Talks
Talks will be announced in two phases, on 18th Sept and 2nd Oct. The current schedule may be subject to change.
Quick List
Details
| Title | Metlstorm Welcomes the Combined Badasses |
| Abstract | Roll up, roll up. Metlstorm welcomes the Kiwicon Massive to this, the fifth installment of our con, and, in lieu of a Keynote, offers a few thoughts on the State of the World, almost certainly to involve badmouthing of vendors, hyperbole, and beard stroking. |
| Location | Sat 05 0900 @ The Opera House |
| Duration | 30 mins |
| Name | Metlstorm |
| Origin | Wellington, New Zealand |
| Bio | Beards, bacon and beer are the benzine to Metlstorms... err, boffindom? While alliteration may not be his strong point, Metl does at least hold down a job as roach herder with Insomnia Security, engages in rampant punditry on the Risky.biz podcast, and is only partially reponsible for this whole Kiwicon malarky. |
| Title | The Erlang SSH Story: bug to key recovery |
| Abstract | It's 6pm in the office and your coffee is cold. You thought you were so smart when you decided to create a custom ssh channel protocol to run inter-cluster distribution, but now you're deep in the guts of the SSH library and something looks out of place. The call to random:uniform/1 anywhere else would be innocent, but your heart sinks as your mind races: wrong kind of random, no entropy mixing - could you guess the seed? And if you could, what else would be yours for the taking?
A bug, a conjecture, a half-arsed network stack, a lot of coffee and googling, a one-shot pcap->private key recovery script. |
| Location | Sat 05 0930 @ The Opera House |
| Duration | 30 mins |
| Name | Geoff Cant / Archaelus |
| Origin | Northernmost Palmerston, now The People's Republic of Berkeley |
| Bio | Geoff Cant is the world's most interesting Erlang Hacker in New Zealand. He doesn't often spot security bugs in obscure programming languages but when he does he weaponizes them.
More prosaically of late, he builds interesting distributed systems for mobile gaming platforms at ngmoco:) and finds entirely too little free-time to devote to an ever-expanding collection of github projects. |
| Title | Hacking Hollywood |
| Abstract | This is a whirlwind tour through the production of film and TV, from
script draft to ticket stub. A wide variety of software is involved in
creating a motion picture - for pre-production tasks such as
scriptwriting and storyboarding through to special effects generation,
renderfarm control and video editing. And, funnily enough, it's
terrifically vulnerable.
Previously unreleased vulnerabilities will be showcased in
industry-standard software used by the big studios for the big
pictures. Watch Avatar? CSI? The Star Wars movies? These are just a
few productions that use software I have exploited. Whether you're
into Paper St style frame injection, controlling an army of renderbots
or setting sail for The Pirate Bay with your pre-release booty, I've
got something for you. Let me show you life on the other side of the
screen, where the vulns have roamed free of predators.. 'til now. |
| Location | Sat 05 1000 @ The Opera House |
| Duration | 30 mins |
| Name | vt |
| Origin | Auckland, New Zealand |
| Bio | vt is a security consultant at Security-Assessment.com's Auckland office. After a couple of years of building systems he has turned to breaking them instead, and spends his spare time hunting 0day and the ultimate combination of whisky and bacon.
|
| Title | Going Rogue |
| Abstract | Ever felt like someone is watching you? Wish you could protect yourself but find your tin foil hat a bit uncomfortable for social occasions? This talk is for you.
