Thursday 13 at 20h30

14 rue Saint Denis 75001 Paris by Metro 1 Châtelet

> just for guest list or to do lightning talk

You can watch Hackito Ergo Sum in live : http://www.ustream.tv/channel/hackito-ergo-sum-2012

–[ Monxla HES 2012 Wargame by Steven

Dear fellow hackers,

Again this year, Steven Van Acker (@StevenVanAcker) from OverTheWire has worked hard to create the HES Wargame and challenges. You can find the introductory letter below to start hacking !

Happy Hacking.

–[ Synopsis

Hello agent Hipnkewl,

As Head of the cybercrime-fighting unit of the best three-letter
agency in the world, I welcome you to the team.

To demonstrate your skills to the rest of team, we have prepared your
first assignment.

The russian Nasenko family has decided to become a crime family. Being
hip and trendy, they have figured out that an online presence is a must in today’s world.
They have set up a server where they are testing and developing the best and latest cybercrime
tools.
What they don’t know, is that we have already infiltrated their business and have a mole
inside their organisation.

Your job is to locate the information hidden by the mole and use it to take down the Nasenko server.
Details about the location of this server will be transmitted once the
mission is a go.

God speed, make us proud !

signed,
Director A.F.

–[ Rules

Only playable and opened on site, so come to try it :)

–[ Target

–[ EOF

We will be able to sell you directly onsite some pass for the conference. However there is some restriction :
– prices will be be more expense than online payment
– places available will depend of the online attendees registration
– we will accept only cash

Don’t forget Bring your U.S.B. for the Friday night party ! You’ll be able to plug it to the T.V. to display the medias you want or to root the T.V. Psychedelic medias are welcome !

(If you manage to find a usage for your exploit hah.)

The HES conference will once again gather some of the most innovative security researchers worldwide to meet the largest possible European hacking scene. This edition will be held at the Espace Niemeyer, the historic headquarters of the French Communist Party.

Backed up with a Programming Committee* comprised of highly respected members  from all corners of the hacking community, Hackito Ergo Sum 2012 expects to meet  the technical quality of its previous editions.

The architectural masterpiece of Oscar Niemeyer will host Hackito Ergo Sum during 3 days ; Hackito Ergo Sum will try to put the emerging security concerns under the spotlight by finding synergies between the underground, security experts, and technical decision makers.

Credit photo: Clement Guillaume (http://www.flickr.com/photos/29341581@N08/galleries/72157627789176229)

To accommodate the international security researchers among speakers as well as in the  audience, the highly technical security talks will be given only and entirely in English. This allows us this year to welcome the  attendance of  Georg Wicherski (CrowdStrike, Germany), Fyodor Yarochkin (Veracode, Taiwan), Mikael Lindstrom (EUROPOL, Netherlands), Marc Van Hauser (THC, Germany), Rodrigo Branco (Qualys, Brasil), Mohamed Saher (Egypt), Daniel Mende et Enno Rey (ERNW, Germany), Cesar Cerrudo (CTO at IOactive Labs, Argentina), all highly respected members of the hacking community, and many many more busticatis from around the globe within the public.

The French security R&D will also be present, with researchers such as Ivan Fontarensky and Iean-Michel Picod (Cassidian), Philippe Langlois (P1 Security), Matthieu Suiche (MoonSols), Jonathan Brossard (Toucan System), as well as Renaud Lifchitz (British Telecom) and the Vupen R&D team.

2011 was both the most catastrophic and the most interesting in terms of information security (Wikileaks and Iraq DoD leaks, Anonymous/Lulzsec hacking the FBI, DDoS becoming a daily  diversion for thousands of script kiddies, mafia groups gaining interest in Bitcoin and Tor…). Numerous companies and administrations worldwide, including the ministry of finances and the nuclear giant Areva in France, discovered their core networks had been compromised to unimaginable scales, often for years. The industrial fiasco of RSA also put millions at risk globally, especially in the most sensitive sectors of the economy. In this context : what to expect for 2012 ?

Hackito Ergo Sum will try to anticipate the short term global challenges of 2012 by taking a deep dive into the findings of security researchers around the globe. Previous editions featured entirely new talks such as hacking Scada networks (including satellites!) using X25, new kernel pool overflow exploitation techniques (Tarjei Mandt won the pwnie award 2011 at Blackhat for this amazing research he first presented at Hackito Ergo Sum 2011), reverse engineering of FPGA firmwares, dynamic forensic analysis of malware using either direct RAM access or using emulation (PandoraBochs), fuzzing of virtual machine monitors at interrupt level, hacking Telco Operators at the scale of a country using the SS7 protocol, and GSM security through femtocells for instance.

