the above information to secwest09 [at] cansecwest.com to be considered for placement on the speaker roster, or have your lightning talk scheduled. If you contact anyone else at our organization please ensure you also cc the submission address with your proposal or it may be omitted from the review process. cheers, --dr -- World Security Pros. Cutting Edge Training, To
PacSec 2008 CFP (Deadline Sept. 1, Conference Nov. 12/13) and BA-Con 2008 Speakers (Sept. 30/ Oct. 1)
Spanish url: http://ba-con.com.ar/speakers.html?language=es Speaker list and Dojos for BA-Con, September 30, October 1st. (all presentations in both Spanish and English) Presentations: WPA/WPA2: how long is it gonna make it - Cidric Blancher & Simon Marichal, EADS & SGDN Security Concerns of Firmware Updates (SPI System BIOS and Embedded Controller) - Sun Bing A Practical Approach to Mitigate and Remove Malware - Ching Tim Meng Advances in Attacking Interpreted Languages: Javascript - Justin Ferguson Understanding eVoting in post Everest, TTBR world - Harri Hursti SecViz 007 - Raffael Marty, Splunk Pass-the-hash Toolkit for Windows - Hernan Ochoa, Core Linux 2.6 kernel rootkits - Daniel Palacio, Immunity Reverse Engineering Dynamic Languages, a Focus on Python - Aaron Portnoy & Ali Rizvi-Santiago, TippingPoint All the Crap Aircrafts Receive and Send - Hendrik Scholz Teflon: anti-stick for the browsers attack surface - Saumil Shah, Net-Square Hacking PXE without reboot (using the BIOS network stack for other purposes) - Julien Vanegue, CESAR LeakedOut: the Social Networks You Get Caught In - Jose Orlicki, Core Dojos (September 28/29): Reverse Code Engineering - Edgar Barbosa, COSEINC Practical 802.11 Wi-Fi (In)Security - Cidric Blancher, EADS Effective Fuzzing using the Peach Fuzzing Platform (2 days) - Michael Eddington, Leviathan Assembler for Exploits - Gerardo Richarte, Core The Exploit Lab - Saumil Shah, Net-Square We would like to especially thank the gracious sponsorship of Core, Microsoft, and Symantec/SecurityFocus, without whom this event would not be possible and/or would be a lot more expensive for attendees. We also suggest that conference attendees stay a couple of days longer and go to ekoparty right after this event. cheers, --dr --8<--kyx--8<-- English url: http://pacsec.jp/speakers.html?language=en Japanese url: http://pacsec.jp/speakers.html?language=ja (the following should be up soon...) Spanish url: http://pacsec.jp/speakers.html?language=es Chinese url: http://pacsec.jp/speakers.html?language=cn PacSec 2008 CALL FOR PAPERS World Security Pros To Converge on Japan TOKYO, Japan -- To address the increasing importance of information security in Japan, the best known figures in the international security industry will get together with leading Japanese researchers to share best practices and technology. The most significant new discoveries about computer network hack attacks and defenses will be presented at the sixth annual PacSec conference. The PacSec meeting provides an opportunity for foreign specialists to be exposed to Japanese innovation and markets and collaborate on practical solutions to computer security issues. In an informal setting with a mixture of material bilingually translated in both English and Japanese the eminent technologists can socialize and attend training sessions. Announcing the opportunity to submit papers for the PacSec 2008 network security training conference. The conference will be held November 12/13th in Tokyo at the Aoyama Diamond Hall above Omotesando station. The conference focuses on emerging information security tutorials - it is a bridge between the international and Japanese information security technology communities.. Please make your paper proposal submissions before September 1st, 2008. Slides for the papers must be submitted for translation by October 1, 2008. A some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and accomodations for the speakers. If you have a proposal for a tutorial session then please email a synopsis of the material and your biography, papers and, speaking background to secwest08 [at] pacsec.jp . Tutorials are one hour in length, but with simultaneous translation should be approximately 45 minutes in English, or Japanese. Only slides will be needed for the October paper deadline, full text does not have to be submitted. The PacSec conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product
BA-Con 2008 CFP - Buenos Aires Sept. 30 / Oct. 1 (closes July 11 2008)
BA-Con 2008 CALL FOR PAPERS BUENOS AIRES, Argentina -- The first annual BA-Con applied technical security conference - where the eminent figures in the international and South American security industry will get together and share best practices and technology - will be held in Buenos Aires on September 30 and October 1st. 2008. The most significant new discoveries about computer network hack attacks and defenses, commercial security solutions, and pragmatic real world security experience will be presented in a series of informative tutorials. The BA-Con meeting provides local and international researchers a relaxed, comfortable environment to learn from informative tutorials on key developments in security technology, and collaborate and socialize with their peers in one of South America's largest metropolises. All material will be translated into both Spanish and English. Evening social activities will be planned to provide personal networking opportunities. The BA-Con conference will also feature the availability of the Security Masters Dojo expert network security sensei instructors, and their advanced, and intermediate, hands-on training courses - featuring small class sizes and practical application exercises to maximize information transfer. We would like to announce the opportunity to submit papers, lightning talk proposals for selection by the international BA-Con technical review committee. Please make your paper proposal submissions before July 11th, 2008. Some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and accommodations for the speakers. If you have a proposal for a tutorial session then please email a synopsis of the material and your biography, papers and, speaking background to secwest08 [at] ba-con.com.ar . Only slides will be needed for the September paper deadline, full text does not have to be submitted - but will be accepted and translated on a best effort basis if available. The BA-Con 2008 conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and new education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product pitches. Some commercial content is tolerated, but it needs to be backed up by a technical presenter - either giving a valuable tutorial and best practices instruction or detailing significant new technology in the products. Paper proposals should consist of the following information: 1. Presenter, and geographical location (country of origin/passport) and contact info (e-mail, postal address, phone, fax). 2. Employer and/or affiliations. 3. Brief biography, list of publications and papers. 4. Any significant presentation and educational experience/background. 5. Topic synopsis, Proposed paper title, and a one paragraph description. 6. Reason why this material is innovative or significant or an important tutorial. 7. Optionally, any samples of prepared material or outlines ready. 8. Will you have full text available or only slides? 9. Please list any other publications or conferences where this material has been or will be published/submitted. 10. Do you have any special demo or network requirements for your presentation? Please include the plain text version of this information in your email as well as any file, pdf, sxw, ppt, or html attachments. Please forward the above information to secwest08 [at] ba-con.com.ar to be considered for placement on the speaker roster, have your lightning talk scheduled. We would like to extend a special thanks to our local partners at Core Security Technologies, and the gracious sponsorship of Microsoft, and Symantec for making this event possible and letting us keep the registration fee lower in local currency while letting us cover the costs of international speakers. cheers, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques Buenos Aires, ArgentinaSept. 30 / Oct. 1 - 2008http://ba-con.co
