logo
nav_contact contact venue schedule


niemeyer-2012



"Each time I step into this kind of conference, I am impressed with the amazing amount of skills they gather. And if I do the math, multiplying this skills by the fourty-plus years of activity ahead of these young researchers, engineers, PhDs, I realize that the future of our society is precisely here. This is the new elite of this country as well as of the world for this conference has a worldwide scope. The Ivy League and the Grandes Ecoles, so typical of the French system are already dead as a doornail, they just haven’t realized it yet."


Laurent Bloch, Security Expert & Senior Writer



FOR ANY QUESTION ABOUT THE EVENT contact@nosuchcon.org
TO BE SPONSORS sponsors@nosuchcon.org
TO SUBMIT YOUR TALK cfp@nosuchcon.org
FOR ANY QUESTION ABOUT PRESS AND MEDIA PARTNERS vloquet@alx-communication.com




FOR ANY QUESTION ABOUT THE CHALLENGE challenge@nosuchcon.org
FOR ANY QUESTION ABOUT CTF ctf@nosuchcon.org




FOR ANY QUESTION ABOUT THE WEBSITE webmaster@nosuchcon.org



GPG

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1

mQENBFQDOB0BCAC89bN43EfWGM2BresTWJhc5LUqiX6BpA+WU/p3fOXFzF0iy+Xd
TSbIVzVj8m7seWr4OYsgtaZu6Ek2J3KQhpmMA9Oeiz+Yy4B3E0UJz/3+NURFuXcY
d6OQOWsnXs1iXO7Bfee89at8HcOEPsbhD1iJAu+C/+NPp2tUGy4Z2SMScpLxAPdi
LouNeOiUIq2BWWczYMZDQkaspKwlowe4rgfNbY/v/wZLwQsgIYzT7FB+hKnaBFoG
WBMn1rn+9BXjTIkcwosIHXii3Sj3A8XHzLlvhTShENZhL7ZqrG94CP7XBILOIAP4
3ecyGn9bWCei4TrmexwqX3DixFJHwvlUuFjZABEBAAG0OmNmcEBub3N1Y2hjb24u
b3JnIChObyBTdWNoIENvbmZlcmVuY2UpIDxjZnBAbm9zdWNoY29uLm9yZz6JATgE
EwECACIFAlQDOB0CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEGJmpYNo
sMljxZcH/0KgPWcJ9UsijeDlUNBEisKvAwRrrPqi4hSucLrllnsjZhhqmnwX5FrE
Kn8qt2T16hjAV2oSf7i8A29WNWv21+21Hx2qQ1MCTVm5hx3prKvRBY6Sm6pzWgXB
2xt7RZM1uLmp8NsiNUKeCMa7H99cPCuXPClU5GQtBEOvIs7+XxNU3eH0ixHrTAuW
0n691C2C7ripkNMfafJEs3X1Xz3pojHuyq6bpwureftI2XfHzfHqhZjCGN61hkaJ
TCszmcufAYA/j0Tk8Z1nP/wRhHmHbeVWH9PWcmHOKXw6obsY466ZiTlu9muMVroX
UVn3E6k7BDtyn7QILIBFLehh094/aEC5AQ0EVAM4HQEIAMApeWo27X71VLtjHtMa
tYD4UWzb3K7K5IFpMqX6WiJ1M6PBGlp46FgTQejGfekHMTJElFFk75AEokDhTSDH
QBqtD+M3j8PyGt7uicog1tv8770E5ASM+cez1puGYz6jeXb3hdGe0LH83Ytb9kh/
clTuU6KnQYHjnvc2nGuhMu1+fK1XJV6NV4Dy3c/DDzbu5qPjgFA43Q1Ir4PwVxLH
0kQpqutCCFW7y6RSlsn0JsSvQvk0uE3UfcBdrlBy28cb1aA3oPUuOdq1eUtDys8U
+pxJ9ersnGUquBbpe+iqr6TkUvCuXkPwQOyppASP4vhmE0SmmJT/eDrC4wnOEKj0
Bf0AEQEAAYkBHwQYAQIACQUCVAM4HQIbDAAKCRBiZqWDaLDJYyXrCACjzkxnbNVx
zduleJb9kJlAKVMBtLixSx3pzcZIevmfDuNXXWbjtmTarHtE52vqSPTUi7qkJ71P
nR27wmVBSqEUYvY0nQtmIXSlYfi/+Xb0owKQ90ONnBHkevLTyO9RknPhBXc771TM
UsreX7CyXKDR6FQUw+wieb5EZW2M08khzVAHeO6B2e9sxznSAqsA20nlPg/onRlI
+2tq3so3aRFWpThWj+DlIEz5JRmaYco3agscN8ucqJoVzsynT1lc9xOXM0XNv5Lm
bcSaET9Ji9ZNFwEnipbMlwZbv3tL55NwSDNAIKAwllxN8xStxbAP6eoNOIO3posW
YkAFVBH5g3hY
=vBul
-----END PGP PUBLIC KEY BLOCK-----
                                






