[Dailydave] SyScan 2012 Singapore - Speaker Selection

Fyodor fygrave at gmail.com
Mon Feb 6 22:45:03 EST 2012


This post should have started with free-beer and free-whiskey con
announcement. and then the rest.  Affirmative - free booze
availability at the con has been thorough verified and the con has
been awarded with SVC certification in recognition of its standardized
free-booze best practices and highly effective free-booze provision
infrastructure.

Amen :-)


On Mon, Feb 6, 2012 at 4:14 PM, Ben Nagy <ben at iagu.net> wrote:
> Denizens of DailyDave,
>
> Because I am not good at internets, I am just going to leave this here
> and let the cool kids disseminate it with twitter or whatever the hell
> you use these days.
>
> On behalf of the selection committee (Thomas Lim, Dave and Halvar) and
> the advisory adjunct (researchers of COSEINC) it gives me extreme
> pleasure to announce the speakers for this year's SyScan Singapore.
> Some of you may be unaware that 2012 was announced to be the
> penultimate instantiation of our flagship conference, and we're proud
> to be able to mark it with a particularly fine speaker lineup.
>
> Yes, I'm aware this may look a bit long, but you have to read more
> than 140 characters in a row at some point in your life, stop whining.
>
> Full Length Talks (in no particular order):
>
> Stefan Esser - iOS Kernel Heap Armageddon
>
> Well first of all it's Stefan, which means it will be technical enough
> to make my brain dribble out of my ears, but, more importantly, it has
> the word Armageddon in the title, so Job Done. You up and comers need
> to take note of these pro-tips from people like Stefan! Try not to
> kill as many bugs as he does, though...
>
> Chris Valasek and Tarjei Mandt - Heaps of Doom
>
> The word 'Doom' is almost as awesome as the word 'Armageddon'.
> Hopefully these talks aren't back to back because I'm not sure my tiny
> brain can handle @nudehaberdasher AND @kernelpool on stage at the SAME
> TIME tearing up the Windows 8 heap, and especially not right after the
> iOS kernel.
>
> Brett Moore - Post Exploitation Process Continuation
>
> Brett Moore might be the most reliably awesome speaker I have seen.
> Honestly, if he could pick a decent title, with, like "Doom" or
> "Armageddon" or "Meltdown" or something in it he would take over the
> world. No serious exploit writer will want to miss this, though. Clean
> exploitation with no process crash is the difference between a 'bug'
> and a pile of cash that is too big to carry without a brown paper bag.
> So I'm told, anyway. :(
>
> Loukas (snare) - DE MYSTERIIS DOM JOBSIVS
>
> I've not yet seen Loukas present, but I think it's clear from his
> ability to pick catchy titles that he has a bright future. EFI OSX
> rootkits. Hell yes.
>
> Alex Ionescu - ACPI 5.0 Rootkit Attacks Against Windows 8
>
> Dear Microsoft - please do not send anybody from the Win8 team to our
> conference, or read the presentation materials, so that all of Alex's
> techniques make it into the release. Love, SyScan.
>
> James Burton (jayji) - Entomology: A Case Study of Rare and Interesting Bugs
>
> For such a tiny place, New Zealand sure does have a lot of hackers
> with big brains. Sadly, because it's literally in the middle of
> nowhere and keeps falling over, many of you from the developed world
> may not be as familiar with them as you probably should. Jayji is the
> chief exploit guy for Insomnia, which automatically makes him badass,
> and he is going to show us how he exploits bugs. We will learn things.
> Hopefully he will not wear the hat he chose for the CFP submission
> photo.
>
> Ryan Macarthur ( backpacker ) and SeungJin Lee ( beist ) - PDF/DOC/SWF
> payloads are so 2011
> ( Owning entire organizations with regional software they’ve never heard of )
>
> Beist is seriously awesome. He hacks stuff, wins most of the CTFs he
> doesn't run, and drank so much Shochu in Taiwan that he had to be
> taken up to his room in a wheelchair. So, when he talks about hacking
> stuff, we honestly have no choice but to listen, even with Ryan
> tagging along for a free flight. Seriously, though, this talk will
> make you think about what your 'attack surface' looks like to real
> hackers instead of to PWC or EY.
>
> Jon Oberheide - Exploiting the Linux Kernel: Measures and Countermeasures
>
> While I have, personally, never heard of this Oberheide or the 'Linux'
> of which he speaks, I'm told that they're both something of a big
> deal, and hey, it has 'Exploiting' in the title. I've also been
> instructed to issue this warning to attendees - LADIES! Whatever he
> may tell you, he is NOT THAT KIND OF DOCTOR.
>
> Aaron LeMasters - I/O, You own: Regaining control of your disk in the
> presence of bootkits
>
> I guess we had to have at least one defensive talk. On the plus side,
> the title is pretty good, despite not using the words 'Cloud', 'APT'
> or 'Armageddon'. Ignoring the defensive angle, brand new research on
> an alternate IO path to disk in Windows sounds pretty awesome.
>
> Paul Craig - iOS Applications - Different Developers, Same Mistakes
>
> Some may not be aware that SyScan practices Affirmative Action for the
> Ginger Haired, so with The Grugq not submitting, there was a slot
> free. Paul is another Kiwi who doesn't get the notice he probably
> should, and despite having a strange fetish for Internet Kiosks, when
> he owns something up he usually does a pathologically thorough job.
> The fact that he has been looking at iOS banking apps in Singapore
> makes me incredibly grateful that I don't bank there.
>
> Edgar Barbosa - Automating the identification of data structures inside binaries
>
> Usually when people start talking about 'SMT Solvers' and 'REIL' and
> 'formal methods' I just mentally dub them over with the sound of
> chickens arguing. However, when Edgar says he can automatically
> recover data structures and format from random files and use that to
> build better fuzzers, assist with reversing and generally save me days
> / weeks of staring at IDA and hexdumps I instead become mentally
> erect.
>
> Lightning Talks
>
> While it's too early to announce a lineup, we will have some. I've
> been informed that they will be timed by me drinking beer - this means
> that I can personally guarantee that talks which become boring will be
> finishing within the following 10 seconds. If you've just read the
> awesome lineup we have and decided to come, have something cool to
> talk about and don't want to pad it out with fluff, then drop us a
> line at cfp at syscan.org! You don't get any money, but you do get
> free beer and the the chance to be heckled by a drunk
> @nudehaberdasher. Speakers - feel free to submit a lightning as well,
> if you think you're hard enough.
>
> TL;DR Summary
>
> The Year of the Dragon may just be the best SyScan Singapore yet.
> Also, as far as I am aware, it is the only conference that provides
> unlimited free beer for all attendees. I can't believe more people
> don't know that. Apparently there will be free soft drinks this year
> as well, although I have no idea why anyone would care about that.
>
> Cheers!
>
> ben
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunityinc.com
> http://lists.immunityinc.com/mailman/listinfo/dailydave



-- 
http://www.o0o.nu


More information about the Dailydave mailing list