Just a quick post to let you all know what I am doing. I am currently organising Security BSides London and this is taking up all my time so all research is on hold at the moment until the event has finished.
Registration is open
Submit a paper here
Learn more about Security BSides London
See you all there.
Hack Eire is Ireland’s only capture the flag competition for hackers. Held every year at the IRISSCon event in Dublin it is free to attend and open to all. The conference itself is brainchild of Ireland’s one and only Brian Honan.
I have to thank Mark Hillick and the Hack Eire team for putting together a superb CTF competition. Some really good real(ish) world hacking challenges. I can certainly say that the amount of time the guys spent on putting this together really shows.
There were some last minute changes to team membership etc and I ended teaming up with some friends. Our team name…… 5CHF (5 Swiss Francs). There is a long story to this but suffice to say some things happened when attending another conference in Switzerland called Hash Days.
The Hack Eire team put in some nice red herrings and in combination with some faulty systems, power problems and slight cheating by one team (you know who you are) we spent 7 hours wading through the challenges. If I can give any advice to anyone thinking of competing at any of these events DO NOT attempt them if you have been out drinking till 4am the night before. 4 hours sleep does not induce the optimal thinking condition of the human mind. Also, come up with a plan. Assign roles to team members, who does the recon? etc. Ensure you have a good mix of skills in your team like reversing, web app testing and coding.
So our motley band of 4 players set about the challenges. The organisers had created a list of questions which if answered correctly proved that you had completed a challenge. The challenges themselves were split into the following:
Overall, we placed 2nd only 1% behind the winning team. Congratulations to the winning team, who by the way have won for the 2nd year in a row. I look forward to see you all next year at the competition.
I have just got back from what I consider the best security conference of the year. Organised by the DefCon Switzerland guys Hashdays was a two day two track security conference held in Luzern (Lucerne) Switzerland.
For me the highlights were a drunk Irishman falling asleep in the night club toilet and a certain incident involving a brothel, maybe nightclub in German means brothel in Swiss German?.
Some great talks from some really talented researchers, some of who I had never heard of. The main highlights for me were the following:
OsmocomBB by Harald Welte – Open source baseband GSM stack
Busting Phone Encryption by Karsten Nohl – Needs no description
Helios by Stefan Buhlmann – Excellent dynamic code analysis tool
Detecting Hardware Keyloggers by Fabian Mihailowitsch – Great insight into the hardware used by keylog vendors
Big respect to the organisers who had everything organised to perfection, I think that will be the German in them.
See you next year.