venue_flag_1

ESPACE OSCAR NIEMEYER
2 PLACE COLONEL FABIEN
75019 PARIS, FRANCE
01 40 40 12 12
METRO 2 COLONEL FABIEN



venue_flag_h1
HIPOTEL PARIS BELLEVILLE
21 Rue Vicq d’Azir,
75010 Paris, France
+33 1 42 08 06 70
www.hipotel.fr

venue_flag_h2
HÔTEL IBIS
12 Rue Louis Blanc,
75010 Paris, France
+33 1 42 08 21 40 (fax)
www.accorhotels.com

venue_flag_h3
LIBERTEL CANAL SAINT MARTIN
5 Avenue Secrétan,
75019 Paris, France
+33 1 42 06 62 00
www.hotel-canal-saint-martin.com

venue_flag_h4
BUTTES CHAUMONT HOTEL PARIS
4 Avenue Secrétan,
75019 Paris, France
+33 1 42 45 33 81 ‎
www.hipohotel.fr

venue_flag_h5
CAMPANILE
232 Rue du Faubourg Saint-Martin,
75010 Paris, France
+33 1 40 34 38 50 (Fax) ‎
www.campanile-paris-gare-du-nord.fr

NoSuchCon is a three-days-long conference set up by volunteer members through a non-profit organization.

The project is the offspring of well-known people of the cybercommunity, people used to international IT security conferences and, up-until-then, of organizers of Hackito Ergo Sum. Each member of the organization is, in a variety of projects, part of the international cybercommunity. The organizing team is moved by the ambition of gathering the best researchers in ethical hacking and IT security, of sharing innovation, inform and transmit knowledge with the final goal of stepping up the technical level of the community.

NoSuchCon presents new and exclusive contents regarding IT security. The conference is a crucible for different IT security experts coming in different flavours: professionals, enthousiasts, hackers ; renowned or more secretive. NoSuchCon conference allows to share best practices ; let new tendencies and exclusive research appear, anticipating the challenges to come.

NoSuchCon is a place for both well-known, top-guns of the cybercommunity, as well as young talented researchers at the dawn of their careers or others presenting their results anonymously. NoSuchCon pursues multiple goals but mostly wants to foster exchange, federating different communities such as students, key actors of the industry, private and public sectors. It also wants to make room for practical demonstrations as well as innovative theoretical findings.

Among the themes of interest will be: vulnerabilities assessments and analysis, SCADA architectures, reverse engineering, attacks on critical infrastructures, Cloud computing security, botnets, Threat Intelligence, etc.

The program committee comprizes some of the best hackers and security researchers worldwide, from both academics and industry, which is a key factor to guarantee quality content. It will be uniquely diverse in its international composition. Bridging over frontiers and sovereignty issues, ideological and economical differences, the program committee looks for people able to share their research findings and propose new concepts.


CO-FOUNDERS

Joffrey Czarny



Joffrey Czarny (Sn0rky)
Security researcher, VoIP hacker, Ambassador of Happiness and Healthy Living



Renaud Bidou



Renaud Bidou
No comment



Cedric Blancher



Cedric Blancher (Sid)
Researcher, serial-speaker, snowboarder and skydiver

"Sid" Blancher, the first president of NSA (No Such Association) who left us in November 2013. The ISS community misses him very much. Surely enough, he will be with the rest of us to make NSC 2014 an amazing experience.



