June 6, 2014 at 17:13

Reports and contests at NeoQUEST-2014


    NeoQUEST-2014 large-scale cybersecurity event will take place in St. Petersburg soon : with fascinating reports from information security practice, spectacular demonstrations of attacks and fun contests for both novice hackers and real pros! As part of NeoQUEST, the final duel of the winners of the online hack quest tour will traditionally take place!

    Entrance to NeoQUEST 2014 is free! Only registration is required here .

    Topics of reports of the main technical program NeoQUEST-2014:

    1. "tpm.txt: what is overseas iron capable of?" : Report on TPM and TXT technologies, hardware protection.
    2. “I2P and TOR: execution cannot be pardoned. Anonymity on the Internet - an illusion or reality? ”: anonymous decentralized networks I2P and TOR, their advantages and attack vectors on them.
    3. “In MESH: how safe are mesh networks?” : Report on mesh networks, looking at it from two opposite sides.
    4. “How to steal a cat via USB” : interception of personal data, such as photos, videos, contacts from your smartphone via USB-protocol and ways to resist the attack.
    5. “A car as a big smartphone: cyber threats to security” : cyber attacks on the CAN bus of your car.
    6. “L4” : a cryptic report with an equally cryptic name!

    Under the cut - more about reports, contests, demonstrations and, of course, the hack quest itself!


    How will it be


    The event will take place on July 3 in St. Petersburg, in a bright and spacious conference room of the Resource Center for International Activities ( here is a link to a virtual tour, which also has a conference room). Guests can not only listen to reports, but also participate in interesting contests. For example, try yourself as a cracker in the hacker version of the escape room and get a prize for speed, ingenuity and sleight of hand. Or help the NeoQUEST team organize a real cold-boot attack! In addition to competitions and reports, everyone is waiting for cookies, coffee breaks and communication with colleagues in a pleasant environment.

    NeoQUEST reports


    An extensive report on Intel technologies such as TXT (Trusted Execution Technology) and TPM (Trusted Platform Module) is waiting for guests , and then immediately - to cool a hot and ready to explode from the abundance of brain information difficult for perceiving information - a fascinating demonstration of cold-boot attack ( we decided that after the assignment “Frozen Computer” in the online tour, such a demo is quite obvious!).

    In the report " In MESH: How Mesh Networks Are Safe?"“we’ll talk about the security mechanisms used in mesh networks, which are based on cryptographic algorithms and are aimed primarily at protecting against an external intruder. The speaker will tell you what capabilities the internal intruder has in this situation and how to implement attacks on a mesh network . Immediately after the presentation, it will be demonstrated how you can build your own mesh network from what is at hand.

    A little paranoia in the audience can cause the report " How to steal a cat via USB", in which the speaker will talk about the dangers that all smartphone owners face when transferring data via USB. The report will review the protocols used to synchronize smartphones with a PC, describe a possible method for intercepting data, and give an example implementation of a software tool that allows this do. The following are highlights various ways to counter attack from both the smartphone and the PC side, also with examples of their implementation.

    believe in the anonymity of the Internet? use TOR or the I2P? To you - the report about anonymous, decentralized network I2P and TOR , which will highlight their advantages and disadvantages, as well as describes the possible attack vectors to them.

    The report of a strange, at first glance, the name "L4 "will delight professionals interested in current trends in building operating systems!

    And for car owners and car enthusiasts - the story in the report“ The car is like a big smartphone: cyber security threats ”about the safety of car driving, and“ safety ”in this case does not apply to traffic rules, and to the protected functioning of the car’s electronic systems designed to increase comfort and, again, driving safety, all of which may be subject to significant threats b security, and about the sources of such threats and attack scenarios you will learn on NeoQUEST!

    NeoQUEST Contests


    NeoQUEST guests will enjoy both short contests and all-day contests. Like last year, NeoQUEST twitter will post small tasks every hour, the answers to which will need to be sent to the specified e-mail. The best participant according to the results of all tasks will receive a small prize. Fans of big prizes will have more difficult contests, they will have to show deeper hacking skills there.

    There will definitely be competitions on the topic of practical reports, so we advise you to listen to them carefully!

    Hack quest


    Participants in the hack quest will be separately from the audience in a specially equipped room of the same Resource Center, where they will not be distracted by the noise of the guests. But a video broadcast will be conducted from the room with the participants, from which viewers will be able to find out who is leading at the moment.

    In continuation of the legend of the online tour, participants will need to stop the rocket, which they (by accident!) Launched. To get rid of this threat, they will have to go through complex tests (read - assignments) that will be related to the security of mobile devices and the Web, virtualization, competitive intelligence and hardware (we remember that in the past NeoQUEST our iron job was pleasant to participants).

    Summarizing


    At the end of the day, the results will be summed up and everyone will find out which of the participants will win the main prize - a trip to one of the international conferences on information security! Prizes are waiting for the winners of the second and third places!

    For those who will not be able to attend NeoQUEST, there will be an online broadcast of the event. Video with reports and demonstrations, as well as analysis of the NeoQUEST intramural tour tasks, will be published on Habré shortly after the completion of the quest.
    Recall once again that admission is free ! We will be very happy to see new guests, and no matter how long and how tightly you are engaged in cybersecurity. At NeoQUEST-2014, absolutely everyone will be able to learn something new for themselves! Register on the site and come to expand the cyber horizons of your knowledge!
    Tags:

    Also popular now: