CONFidence 2006 - trip report

I've just come back from a small conference in Krakow, CONFidence 2006. It was cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 second edition of this security conference, which is organized by a non-profit organization, PROIDEA, whose primary goal is to promote education in computer science. Apart from CONFidence, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y also organize conferences focused on BSD systems and various training courses.

Below I describe some of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 talks that I found particularly interesting among those which I managed to see...

Pawel Pokrywka gave a very interesting talk about security issues with DSL infrastructure as used by one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 biggest polish ISP. He discovered cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 auto-configuration protocol which is used to setup every single DSL modem of that company. He cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n prepared modem-emulator script which allowed him to get cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 configuration data (including username and password) for any modem in Poland he wanted. This could allowed an attacker to actually 0wn all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 DSL modems belonging to this operator! It was cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 best presentation in my opinion, not only it was technically interesting, but also was very well presented.

Lukasz Bromirski is a system engineer in Cisco Poland and is a very popular speaker at polish conferences. He gave three (!) lectures cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re, about BGP Blackholing, Dynamic Routing Protocols (OSPF and BGP) and one more about network attacks on L2 and L3 levels. Lukasz turned out as a very knowledgeable and experienced network engineer who is also a good presenter.

Przemyslaw Frasunek is anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r frequent speaker at Polish conferences. He is a well known BSD expert, but his talk was about Bluetooth security. Although it wasn't kind of an '0day talk', I think it was a good introduction to Blootooth stack and several basic attacks and was very professionally presented.

I also liked cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 two talks presented by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 members of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Security Team of Supercomputer-Network Center in Poznan. Blazej Miga talked very deeply about Apache architecture and internals, while Jaroslaw Sajko demoed how to write extension modules for IPTables. This team got lots of media attention in Poland last year, after cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y found several critical bugs in Gadu-Gadu, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 most popular Polish IM communicator.

Overall, level of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 talks was pretty good. Similarly like on ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r small conferences, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 atmosphere was very cozy and friendly. Organizers took very good care of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 speakers, taking us to various nice restaurants and entertaining all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 time (even cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 day after cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 conference). Krakow is actually a very nice city, probably one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 nicest in Poland. It is a little bit like Prague - it has a very large old town, with lots of nicely decorated restaurants (in an 'old polish' style) serving very tasty food :)

It was also very positive to see how enthusiastic those people are and it was clear to me that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y really do this conference for fun and not for profit. I wish cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m success with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 next edition in 2007!