Jonathan Brossard



Jonathan Brossard (Endrazine)
Elite computer terrorist. Old school reverse engineer. Speaker at Blackhat/CCC/Defcon.



Veronique Loquet



Veronique Loquet
Relationista behind the scenes, involved in some hackers communities around the planet with an historic focus on open source and security areas.



Arnaud Malard



Arnaud Malard (Sud0man)
Pentester, researcher (when I have time), skier, snowboarder and father of 2 tiny hackers.



Nicolas Massaviol



Nicolas Massaviol
The flying security guy



Nicolas Ruff



Nicolas Ruff (Newsoft)
Security researcher, hacker, blogger, serial speaker, troll herder, happy father, and more ...



Sébastien Rummelhardt



Sébastien Rummelhardt
Assistant deputy director, Propaganda Department (Propdep) -- Ministry of Truth, Bullshistan.




Matt Suiche



Matt Suiche
Well known for his technical contributions to the law-enforcement community for the Windows hibernation file, Windows physical memory acquisition and Mac OS X Physical Memory Analysis. Speaker at PacSec, BlackHat USA, EUROPOL High Tech Crime Meeting, Shakacon...







PARTICIPATION OF

Stephane Avi



Stéphane Avi
Pentester and more ...

Valerie Micaux



Valérie Micaux (athoms)
Graphic designer at home, happy girl and snowboarder






CHALLENGES


To be define for 2014






GPG

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1

mQENBFQDOB0BCAC89bN43EfWGM2BresTWJhc5LUqiX6BpA+WU/p3fOXFzF0iy+Xd
TSbIVzVj8m7seWr4OYsgtaZu6Ek2J3KQhpmMA9Oeiz+Yy4B3E0UJz/3+NURFuXcY
d6OQOWsnXs1iXO7Bfee89at8HcOEPsbhD1iJAu+C/+NPp2tUGy4Z2SMScpLxAPdi
LouNeOiUIq2BWWczYMZDQkaspKwlowe4rgfNbY/v/wZLwQsgIYzT7FB+hKnaBFoG
WBMn1rn+9BXjTIkcwosIHXii3Sj3A8XHzLlvhTShENZhL7ZqrG94CP7XBILOIAP4
3ecyGn9bWCei4TrmexwqX3DixFJHwvlUuFjZABEBAAG0OmNmcEBub3N1Y2hjb24u
b3JnIChObyBTdWNoIENvbmZlcmVuY2UpIDxjZnBAbm9zdWNoY29uLm9yZz6JATgE
EwECACIFAlQDOB0CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEGJmpYNo
sMljxZcH/0KgPWcJ9UsijeDlUNBEisKvAwRrrPqi4hSucLrllnsjZhhqmnwX5FrE
Kn8qt2T16hjAV2oSf7i8A29WNWv21+21Hx2qQ1MCTVm5hx3prKvRBY6Sm6pzWgXB
2xt7RZM1uLmp8NsiNUKeCMa7H99cPCuXPClU5GQtBEOvIs7+XxNU3eH0ixHrTAuW
0n691C2C7ripkNMfafJEs3X1Xz3pojHuyq6bpwureftI2XfHzfHqhZjCGN61hkaJ
TCszmcufAYA/j0Tk8Z1nP/wRhHmHbeVWH9PWcmHOKXw6obsY466ZiTlu9muMVroX
UVn3E6k7BDtyn7QILIBFLehh094/aEC5AQ0EVAM4HQEIAMApeWo27X71VLtjHtMa
tYD4UWzb3K7K5IFpMqX6WiJ1M6PBGlp46FgTQejGfekHMTJElFFk75AEokDhTSDH
QBqtD+M3j8PyGt7uicog1tv8770E5ASM+cez1puGYz6jeXb3hdGe0LH83Ytb9kh/
clTuU6KnQYHjnvc2nGuhMu1+fK1XJV6NV4Dy3c/DDzbu5qPjgFA43Q1Ir4PwVxLH
0kQpqutCCFW7y6RSlsn0JsSvQvk0uE3UfcBdrlBy28cb1aA3oPUuOdq1eUtDys8U
+pxJ9ersnGUquBbpe+iqr6TkUvCuXkPwQOyppASP4vhmE0SmmJT/eDrC4wnOEKj0
Bf0AEQEAAYkBHwQYAQIACQUCVAM4HQIbDAAKCRBiZqWDaLDJYyXrCACjzkxnbNVx
zduleJb9kJlAKVMBtLixSx3pzcZIevmfDuNXXWbjtmTarHtE52vqSPTUi7qkJ71P
nR27wmVBSqEUYvY0nQtmIXSlYfi/+Xb0owKQ90ONnBHkevLTyO9RknPhBXc771TM
UsreX7CyXKDR6FQUw+wieb5EZW2M08khzVAHeO6B2e9sxznSAqsA20nlPg/onRlI
+2tq3so3aRFWpThWj+DlIEz5JRmaYco3agscN8ucqJoVzsynT1lc9xOXM0XNv5Lm
bcSaET9Ji9ZNFwEnipbMlwZbv3tL55NwSDNAIKAwllxN8xStxbAP6eoNOIO3posW
YkAFVBH5g3hY
=vBul
-----END PGP PUBLIC KEY BLOCK-----
                                