From unlikely ways to communicate using normal, un-modified household electronics, to keeping yourself financially afloat when you can’t use your bank.... in 25 minutes or less I will give you the tools and techniques to survive when you need to go off radar for a while. |
| Location | Sat 05 1100 @ The Opera House |
| Duration | 30 mins |
| Name | Laura Bell |
| Origin | New Zealand (via the United Kingdom) |
| Bio | Newly escaped from a deep dark official looking basement in the UK where she did “some stuff” for “a government organisation”, Laura is now working for KPMG Security Advisory Services. A reformed gamer, Arduino fan girl and closet code monkey; she is often described as “surprisingly normal for a geek”. |
| Title | An Embarassingly Simple Approach to Securing Browser Users |
| Abstract | Web browsers currently do virtually nothing to proactively protect users from
malicious web sites. Whether a site has a certificate or not is largely
irrelevant, blacklists react too slowly to catch anything but inept phishers,
and beyond these security-theatre defences there's nothing available. As a
result a browser will happily take a user to an obviously-phishy fake banking
site and run evidently malicious Javascript to inject a drive-by download onto
their PC. Building on four decades of experience with security design for the
built environment (buildings and houses) known as crime prevention through
environmental design (CPTED), this talk looks at how CPTED is applied in
practice, and how similar principles could be used as part of at an
embarassingly simple risk-mitigation strategy that helps protect browser users
from malicious web sites. |
| Location | Sat 05 1130 @ The Opera House |
| Duration | 45 mins |
| Name | Peter Gutmann |
| Origin | Orkland, NZ. |
| Bio | Peter Gutmann arrived on earth some eons ago when his physical essence filtered down from the stars, and he took human(?) form. Lingering for awhile on the plateau of Leng while waiting for the apes to evolve, he eventually mingled among human society, generally without being detected, although the century he spent staked out in a peat bog in Denmark was rather unpleasant and not something he'd care to repeat. Once computers were invented he became involved in security research in the hope that enough insider knowledge would, at the right time, allow him to bypass electronic security measures on the first translight spacecraft and allow him to return to the stars. This is probably still some time away. Until then he spends his time as a researcher at the University of Auckland, poking holes in security systems and mechanisms (purely for practice) and grumbling about unusable security systems. |
| Title | So you wanna be a hack superstar |
| Abstract | Come and listen as antic0de talks about life in the commercial NZ security testing scene.
Take a step up from #2600, and through the beginnings of the local 'pen testing' industry.
New Zealand security exports are higher per capita than most of the world, and we have kiwis working in high level security roles in major organisations around the world.
Want to hear about APT's, drink with a kiwi. Want to jackpot an ATM, drink with a kiwi. Hear about NGS Hijinx, a kiwi can help you there. How about a tour of Redmond, yup kiwis have even infiltrated that place.
And locally we now have a number of security firms looking for talented people to join the industry. Maybe antic0de can rant enough to convince you that it's not all bad, or maybe he will just be hungover and have some slides for you to read. |
| Location | Sat 05 1315 @ The Opera House |
| Duration | 30 mins |
| Name | antic0de |
| Origin | Auckland, NZ |
| Bio | One of the 'Grumpy Old Men' of the NZ security industry, antic0de has been
scrounging around NZ networks since before some of us were born. He now
heads up Insomnia Security where he spends his time scrounging around the
networks of NZ spreading images of otters and cockroaches with the rest of
his team. |
| Title | Follow the money: bling-bling real compton city g bitcoin forensic accounting |
| Abstract | Whether it's buying drugs, financing cyber-terrorism or laundering the proceeds of organised crime, the hot hip new cryptocurrency “bitcoin” has literally dozens of completely legitimate uses. Frequently touted as totally unregulated and anonymous, bitcoin has quickly become the financial pornography du jour of libertarians around the world. But just how anonymous is bitcoin? As every pseudonymous transaction is recorded in a publicly distributed ledger, the interested researcher now now has unprecedented access to the complete transfer history of an entire global e-currency. This presentation will discuss ways in which this information can be leveraged to remove a degree of bitcoin's anonymity, and will include the release of a graphical bitcoin forensic accounting tool (“bitten”) to aid in quickly tracing the flow of money through the bitcoin network. |
| Location | Sat 05 1345 @ The Opera House |
| Duration | 30 mins |
| Name | alhazred |
| Origin | Motherfucking Christchurch east, yo. |
| Bio | WHAT IS BEST IN LIFE CONAN? Raised by wolves and battle hardened in the savage crucible of Christchurch's eternally rioting eastern suburbs, alhazred also enjoys: walks on the beach, being the “little spoon”, charging by the hour while smoking ounces by the pound, graffiti (its admiration and manufacture), good wholesome honest mischief, poetry, and lying. |
| Title | Exploit automation with PMCMA |
| Abstract | In this presentation, we introduce a new exploitation methodology of
invalid memory reads and writes, based on dataflow analysis after a
memory corruption bug has occurred inside a running process.
