[Suspected Spam]Hackito Ergo Sum 2010 - Call For Paper - HES2010
Hackito Ergo Sum 2010 - Call For Paper - HES2010 CFP
http://hackitoergosum.org
Hackito Ergo Sum conference will be held from April 8th to 10th 2010 =20
in Paris, France.
It is part of the series of conference "Hacker Space Fest" taking =20
place since 2008 in France and all over Europe.
HES2010 will focus on hardcore computer security, insecurity, =20
vulnerability analysis, reverse engineering, research and hacking.
INTRO
The goal of this conference is to promote security research, broaden =20
public awareness and create an open forum so that communication =20
between the researcher, the security industry, the experts and the =20
public can happen.
A recent decision of justice in France has convicted a security =20
researcher for disclosing vulnerabilities and exploits. These laws =20
(similar to the one in Germany), descending from USA's DMCA law, are =20
orienting freedom of research and knowledge into a situation where =20
"illegal knowledge" can happen, restricted to the only ones blessed =20
by governmental silent approval and military. Scientific research and =20=
public information cannot be made into another monopoly of state, =20
where "some" can study and publish and "some others" cannot.
Such approach just show how misinformed some politics are and how =20
little understanding they get of the struggle they are acting in.
Not understanding that the best way to improve security is to attack =20
it shows the lack of maturity of some stakeholder by being cut out of =20=
independent information sources.
This is where our ethics and responsibility is to say "No, we have a =20
right for free information and true independence in research", and =20
this responsibility is the one of anybody, not just the =20
responsibility of academically blessed scientists.
This conference will try to take in account all voices in order to =20
reach a balanced position regarding research and security, inviting =20
businesses, governmental actors, researchers, professionals and =20
general public to share concerns, approaches and interests during.
During three days, research conferences, solutions presentations, =20
panels and debates will aim at finding synthetic and balanced =20
solutions to the current situation.
CONTENT
> Research Track:
We are expecting submissions in english or french, english preferred.
The format will be 45 mn presentation + 10mn Q&A.
For the research track, preference will be given for offensive, =20
innovative and highly technical proposals covering (but not =20
restricted to) the topics below:
Attacking Software
* Vulnerability discovery (and automating it!)
* Non-x86 exploitation
* Fuzzing with SMT and its limits
* New classes of software vulnerabilities and new methods to detect =20
software bugs (source or binary based)
* Reverse Engineering tools and techniques
* Static analysis (source or binary, Lattices to blind analysis, new =20
languages and targets strongly encouraged)
* Unpacking
* Current exploitation on Gnu/Linux WITH GRsecurity / SElinux / =20
OpenWall / SSP and other current protection methods
* Kernel land exploits (new architectures or remote only)
* New advances in Attack frameworks and automation
Attacking Infrastructures
* Exotic Network Attacks
* Telecom (from VoIP to SS7 to GSM & 3G RF hacks)
* Financial and Banking institutions
* SCADA and the industrial world, applied.
* Governmental firewall and their limits (Australia, French's HADOPI, =20=
China, Iran, Danemark, Germany, ...)
* Satellites, Military, Intelligence data collection backbones ("I =20
hacked Echelon and I would like to share")
* Non-IP (SNA, ISO, make us dream...)
* Red-light and other public utilities control networks
* M2M
Attacking Hardware
* Hardware reverse engineering (and exploitation + backdooring)
* Femto-cell hacking (3G, LTE, ...)
* Microchip grinding, opening, imaging and reverse engineering
* BIOS and otherwise low-level exploitation vectors
* Real-world SMM usage! We know it's vulnerable, now let's do something
* WiFi drivers and System on Chip (SoC) overflow, exploitation and =20
backdooring.
* Gnu Radio hacking applied to new domains
* Toll-booth and fast-lane payment systems
Attacking Crypto
* Practical crypto attacks from the hackers perspective (RCE, =20
bruteforce, ...)
* SAT-solver applied to cryptanalysis
* Algorithm strength modeling and evaluation metrics
* Hashing functions pre-image attacks
* Crypto where you wouldn't think there is
We highly encourage any other presentation topic that we may not even =20=
imagine.
Required informations:
* Presenter's name
* Bio
* Presentation Title
* Description
* Demo?
* Needs: Internet? Others?
* Company (name) or Independent?
* Address
* Phone
* Email
Send your submission to:
hes2010-cfp __AT__ lists.hackitoergosum.org
> Business & Society Track:
Format:
20 minutes slots to present a tool, an innovative product, a solution =20=
(commercial, open source, free); a customer experience or open =20
research domain; a society issue or a subject of public interest.
Demos are mandatory for tool, product or solutions presentations.
Pure-marketing presentation will be moderated (i.e. interrupted).
Follow-up with private group can be arranged for in-depth demo or =20
analysis.
Submission needs to be sent to:
hes2010-cfp __AT__ lists.hackitoergosum.org
> Other interests
If you want to organize a Capture The Flag, Reverse Engineering =20
contest, Lockpicking contest or any other activity during the =20
conference, you are most welcome. Please contact us at: hes2010-=20
orga@lists.hackitoergosum.org
DATES
2010-01-18 Call for Paper
2010-03-01 Submission Deadline
2010-04-08 Start of conference
2010-04-10 End of conference
PROGRAMMING COMMITTEE
The submissions will be reviewed by the following programming committee:
* Sebastien Bourdeauducq (Milkymist, /tmp/lab, BEC)
* Rodrigo Branco "BSDaemon" (Coseinc)
* Jonathan Brossard (P1 Code Security, DNSlab)
* Emmanuel Gadaix (TSTF)
* Laurent Gaffi=E9 (Stratsec)
* Thomas Garnier (Microsoft)
* The Grugq (PSP)
* Dhillon Kannabhiran (HITB)
* Kostya Kortchinsky (Immunity)
* Itzik Kotler (Radware)
* Philippe Langlois (P1 Telecom Security, PSP, TSTF, /tmp/lab)
* Moxie Marlinspike (Institute for Disruptive Studies)
* Karsten Nohl (deGate, Reflextor)
* Nicolas Thill (OpenWRT, /tmp/lab)
* Julien Tinnes (Google)
* Nicolas Ruff (EADS, Security Labs)
* Carlos Sarraute (CORE Security Technologies)
* Matthieu Suiche (Sandman, win32dd)
* Fyodor Yarochkin (TSTF, o0o.nu)
FEES
Business-ticket 120 EUR
Public entrance 80 EUR
Reduction for Students below 26 40 EUR
Reduction for CVE publisher or exploit publisher in 2009/2010 40 EUR
Entrance fees and sponsors fees will be used to fund international =20
speakers travel costs.
VOLUNTEERS
Volunteers who sign up before 2010-03-01 get free access and will =20
need to be present onsite two days before (2010-04-06) if no further =20
arrangement is made with the organization.
SPONSORS
Sponsors are welcome to contact us to receive the Partnership Kit at:
hes2010-orga __AT__ lists.hackitoergosum.org
LOCATION
Paris, France.
CONTACT
hes2010-orga __AT__ lists.hackitoergosum.org
Hackito Ergo Sum 2010 conference - http://hackitoergosum.org
Hacker Space Festival - http://www.hackerspace.net