PREVIOUS VERSION

logo_2013 techtv



Jean-Philippe Aumasson - Cryptographic Backdooring

Jean-Philippe Aumasson

We describe the different classes of cryptographic backdoors, which depend on where sabotage occurs in the cryptographic supply-chain. We characterize and categorize backdoors, in terms of discoverability, detectability, and exploitability, and propose semi-formal definitions in order to encourage a more rigorous study of malicious cryptography.

Several examples are discussed, from straightforward coding backdoors to Dual_EC or the recent sabotaged SHA-1 instances.

Jean-Philippe (JP) Aumasson is Principal Cryptographer at Kudelski Security, in Switzerland. He is known for designing the cryptographic functions BLAKE, BLAKE2, SipHash, and NORX. He has spoken at conferences such as Black Hat and CCC, and initiated the Crypto Coding Standard and the Password Hashing Competition projects. He is member of the technical advisory board of the Open Crypto Audit Project. JP tweets as @veorq.



Andrea Barisani - Forging the USB armory

Andrea Barisani

Inverse Path recently introduced the USB armory project, an open source hardware design, implementing a flash drive sized computer for securityapplications. The USB armory is a compact USB powered device that provides a platform for developing and running a variety of applications.

The security features of the USB armory System on a Chip (SoC), combined with the openness of the board design, empower developers and users with a fully customizable USB trusted device for open and innovative personal security applications.

The presentation will cover the journey that we have taken to develop the USB armory board from scratch, explaining the lessons learned and its prospected applications.

Andrea Barisani is an internationally known security researcher. Since owning his first Commodore-64 he has never stopped studying new technologies, developing unconventional attack vectors and exploring what makes things tick...and break.

His experiences focus on large-scale infrastructure administration and defense, forensic analysis, penetration testing and software development, with more than 13 years of professional experience in security consulting.

Being an active member of the international Open Source and security community he contributed to several projects, books and open standards. He is now the founder and coordinator of the oCERT effort, the Open Source Computer Security Incident Response Team.

He has been a speaker and trainer at BlackHat, CanSecWest, DEFCON, Hack In The Box, PacSec conferences among many others, speaking about TEMPEST attacks, SatNav hacking, 0-days, OS hardening and many other topics.



Nicolas Collignon - Google Apps Engine security

Nicolas Collignon

Based on a feedback from multiple penetration tests and codes reviews, this talk answer practical questions concerning GAE: How secure is the Google GAE infrastructure? How Google protects your applications? How a GAE application hosted in Google datacenters may affect the security of your internal network?

This talk is not about theory or trolling on “is-cloud-good-or-wrong”, but will present real-world attacks, including arbitrary code execution to escape the Python sandbox in the Google datacenters and exploration of the GAE platform outside of the Python sandbox.