We will expose a methodology which shall help writing a reliable exploit
out of a PoC triggering an invalid memory write, in presence of modern
security defense mechanism such as compiler enhancements (such as
SSP...), libc protections (eg: safe heap unlinking), linking and dynamic
linking enhancements (full read only GOT and relocations)
or kernel anti exploitation features (ASLR, NX...).
In particular, we will demonstrate how to : find all the function
pointers inside a running process, how to determine which ones would
have been dereferenced after the Segmentation fault if the process had
kept executing, which ones are truncatable (in particular with
0x00000000). In case all of the above fail, we will demonstrate how to
test for overwrites in specific locations in order to indirectly trigger
a second vulnerability allowing greater control and eventually full
control flow hijacking. All of the above without needing the source code
of the application debugged.
In the case of invalid memory reads, we will show how to indirectly
influence the control flow of execution by reading arbitrary values, how
to trace all the unaligned memory access and how to test if an invalid
read can be turned into an invalid write or at least used to infer the
mapping of the binary.
We will also introduce a new debugging technique which allows for very
effective dynamic testing of all of the above by forcing the debugged
process to fork(). All those steps are realized automatically and
provide a rating of the best read/write location based on probabilities
of mapping addresses (in the hope to defeat ASLR).
These techniques were implemented in the form of a proof of concept tool
running under GNU/Linux and Intel architectures : pmcma. The official
website of the tool is http://www.pmcma.org.
|
| Location | Sat 05 1415 @ The Opera House |
| Duration | 45 mins |
| Name | Jonathan Brossard / Endrazine |
| Origin | Sydney, Australia |
| Bio | Jonathan is a security research engineer holding an Engineering degree
and a Master in Computer Science. Born in France, he's been living in
Brazil and India, before currently working in Australia. With about 15
years of practice of assembly, he is specialised in low level security,
from raw sockets to cryptography and memory corruption bugs. He is well
known in the industry for his disruptive research on preboot
authentication (breaking all the top tier BIOS passwords, and full disk
encryption software - including Truecrypt and Microsoft Bitlocker- with
a single exploit in 2008 !) as well as Virtualization software. He is
currently working as CEO and security consultant at the Toucan System
security company. His clients count some of the biggest Defense and
Financial Institutions worldwide. Jonathan is also the co-organiser of
the Hackito Ergo Sum conference (HES2011) in France. Jonathan has been a
speaker at a number of great intenational conferences including
Blackhat, Defcon, HITB (Amsterdam & Kuala Lumpur), Ruxcon (Australia),
Hackito Ergo Sum (France), H2HC (Brazil & Mexico) among others.
