14 DAY TRIAL // The draft agenda for the upcoming 2011 Hack In The Box (HTIB) Amsterdam security conference was published and promises a lot of interesting presentations on Web attacks, GPS tracking, ATM crime and mobile security.
HITBSecConf 2011 Amsterdam will span four days, from May 17 to May 20. The actual conference will occupy the last two and will be prefaced by technical training sessions on Web hacking, exploit writing and memory analysis.
The conference will kick off with a keynote speech by Facebook's Chief Security Officer, Joe Sullivan, and each day will be split in four separate tracks, one of which contains hands-on HITB Labs.
During coffee and lunch breaks people will also be able to attend 15-minute SIGINT and OWASP lighting talk segments.
There are quite a few attractive presentations this year. For example, on day one, iSec Partners security consultant Don A. Bailey promises to show how GPS devices can be manipulated to stealthily sniff location data.
On the same day, researchers Daniel Mende and Enno Rey plan to demonstrate several attack methods against 3G and 4G telecommunication networks.
In the second half of day one, independent security researcher Epto Epto will show how to fake MIFARE tickets, while PHP security guru Stefan Esser will dive into the world of mobile security with Antid0te, an ASLR implementation for iOS.
The day will end with a presentation on the new OpenLeaks organization by former WikiLeaks spokesperson and OpenLeaks founder, Daniel Domscheit-Berg.
Day two will kick off with a keynote panel discussion on the economics of vulnerabilities, that will see the participation of Lucas Adamski, director of security engineering at Mozilla; Steve Adegbite, senior security strategist at Adobe; Aaron Portnoy, TippingPoint’s security research team manager; Dave Marcus, director of McAfee’s AvertLabs research division; Chris Evans, information security engineer at Google; and Katie Moussouris, senior security strategist at Microsoft.
The day will continue with Qualys security researcher Ivan Ristić revealing the results of a real-life study on weak SSL implementations and a presentation of next-generation Web attacks (HTML5, DOM Level 3 and XHR Level 2) by BlueInfy founder Shreeraj Shah.
Independent security researcher Jim Geovedi plans to speak about satellite-based attacks against ATMs and bank networks and Rosario Valotta of Tentacolo Viola will show how clickjacking techniques can be combined with a 0-day IE vulnerability to steal session cookies.
The conference will be complemented by a Capture the Flag (CTF) hacking contest, hackerspaces and a lock picking village.
Softpedia is an official media partner for HITBSecConf 2011 Amsterdam and will cover the event as it unfolds.