Final EUSecWest 2008 Speakers London May 21/22
The selected papers for EUSecWest 2008 are: * PhlashDance, discovering permanent denial of service attacks against embedded systems - Rich Smith, HP Labs * Attacking Near Field Communications (NFC) Mobile Phones - Collin Muliner, trifinite * Abusing X.509 certificate features - Alexander Klink, Cynops GmbH * Phoenix, and automated vulnerability finding - Tim Burrell, Microsoft * Cisco IOS Rootkits - Sebastian Muqiz, Core * Advances in attacking interpreted languages - Justin Ferguson, IOActive * One Token to Rule Them All: Post-Exploitation Fun in Windows Environments - Luke Jennings, MWR InfoSecurity * Building the bridge between the Web Application and the OS: GUI access through SQL Injection - Alberto Revelli, Portcullis * Satellite Systems - Adam Laurie, RFIDIOt.org * Browser Exploits - Attacks and Defense - Saumil Shah, Net Square * WebSphere MQ Security - Martyn Ruks, MWR InfoSecurity Paper synopses are now up on the website. This year there will be three Security Masters Dojo courses on May 19/20, including a new course from Foundstone: * Ultimate Web Hacking - Nick Murison, Foundstone, a division of McAfee * Advanced Honeypot Tactics - Thorsten Holz, Aachen University * The Exploit Laboratory - Advanced Edition Saumil Shah and Christopher Owen Net-Square and Consault cheers, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques London, U.K. May 21/22 - 2008http://eusecwest.com pgpkey http://dragos.com/ kyxpgp
EUSecWest CFP Closes April 14th (conf May 21/22 2008)
(We've moved the conference this year to the a club in Leicester Square in the heart of London and SoHo. We'll be putting speakers up across the square at the Radisson Edwardian Hampshire, but there are lots of hotels in the region there in the center of London for those who want to attend (the venue is physically on top of a tube station on Circle line so easy to get to). Registration is now open and we hope to have the Dojo registrations on-line by this weekend. The conference is on Wednesday/Thursday, which leaves Friday to fly to Berlin for those going to ph-n. cheers, --dr) EUSecWest CALL FOR PAPERS LONDON, U.K. -- The second annual EUSecWest applied technical security conference - where the eminent figures in the international security industry will get together share best practices and technology - will be held in downtown London at the Sound club in Leicester Square on May 21/22 2008. The most significant new discoveries about computer network hack attacks and defenses, commercial security solutions, and pragmatic real world security experience will be presented in a series of informative tutorials. The EUSecWest meeting provides international researchers a relaxed, comfortable environment to learn from informative tutorials on key developments in security technology, and collaborate and socialize with their peers in one of the world's most central cities. The EUSecWest conference will also feature the availability of the Security Masters Dojo expert network security sensei instructors, and their advanced, and intermediate, hands-on training courses - featuring small class sizes and practical application excercises to maximize information transfer. We would like to announce the opportunity to submit papers, lightning talk proposals for selection by the EUSecWest technical review committee. Please make your paper proposal submissions before April 14th, 2008. Some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and accomodations for the speakers. If you have a proposal for a tutorial session then please email a synopsis of the material and your biography, papers and, speaking background to secwest08 [at] eusecwest.com . Only slides will be needed for the May paper deadline, full text does not have to be submitted - but will be accepted if available. The EUSecWest 2008 conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and new education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product pitches. Some commercial content is tolerated, but it needs to be backed up by a technical presenter - either giving a valuable tutorial and best practices instruction or detailing significant new technology in the products. Paper proposals should consist of the following information: 1. Presenter, and geographical location (country of origin/passport) and contact info (e-mail, postal address, phone, fax). 2. Employer and/or affiliations. 3. Brief biography, list of publications and papers. 4. Any significant presentation and educational experience/background. 5. Topic synopsis, Proposed paper title, and a one paragraph description. 6. Reason why this material is innovative or significant or an important tutorial. 7. Optionally, any samples of prepared material or outlines ready. 8. Will you have full text available or only slides? 9. Please list any other publications or conferences where this material has been or will be published/submitted. Please include the plain text version of this information in your email as well as any file, pdf, sxw, ppt, or html attachments. Please forward the above information to secwest08 [at] eusecwest.com to be considered for placement on the speaker roster, have your lightning talk scheduled. -- World Security Pros. Cutting Edge Training, Tools, and Techniques London, U.K. May 21/22 - 2008http://eusecwest.com pgpkey http://dragos.com/ kyxpgp
CanSecWest 2008 PWN2OWN - Mar 26-28
Calendar Notes: === PacSec 2008 will be on November 12/13 in Tokyo at Aoyama Diamond Hall. EUSecWest 2008 will be on May 21/22 at a fun new venue in central London. (We cooked this schedule up so it will enable people to fly to Berlin on the 23rd and make FX's ph-neutral on Saturday the 24th - which also has a fun new venue. Island???!?) The EUSecWest 2008 CFP opens tomorrow and closes _before_ April 1 :-). EUSecWest registration is now open. Announcing CanSecWest PWN2OWN 2008. === Three targets, all patched. All in typical client configurations with typical user configurations. You hack it, you get to keep it. Each has a file on them and it contains the instructions and how to claim the prize. Targets (typical road-warrior clients): VAIO VGN-TZ37CN running Ubuntu 7.10 Fujitsu U810 running Vista Ultimate SP1 MacBook Air running OSX 10.5.2 This year's contest will begin on March 26th, and go during the presentation hours and breaks of the conference until March 28th. The main purpose of this contest is to present new vulnerabilities in these systems so that the affected vendor(s) can address them. Participation is open to any registered attendee of CanSecWest 2008. Once you extract your claim ticket file from a laptop (note that doing so will involve executing code on the box, simple directory traversal style bugs are inadequate), you get to keep it. You also get to participate in 3com / Tipping Point's Zero Day Initiative, with the top award for remote, pre-auth, vulnerabilities being increased this year. Fine print and details on the cash prizes are available from TippingPoint's DVLabs blog (http://dvlabs.tippingpoint.com/). More fine print and rules for the contest will be found at the http://cansecwest.com/ site. Quick Overview: -Limit one laptop per contestant. -You can't use the same vulnerability to claim more than one box, if it is a cross-platform issue. -Thirty minute attack slots given to contestants at each box. -Attack slots will be scheduled at the contest start by the methods selected by the judges. -Attacks are done via crossover cable. (attacker controls default route) -RF attacks are done offsite by special arrangement... -No physical access to the machines. -Major web browsers (IE, Safari, Konqueror, Firefox), widely used and deployed plugin frameworks (AIR, Silverlight), IM clients (MSN, Adium, Skype, Pigdin, AOL, Yahoo), Mail readers (Outlook, Mail.app, Thunderbird, kmail) are all in scope. Fine Print: These computers are REAL and FULLY patched. All third party software is widely used. There are no imitation vulnerabilities. Any exploit successfully used in this contest would also compromise a significant percentage of Internet connected hosts. Instead, players choose to use their exploits here, at CanSecWest PWN2OWN 2008. All successful exploits will be turned over to the appropriate vendor and patched before details are made public. Rules 1. Attacks remain confidential until prize is claimed Players will connect to the targets with a crossover cable and we will not record the network traffic or log anything other than what is done by default. Successful exploits can be delivered directly to Tipping Point after the we verify that you control the target. In the event that internet connectivity is required (eg. IM clients) we will put the target online behind a firewall. We won't sniff at the firewall, but we can make no guarentees for upstream networks. (so be careful what you send over the Internet!) 