[Dailydave] PacSec (Tokyo Nov 11-12): PWN2OWN Mobile first casualty of Wassenaar, CFP extended to Friday September 4

Dragos Ruiu dr at kyx.net
Wed Sep 2 20:01:07 EDT 2015


So we have the first bona fide research casualty of the new Wassenaar
Agreement wording (ugh). HP and counsel are concerned over Japanese
implementation of it, so they will not be involved with Pwn2Own Mobile in
Japan. Given typical Japanese government bureaucracy, I don't think I can
fault them. However, I still like hacker circuses, so I've ordered up my own
RF isolation cage, and am interested in other folks to be involved (so
contact me) in the competition which will continue. I'm basically passing
the hat around to folks who might be interested in bug bounties for phones,
so here is one of the limited chances we get to re-write the rules and
patterns. My new plan is to hand over the bugs directly to local
representatives in Japan, without the ZDI need to feed the bugs back to the
US first - and make like the internet and route around the issues with
export. Shortly, when we finalize the new bounties, we'll publish the new
rules and registration process, which in all likelihood, will be much less
complex.

In related matters some folks complained about getting us mail for the
PacSec CFP while I was at CCC Camp, and some office renovations yanked a
cable and reinforced my belief that VLAN tagging is still bunk to be
eliminated. So we'll be accepting proposals until the end of the week, just
to make sure. Get your mail to us (secwest15 at pacsec.jp) before Friday, all
networks firing on all cylinders here now.

Cheers,
--dr



More information about the Dailydave mailing list