Nicolas Collignon has been auditing and pentesting information systems for more than 9 years. He’s the author of several publications such as “Playing with Windows /dev/(k)mem”, “Tunneling TCP over RDP: rdp2tcp”, “Shell over DTMF”, “VMware and virtualization security” or “JSF ViewStates upside-down”. He is currently leading the penetration testing team at Synacktiv. For the last 2 years, he has spent a considerable amount of time hacking Android operating system and Google services.



Benjamin Delpy - Mimikatz

Benjamin Delpy



Benjamin Delpy, is a security researcher know as 'gentilkiwi'. Presented at Black Hat, Defcon, PHDays, BlueHat, and more. Security enthusiast, he publishes tools and articles in order to speak about product weaknesses and to prove some of his ideas. Mimikatz was his first software that reached an international audience. It is now recognized as a Windows security audit tool - http://blog.gentilkiwi.com/mimikatz



Sebastien Dudek - HomePlugAV PLC: practical attacks and...

Sebastien Dudek

Domestic Power-line Communication (PLC) devices are used to extend a LAN network as well as WiFi does, but using the power-line support. Even if PLC have a bad reputation because of few aspects in the past (bad security, bad speed, not stable because of perturbations, ...), this technology grown up and offers a better connection, more stable with an encrypted conversation between two PLC devices. Someone who wants to extend his private network easily without additional wires, or without spending a 'fortune' on wireless repeaters, will use PLCs. Moreover, Internet Service Providers in France usually provide a HomePlugAV embedded in the power supply of their routers and set-top-boxes. As HomePlugAV is implemented on a lot of devices, we were interested to study their security, and their weaknesses.

In this talk, we will see how PLC work with a detailed network analysis. Then we will discover few practical attacks to penetrate, and backdoor a private LAN.

Sébastien Dudek is a security researcher at Sogeti ESEC R&D labs. His main fields of interest are radio communication technologies (GSM, GPRS, RFID, Wi-Fi, POCSAG, DECT...), but also other areas like software, web, and network security.

He has been a speaker at Hack.lu 2012 speaking about GSM protocol stack fuzzing and his fuzzing environment. Interested in application security, particularly on Linux, he has also contributed for the french magazine MISC #62 on current Linux mitigations, and possible ways to bypass them.



Georgi Geshev - Your Q is my Q

Georgi Geshev

Message Queueing concepts are well established in enterprise environments which are already known to be fairly insecure. Now that the Internet of Things is gaining momentum, MQ is also the lightweight mechanism of choice for communicating with your fridge and toaster. We discovered a series of vulnerabilities in several widely adopted MQ implementations that would allow an adversary to cause a mass disruption in your corporate network or maybe pull off the shadow file from your neighbours' microwave. General MQ concepts will be briefly introduced to the audience, followed by a short attack surface walk-through and quick review of the common vulnerabilities and typical misconfigurations and ways to identify and leverage them for fun or profit.

Georgi is a security researcher for MWR InfoSecurity in the UK. Prior moving to the UK, he worked in Australia where he was mostly drinking golden ales and fighting with kangaroos. He was at some point of his life involved with a couple of local chapters of OWASP. His main areas of interest include bug hunting, reverse engineering and cryptography.



Ezequiel Gutesman - Blended Web and Database Attacks on Real-time, In-Memory Platforms

Ezequiel Gutesman

It is well known there is a race going on in the "Big Data" arena (take a drink for even thinking about the "Internet of Things"). One of the stronger competitors in the "Big Data" market is Real-Time, In-Memory Platforms. An interesting thing about this platform and, the one we will talk about specifically, is that it blends everything to increase performance. The database tables, webserver engine, webserver code, authorization, analytics engine, libraries, etc. are all optimized to, if possible, never touch the disk.

Surprisingly, this causes a perspective shift for the web and database application threat landscape and how security professionals should address it.

Ezequiel Gutesman is Director of Research at Onapsis. He has led security research projects for the last 10 years giving talks and presentations in international security conferences such as Black Hat, Hack.Lu and Ekoparty. Ezequiel is responsible for Onapsis innovation in cutting-edge ERP security assessment techniques and defensive technologies.