The global economy of the security industry has also significantly changed over the past few years : private military companies now buy exploits and resell them, including to governments. Intrusions of some of the world’s largest companies such as Nortel, which often lasted years and were operated from foreign countries, show that the game has changed : we are not talking about defacing webpages anymore, espionage of populations, governments and corporations using cyber-means is a reality.

Those questions will be debated in “round table” sessions among hackers, security experts, security vendors and members of public administrations.

The secret of Hackito Ergo Sum lies in its spirit : as a 100% non profit event and because it is open and welcomes anyone, we can count on hackers from all borders to help us. This open spirit will also be reflected by the associated activities and workshops organized by hackers and for hackers during the conference. Those will include the most awaited wargame from Steven Van  Acker of the « overthewire » community, a cryptographic challenge from Eloi Vanderbéken, as well as lockpicking workshops.

Finaly, the grugq (Coseinc, Thailand), after organizing the best openbar parties of both HITB and Blackhat US in 2011, will install his Barcon in Paris during HES.

*Programming Committee of Hackito Ergo Sum:

Tavis Ormandy (Google)
Matthew Conover
Jason Martin (SDNA Consulting Shakacon)
Stephen Ridley
Mark Dowd (AzimuthSecurity)
Tiago Assumpcao (RIM)
Alex Rice (Facebook)
Pedram Amini
Erik Cabetas (Include Security)
Dino A. Dai Zovi (Trail Of Bits)
Alexander Sotirov
Barnaby Jack (Mc Afee)
Charlie Miller (Accuvant)
David Litchfield (Accuvant)
Lurene Grenier (Harris)
Alex Ionescu
Nico Waisman (Immunity)
Piotr Bania
Laurent Gaffié
Julien Tinnes (Google Corp.)
Brad Spengler (Grsecurity)
Silvio Cesare (Deakin University)
Carlos Sarraute (Core security)
Cesar Cerrudo (IOActive)
Daniel Hodson (Ruxcon)
Nicolas Ruff (E.A.D.S)
Julien Vanegue (Microsoft Security Redmond)
Itzik Kotler
Rodrigo Branco (Qualys)
Tim Shelton (HAWK Network Defense)
Ilja Van Sprundel (IOActive)
Raoul Chiesa (TSTF)
Dhillon Andrew
Kannabhiran (HITB)
Philip Petterson
The Grugq (COSEINC)
Emmanuel Gadaix (TSTF)
Kugg (/tmp/lab)
Harald Welte (gnumonks.org)
Van Hauser (THC)
Fyodor Yarochkin (Armorize)
Gamma (THC, Teso)
Pipacs (Linux Kernel Page Exec Protection) Shyama Rose.

Including the three co-organizers of Hackito:

Philippe Langlois (P1 Security, /tmp/lab)
Jonathan Brossard (Toucan System, /tmp/lab)
Matthieu Suiche (MoonSols)

About Hackito Ergo Sum 

Hackito Ergo Sum is a technical security conference bringing new and exclusive research from all around the world. HES is 100% non profit, and is backed up by the Parisian hackerspace /tmp/lab (http://www.tmplab.org).

PRESS CONTACT
AL’X COMMUNICATION – Véronique Loquet
+33 (0)6 68 42 79 68 vloquet@alx-communication.com

Welcome to 2012 Hackito Ergo Sum Website.

Hackito Ergo Sum conference will be held from April 12th to the 14th of 2012 in Paris, France.

Following last edition’s success, HES2012 will continue developing and sharing a pleasant atmosphere and rich technical content, focusing on hardcore computer & network security, insecurity, vulnerability analysis, reverse engineering, research and hacking. We will do our best to help new talents and confirmed experts present their latest research.

HES is and remains an international conference, 100% in English, aiming to gather the best security researchers, hackers, experts, operationals and decision makers in Paris.

This year, we will have one country of honor, from which and for which we expect specific submission and focus. This year, it will be Russia. The goal of such dedication of HES 2012 to Russia is to bring in focus one country and its specific challenges and skills in the matter of security. Russia is indeed one such country, with extremely skilled security researchers and a creative and impressive security industry, but also extremely active malware creators and developped underground market.

You can already register or read the call for paper.