HITB2012AMS

By: Weixien Toh

At the end of last May, Mozilla sponsored the HackWEEKDAY contest at the third annual Hack In the Box conference in the Netherlands. The contest ran alongside the rest of the HITB conference which featured presentations on security topics including new iPhone jailbreaks and a second day key note from Bruce Schneier.

Jaya Baloo has been working internationally in Information Security for fourteen years. Her focus has been on secure network architecture design, and she has completed projects ranging from Lawful Interception, Deep Packet Inspection, VoIP & Mobile Security to designing national MPLS infrastructures and ISP architectures. She has worked for a number of telecom providers, KPN and France Telecom among others, and currently works for Verizon Business in the Netherlands where she specializes in Identity & Access Management -- Secure Mobility and Consumer Identity Management.

Georgia Weidman is the founder of Bulb Security. She's also a penetration tester, security researcher, and trainer.

In this video recorded at Hack in The Box 2012 Amsterdam, Georgia talks about Android permissions. She dissects the permissions granted to a very popular application and talks about the various implications that not only invade your privacy but can actually cost you money. She also offers tips on how to protect yourself.

Much to the joy of the jailbreak community, the Dream Team - comprising p0sixninja, Pod2g, MuscleNerd and a number of other prominent iOS hackers - have been responsible for the last two major jailbreak releases.

At this year's Hack in The Box (HITB) conference in Amsterdam, the team discussed several topics of interest, including Absinthe and Corona. The video below depicts the discussion for the first part where the team of hackers talk about Corona.

Rop Gonggrijp is the founder of the Dutch hacker magazine Hack-Tic and was believed to be a major security threat by authorities in The Netherlands as well as in the USA. In 1993, a number of people surrounding Hack-Tic including Gonggrijp founded XS4ALL. It was the first ISP that offered access to the Internet for private individuals in the Netherlands. Gonggrijp sold the company to the former enemy Dutch-Telecom KPN in 1997 and founded ITSX, a computer security evaluation company.

During the 2012 edition of the Hack in the Box (HITB) security conference in Amsterdam, we had the pleasure of speaking to Roberto Suggi Liverani, a researcher who focused his efforts on finding vulnerabilities in some of the most popular web browsers.

Security holes in web browsers are nor something new, but part of his research is based on finding flaws in Chinese web browsers, an area that hasn’t been targeted by many experts.

Take a look at what he discovered and the difficulties he came across while trying to report his findings to various vendors.

Human societies run on trust.  Every day, we all trust millions of people, organizations, and systems — and we do it so easily that we barely notice.  But in any system of trust, there is an alternative, parasitic, strategy that involves abusing that trust.  Making sure those defectors don’t destroy the very cooperative systems they’re abusing is an age-old problem, and we’ve developed a variety of societal pressures to induce cooperation: moral systems, reputational systems, institutional systems, and security systems.

Being stuck below the security poverty line isn’t about budget, it’s about attitude, motivation, and focusing not simply on basic compliance but rather on your true security goals. Akamai CSO Andy Ellis will share a behind-the-scenes look at how Akamai’s security program evolved through the collapse of the dot-com bubble, avoided being trapped belowthe security poverty line, and developed into one of the most trusted cloud platforms today.