Hack in the Box kicks off jam-packed security conference

Speakers include Pirate Bay alumni, the iOS jailbreaking crew and famed hacker John Draper, aka 'Captain Crunch'

Hack in the Box will host its 10th security conference this week in Kuala Lumpur featuring an all-star cast of hacking luminaries and a cutting-edge program.

The lengthy speakers list includes John Draper aka "Captain Crunch," who famously used a whistle from a cereal box to access long-distance switching networks in the early 1970s, as well as Peter Sunde and Fredrik Neij, two founders of the torrent search engine The Pirate Bay.

Google will reprise its "Pwnium" competition, which it debuted at the CanSecWest security conference in March in Vancouver, British Columbia.

The company, which holds the competition to allow researchers to compete for prize money to find security problems within its Chromium browser, will give away up to $2 million in rewards. It has allocated a $60,000 reward for a full Chrome exploit, $50,000 for a partial Chrome exploit and $40,000 for other non-Chrome exploits, which it has detailed on its blog.

One of the major events will be a 32-hour "Capture the Flag" hacking competition. This year, teams of three people each will compete in a scenario that is centered around the defense of SCADA (Supervisory Control and Data Acquisition) systems.

Teams this year will "manage" their own nuclear power plants, with services and daemons -- which represent seven reactor cores -- running on their machines. Opposing teams try to penetrate their computers, with poor defense penalized by a loss of fake money.

Similar to previous Hack in the Box conferences, this year's show will also have a Lock Picking Area, where participants can get away from their computers and learn the delicate art of lock picking.

Hack in the Box doesn't have keynotes but instead runs many technical sessions featuring the latest work from some of the more famous white hat hackers and security experts.

Charlie Miller, who works for Twitter, will present his NFC (near field communications) work of late, which has focused on how software used to build the NFC protocol stack can be manipulated for unintended consequences.

For example, Miller's work shows how NFC data transmitted using Android Beam could force a mobile device to open up videos, office documents or web pages within a browser without user interaction.

The Pirate Bay's Sunde and Neij are on the agenda, but their talk hasn't been described yet. Despite years of legal wrangling and short prison sentences for Sunde, Neij and Carl Lündstrom in Sweden, the search engine is still alive to the chagrin and ire of the entertainment industry.

Other events include a panel talk with "Musclenerd," Stefan Esser and David Wang, whom all have been involved in figuring out ways to "jailbreak" iOS, the term for breaking Apple's iOS software to allow the installation of applications not authorized by the company.

Technical training sessions begin on Monday and run through Tuesday, with speakers on Wednesday and Thursday.

Send news tips and comments to jeremy_kirk@idg.com

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jeremy Kirk

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts