Confidence - (24-25.05 2011 Krakow)
Language: polski | engish

Materials from the 2011 and preparation for the new edition.

We have published materials in the Press Room:

  • Summaries of 2010 editions
  • Logo package
  • Links to Photo Galleries
  • Links to video material and presentations from 2011 edition
  • Blog entries related to CONFidence 2011
  • Movies: Press Material and recordings from Gringo Warrior contest

We have also confirmed the dates of CONFidence X – May edition in 2012. Conference will be held at 23-24 May 2012 in an industrial environment of old water pumping station in Bielany in Krakow.

Spotkanie OWASP Poland Local Chapter

OWASP

Serdecznie zapraszamy wszystkich zainteresowanych na spotkanie OWASP Poland Local Chapter, poświęcone tematyce bezpieczeństwa aplikacji webowych.

Czas: 23 listopada 2011, 18.00 – 20.00

Miejsce:  Krakowski Park Technologiczny (Al. Jana Pawła II 41 L), sala konferencyjna na III piętrze.

Ewentualne zmiany będą publikowane na stronie: https://www.owasp.org/index.php/Poland, prosimy o sprawdzenie przed przybyciem.

 

Agenda

  • 18.00 – 19.00 Wybrane podatności w webowych interfejsach zarządzających urządzeń sieciowych – Michał Sajdak, Securitum
  • 19.00 – 19.15 Przerwa / networking
  • 19.15 – 19.25 Narzędzia OWASP dla developerów. Krótkie wprowadzenie do OWASP ESAPI i AppSensor – Wojciech Dworakowski
  • 19.25 – 20.00 Bezpieczeństwo CouchDB – Paweł Krawczyk

Sponsorem spotkania jest firma Securitum.

OWASP – To międzynarodowa organizacja non-profit, której celem jest poprawia bezpieczeństwa aplikacji webowych. Cel ten stara się osiągnąć publikując nieodpłatne opracowania i narzędzia zarówno dla tworzących jak i dla testujących aplikacje. OWASP organizuje również konferencje i lokalne spotkania poświęcone tematyce bezpieczeństwa aplikacji.

Zarządzasz bezpieczeństwem aplikacji? Jesteś pentesterem? Programistą aplikacji webowych? Przechodziłeś audyt bezpieczeństwa? Masz inne ciekawe doświadczenia związane z bezpieczeństwem aplikacji webowych? Wyślij maila z propozycją prezentacji na owasp-pl-cfp@googlegroups.com i podziel się swoją wiedzą!

CONFidence Team at the CCC Camp

CCC Camp Logo

So it happened. Every 4 years CCC organizes a camp, not just an usual event, but a “five-day open-air event for hackers and associated life-forms”.

Almost 4 thousand enthusiasts, not only hackers, but also everyone related to the high-tech industry and research ranging from simple electronics to rocket builders…

CCC Camp Aerial

CCC Camp consisted of: 126 separate villages, 100 projects, 90 workshops, located in an Aero Museum near Berlin…

Two years ago, we were at HAR, since then our team has grown, so this time CONFidence Crew of 10 joined the Camp and we hung around with Hackers on a Plane at the Neighbor Camp

CCC Camp CONFidence Team

In the meantime the lectures began in two tracks, everyday, in two hangars. Quite an unusual environment…

Topics covered during the presentations ranged from general topics like, Sport für Nerds by Michael Schwab, Life foods by Frantisek Apfelbeck, or Tempo/Rhythm/Echo extraction from Music by Werner Van Belle, through topics related to Hackers Space Program to IT security related topics like: Decentralized clustering by Herr Urbach, GPRS Intercept (Wardriving phone networks) by Karsten Nohl and Luca Melette or Black Ops of TCP/IP 2011 by Dan Kaminsky. The lectures lasted for 5 days and the schedule and additional materials are published here.

There were also talks related to the change in lifestyles, politics, society structures and the future of mankind. Topics like Imagine the Future of Money or Counter-lobbying in the EU Parliament. So everyone could find something interesting…

Besides the lectures, camp was all about meeting people, and exchanging ideas… and enjoying all the social activities and ideas.

CCC Camp CONFidence Team 2

We also had our input as on Friday we prepared an open Polish Cuisine Day, with a little taste of our traditional products…

This cams was a remarkable experience for everybody. We just can’t wait till the next edition…

CONFidence Team

CCC Camp Q3 Map

p.s. If you’ve  missed the camp itself, there is hope as we have prepared a special CCC Camp Map for Quake 3 Arena. It is available here. Just grab it and lauch in Q3 along with your friends and enjoy…

Press material

Have a look at the press material from the conference!