Peter Hlavaty - Attack on the Core

Peter Hlavaty

Kernel vulnerabilities was commonly used to obtain admin privileges, and main rule was to stay in kernel as small time as possible! But nowdays even when you get admin / root then current operating systems are sometimes too restrictive. And that made kernel exploitation nice vector for installing to kernel mode!

In this talk we will examine steps from CPL3 to CPL0, including some nice tricks, and we end up with developing kernel mode drivers.

Peter (@zer0mem) is a security researcher at KEEN Team (@K33nTeam) and his primary focus is kernel exploitation. Peter has 4+ years’ experience at IT security in different areas as malware research, developing anti-APT solutions or windows kernel dev & research.



Alex Ionescu - "SURPRISE TALK"

Alex Ionescu

Alex Ionescu is the Chief Architect at CrowdStrike, Inc. Alex is a world-class security architect and consultant expert in low-level system software, kernel development, security training, and reverse engineering. He is coauthor of the last two editions of the Windows Internals series, along with Mark Russinovich and David Solomon. His work has led to the fixing of many critical kernel vulnerabilities, as well as to over a few dozen non-security bugs.

Previously, Alex was the lead kernel developer for ReactOS, an open source Windows clone written from scratch, for which he wrote most of the Windows NT–based subsystems. During his studies in Computer Science, Alex worked at Apple on the iOS kernel, boot loader, and drivers on the original core platform team behind the iPhone, iPad and AppleTV.



Richard Johnson - Fuzzing and Patch Analysis: SAGEly Advice

Last year, in “Taint Nobody Got Time for Crash Analysis”, we presented implementations of analyses performed on taint traces that included a tool to help determine input leading to a crash and an exploitability evaluation tool based on symbolic execution. This year we will expand on these topics with a study of our efforts towards improving the effectiveness of binary differential analysis (bindiff) and replicating Microsoft Research’s work on the “Scalable, Automated, Guided Execution” (SAGE) fuzzer. Richard Johnson is a computer security specialist in the area of software vulnerability analysis. Richard currently fills the role of Manager of Vulnerability Development in charge of vulnerability discovery, triage, and mitigation research within Cisco Sourcefire VRT, offering 12 years of expertise and leadership in the software security industry. Current responsibilities include research on exploitation echnologies and automation of the vulnerability triage and discovery process. Previous areas of security research and tool development include program execution tracing, taint analysis, fuzzing strategies, memory management hardening, compiler mitigations, disassembler and debugger design, and software visualization. Richard has released public code for binary integrity monitoring, program debugging, and reverse engineering and has presented annually at top-tier industry conferences worldwide for over a decade. Richard is also a co-founder of the Uninformed Journal.



Renaud Lifchitz - Quantum computing in practice

Renaud Lifchitz

There are a lot of fantasies and myths about quantum computers. Do they exist? In what are they useful? Dive into quantum computing and learn how to develop your own quantum algorithms and run them. Discover how cryptography will be affected and change in the next future.

Renaud Lifchitz is a French senior IT security consultant. He has a solid penetration testing, training and research background. His main interests are protocol security (authentication, cryptography, protocol security, information leakage, zero-knowledge proof, RFID security) and number theory (integer factorization and primality tests).

He currently mostly works on wireless protocols security and was speaker for the following international conferences: CCC 2010 (Germany), Hackito Ergo Sum 2010 & 2012 & 2014 (France), DeepSec 2012 (Austria), Shakacon 2012 (USA), 8dot8 2013 (Chile).



Rob Rachwald - The Nitty Gritty of Sandbox Evasion

Rob Rachwald

With organizations facing a deluge of cyber-attacks, virtual-machine sandboxing has become a popular tool for quickly examining legions of files for suspicious activity. These sandboxes provide isolated, virtual environments that monitor the actual behavior of files as they execute. In theory, this setup enables security professionals to spot malicious code that evades traditional signature-based defenses.

But sandboxes are only as good as the analysis that surrounds them. By themselves, sandboxes can only monitor and report file activity, not analyze it. And unfortunately for organizations that rely on them, the file-based sandboxes used by many vendors are proving oblivious to the latest malware. Attackers are using a variety of techniques to slip under the radar of these sandboxes, leaving systems just as vulnerable as they were before.

