******************************************************************************* PARENTAL ADVISORY: 100% technical content ******************************************************************************* +--------------------------------------------------------------+ = = = NoSuchCon - CFP 2.0 = = = = ** http://www.nosuchcon.org/#cfp ** = = = = 15-17 May 2013 / Paris / France = = = °--------------------------------------------------------------° -- + -- The US have the NSA, hackers have the NSC. --[ Synopsis: The first edition of the NoSuchCon conference will take place in Paris from May the 15th to May the 17th of 2013. NSC is the badass hardcore technical security conference. Of death. --[ Background: We think hacking is a science, not an art. It's largely the science of experimentation and self learning. Best effort is not enough anymore. The number of hackers reaching the level where they can actually discover things by themselves has never been so high. And at the same time, the signal-to-noise ratio in our traditional communication channels (IRC, mailing lists, conferences, informal gatherings...) has never been so low. So we though we might give it a shot: we're trying to build a 0% bullsh!t conference. It's tougher than one might expect, but with the help of many (see in particular the support from our hardcore Programming Committee of death), we are confident that passion will prevail and that we'll eventually learn something from each other :) If you're tired of people making money on your back by monetizing your research whenever you go to a conference, we have good news: we're 100% non-profit. We're also not affiliated with any .gov or .com or any other organization. We work hard at night. Our aim is to learn stuff. If this sounds a lot like your own life, we'd be happy to have you among us. It's also worth remembering that hacking is *not* a competition. As such, there is no winner or rockstar. All you'll find here is people experimenting and seeking truth in code and RFCs. Finally, we'd like to insist on respect. Respect among attendees of course, which goes without saying (we all share the same passion; let's not get into ego problems and instead let's learn from each other. You know deep inside yourself that even though *you* certainly did your part of hard work, there would be no computers or network without the help of many), but also for researchers who come over, often from very far away, to present months of late night work to their peers. This is why NSC is strictly single track: every talk that makes it in deserves to be attended to, and everyone deserves to be treated with equal esteem and respect. There's no such thing as a rockstar at NSC: if you're after fame and profit, we're sure you'll find many other places to go to these days. --[ Press people / Media / Media Analysts / Bloggers: NSC is not a top secret conference. You are welcome to come over and participate. NSC staff will do their best to make your job easier. Please, bear in mind that you'll have to comply with strict hacker ethics, particularly in terms of privacy, personality rights and respect the anonymity of people who do not want to appear in your publications: you cannot take pictures of people without their *prior* consent, and people do not *have to* answer to any question if they don't feel like it. --[ Venue: The NSC conference will be hosted in the French Communist Party's amazing headquarters. This astonishing building was designed by the recently deceased Brazilian architect Oscar Niemeyer. The address is: Espace Oscar Niemeyer - Siege du Parti Communiste 2 Place Colonel Fabien, 75019 Paris, France --[ Tickets/Pricing: Tickets will be available for sales within days via our main website. l33t sponsor ticket 1337 EUR Evil sponsor ticket 666 EUR Regular on-site ticket 300 EUR Regular online ticket 250 EUR Early bird ticket 2 200 EUR before 2013/04/30 Early bird ticket 150 EUR before 2013/04/01 Student ticket 50 EUR (50 tickets available) --[ Quality: The aim of NSC is best summarized in 3 words: quality, quality and research. That, and hard work ! We believe that there is a place for quality independent security research disclosure. We think that this place should be run on a non-profit basis. We do our best to ensure that the chosen talks are of the upmost quality thanks to the highly respected security researchers who form our selection panel. As a result, we hope to deliver in a 3 days single track conference some seriously disruptive food for thoughts to security enthusiasts. Whether you will like a given talk or not depends on several factors involving your personal interests... and your general appetite for security ;) That being said, we totally think that every talk selected for NSC deserves the attention of the entire audience. We therefore do stick to a single track format. That's a kind of respect for speakers. As a speaker, it doesn't mean you have to lower the bar of your talk. It's rather the opposite, this is intended to cut down the number of "fillers"; not-so-sexy-talks. We actually encourage highly technical talks and writing code is somewhat compulsory (...unless you are better at solder ironing and have an electronic solver !). Don't assume ridiculous prerequisites, but assume people grasp new concepts quickly (isn't that what hacking is all about really?). --[ Disclosure policy: We consider researchers as outstanding grown adults. We therefore impose them the following disclosure policy: DO WHAT YOU WANT. --[ Programming Committee: The programming committee plays a central role in ensuring the best talks make it to the conference. We are very humbled to have such a great team of cool and remarkable engineers giving a bit of their free time to help us build a decent conference: Alex Ionescu (CrowdStrike) @aionescu Andrewg (felinemenace) Ange Albertini (Corkami) @angealbertini