FrHack in live… (I’m doing it in english, since FRhack is international !)
Below, you’ll find the live report of FRhack international conference in Besançon, for the first day. But here is a snall overview of the contents of this conference (in french, sorry !), ripped from the local news :
|France 3 : late news sept. 23:00 7th 2009||France 3 : evening news 19¦20 sept. 7th 2009|
|short version (0:34)||long version (2:35) incl. Richard Stallman interview|
If you want to continue and see photos of the event, please click below !
Sunday 18:00 I drove to Besançon and am at the hotel since 4PM, with my hardware and a big box of books (yes!) that is used for the talk I’m giving tomorrow morning… since it’s more or less a 2000 pages summary. The main issue is that I had to spend the last hours finishing my slides, as I took the wrong version of the presentation with me ;((
I’m gonna leave, speaker’s dinner is now…
23:19. Dinner is over. Very international ! Where I was seated, the 6 guys were from New-York, Seattle, Russia, Japan, France x2 (including Jérôme Athias, the organizer) and Switzerland (myself). At the other table, Richard Stallman (which speaks a really good french, thus a suprise for me) is friendly, and spent half of the dinner on his laptop…
23:23. I’ve gotta put a final touch to my presentation… I’m the first presenter tomorrow morning, and since I realized the other presentations would be really good, that adds up a little more stress 😉 Oh, and by the way all the talks will be broadcasted on streaming…
Monday, 07:30 : Time to wake up and have breakfast. I’ve finished remaking my slides, what a relief 😉
09:00 After an introduction from Jerome in a really nice looking old theatre, there are now two tracks in parallel.
A very nice place, the city’s old theater :
09:30 Here I am, talking about psycho-social behavior tweaks :
10h30 : My presentation about behavior is over and now I’m listening to Philippe Oechslin which explains in a great presentation how even FIPS140-3 certified biometric encrypted USB keys can be defeated by **stupid** implementation errors…below, he explains that (most) developers are (really) bad in understanding anything in crypto :
11:32 : We had a break after Philippe’s speech. Time for me to upload some photos.
Next conference is about using CUDA and FPGA to accelerate GSM cracking. Unfortunately I missed part of it since I was busy with the arrival of RMS (Richard Stallman).
12:37 : Richard Stallman exposes his vision in front of the France 3 television camera. Expressing himself in a perfect french, he explains that free software (NOT open source, which is different) englobes ideas « Liberté, Egalité, Fraternité ». He also explained that there was another music distribution system that could be similar to the controversial global licence, but more suited for everybody. His quick speach was concluded by applauses from the small crowd !
14:00 Lunch with Philippe Oechslin, Jerôme’s girlfriend and Basile Remaury, a film producer which is realizing a fiction about hackers
14:30 : Back to the talks. Cesare Cerrudo, the Argentina windows vulnerabilities guru show us that the automatic behavior of Internet Explorer is very weak, and can cause a lot of security issues, especially because of the weak settings by default. It is for example possible to do phishing on the windows desktop by creating a fullscreen IE imitation of the Windows desktop, which will confuse the user. Some other attacks demonstrated involved XSSQL (SQL Injection over XSS !).
15:15 : For the second time this day, I’m in front of the camera, helping the France3 guys as a translator to interview David Hulton about how he uses FPGA hardware to break codes and makes a living with that.
15:20 : David Hulton (Seattle, US) on the left (by the way, I love his tee-shirt !!), Abhijeet Hatekar (India) and Blake Cornell (New-York, US) on the right, which are both specialized in VoIP attacks.
15:25 : A funny tee-shirt ! There are lot of different original tee-shirts over here…
15:00 : Nguyen Amh Quynh explains us how he created a nice memory forensic tool using Firewire. Basically it’s a kind of FW iPod attack, but adapted to dump and alter memory of a live system.
16:30 : Andres Riancho explains us a web testing framework using different techniques like fuzzing and spidering, able to nice results.
17:30 : Richard Stallman, as usual, presents his vision of the future, GNU and GPL software
He has brought a lot of fun stickers and goodies… I couldn’t resist taking a picture of the stand, and also took back some stickers for myself and friends :
Some stickers are quite… oriented !
19:19 I’ve been playing with the Reactable since 15 minutes… it’s simply great !!!
19:27 : Finally Richard Stallman’s looong talk ends, as usual with his now legendary appearance :
21:00 : Tonight was artistic. Jerôme organised a modern art exhibition, a philarmonic concert, and finally a concert with the Reactable.
23:00 Afterwards, we ended up in some coffees to meet each others and discuss about differents things. Around some beers, Blake Cornell did show us an impressive attack using SIP (telephony over IP) to create accounts… Very nice proof of concept !
23:30 : Time for me to leave, unfortunately, and drive back home since I’ve got to be at the office tomorrow morning… I’m sorry not being able to continue this photo-report, and hope someone else will be able to describe tuesday’s talks.