World of Ethical Hackers Revs Up – Invitation to Hacktivity 2011

Hacktivity

On September 17-18, 2011, Hacktivity, the largest hacker conference in Central and Eastern Europe will be held again, this time at Millenáris. The two-day conference will have a real festival mood, presentations, workshops, games, the Central and Eastern European finals of the Global CyberLympics, hardware hacking, a party in the evening and 1000+ hackers from all over the world!

Hacktivity, the oldest Hungarian independent IT security conference, which has become truly international by now, will be held for the 8th time this year. As usual, speakers will include the most prominent representatives of IT security. It is a major professional achievement to give a presentation at the conference therefore IT experts have had to apply to be selected as a speaker for years now. This year over 60 applications were sent from 15 countries to the programme committee of which the best 28 were chosen by the jury.

Similarly to previous years, this year’s two keynote speakers are real stars in their fields of expertise. Saturday will open with Hungarian-born Peter Szor who lives in the US and is justly called the Father of Virus Protection. His 650-page book „The Art of Computer Virus Research and Defense”, recently published in Hungarian, is not only a highly scientific work but also the most extensive study written about computer viruses to date. Peter Szor graduated from the University of Veszprém, Hungary as an IT specialist and wrote his first anti-virus software called Pasteur in the 1990s (also used by OTP Bank at the time). In 1996 he was hired by the predecessor of F-Secure in Finland, then became a leading engineer at Symantec in 1999 and recently joined McAfee. At CARO (Computer AntiVirus Researcher’s Organization) he worked together with many security researchers including John McAfee, Mikko Hypponen or Eugene Kaspersky. Peter Szor is the author of over 40 inventions and patents on computer virus detection and intrusion prevention.

Sunday’s keynote speaker is Raoul „Nobody” Chiesa from Italy, the well-known European cyber crime expert. In the 1980s and 90s he was one of the first Italian hackers then in 1997 he founded @Mediaservice.net Srl, a vendor-neutral security consulting company. Since 2003 he has co-operated with the UN agency “UNICRI” (United Nations Interregional Crime and Justice Research Institute) and in 2010 he was selected among the 30 European top security expert to assist the ENISA Director until 2012 at the PSG, Permanent Stakeholders Group.

And that’s not all when it comes to foreign speakers. Vivek Ramachandran, founder of securitytube.net, will come from India, Joseph McCray, Air Force veteran and winner of multiple awards by EC-Council, will arrive from the US, Ertunga Arsal, SAP expert and Alexander Kornbrust, Oracle expert will come from Germany. Pavol Luptak is Head of the Slovakian OWASP and Michele Orru, penetration tester for the Royal Bank of Scotland will come from Italy. In addition to the renowned foreign specialists there will be numerous prominent Hungarian speakers as well including Csaba Barta, security consultant at Deloitte Zrt. who was voted best speaker at Hackers Halted and who will speak about Computer Forensics, László Tóth, internationally recognized database security expert also from Deloitte Zrt., László Klock from kancellar.hu who is the winner of last year’s Hacktivity Wargame and will deliver a presentation on his research on virtualization security, and Péter Bodor, Associate Professor at Eötvös Loránd University, who will talk about the connection between the increasingly popular method of social engineering and psychology.

Beside the presentations plenty of other programmes will await participants such as interactive hello workshops, hardware hacking lockpicking, i.e. unlocking a lock without a key, and ardunio testing, games: Wargame, CTF, hacker’s path, ancient computers reborn, a wild party Saturday evening and for the first time this year the Central and Eastern European Finals of the Global CyberLympics at Hacktivity 2011! The global defense games organized and launched by EC-Council will have groups of 6 competing in 7 regions in the world. The finals will be held in the United States where the regional winners will be invited.

At the conference certified (CISA, CISM, CISSP) specialists can collect CPE points necessary for their licence. Due to the high interest shown in the event the organizers expect 1,000-1,200 participants this year. We have a new venue as well: this year’s conference will be held in the 4590 sqm Hall B of Millenáris where professional infrastructure, a restaurant, two large and several smaller rooms will be available. The largest room will seat 1,000 people.

Further information, the detailed program and registration: www.hacktivity.com

Facebook: http://www.facebook.com/hacktivity

Twitter: twitter.com/hacktivity2011

CONFidence 2011 summary

The CONFidence conference has finished, we would like to sincerely thank all the attendees, speakers and everyone involved for joining us at this year’s edition. We hope that you enjoyed both the technical part of the conference (lectures and lockpicking workshops) and the special chill out atmosphere of the venue.