Rob Rachwald has worked in security for more than 15 years. At Intel, Rob worked on securing their supply chain management system. Additionally, Rob managed product marketing at code review companies Fortify and Coverity. Before joining FireEye, Rob was at Imperva for four years as the senior director of security strategy and oversaw Imperva¹s thought leadership initiatives.



Braden Thomas - Exploitation of a hardened MSP430-based device

Braden Thomas

This presentation walks through the reverse-engineering and exploitation of a hardened embedded device and provides certain techniques you can use to exploit similar devices. As MSP430 devices become more common, it is slowly becoming the norm to encounter devices in production with blown JTAG fuses. Previously, this was a significant hurdle. In 2008, Goodspeed described several attacks against the MSP's BSL (bootstrap loader). This presentation will review those attacks and describe the challenges facing a researcher attempting to perform them. This presentation will demonstrate how to reliably perform successful firmware extraction on a MSP430 with a blown JTAG fuse. Additionally, the presentation will cover what you might see while reverse-engineering MSP430 firmware. Finally, it will describe a software-only attack that uses a feature of BSL to extract sensitive data from RAM.

Braden is currently a senior research scientist at Accuvant, focusing on embedded research in the AMI and medical device industries. Prior to Accuvant, he worked as a Product Security Engineer at Apple for 6 years.

At Apple, Braden focused on drastically increasing the internal fuzzing throughput and coverage, as well as performing proactive security reviews for many high-profile features.



Guillaume Valadon, Nicolas Vivet - Detecting BGP hijacks in 2014

The main goal of this talk is to raise awareness of routing security issues by providing a tutorial on the BGP routing protocol and on the detection of specific routing events called IP prefixes hijacks. We hope that the security community that attends NSC will find interest in network-related issues. In a nutshell, such events happen when two network operators announce overlapping IP prefixes using BGP. As a consequence, IP packets could be delivered to these two operators. The final destination mainly depends on the home network of the sender. Overlapping announcements can disturb the whole Internet as observed in 2008 when YouTube traffic was partially redirected to Pakistan Telecom.

However, duplicated and overlapping announcements may also be legitimate when an operator wishes to distribute its DNS servers using anycast to filter out DDoS attacks, or needs to assign IPv4 resources to its clients. As a consequence, detecting and classifying hijacks is a challenging task, not only because the dataset is large (around 500 Gb per year), but also because of engineering and commercial practices.

We have been monitoring events that affect French network operators since 2011. This talk will present issues that must be addressed while trying to detect hijacks on the Internet, and focus on France as well as Europe to provide examples.

The outline of the talk will be the following: 1. how does BGP work ? 2. what are hijacks ? 3. engineering Best Current Practices defined by the networking community that could block them 4. offline detection: challenges & results 5. online detection & active measurements: challenges & results.



Damien Cauquil - Hardware Workshop - Fun with RF remotes

RF remotes are cheap and everywhere, and pretty easy to hack: people knows about Software Defined Radio and how much fun it could bring to the masses. SDR is cool but requires some specific knowledge and not-very-affordable tools when it comes to send crafted RF signals, i.e. with an HackRF or a BladeRF board. This workshop will demonstrate how a RF remote basically works (electronics, RF protocol, data encoding) and how to turn it into an attack tool without using any microcontroller or computer.

No computer programming nor electronics skills required, only a brain and two hands. We will provide all further required materials to the attendees.

Damien Cauquil is the R&D Director at Sysdream, a French IT security company but also a professional pentester who loves reverse-engineering, coding and other security-related topics.

Early bird tickets are only available in limited numbers...