|
| Title | You wouldn't copy a car (and other more appropriate analogies) |
| Abstract | In the warpspeed Age of the Internets, it's hard for duly-elected
representatives to keep statute books in line with our
digital life. The recent addition of 'file sharing' to the Copyright
Act is yet another attempt to modernise legislation in the wake of new
technology use. But despite being carefully considered under
Parliamentary Urgency, many cyberspace enthusiasts have concerns about
the wording and possible application and enforcement of this law
change. This presentation will briefly outline the regime established
by the amendments and address pertinent issues such as the presumption
of guilt, your rights if accused, how to challenge evidence and
possible defences, drawing comparisons and analogies with other areas
of the law. |
| Location | Sat 05 1500 @ The Opera House |
| Duration | 30 mins |
| Name | Marissa Jonpillai |
| Origin | O-Tautahi |
| Bio | Marissa is a qualified predator on human suffering and works at her
local community law centre as an educator, breaking down legal
concepts into bite-sized shrapnel for everyday consumption. She has a
healthy respect for lawlessness and believes there can be no democracy
without the capacity for dissent. |
| Title | Entomology – A Case Study of Rare and Interesting Bugs |
| Abstract | Many years ago the Earth was covered in plants, but today the flora and fauna that once ensconced our planet has been succeeded by cables and long pipes. A techno-Jungle known as the Internets has flourished. One thing has remained constant throughout this step in evolution - bugs have evolved and continue to thrive. During this talk you will be taken on a journey through the process of deciphering brief advisories, finding bugs and exploiting them to gain reliable code execution. Various tools will be discussed that can aid in this process and all demos will be performed live. |
| Location | Sat 05 1600 @ The Opera House |
| Duration | 45 mins |
| Name | James Burton |
| Origin | Wellington, New Zealand |
| Bio | James Burton is an intrepid Entomologist and the Chief Exploitation Officer (CXO) of Insomnia Security’s Malicious Engineering Research & Development Department. He spends much of his time hunting for bugs in the hope they will mature into fully-fledged remote shells. You may know him from his rapid climb to fame during the SkidWars competition of Kiwicon 3, or for dropping badass beats during Tokemon 2 at Kiwicon 4. |
| Title | Defiling Mac OS X |
| Abstract | I thought it would be fun and educational to write a kernel rootkit for Mac OS X. Having never messed around in kernel memory before, it was quite an enlightening experience. OS X is similar enough to FreeBSD that a lot of the same techniques apply, but different enough that there are a few surprises in store. I'll show you how some common kernel rootkit techniques are implemented on OS X, which techniques Apple have broken, and hand-wave a bit about the possibilities for rootkit persistence that are presented by the EFI firmware used in current Macs. |
| Location | Sat 05 1645 @ The Opera House |
| Duration | 30 mins |
| Name | Snare |
| Origin | A frostbitten mountain peak, Melbourne, Australia |
| Bio | Once upon a time, snare was a code-monkey, cranking out everything from pre-press automation apps to firmware for Big F***ing Laser Machines. Then he got bored and decided to try his hand at the high-flying buzzword-ridden world of Information Security. A couple of thousand "weak SSL ciphers" write ups and a triple-bypass later, here he is. |
| Title | Age of the Infocalypse: Drink Everytime Someone Says 'Cyberwar' |
| Abstract | Three years ago, I gave a talk called Fear, Uncertainty and the Digital Armageddon on the subject of critical infrastructure compromise. At the time, there was significant worry about the danger that digital sabotage posed to the systems that run our everyday lives. It appears that 'internet threat landscape' has changed considerably since then and that the Internet (and by proxy the world?) is a significantly more dangerous place. Cyberwar, Stuxnet, and APT have become common industry buzzwords. Malware has become prevalent on platforms other than windows, and it seems like every month or so another security company suffers a high profile compromise or data leak. Are we really hurtling towards the Infocalypse? An age where the Internet is mainly a conduit for espionage and organised crime? Or is this simply hype in a industry obsessed with $$$$??? This talk will examine aspects of the security arms race occurring today, one that is both digital and ideological. |
| Location | Sat 05 1715 @ The Opera House |
| Duration | 45 mins |
| Name | headhntr |
| Origin | San Francisco, USA |
| Bio | A post-geographical technomad, headhntr enjoys big kit, forgotten
networks, and LED-lit strolls in non-IP realms. Prior to his career as