We have already closed the ESET CrackMe contest. The winner will receive a pocket book reader
(http://www.pocketbookreader.com/PocketBook_602.html). Additionally ESET decided to award all contest participants with additional licences for ESET software. Winners will be contacted directly via e-mail. The slides from the lectures and photos from the conference have already been uploaded onto the official conference webpage. Direct links are below:

You can always check our photo gallery on Picassa: https://picasaweb.google.com/PROIDEAconferences Soon we will also publish the the video coverage from the conference. We encourage you to post feedback and further thoughts on the conference on our web 2.0 channels: twitter:

We also encourage you to download the newest edition of Securitymag, which can be found here:
http://2011.confidence.org.pl/misc/Securitymag_5-2011_IT_Security_Magazine.pdf.

Once again thank you all for attending CONFidence 2011! We hope you will join us during the next, tenth edition in 2012!

CONFidence Crew

CONFidence 2011 is over

Six months of preparations, two months of stress, two weeks of not sleeping properly – this is CONFidence! I would like to thank the whole team of organizers who have put so much work into the success of this year’s CONFidence.

Core Team:

  • Slawek Jabs – “Captain in Charge” – Event Coordinator, it is amazing how have you managed to deal with all the craziness with such a tranquility. Send the bill for all sedatives to the PROIDEA’s address :)
  • Marek Nowak – “1st Mate” – taking care of sponsors, managing the helping staff, logistics – wow! Everything made it to the right location, at the right time!
  • Tomasz Cewicki – graphic design and branding – with such help, the venue doesn’t matter – every place can be changed into a perfect conference space
  • Anna Kołodziejczyk – “Speakers’ Navigator” or more accurately “Speakers’ First Aid Kit” – thanks to Anna (and some best Polish vodka) our guests will definitely (not)remember last 3 days for a long time
  • Jakub Kozioł – “Treasures Guardian” or more accurately “The PROIDEA’s Main Sportsman”, he was supposed to play in Champions League but he found better game companions at CONFidence and stayed here :) He has not only perfectly managed 30 people of helping staff but also showed us that a geek can be athletic!
  • Emilia Staszczak – “Scribe” or as some call her “The Registration Master” – registration queue was dealt with fast, efficiently and with a smile
  • Kasia Podgórska – if you have any questions about invoices or payments, she is the right person to ask.

Goons (those who played ball with us and helped us prepare the whole event):

  • Michał Bar
  • Maciej Bieniasz
  • Marcin Bieniasz
  • Justyna Bień
  • Daniel Bogdan
  • Kinga Gruszkowska
  • Marta Horowic
  • Joanna Kapłon
  • Jarosław Karpiel
  • Paweł Kazirodek
  • Jessica Korfel
  • Karolina Kostiuczuk
  • Magda Krzak
  • Marek Nawierski
  • Marcelina Nowak
  • Piotr Olech
  • Karolina Pachel
  • Bartek Skrzyński
  • Dorota Studzińska
  • Rafał Trójniak
  • Łukasz Winiarczyk
  • Piotr Wydrych
  • Jarosław Zięcik
  • Ewa Zuba

I would also like to thank our Organizing Committee who has helped to create CONFidence:

  • Łukasz Bromirski,
  • Jakub Dębski,
  • Janusz Niewiadomski,
  • Jarosław Sajko,
  • …*

Thank you all and see you next year!
Andrzej Targosz, CEO of PROIDEA Foundation

The conference has finished!

The ninth edition of CONFidence conference has finished. However this is not the end as we are still waiting for the results of ESET CRACKME contest. We will also publish the report from the HP contest.

ESET CRACKME and REVERSEME – Two contest counted in CONFidence Triathlon

Below you can find description of two contests:

1. ESET CrackMe.

The objective is to either:
  • to find usename+password combination that will display “Congratulations” message box (in that case also short description how it was obtained should be provided)
  • OR provide keygen, that will generate proper password for given username
No patching/in-memory-modification allowed.

The file is located at:
http://2011.confidence.org.pl/misc/CrackMe/force64.ex_

Results should be sent to: esetcrackme@confidence.org.pl

2. REVERSME!

It’s time to start the Confidence 2011 ReverseMe contest. The malware for analysis has been finally provided and can be downloaded from here: http://217.168.130.38/reverseme.zip

Password for the archive is: reverseme

Contest is closed on 9:00 AM, Wednesday 25 May

If you’ve any questions please don hesitate and ask. Use the contest@confidence.org.pl email address (polish or english).

3. Check out the crazy Treasure Hunt contest!

CONFidence 2011 Info

CONFidence 2011 will begin tomorrow!! We would like to invite you to the CONFidence BeforeParty which starts today at 10 o’clock. The party will take place at the “Pod Wawelem” hotel terrace. The party will definitely give a good start to the conference so don’t miss out on it. We also remind about the buses that will take the attendees to the conference venue.

Place and departing times:

Parking in front of the Sheraton Hotel – departing from 8:15 to 10:00 and one at 15:30

Matej Square- from 10:00