TO BE SPONSORS sponsors@nosuchcon.org


sponsor_exclusive microsoft winamax




sponsor_platinium vupen econocom

fireeye airbus

beyond intel trend micro




sponsor_sponsors thales lexfo eset

synacktiv cogiceo

oppida hsc sans

bull splunk lumisec

yes sysdream virtualabs

cdaisi ak crowdstrike


sponsor_medias ossir clusif misc

techtv cnis
TL;DR
=====

Conference: NoSuchCon 2014
Date: 19-21 November
Venue: Paris, France
Motto: "the bullshit-free conference"
CFP deadline: September 30st 2014
Web: www.nosuchcon.org
Contact: cfp{at}nosuchcon.org
Twitter: @NoSuchCon

Details
=======

The USA are sucking oil from this planet up to the last bit. Russia has invaded Western Europe. Crypto has failed. You cannot wipe your a** with your Bitcoins, because it is not even paper. Justin Bieber almost lost his O-1 visa. Jade the Rabbit is dead. Only 7% of Yahoo! video chats actually involve nudity.

Clear signs that the end of the world is coming.

What are *you* going to do? Getting drunk with cheap Bud? Do yourself a favor: settle for no less than Champagne. Or at least Bordeaux wine. Submit to NoSuchCon 2014!

If you are not clever enough to have been abducted by Cicadia 3301, but still smart enough to be in the "cybersecurity" field those days, do not miss this unique opportunity to gather one more time before the Cybergeddon. Show up with never-seen-before and hardcore research materials to NoSuchCon 2014!

If you call yourself a hacker, but did not sell your company over $19bn (yet), stay calm and submit to NoSuchCon 2014! We provide free trips to Paris for the best of you!

This operation will be known as PONY COLLECTION. And do not worry, there will be NSA[*] members all around the place. Wearing orange T-Shirts. Just like last year[**].

It all started here: cfp{at}nosuchcon.org

At least if you can write at least 20 lines of text before September 30st.

Wow. Such Conference. So 2014. Many submissions.

[*] No Such Association
[**] https://twitter.com/k8em0/status/335258070471016448/photo/1

Program Committee
=================

Ange Albertini @angealbertini
Julio Auto @julioauto
Piotr Bania @piotrbania
Sergey Bratus @sergeybratus
Jonathan Brossard @endrazine
Cesar Cerrudo @cesarcer
Travis Goodspeed @travisgoodspeed
Alex Ionescu @aionescu
Tim Kornau
Itzik Kotler @itzikkotler
Aaron Portnoy @aaronportnoy
Nicolas Ruff @newsoft
Peter Van Eeckhoutte @corelanc0d3r
Nicolas Waisman @nicowaisman
Arnaud Abbati @noarfromspace
Xavier Mertens @xme
Jean-Philippe Aumasson @veorq
Bruce Monroe
Vincent Benony @bSr43
Saumil Shah @therealsaumil
Florian Ledoux @myst3rie
                            
synacktiv

crackmips.tar.gz


Rules:

The contest is open to everyone except Synacktiv employees and NSC organizers.

Participation in the challenge can be anonymous but the winner must provide his identity to receive the prize. To win the contest, you must discover and send a password to an email address of the form [0-9a-f]{16}@synacktiv.com. These two elements are the solution of the third challenge. You also have to send a written solution within 10 days to the same email address.

The winner is the first person to send this email.

The solution must be written in English or French and must contain the different approaches used to solve each stage of the challenge and the tools used (private tools can remain private but the author will have to describe how they work).

The challenge ends Monday, November 3 at 10am, Paris time.

Prize for the winner of NSC 2014 challenge is a ticket for a security conference and refund of traveling & accomodations for the conference. The maximal cost (ticket & expenses) will be up to 3000€.

If no one has solved the last challenge, the people who solved the first 2 parts of the challenge will be invited to send the fullest possible solution before Monday, November 17 at 10am. Synacktiv will select the winner based on the quality of the solution (preference will be given to original and inventive solutions, the presentation is not important).

Participation in the challenge is individual but a one-time call to a friend is allowed.

Only challenge's IPs and services can be attacked.

Any attempt of brute-force, denial of service, mental or physical attack on an organizer will cause a temporary or permanent ban.

Attempts to bribe challenge's organizers (especially with beer and sausages) are allowed, but their results can not be guaranteed.

Synacktiv may disclose clues on his twitter account: Synacktiv

By entering the challenge, participants give their tacit consent to the publication of their solution associated with their name or pseudonym.

PREVIOUS VERSION



logo_2013 techtv

PHOTOS GALERIES



nav_footer_left nav_footer_right