a console cowboy, prowling the digital badlands, he has worked for
environmental agencies, magazines, governments, hackers-for-hire and
doomed japanese startups. In addition to talking about himself in the
3rd person and presenting at security conferences he enjoys a drink
and a chat about philosophy. |
| Title | Say my name, bitch! (IDN Homograph Mitigation Strategies) |
| Abstract | The advent of internationalised domains has introduced a new threat with the non-english character sets allowing visual mimicry of common domain names. IDN homographs have been a pressing issue since 2003 when they were proposed, the security implications considered, a flurry of patches and then forgotten about. These protections slipped out of source trees over the years and eventually with IDNs being implemented for several TLDs came back into fashion. In this talk we explore the efficacy of IDN homograph mitigation strategies in web browsers, email clients, mobile devices and evaluate the potential for social attacks and awesomeness. |
| Location | Sun 06 0930 @ The Opera House |
| Duration | 30 mins |
| Name | Peter Hannay |
| Origin | Perth, Australia |
| Bio | Peter Hannay is a PhD student, researcher and lecturer based at Edith Cowan University in Perth Western Australia. His PhD research is focused on the acquisition and analysis of data from small and embedded devices. In addition to this he is involved in smart grid research and other projects under the banner of the SECAU research organisation. |
| Title | Cybercrime meets the "meat space" |
| Abstract | This presentation will cover amongst other things the consequences when online crime meets traditional "real world" (layer 8) criminals. |
| Location | Sun 06 1000 @ The Opera House |
| Duration | 45 mins |
| Name | Alex Tilley |
| Origin | Fedville, Australia |
| Bio | Alex Tilley is a senior technical analyst with the Australian Federal Police's Cybercrime Operations Team. |
| Title | iPhone, iPwn |
| Abstract | The iPhone creates an impossible conundrum of epic proportions within the enterprise. With the rapid shedding of BlackBerry devices in favour of the toys of the Apple and Google fanboys and fangirls, has security has been put back on the shelf?
Let’s put iPhone security into a practical context as we explore what it means for one iPhone left behind in a lunchroom. Is the iPhone as “safe and secure” as the Cupertino kingdom would have us believe? |
| Location | Sun 06 1115 @ The Opera House |
| Duration | 45 mins |
| Name | Philip Whitmore |
| Origin | Auckland, New Zealand |
| Bio | Cunningly hiding his megalomania complex by pretending to have a real job, Philip Whitmore leads KPMG’s Security Advisory Services practice. Philip’s sixteen years of infosec experience has taken him everywhere from undercover work in Redmond, Washington to breaking into vaults in South East Asia. From penetration testing to PCI DSS compliance and incident response, Philip puts a practical focus on security. |
| Title | Mobile Apps and RFID - The Tale Of Two Techs |
| Abstract | Nick has previously presented on RFID security, and on mobile application security. This talk combines both these interests into one topic.
NFC on mobile phones is a new phenomenon and opens a lot of possibilities for research, particularly when talking aobut mobile payment platforms. Nick will discuss the good, the bad, and the ugly of mobile NFC, and hopefully provide a tool drop at the same time. |
| Location | Sun 06 1200 @ The Opera House |
| Duration | 30 mins |
| Name | Nick von Dadelszen |
| Origin | NZ |
| Bio | Nick von Dadelszen is a director of Lateral Security. Nick has been performing professional pen testing for over 10 years and has managed several sucessful penetration testing teams. He has worked with the majority of large corporates and Governement agencies in New Zealand and is a regular at Wellington ISIG meets (well not so regular since his first child), and on #kiwicon. |
| Title | How the Channel screws security |
| Abstract | A look into the conflicts and bollocks that goes on in the vendor world where everything is motivated by money and the impact that this has on trying to do security properly. |
| Location | Sun 06 1330 @ The Opera House |
| Duration | 15 mins |
| Name | John-Paul Sikking |
| Origin | Auckland, New Zealand |
| Bio | In the past, known simply as "the sales guy", John-Paul has been out there pimping the Security industry for the last dozen or so years. From selling and marketing services like pen tests with Security-Assessment.com through to now representing the whole security portfolio over at Cisco. John-Paul has on both the pure-play and vendor sides of the security game, this provides a unique view-point of security products and services and how they are marketed and sold. John-Paul also like bacon, walks along the beach, beer and re-runs of the original Thunderbirds…FAB.