2. No wireless attacks in the conference area Players with intent to use wireless attacks must inform us in advance. We will relocate to a secluded, undisclosed location where there won't be dozens of people watching the traffic. 3. One attacker per target at a time As is obvious from rule #1 and rule #2, one player gets exclusive access to any target at one time. 4. Players take turns, no hogging the targets Players are limited to 30 minutes per attempt. We will mercilessly disconnect your cable at the end of each attack slot. Be fast! We will reboot the targets before each session begins. 5. First come, first served access to targets. Players get in line for their turns and may take an unlimited number of turns. If a player runs out of time and no one else is waiting for access to the target he may continue for another turn. Players may not have more than 1 turn in any 30 minute period. (That means we won't reboot a target any time you feel like it) 6. Remote, pre-authentication attacks are required to win Players may not physically touch the targets or look at the target's display. Players are required to demonstrate to our satisfaction that arbitrary code runs on the target. 7. Attackers control the default route for the target. Players may become the target's default gateway in order to perform man in the middle attacks. 8. Contest officials visi
CanSecWest 2008 Mar 26-28
CanSecWest 2008 Presentations Snort 3.0 - Marty Roesch, Sourcefire Cross-Site Scripting Vulnerabilities in Flash Authoring Tools - Rich Cannings, Google Proprietary RFID Systems - Jan "starbug" Krissler and Karsten Nohl, CCC Media Frenzy: Finding Bugs in Windows Media Software - Mark Dowd and John McDonald, IBM ISS Targeted Attacks and Microsoft Office Malware - Rob Hensing, Microsoft Virtually Secure - Oded Horovitz, VMWare Malicious Cryptography - Fridiric Raynal and Eric Filiol, Sogeti/Cap-Gemini and ESAT The Death of AV Defense in Depth: Revisiting Anti-Virus Software - Thierry Zoller and Sergio Alvarez, nRuns VMWare Issues - Sun Bing, McAfee Intrusion Detection Systems Correlation: a Weapon of Mass Investigation - Sebastien Tricaud and Pierre Chifflier, INL Web Wreck-utation - Dan Hubbard and Stephan Chenette, WebSense Secure programming with gcc and glibc - Marcel Holtmann, Intel Mobitex network security - olleB, toolcrypt.org Peach Fuzzing - Michael Eddington, Leviathan Fuzz by Number - Charlie Miller, Independent Security Evaluators Fuzzing WTF? What Fuzzing Was, Is And Never Will Be. - Frank Marcus and Mikko Varpiola,Wurldtech / Condenomicon Vulnerabilities Die Hard - Kowsik Guruswamy, Mu Hacking Windows Vista - Dan Grifin, JW Secure ExeFilter: a new open-source framework for active content filtering - Philippe Lagadec, NATO/NC3A VetNetSec: Security testing for Extremists - Eric Hacker, BT INS w3af: A framework to own the web - Andres Riancho, Cybsec A Unique Behavioral Science Approach to Threats, Extortion and Internal Computer Investigations - Scott K. Larson, Stroz Friedberg -- 2008 Dojos Vulnerability Discovery Demystified Mark Dowd and Justin Schuh The Exploit Laboratory - Advanced Edition Saumil Shah Advanced Honeypot Tactics Thorsten Holz Mastering the network with ScapyPhilippe Biondi Voice over IP (VoIP) Security Nico Fischbach Practical 802.11 WiFi (In)Security Cidric Blancher Advanced Linux HardeningAndrea Barisani Defend The Flag Microsoft -- 2008 PWN 2 OWN There will be three targets: A MacBook Air, running the latest OSX, patched, typical configuration. A Sony VAIO VGN-TZ37CNB, running Ubuntu, latest release. A Fujitsu U810, Running Vista, latest update. The contest will be adjudicated by our impartial celebrity judge: Ronald C. Dodge JR., Ph.D. Lieutenant Colonel, Academy Professor Associate Dean, Information and Education Technology, United States Military Academy The victory conditions will be the contents of specific specially planted files on each system, to be extracted by winners. Hack them and you get to keep them, and any associated prizes for the exploits used, oh and the fame and glory. :-) Browsers (I.E., Mozilla, Safari), Mail Clients (Outlook, Mail.app, Thunderbird), and IM clients (MSN, Adium, Pigdin, Skype all platforms) are all in scope. More details and official rules soon. cheers, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques Vancouver, Canada March 25-28 - 2008http://cansecwest.com pgpkey http://dragos.com/ kyxpgp
CanSecWest 2008 CFP (deadline Nov 30, conf Mar 26-28) and PacSec Dojo's
I'd like to congratulate Adam Laurie for winning the second Powerbook from the Pwn_to_Own contest as the prize for the best speaker rated by the audience for his presentation on RFID at CanSecWest 2007. We will have a similar prize for the best speaker at CanSecWest 2008, prize TBD (but we promise it will be cool - depending on what we find trawling though the electronics shops in Akihabara this year :). ** The Security Masters Dojo courses available at PacSec in Tokyo on November 27/28 2007 have been updated. The final list is: Ultimate Web Hacking - Yeng-Min Chen (Japanese) Reverse Engineering - Yuji Ukai (Japanese) The Exploit Laboratory - Saumil Shah (English) Advanced Honeypot Tactics - Thorsten Holz (English) Advanced Linux Hardening - Andrea Barisani (English) Bugfinding with the Immunity Debugger - Nicolas Waisman & Kostya Kortchinski (English) Practical 802.11 Wi-Fi (In)Security - Cedric Blancher (English) ** CanSecWest 2008 CALL FOR PAPERS VANCOUVER, Canada -- The ninth annual CanSecWest applied technical security conference - where the eminent figures in the international security industry will get together share best practices and technology - will be held in downtown Vancouver at the the Mariott Renaissance Harbourside on March 26-28, 2008. The most significant new discoveries about computer network hack attacks and defenses, commercial security solutions, and pragmatic real world security experience will be presented in a series of informative tutorials. The CanSecWest meeting provides international researchers a relaxed, comfortable environment to learn from informative tutorials on key developments in security technology, and collaborate and socialize with their peers in one of the world's most scenic cities - a short drive away from one of North America's top skiing areas. The CanSecWest conference will also feature the availability of the Security Masters Dojo expert network security sensei instructors, and their advanced, and intermediate, hands-on training courses - featuring small class sizes and practical application excercises to maximize information transfer. We would like to announce the opportunity to submit papers, and/or lightning talk proposals for selection by the CanSecWest technical review committee. This year we will be doing one hour talks, and some shorter 20/30 minute talk sessions. Please make your paper proposal submissions before November 30th, 2007. Some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and accomodations for the speakers. If you have a proposal for a tutorial session then please email a synopsis of the material and your biography, papers and, speaking background to [EMAIL PROTECTED] (please remove _'s). Only slides will be needed for the March paper deadline, full text does not have to be submitted - but will be accepted if available. The CanSecWest 2008 conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and new education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product pitches. Some commercial content is tolerated, but it needs to be backed up by a technical presenter - either giving a valuable tutorial and best practices instruction or detailing significant new technology in the products. Paper proposals should consist of the following information: 1. Presenter, and geographical location (country of origin/passport) and contact info (e-mail, postal address, phone, fax). 2. Employer and/or affiliations. 3. Brief biography, list of publications and papers. 4. Any significant presentation and educational experience/background. 5. Topic synopsis, Proposed paper title, and a one paragraph description. 6. Reason why this material is innovative or significant or an important tutorial. 7. Optionally, any samples of prepared material or outlines ready. 8. Will you have full text available or only slides? 9. Please list any other publications or conferences where this material has been or will be published/submitted. Please include the plai
