The HES conference will once again gather some of the most innovative security researchers worldwide to meet the largest possible European hacking scene. This edition will be held at the Espace Niemeyer, the historic headquarters of the French Communist Party.
Backed up with a Programming Committee* comprised of highly respected members from all corners of the hacking community, Hackito Ergo Sum 2012 expects to meet the technical quality of its previous editions.
The architectural masterpiece of Oscar Niemeyer will host Hackito Ergo Sum during 3 days ; Hackito Ergo Sum will try to put the emerging security concerns under the spotlight by finding synergies between the underground, security experts, and technical decision makers.
Credit photo: Clement Guillaume (http://www.flickr.com/photos/29341581@N08/galleries/72157627789176229)
To accommodate the international security researchers among speakers as well as in the audience, the highly technical security talks will be given only and entirely in English. This allows us this year to welcome the attendance of Georg Wicherski (CrowdStrike, Germany), Fyodor Yarochkin (Veracode, Taiwan), Mikael Lindstrom (EUROPOL, Netherlands), Marc Van Hauser (THC, Germany), Rodrigo Branco (Qualys, Brasil), Mohamed Saher (Egypt), Daniel Mende et Enno Rey (ERNW, Germany), Cesar Cerrudo (CTO at IOactive Labs, Argentina), all highly respected members of the hacking community, and many many more busticatis from around the globe within the public.
The French security R&D will also be present, with researchers such as Ivan Fontarensky and Iean-Michel Picod (Cassidian), Philippe Langlois (P1 Security), Matthieu Suiche (MoonSols), Jonathan Brossard (Toucan System), as well as Renaud Lifchitz (British Telecom) and the Vupen R&D team.
2011 was both the most catastrophic and the most interesting in terms of information security (Wikileaks and Iraq DoD leaks, Anonymous/Lulzsec hacking the FBI, DDoS becoming a daily diversion for thousands of script kiddies, mafia groups gaining interest in Bitcoin and Tor…). Numerous companies and administrations worldwide, including the ministry of finances and the nuclear giant Areva in France, discovered their core networks had been compromised to unimaginable scales, often for years. The industrial fiasco of RSA also put millions at risk globally, especially in the most sensitive sectors of the economy. In this context : what to expect for 2012 ?
Hackito Ergo Sum will try to anticipate the short term global challenges of 2012 by taking a deep dive into the findings of security researchers around the globe. Previous editions featured entirely new talks such as hacking Scada networks (including satellites!) using X25, new kernel pool overflow exploitation techniques (Tarjei Mandt won the pwnie award 2011 at Blackhat for this amazing research he first presented at Hackito Ergo Sum 2011), reverse engineering of FPGA firmwares, dynamic forensic analysis of malware using either direct RAM access or using emulation (PandoraBochs), fuzzing of virtual machine monitors at interrupt level, hacking Telco Operators at the scale of a country using the SS7 protocol, and GSM security through femtocells for instance.
The global economy of the security industry has also significantly changed over the past few years : private military companies now buy exploits and resell them, including to governments. Intrusions of some of the world’s largest companies such as Nortel, which often lasted years and were operated from foreign countries, show that the game has changed : we are not talking about defacing webpages anymore, espionage of populations, governments and corporations using cyber-means is a reality.
Those questions will be debated in “round table” sessions among hackers, security experts, security vendors and members of public administrations.
The secret of Hackito Ergo Sum lies in its spirit : as a 100% non profit event and because it is open and welcomes anyone, we can count on hackers from all borders to help us. This open spirit will also be reflected by the associated activities and workshops organized by hackers and for hackers during the conference. Those will include the most awaited wargame from Steven Van Acker of the « overthewire » community, a cryptographic challenge from Eloi Vanderbéken, as well as lockpicking workshops.
Finaly, the grugq (Coseinc, Thailand), after organizing the best openbar parties of both HITB and Blackhat US in 2011, will install his Barcon in Paris during HES.
*Programming Committee of Hackito Ergo Sum:
Tavis Ormandy (Google)
Jason Martin (SDNA Consulting Shakacon)
Mark Dowd (AzimuthSecurity)
Tiago Assumpcao (RIM)
Alex Rice (Facebook)
Erik Cabetas (Include Security)
Dino A. Dai Zovi (Trail Of Bits)
Barnaby Jack (Mc Afee)
Charlie Miller (Accuvant)
David Litchfield (Accuvant)
Lurene Grenier (Harris)
Nico Waisman (Immunity)
Julien Tinnes (Google Corp.)
Brad Spengler (Grsecurity)
Silvio Cesare (Deakin University)
Carlos Sarraute (Core security)
Cesar Cerrudo (IOActive)
Daniel Hodson (Ruxcon)
Nicolas Ruff (E.A.D.S)
Julien Vanegue (Microsoft Security Redmond)
Rodrigo Branco (Qualys)
Tim Shelton (HAWK Network Defense)
Ilja Van Sprundel (IOActive)
Raoul Chiesa (TSTF)
The Grugq (COSEINC)
Emmanuel Gadaix (TSTF)
Harald Welte (gnumonks.org)
Van Hauser (THC)
Fyodor Yarochkin (Armorize)
Gamma (THC, Teso)
Pipacs (Linux Kernel Page Exec Protection) Shyama Rose.
Including the three co-organizers of Hackito:
Philippe Langlois (P1 Security, /tmp/lab)
Jonathan Brossard (Toucan System, /tmp/lab)
Matthieu Suiche (MoonSols)
About Hackito Ergo Sum
Hackito Ergo Sum is a technical security conference bringing new and exclusive research from all around the world. HES is 100% non profit, and is backed up by the Parisian hackerspace /tmp/lab (http://www.tmplab.org).
AL’X COMMUNICATION – Véronique Loquet
+33 (0)6 68 42 79 68 firstname.lastname@example.org