|
| Title | The Government is Your Friend and Wants You To Be Happy |
| Abstract | The government isn't ignoring the internet any more - it wants to control it. An update on the government internet filter, the three strikes copyright law, the Police's automated license plate recognition, Customs seizure of data at the border, website censorship and anything else suitably techy and control-freaky. |
| Location | Sun 06 1345 @ The Opera House |
| Duration | 15 mins |
| Name | Thomas Beagle |
| Origin | Wellington |
| Bio | Thomas Beagle, co-founder of Tech Liberty (www.techliberty.org.nz) and wannabe thorn in the side of the government. |
| Title | National Cyber Security Centre (NCSC) |
| Abstract | A brief overview of the recently launched NCSC and some of it’s future plans. (Barry also said he is happy to field questions regarding temporary webhosting solutions.) |
| Location | Sun 06 1400 @ The Opera House |
| Duration | 15 mins |
| Name | Barry Brailey |
| Origin | Wellington, New Zealand |
| Bio | Barry spent quite a few years in the British Army (‘doing stuff’) and moved to NZ 6 years ago. He then spent 3 or 4 in (private sector) IT Security before joining CCIP in 2009. He is now a member of the NCSC (whatever that means). |
| Title | CREST-NZ - What you need to know |
| Abstract | The New Zealand Internet Task Force (NZITF) has recognised that as the global security industry continues its rapid growth, a penetration testing certification is needed to
ensure that as new entrants enter the NZ market the current high standard is maintained. The NZITF established a working group in late 2010 to identify a suitable certification model for New Zealand.
CREST, The Council for Registered Ethical Security Testers (http://crest-approved.org.uk) clearly stood out as the leading International certification, and the NZITF are now working with the security industry and community to establish CREST-NZ. Come and hear about CREST-NZ, how you can get involved, and how high the bar actually is - CREST is no pay-your-monies-get-your-CEH-style certification.
|
| Location | Sun 06 1415 @ The Opera House |
| Duration | 15 mins |
| Name | Narc0sis, bdg & metlstorm |
| Origin | Wellington, New Zealand |
| Bio | An ex-Fed, a banker, and a hax0r walk into a con... |
| Title | A Picture is Worth a Thousand Bytes: Statistically innocent LSB steganography |
| Abstract | The point of steganography is not only to conceal a message inside an image, but also to conceal the fact that a hidden message even exists at all in the image. A common method is to manipulate the least significant bit(s). However, techniques based on this method typically suffer from a fundamental weakness: their ability to be detected statistically using the chi-squared test. In this presentation Edwin demonstrates an original algorithm that stands up to the chi-squred test in all but a few special cases. Reliable detection of data embedded using this algorithm is potentially very difficult, if not impossible. |
| Location | Sun 06 1430 @ The Opera House |
| Duration | 15 mins |
| Name | Edwin Hermann |
| Origin | Wellington, New Zealand |
| Bio | Edwin is a business analyst by day, and programmer, radio broadcaster, podcaster, web developer and code tinkerer by night. Not a real hacker, but he has been known to have dabbled in amateur hacking in his younger days. |
| Title | Exploiting Layer 8 errors for fun and profit - the Kiwi version |
| Abstract | Why else you should pony up the $20 for that domain variant? |
| Location | Sun 06 1445 @ The Opera House |
| Duration | 15 mins |
| Name | alzeih |
| Origin | Wellington, New Zealand |
| Bio | Alzeih is a wannabe hacker from Wellington who writes webapps for a day job, but would rather be breaking webapps for a day job, or telling others they're doing it wrong (and getting paid for it). She also thinks GUI's are for girls, not real programmers. |
| Title | Abode Vulnerabilities & Decrypting the Cloud |
| Abstract | See a couple of urbanadventurer's recent projects.
1) Abode Vulnerabilities. Learn how to bring hardware hacking closer to
home by hacking New Zealand's most popular garage doors. This project is
powered by the Arduino, the opensource hardware platform that makes
electronics more accessible.