In Memoriam: Jun-ichiro Hagino
With great sadness, I regret to inform you that Itojun will not be presenting his great knowledge of IPv6 at PacSec. I have been informed by several sources that he passed away yesterday. Funeral services will be held on Nov 7th at Rinkai-Saijo in Tokyo. There aren't many details of his passing, so please let his family and relatives mourn in peace for now. My heartfelt condolances go out to them, and all of his many friends. I knew Itojun as one of the smartest and kindest persons I have ever met. He helped everyone around him. He graciously hosted and assisted many foreigners new to Japan at the PacSec conferences, and was a good friend to all. He would go to extraordinary lengths to help anyone around him. We will all miss him - and his work on IPv6 will continue to help us for a long time.. He once said to me, "When a professional race car driver races, his pulse gets lower and he relaxes. When I code it is the same thing." I'll miss him driving around in his prized Fiat 500... and I hope we can all proceed to help fix our V6 networks without his gentle, brilliant, and insistent coaching... If you knew or respected him, he would have wanted any energy you put towards grief to be spent on speeding the adoption and the robustness of the version 6 internet to which he devoted so much of his extraordinary life to. Some more information in Japanese at http://www.hoge.org/~koyama/itojun.txt May he rest in peace, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques Tokyo, JapanNovember 29/30 - 2007http://pacsec.jp pgpkey http://dragos.com/ kyxpgp
PacSec 2007 Agenda (Tokyo 11-29/30)
Talk selections for PacSec 2007 - November 29 and 30 - Aoyama Diamond Hall --- - Programmed I/O accesses: a threat to virtual machine monitors? - Loic Duflot, - Developing Fuzzers with Peach - Michael Eddington, Leviathan Security - Cyber Attacks Against Japan - Hiroshi Kawaguchi, LAC - Windows Localization: Owning Asian Windows Versions - Kostya Kortchinsky, Immunity - TOMOYO Linux - Toshiharu Harada, NTT Data - IPV6 Demystified - Jun-ichiro itojun Hagino , IPv6Samurais - Automated JavaScript Deobfuscation - Alex Rice, Websense Security Labs - Enter Sandman (why you should never go to sleep) - Nicolas Ruff & Matthieu Suiche, EADS - Agent-oriented SQL Abuse - Fernando Russ & Diego Tiscornia, Core - Bad Ideas: Using a JVM/CLR for Intellectual Property Protection - Marc Schoenefeld, University of Bamberg - Heap exploits are dead. Heap exploits remain dead. And we have killed them. - Nicolas Waisman, Immunity - Deploying and operating a Global Distributed Honeynet - David Watson, Honeynet Project - Office 0days and the people who love them - TBA, Microsoft . (I would also like to thank Colin Delaney and Stephen Ridley as standby presenters) -- Final Dojo schedule will be announced shortly but will include both English and Japanese language dojos. In English Dojos will include: Saumil Shah's Exploit Lab, Andrea Barisani's Linux Hardening, and the folks from Immunity doing a course on bugfinding with the Immunity debugger. In Japanese: Yuji Ukai will be doing a reverse engineering course, and the McAfee/Foundstone folks will be translating their Ultimate Web Hacking course into Japanese for the first time. Dojos will be on Nov 27/28. Talk descriptions will be up shortly. :-) cheers, --dr P.s. other 2008 dates: CanSecWest March 26-28, EUSecWest May21/22 -- World Security Pros. Cutting Edge Training, Tools, and Techniques Tokyo, JapanNovember 29/30 - 2007http://pacsec.jp pgpkey http://dragos.com/ kyxpgp
Really, really, penultimate, PacSec CFP deadline, Aug 10.
Some folks have been trying to convince us to extend deadlines, so being the sticklers we are, we said: no way... But they convinced us. So to be fair - this is a heads up for others who didn't have time to submit. :-) We'll try to turn around the selection reviews ASAP, before the end of August for those who submitted. cheers, --dr P.s. The gentleman from McAfee who phoned me about his submission whose name I've forgotten, we didn't get your mail, please get back in touch. -- World Security Pros. Cutting Edge Training, Tools, and Techniques Tokyo, JapanNovember 29/30 - 2007http://pacsec.jp pgpkey http://dragos.com/ kyxpgp
PacSec 2007 Call For Papers (Nov. 29/30, deadline July 27)
PacSec CALL FOR PAPERS World Security Pros To Converge on Japan TOKYO, Japan -- To address the increasing importance of information security in Japan, the best known figures in the international security industry will get together with leading Japanese researchers to share best practices and technology. The most significant new discoveries about computer network hack attacks will be presented at the fifth annual PacSec conference to be discussed. The PacSec meeting provides an opportunity for foreign specialists to be exposed to Japanese innovation and markets and collaborate on practical solutions to computer security issues. In a relaxed setting with a mixture of material bilingually translated in both English and Japanese the eminent technologists can socialize and attend training sessions. Announcing the opportunity to submit papers for the PacSec 2007 network security training conference. The conference will be held November 29-30th in Tokyo. The conference focuses on emerging information security tutorials - it will be a bridge between the international and Japanese information security technology communities.. Please make your paper proposal submissions before July 27th, 2007. Slides for the papers must be submitted by October 1st 2007. The conference is November 29th and 30th 2007, presenters need to be available in the days before to meet with interpreters. A some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and accomodations for the speakers. If you have a proposal for a tutorial session then please email a synopsis of the material and your biography, papers and, speaking background to secwest07 [at] pacsec.jp . Tutorials are one hour in length, but with simultaneous translation should be approximately 45 minutes in English, or Japanese. Only slides will be needed for the October paper deadline, full text does not have to be submitted. The PacSec conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product pitches. Some commercial content is tolerated, but it needs to be backed up by a technical presenter - either giving a valuable tutorial and best practices instruction or detailing significant new technology in the products. Paper proposals should consist of the following information: 1) Presenter, and geographical location (country of origin/passport) and contact info (e-mail, postal address, phone, fax). 2) Employer and/or affiliations. 3) Brief biography, list of publications and papers. 4) Any significant presentation and educational experience/background. 5) Topic synopsis, Proposed paper title, and a one paragraph description. 6) Reason why this material is innovative or significant or an important tutorial. 7) Where else has this material been presented or submitted? 8) Optionally, any samples of prepared material or outlines ready. Please forward the above information to secwest07 [at] pacsec.jp to be considered for placement on the speaker roster. cheers, --dr P.s. Some other dates of interest are announced: CanSecWest 2008 March 19-21 see http://cansecwest.com EUSecWest 2008 May 21/22 see http://eusecwest P.P.S. Also as a friendly reminder, CCC Camp is Aug 8 -12 2008, see http://events.ccc.de/camp/2007/Intro (Hi Julia et al...) Happy Independence Day and Canada Day, -- World Security Pros. Cutting Edge Training, Tools, and Techniques Tokyo, JapanNovember 29/30 - 2007http://pacsec.jp pgpkey http://dragos.com/ kyxpgp