Nemo (felinemenace) Daniel Hodson (felinemenace/Ruxcon) Aaron Portnoy (Exodus Intelligence) @aaronportnoy Piotr Bania @PiotrBania Bannedit (Corelan) @bannedit0 Carlos Sarraute (Grandata) Cesar Cerrudo (IOActive) @cesarcer Dhillon Kannabhiran (HackInTheBox) @hackinthebox Nico Waisman (Immunity) @nicowaisman Federico Kirschbaum (Ekoparty) @fede_k FX (Phenoelit) @41414141 Fyodor Yarochkin (Academia Sinica/Plurk) @fygrave Hugo Fortier (RECon) @hugofortier Itzik Kotler @itzikkotler Jason Martin (Shakacon) @shakacon joernchen (Phenoelit) @joernchen Jonathan Brossard (Toucan System) @endrazine Julio Auto (iSIGHT Partners) @julioauto Tarjei Mandt (Azimuth) @kernelpool Laurent Gaffie (Spiderlabs) @laurentgaffie Lurene Grenier (Immunity) @pusscat Matthieu Suiche @msuiche Nicolas Ruff (EADS Innovation Works) @newsoft Pipacs (Linux Kernel Page Exec Protection) corelanc0d3r @corelanc0d3r Ravishankar Borgaonkar (Berlin University) @raviborgaonkar Rodrigo Branco "BSDaemon" (Cipher) @bsdaemon Sergey Bratus (Dartmouth College) @sergeybratus Silvio Cesare (Deakin University) @silviocesare The Grugq (Coseinc) @thegrugq Tim Kornau (Google) Travis Goodspeed @travisgoodspeed Note: thanks heaps, we owe you dear PC members :) --[ Submitting: We are interested in world domination 2013. We are glad you are willing to contribute. We highly encourage and will favour presentations with demos. To assess the depth, novelty and relevance of submitted talks, we will require a 2 to 3 pages whitepaper (as an order of magnitude...) along with your submission. We know it's a lot of work for speakers, but we'll help you get to Paris: it's not too bad a deal ;) We are only accepting submissions in English. The standard format will be of 35 mins presentation + 10 mins Q&A. If you think your talk deserves more time, feel free to ask for two slots (that is extended talk: 80min + 10mins Q&A). Please note that any talk whose content will be judged commercial or non vendor neutral will be rejected and/or interrupted on stage. General topics of interest are mostly offensive and include: - Security problems that are not fixable, - finding vulnerabilities and/or proving security properties of software, - new exploitation techniques (new classes of bugs, heap overflows on different memory allocators, win8...), proving things on binaries, - bytecode vulnerability discovery and exploitation (java, .NET, python...), - reverse engineering, writing debuggers, - exploit automation (targeted/worms), - malware engineering, - security assessment of new network protocols, - hardware hacking (raspberry based automated network hacking ?), - routers hacking, - crypto: practical assessment of software, quantum computers, FPGA and hardware implementations, - BYOD for dummies: ARM/x86 android/IOS hacking, persistence, remote control... - Botnets, Exploit kits and how to use them for targeted attacks, - Anti forensics: Piercing network firewalls and proxies, persistence,automated network ripping, data exfiltration, hiding your data from the CIA, - owning corporate and government networks for ever, - defeating new security protections, - breaking out of hypervizors, - hardware level vulnerabilities (cpu bugs?), - Hacking UEFI & Secure Boot (Bootkitting UEFI, Bitlocker...), - GNU Radio/SDR/anykindofwireless hacking, Signal Processing, - Hacking web application frameworks (java, ruby, php, .NET,...), - Be god on the internet, walk on water, - break stuff. We highly encourage any hardcore technical topics not listed in the above!! Submit your presentation and materials and the below form via e-mail to cfp@nosuchcon.org -----8X---------------8X-----------8X---------------- [ CFP ANSWER TEMPLATE ] *** General information: * Speakers name or alias * Demo [Y/N] * Number of lines of code written during your project? * I need help with visas [Y/N] * Presentation Title * Abstract * Biography * E-mail address * Address * Phone number * Company (name) or Independent? * additional requirements: Internet? Others? *** Talk Format: Please chose your talk format: [ ] Standard (30min+10min Q&A) or: [ ] Extended (80min+10min Q&A) *** Attachments: Specify if your submission contains any of the following information: * Tool [Y/N] * Slides [Y/N] Please attach your whitepaper to your submission in one of the following formats: raw ASCII 7bits text, TeX file, PDF file, MS office or Open Office document or presentation. (No other formats will be accepted: target your 0days ;)). -----8X---------------8X-----------8X---------------- --[ Deadlines: The CFP closes on March the 31st, 2013. The earlier you submit, the better for all of us ;) You shall be notified of your acceptance as a speaker by the 15th of April, 2013. --[ Do I want to talk there anyway? It's up to you mate. If you like the things we like, you may as well like the conference. You may want to have a look at the 3 previous editions of HES we co-organized and see if it looks like something of interest to you. We absolutely do encourage you to submit if you have something interesting to say. In particular, academic researchers, hobbyists, or just regular security enthusiasts of any age and from all over the internet are welcome to submit. --[ Speaker benefits: 4 nights accommodation in Paris, Travel reimbursement (up to $1000), Much respect and love. --[ More information: Web site: http://www.nosuchcon.org/ Twitter: @NoSuchCon Facebook: https://www.facebook.com/NoSuchCon CFP information/submissions: cfp@nosuchcon.org --[ Greetings: The No Such Association (NSA) team would like to thank the security research community for its continuous support. We would like to thank in particular members of the Programming Committee, the past speakers, all of the volonteers as well as all the attendees and the past sponsors, plus the countless friends, that share our passion and are ready to share some of their time with us :) --[ EOF ]--