2) Decrypting the Cloud. This is a cautionary tale about failed opsec,
weak crypto and misplaced trust in the cloud. Take a guided tour through
a treasure trove of cracked ciphertext booty including CCs, SQLis,
0days, password dumps, and more. |
| Location | Sun 06 1500 @ The Opera House |
| Duration | 15 mins |
| Name | Andrew Horton / urbanadventurer |
| Origin | Wellington (but really from Christchurch) |
| Bio | Andrew aka urbanadventurer is a security consultant for Security-Assessment.com. He develops security tools such as WhatWeb, URLCrazy, and many more for use by whitehat IT security professionals. |
| Title | Who would win in a fight between Backus and Naur? |
| Abstract | A short excursion into the strange world of Monte Carlo experiments
and context-free grammars. |
| Location | Sun 06 1515 @ The Opera House |
| Duration | 15 mins |
| Name | hawkes |
| Origin | Zurich, Switzerland |
| Bio | From the mean streets of Zurich to the peaceful shores of Aotearoa,
Ben is a happy connoisseur of the simple things in life: 0day, root
shells, and VIP parties thrown in his honor |
| Title | X-Excess |
| Abstract | Mobile applications are the new hotness and it seems everyone wants to
build one.
Unfortunately you have to build new app for each platform, so
frameworks are popping up to bridge that gap.
We look at some abuses of one framework and the implication for your
shiny new gadget. Surely we can't bug a phone using XSS?
Seems also there is a little known crowd out of Washington that have
been swept up in the enthusiasm of exposing JavaScript APIs so now the
same issues apply to your desktop too. |
| Location | Sun 06 1600 @ The Opera House |
| Duration | 45 mins |
| Name | Kirk Jackson and Mike Haworth |
| Origin | Wellington, New Zealand |
| Bio | Kirk Jackson is interested in developer security - how to make
applications more secure and resistant to threats. He works at Xero,
and has pen-testing and application development experience.
Mike Haworth is an aspiring software vandal and writer of self
deprecating bios. Now
gainfully employed with AuraInfoSec.
|
| Title | F is for FAIL, FOBSKI and FOSM! |
| Abstract | FOBSKI and FOSM will present a mock-a-minute review of the last 12 months insecurity (is that one word or two?).
We wish to avail the esteemed constituency with alphabetically compacted tales of fails throughout this annus horribilis.
This most splendid infusion of wisdom and fail may contain traces of advanced persistent threat, cyber, CISSP, lulz and IE6. No clouds were harmed during the synergistic optimisation of this most leveraged learning. |
| Location | Sun 06 1645 @ The Opera House |
| Duration | 30 mins |
| Name | FOBSKI and FOSM |
| Origin | Downtown Auckland… next to the Vajazzlers. SHINY! |
| Bio | FOBSKI:
Where to start on this man, he could be Taumarunui's finest son, but probably isn't (Ben Fouhey can have that title) but he is definitely the most ethnic sounding white dude as voted by a poll of 10 drunk ISP workers at the Bluestone Room on a Friday. He is making his inaugural appearance in the Kiwicon limelight, but has pedigree that few would question. This stallion of a man hails from the same stable as TMASKY and Oddy… a stable famous for providing incoherent ramblings on all manner of security related topics.
FOSM:
Famous winner of the Rheineck Shandy Drinking Contest of '87, fosm has risen like a phoenix cola from his Kiwicon cherry busting inauguration for his sophomore performance about the state of security in 2011.
For the first time ever fosm solemnly swears and vows not to mention pea, sea or eye. EVER.
He's hot. And he's on a roll. He KNOWS who let the dogs out. |
| Title | Closing Ceremony & Prizegiving |
| Abstract | And so another con draws to a close. Wrap up with prizes, lulz, and a few closing words from your gracious hosts. |
| Location | Sun 06 1715 @ The Opera House |
| Duration | 15 mins |
| Name | The Kiwicon Crue |
| Origin | Wellington, New Zealand |
| Bio | Bad guys wear black
You see us coming, and you all together run for cover.
We're taking over this town.
|
(0)