EUSecWest 2007 Papers
Hi, For those who asked, we are still processing the submissions for CanSecWest and the call closed, please stand by. The paper selections are back from the reviewers for EUSecWest, in London on March 1-2. In absolutely random order: Threats against and protection of Microsoft's internal network - Greg Galford, Microsoft Linux Kernel == Security Nightmare - Marcel Holtmann, Red Hat /GS and ASLR in Windows Vista - Ollie Whitehouse, Symantec Fuzzing: history, perspectives and limits - Christian Wieser, Oulu university The new OWASP Web Application Penetration Testing Methodology - Matteo Meucci & Alberto Revelli, OWASP-Italy Reverse Engineering Malicious Javascript - Jose Nazario, Ph.D., Arbor Bypassing NAC Systems - Ofir Arkin, Insightix RFID - Adam Laurie, trifinite Protecting Next-Gen Networks @ Nx10G link sizes - Jim Deleskie, Teleglobe Video Conferencing Security - Navid Jam, Sandia National Laboratories Software Virtualization Based Rootkits - Sun Bing VoIP Attacks! - Dustin D. Trammell, TippingPoint Windows Vista Exploitation Countermeasures - Richard Johnston, Microsoft OSX Security - Daniel Cuthbert, Corsaire Distributed drone-based malware propagation and deployment automation - Emmanuel H We have added a new RFID dojo in London with Adam, and Nico has a new VoIP Security dojo amongst the new dojos to be announced for CanSecWest along with the paper selections. Dojos for London have final schedules now. cheers, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques London, U.K.Mar 1-2 - 2007http://eusecwest.com pgpkey http://dragos.com/ kyxpgp
CanSecWest 2007 (April 18-20) Call For Papers (Deadline Jan 7th)
CanSecWest 2007 CALL FOR PAPERS VANCOUVER, Canada -- The eighth annual CanSecWest applied technical security conference - where the eminent figures in the international security industry will get together share best practices and technology - will be held in downtown Vancouver at the the Mariott Renaissance Harbourside on April 18-20, 2007. The most significant new discoveries about computer network hack attacks and defenses, commercial security solutions, and pragmatic real world security experience will be presented in a series of informative tutorials. The CanSecWest 2007 meeting provides international researchers a relaxed, comfortable environment to learn from informative tutorials on key developments in security technology, and collaborate and socialize with their peers in one of the world's most scenic cities - a short drive away from one of North America's top skiing areas. The CanSecWest 2007 conference will also feature the availability of the Security Masters Dojo expert network security sensei instructors, and their advanced, and intermediate, hands-on training courses - featuring small class sizes and practical application excercises to maximize information transfer. We would like to announce the opportunity to submit papers, and/or lightning talk proposals, for selection by the CanSecWest technical review committee. Please make your paper proposal submissions before January 7th, 2007. Slides for the papers must be submitted by March 15th, 2007. Some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and accomodations for the speakers. If you have a proposal for a tutorial session then please email a synopsis of the material and your biography, papers and, speaking background to [EMAIL PROTECTED] Only slides will be needed for the March paper deadline, full text does not have to be submitted - but will be accepted if available. The CanSecWest 2007 conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and new education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product pitches. Some commercial content is tolerated, but it needs to be backed up by a technical presenter - either giving a valuable tutorial and best practices instruction or detailing significant new technology in the products. Paper proposals should consist of the following information: 1) Presenter, and geographical location (country of origin/passport) and contact info (e-mail, postal address, phone, fax). 2) Employer and/or affiliations. 3) Brief biography, list of publications and papers. 4) Any significant presentation and educational experience/background. 5) Topic synopsis, Proposed paper title, and a one paragraph description. 6) Reason why this material is innovative or significant or an important tutorial. 7) Optionally, any samples of prepared material or outlines ready. 8) Will you have full text available or only slides? 9) Please list any other publications or conferences where this material has been or will be published/submitted. Please include the plain text version of this information in your email as well as any file, pdf, sxw, ppt, or html attachments. (Some reviewers only look at .txt info.) Multiple submissions are acceptable. Please forward the above information to be considered for placement on the speaker roster, or have your short lightning talk scheduled. Send all conference related correspondence to [EMAIL PROTECTED] thanks, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques London, U.K.Feb 28 / Mar 1 - 2007http://eusecwest.com pgpkey http://dragos.com/ kyxpgp
EUSecWest/London CFP extended to Nov. 7
Hi folks, some brief news: Some people have asked for late submissions to the EUSecWest paper selections. In the interest of fairness, we are extending the deadline for all until next Tuesday (November 7), at which time the submissions will be reviewed. Details of submissions can be found on the http://eusecwest.com site under the speakers sections. PacSec/Tokyo paper descriptions have been published, and CanSecWest/Vancouver early discount registration is now available. thanks, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques Tokyo, JapanNovember 27-30 2006http://pacsec.jp pgpkey http://dragos.com/ kyxpgp
PacSec 2006 announcement, EUSecWest 2007 Call For Papers (Mar 1-2, deadline Oct 20th)
The PacSec 2006 paper selections have been announced: Smashing Heap by Free Simulation - Sandip Chaudhari Methods of increasing source code security automatically - Ben Chelf, Coverity IPTV: Triple Play Triple Threats - YM Chen, McAfee Windows Vista Security Model - Matt Conover, Symantec Mobile IPV6, Les Problemes - Arnaud Ebalard & Guillaume Valadom, EADS, University of Tokyo Threats against and protection of Microsoft's internal network - Greg Galford, Microsoft Native IPV6 in Windows Vista - Abolade Gbadegesin, Microsoft Linux Kernel == Security Nightmare - Marcel Holtmann, Red Hat On XSRF(Cross Site Session Riding) and why you should care - Martin Johns, University of Hamburg hacking fingerprint recognition systems - Jan Krissler, Fraunhofer Institute OpenOffice/OpenDocument and MS OpenXML security - Philippe Lagadec, French Ministry of Defence Windows Defender - Adam Overton, Microsoft VM Based Intrusion Detection System - Nguyen Anh Quynh, Keio University Strong cryptographic payload obfuscation and encryption - Ariel Waissbein, Core Security Technologies Undermining Security in Vista WCF - Marc Schoenefeld IPV6 Mapping - Yuji Ukai & Ryan Permeh, eeye More details and registration at http://pacsec.jp -- EUSecWest CALL FOR PAPERS -- LONDON, U.K. -- The second annual EUSecWest applied technical security conference - where the eminent figures in the international security industry will get together share best practices and technology - will be held in downtown London at the the Victoria Park Plaza hotel in March 1-2 2007. The most significant new discoveries about computer network hack attacks and defenses, commercial security solutions, and pragmatic real world security experience will be presented in a series of informative tutorials. The EUSecWest meeting provides international researchers a relaxed, comfortable environment to learn from informative tutorials on key developments in security technology, and collaborate and socialize with their peers in one of the world's most central cities. In addition to the usual one hour tutorials, panel sessions and highly entertaining 5 minute "lightning" talks, this conference will also feature a new session called "Elevator Focus Groups". Featuring several short sessions, these commercial presentations will showcase new, significantly used, or dramatically innovative new products in the information security realm. Each selected vendor will have a short 10 minute presentation ("elevator pitch"), after which 10 minutes of audience Q&A and interactive discussion amongst the expert security practitioners attending will follow. In this session both the audience and the vendors can get valuable feedback from world leading experts and the attendees can get user evaluations and learn from sharing experiences and real world security applications about practical uses of the products - the "focus group." Hence the name: Elevator Focus Groups. The EUSecWest conference will also feature the availability of the Security Masters Dojo expert network security sensei instructors, and their advanced, and intermediate, hands-on training courses - featuring small class sizes and practical application excercises to maximize information transfer. We would like to announce the opportunity to submit papers, lightning talk proposals, and elevator focus candidate products for selection by the EUSecWest technical review committee. Please make your paper proposal submissions before October 20th, 2006. Slides for the papers must be submitted by January 15th, 2007. Some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and accomodations for the speakers. If you have a proposal for a tutorial session then please email a synopsis of the material and your biography, papers and, speaking background to [EMAIL PROTECTED] Only slides will be needed for the March paper deadline, full text does not have to be submitted - but will be accepted if available. The EUSecWest 2007 conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and new education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers
PacSec 2006 CALL FOR PAPERS (Deadline Aug. 4; Event Nov. 27-30)
url: http://pacsec.jp PacSec 2006 CALL FOR PAPERS World Security Pros To Converge on Japan TOKYO, Japan -- To address the increasing importance of information security in Japan, the best known figures in the international security industry will get together with leading Japanese researchers to share best practices and technology. The most significant new discoveries about computer network hack attacks will be presented at the third annual PacSec conference to be discussed. The PacSec meeting provides an opportunity for foreign specialists to be exposed to Japanese innovation and markets and collaborate on practical solutions to computer security issues. In a relaxed setting with a mixture of material bilingually translated in both English and Japanese the eminent technologists can socialize and attend training sessions. Announcing the opportunity to submit papers for the PacSec 2006 applied security training conference. The conference will be held November 27-30th in Tokyo. The conference focuses on emerging information security tutorials - it will be a bridge between the international and Japanese information security technology communities.. Please make your paper proposal submissions before August 4 2006. Slides for the papers must be submitted by October 1st 2006. The conference is November 29th and 30th 2006, presenters need to be available in the days before to meet with interpreters. The Security Masters Dojo, Tokyo, is November 27 -28, 2006. Both events will be held at Aoyama Diamond Hall. Some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and acommodations for the speakers. If you have a proposal for a tutorial session then please email a synopsis of the material and your biography, papers and, speaking background to secwest06 [at] pacsec.jp. Tutorials are one hour in length, but with simultaneous translation should be approximately 45 minutes in English, or Japanese. Only slides will be needed for the October paper deadline, full text does not have to be submitted. The PacSec conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product pitches. Some commercial content is tolerated, but it needs to be backed up by a technical presenter - either giving a valuable tutorial and best practices instruction or detailing significant new technology in the products. Paper proposals should consist of the following information: 1) Presenter, and geographical location (country of origin/passport) and contact info (e-mail, postal address, phone, fax). 2) Employer and/or affiliations. 3) Brief biography, list of publications and papers. 4) Any significant presentation and educational experience/background. 5) Topic synopsis, Proposed paper title, and a one paragraph description. 6) Reason why this material is innovative or significant or an important tutorial. 7) Optionally, any samples of prepared material or outlines ready. Please forward the above information to secwest06 [at] pacsec.jp to be considered for placement on the speaker roster. Please include a plain text version of all the above informaiton along with any other submission data/information. -- World Security Pros. Cutting Edge Training, Tools, and Techniques Tokyo, JapanNovember 26-30 2006http://pacsec.jp pgpkey http://dragos.com/ kyxpgp
CanSecWest/core06 Vancouver April 3-7
The call for papers is now closed and the proposals have been reviewed for the CanSecWest/core06 Applied Technical Security Conference held on April 5-7 2006 at the Mariott Renaissance Harbourside in Vancouver, B.C. Canada. The selected submissions are : An hour of Rap and Comedy about SAP - Steve Lord Next Generation Sebek - Edward Balas - Indiana University RF Bugsweeping - Tim Johnson - Technical Security Consultants Inc. Magstripe Madness - Major Malfunction Metasploitation (and a dash of IPS) - HD Moore - BreakingPoint Carrier VoIP Security - Nico Fischbach - COLT Attacking VoIP Networks - Hendrik Scholz - Freenet Cityline GmbH Security Issues Related to Pentium System Management Mode - Looc Duflot Advancements in Anonymous eAnnoyance - Christopher Abad - Cloudmark Real Time Threat Mitigation Techniques - Josh Ryder - University of Alberta Stunt Profiling: Securing a System While You Wait - Crispin Cowan - Novell Visualizing Source Code for Auditing - Lisa Thalheim Attacking Web Services - Alex Stamos, Scott Stender - iSEC Partners Reverse Engineering Microsoft Binaries - Alexander Sotirov - Determina Zen and the art of collecting and analyzing Malware - Fred Arbogast and Sascha Rommelfangen - S.E.S. Astra How to test an IPS - Renaud Bidou - RADWare Insiders View: Network Security Devices - Dennis Cox - BreakingPoint More on Uninitialized Variables - Halvar Flake Eric Byres - SCADA - BCIT Panel Discussion - Vulnerability Commercialization Terri Forslof, 3Com, Manager of Security Response Michael Sutton iDefense Labs, Director of iDEFENSE Labs Others TBA Vendor Elevator Focus Groups David Meltzer, Cambia Ofir Arkin, Insightix Others TBA Lightning Talks Some talks from the PacSec/core05 conference in Tokyo in November and the EUSecWest/core06 conference in London during February were highly rated and have been invited for encore presentations at CanSecWest: Attacking the IPv6 protocol suite - van Hauser - THC / n.runs GmbH Protecting the Infrastructure - Jim DeLeskie & Danny McPherson - Teleglobe, Arbor Networks Security Masters Dojo Courses April 3-5 Vancouver Network Reconnaissance with Nmap 4 - Fyodor & Doug Hoyte Network Vulnerability Scanning: Turning Nessus into Metasploit - Renaud Deraison & Nicolas Pouvesle Reverse Engineering: Rapid Bug Discovery and Input Crafting - Halvar Assembly for Exploit Writing - Gerardo Richarte Advanced IDS Deployment and Optimization - Marty Roesch Advanced Honeypot Tactics - Thorsten Holz Mastering the network with Scapy - Philippe Biondi Securing your critical Cisco network infrastructure - Nico Fischbach Practical 802.11 WiFi (In)Security - Cidric Blancher Bluetooth Auditing and Technology - Martin Herfurt, Adam Laurie, Marcel Holtmann Conference registration on line can be found at: http://cansecwest.com/register.html Security Masters Dojo Vancouver registration can be found at http://cansecwest.com/dojo.html cheers, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques Vancouver, CanadaApril 3-7 2006 http://cansecwest.com pgpkey http://dragos.com/ kyxpgp
EUSecWest papers and CanSecWest CFP
url: http://eusecwest.com url: http://cansecwest.com (CanSecWest Call For Papers attached below) EUSecWest/core06 Conference --- Announcing the final selection of papers for the EUSecWest conference in London, U.K. on Feb. 20/21 at the Victoria Park Plaza Hotel. The following topics will be covered: Javier Burroni & Carlos Sarraute - Core Security Technologies Analyzing OS fingerprints using Neural Networks and Statistical Machinery van Hauser - thc Attacking the IPv6 protocol suite Yuji Ukai - eeye Exploiting Real-Time OS Based Embedded Systems Using the JTAG Emulator Nguyen Anh Quynh - Keio University XEBEK: A Next Generation Honeypot Monitoring System Fred Raynal - EADS Malicious Crypto Cesar Cerrudo - Argeniss Windows Local Shellcode Injection Andrew Cushman - Microsoft Microsoft Security Fundamentals Shreeraj Shahi - Net Square Advanced Web Hacking - Attacks & Defense Justin Clarke - Ernst & Young LLP Practical Automated Web Application Attack Techniques Andy Davis - IRM PLC ColdFusion Security Tim Hurman - Pentest Ltd. ARMed combat: the fight for personal security Raffael Marty - ArcSight A Visual Approach to Security Event Management Michael Boman - KPMG Singapore Network Security Monitoring: Theory and Practice Jim DeLeskie & Danny McPherson - Teleglobe, Arbor Networks Protecting the Infrastructure Andrea Barisani - Inverse Path Lessons in Open Source Security: The Tale of a 0-Day Incident We would also like to announce the final list of Security Masters Dojo courses that will be offered on February 16th and 17th at the Victoria Park Plaza Hotel. Seats are available for all courses, but course registration is limited to only ten students each. We are considering adding additional course sessions on Feb 23/24 if demand warrants it. The hands-on courses offered will be: Gerardo Richarte - Core Security Technologies Assembly for Exploit Writing Marty Roesch - Sourcefire Advanced IDS Deployment and Optimization Maximillian Dornseif & Thorsten Holtz - Aachen University Advanced Honeypot Tactics Philippe Biondi - EADS Mastering the Network with SCAPY Renaud Deraison & Nicolas Pouvesle - Tenable Network Security Vulnerability Scanning: Advanced Nessus Usage Laurent Oudot & Nico Fischbach - rstack, COLT telecom Applied network security and advanced anomaly detection using state-of-the art honeypots and netflow/NIDS Cidric Blancher - EADS Practical 802.11 WiFi (In)Security Adam Laurie & Martin Herfurt & Marcel Holtmann - trifinite Bluetooth Technology Security Vendors Presentations for the Elevator Focus Groups will be announced shortly. Registration: --- Seats are available but limited for EUSecWest, and registration is open at: https://eusecwest.com/register.html Security Masters Dojo/London registration is now open at: https://eusecwest.com/courses.html Contact [EMAIL PROTECTED] for registration support or corporate sponsorship inquiries. * CanSecWest/core06 CALL FOR PAPERS VANCOUVER, Canada -- The seventh annual CanSecWest applied technical security conference - where the eminent figures in the international security industry will get together share best practices and technology - will be held in downtown Vancouver at the the Mariott Renaissance Harbourside on April 3-7, 2006. The most significant new discoveries about computer network hack attacks and defenses, commercial security solutions, and pragmatic real world security experience will be presented in a series of informative tutorials. The CanSecWest meeting provides international researchers a relaxed, comfortable environment to learn from informative tutorials on key developments in security technology, and collaborate and socialize with their peers in one of the world's most scenic cities - a short drive away from one of North America's top skiing areas. In addition to the usual one hour tutorials, panel sessions and highly entertaining 5 minute "lightning" talks, this conference will also feature a new session called "Elevator Focus Groups". Featuring several short sessions, these commercial presentations will showcase new, significantly used, or dramatically innovative new products in the information security realm. Each selected vendor will have a short 10 minute presentation ("elevator pitch"), after which 10 minutes of audience Q&A and interactive discussion amongst the expert security practitioners attending will follow. In this session both the audience and the vendors can get valuable feedback from world leading experts and the attendees can get user evaluations and learn from sharing experiences and real world security applications about practical uses of the products - the "focus group." Hence the name: Elevator Focus Groups. The CanSecWest conferen
EUSecWest/London Call for Papers and PacSec/Tokyo announcements
url: http://eusecwest.com url: http://pacsec.jp (PacSec/Tokyo Announcement below...) EUSecWest/core06 CALL FOR PAPERS London Security Summit February 20/21 2006 LONDON, United Kingdom -- Applied technical security will be the focus of a new annual conference from the organizers of CanSecWest, and PacSec, which is sponsored by the U.K. Ministry of Defence - where the eminent figures in the international security industry will get together with leading European researchers to share best practices and technology. The most significant new discoveries about computer network hack attacks and defenses, commercial security solutions, and pragmatic real world security experience will be presented in central London at the Victoria Park Plaza hotel on February 20 and 21. The EUSecWest meeting provides international researchers a relaxed, comfortable environment to learn from informative tutorials on key developments in security technology, and to collaborate and socialize with their peers in one of the world's hubs of IT activity - downtown London. In addition to the usual one hour tutorials, panel sessions and highly entertaining 5 minute "lightning" talks, this conference will also feature a new session called "Elevator Focus Groups". Featuring several short sessions, these commercial presentations will showcase new, significantly used, or dramatically innovative products in the information security realm. Each selected vendor will have a short 10 minute presentation ("elevator pitch"), after which 10 minutes of audience Q&A and interactive discussion amongst the expert security practitioners attending will follow. In this session both the audience and the vendors can get valuable feedback from world leading experts. The attendees can get user evaluations and learn from sharing experiences about real world security applications and the practical uses of the products - the "focus group." Hence the name: Elevator Focus Groups. The EUSecWest conference will also feature the availability of the Security Masters Dojo expert network security sensei instructors, and their advanced, and intermediate, hands-on training courses - featuring small class sizes and practical application excercises to maximize information transfer. We would like to announce the opportunity to submit papers, lightning talk proposals, and elevator focus candidate products for selection by the EUSecWest technical review committee. Please make your proposal submissions before December 1st 2006. Slides for the papers must be submitted by February 1st 2006. Some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and accomodations for the speakers. If you have a proposal for a tutorial session then please email a synopsis of the material and your biography, papers and, speaking background to [EMAIL PROTECTED] Only slides will be needed for the February paper deadline, full text does not have to be submitted. The EUSecWest/core06 conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and new education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product pitches. Some commercial content is tolerated, but it needs to be backed up by a technical presenter - either giving a valuable tutorial and best practices instruction or detailing significant new technology in the products. Paper proposals should consist of the following information: 1) Presenter, and geographical location (country of origin/passport) and contact info (e-mail, postal address, phone, fax). 2) Employer and/or affiliations. 3) Brief biography, list of publications and papers. 4) Any significant presentation and educational experience/background. 5) Topic synopsis, Proposed paper title, and a one paragraph description. 6) Reason why this material is innovative or significant or an important tutorial. 7) Optionally, any samples of prepared material or outlines ready. Please include the plain text version of this information in your email as well as any file, pdf, or html attachments. Please forward the above information to [EMAIL PROTECTED] to be considered for placement on the speaker roster, have your lightning talk scheduled, or submit your product for inclusion in
PacSec05
English url: http://pacsec.jp/index.html?LANG=ENGLISH Japanese url: http://pacsec.jp/index.html?LANG=JAPANESE Myamoto Musashi famous swordsman and author of "Go Rin No Sho" (the Book of Five Rings) wrote "Study the Way of all professions." In the way of computer networks, one must understand attacks before one can forestall them. I would like to announce the selection of the PacSec applied technical security seminar presentations. The event will be held on November 15/16 in Tokyo, Japan, at the Aoyama Diamond Hall, accessible at exit B5 of the Omotesando station, on Ginza or Hanzomon lines. PacSec/core05 The selected papers are: Andrea Barisani - Gentoo Building a modern LDAP based security framework. Cedric "Sid" Blancher - EADS WiFi traffic injection based attacks Javier Burroni - CORE SDI Using Neural Networks for remote OS identification Maximillian Dornseif - Laboratory for Dependable Distribute Systems Watching hackers hack - attack visualization van Hauser - thc Attacking the IPv6 protocol suite Adam Jacobs - Oracle Commercial Software and How Can We Fix It? Chris Jordan - Endeavor Systems Writing Better Intrusion Prevention Signatures Hiroshi Shinotsuka - Symantec Advances in Trojan Threats Window Snyder - formerly Microsoft A new perspective on internal security. Ilja van Sprundel - Suresec Unix Kernel Auditing Marc Uemura - PWC Fault Redundant IPV6 Wireless Firewalls Yuji Ukai - eeye Real-Time OS Based Embedded Systems Using the JTAG Emulator Christian Wieser - Oulu University Secure Programming Group VoIP: SIP robustness and RTP security Feng "Sowhat" Xue - 3rd Research Institute, Ministry of Public Security, Chinese National Anti-Intrusion and Anti-virus Research Center Talking About 0day All presentations are in both Japanese and English. Registration is on line at http://pacsec.jp ** Security Masters Dojo, Tokyo -- The Tokyo Security Masters Dojo will be held on November 14, also at the Aoyama Diamond Hall. The following one day advanced and intermediate applied information security courses will be offered: Sinan 'noir' Eren & Nicolas Waisman - Immunity Win32 Reliable Heap Explotation Gerardo Richarte - Core Security Technologies Assembly for Exploit Writing Marty Roesch - Sourcefire Advanced IDS Deployment and Optimization Maximillian Dornseif & Thorsten Holtz - Aachen University Advanced Honeypot Tactics Philippe Biondi - EADS Mastering the Network with SCAPY As with all Dojo courses, to ensure that each student gets individual training from the instructors in the hands-on labs, class size will be limited to ten students per course. Each course is one day, and features practical exercises to help maximize knowledge retention. Dojo registration will be available shortly under the "DOJO" tab on http://pacsec/.jp along with expanded course information. CanSecWest/core06 final dates: April 5-7 2006 Early Discount Registration is on-line at: http://cansecwest.com/register.html Dojo/Vancouver dates: April 3-5 2006 Dojo/Vancouver Registration is not available yet. cheers, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques Tokyo, JapanNovember 14-16 2005 http://pacsec.jp pgpkey http://dragos.com/ kyxpgp
PacSec/core05 Call For Papers
English url: http://pacsec.jp/speakers.html?LANG=ENGLISH Japanese url: http://pacsec.jp/speakers.html?LANG=JAPANESE PacSec/core05 CALL FOR PAPERS World Security Pros To Converge on Japan November 15/16 TOKYO, Japan -- To address the increasing importance of information security in Japan, the best known figures in the international security industry will get together with leading Japanese researchers to share best practices and technology. The most significant new discoveries about computer network hack attacks and defenses will be presented at the third annual PacSec conference. The PacSec/core05 meeting provides an opportunity for foreign specialists to be exposed to Japanese innovation and markets, and to collaborate on practical solutions to computer security issues. In a relaxed setting with a mixture of material bilingually translated into both English and Japanese, the eminent technologists can socialize and attend training sessions. Announcing the opportunity to submit papers for the third annual PacSec/core05 network security training conference. The conference will be held November 15/16th in Tokyo at the Aoyama Diamond Hall. The conference focuses on emerging information security tutorials - it will be a bridge between the international and Japanese information security technology communities. Please make your paper proposal submissions before Aug 1 2005. Slides for the papers must be submitted by October 1st 2005. The conference is November 15th and 16th 2005, presenters need to be available in the days before to meet with interpreters. Some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and accomodations for the speakers. If you have a proposal for a tutorial session then please email a synopsis of the material and your biography, papers and, speaking background to [EMAIL PROTECTED] Tutorials are one hour in length, but with simultaneous translation should be approximately 45 minutes in English, or Japanese. Only slides will be needed for the October paper deadline, full text does not have to be submitted. The PacSec/core05 conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and new education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product pitches. Some commercial content is tolerated, but it needs to be backed up by a technical presenter - either giving a valuable tutorial and best practices instruction or detailing significant new technology in the products. Paper proposals should consist of the following information: 1) Presenter, and geographical location (country of origin/passport) and contact info (e-mail, postal address, phone, fax). 2) Employer and/or affiliations. 3) Brief biography, list of publications and papers. 4) Any significant presentation and educational experience/background. 5) Topic synopsis, Proposed paper title, and a one paragraph description. 6) Reason why this material is innovative or significant or an important tutorial. 7) Optionally, any samples of prepared material or outlines ready. Please forward the above information to [EMAIL PROTECTED] to be considered for placement on the speaker roster. cheers, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques Tokyo, JapanNovember 15/16 2005 http://pacsec.jp pgpkey http://dragos.com/ kyxpgp