infosec4breakfast

Ruxcon Weekend!

First One!

So I’m going my first security conference this weekend in Melbourne, Australia. It’s called Ruxcon. I couldn’t have said it better myself so:

Ruxcon is a computer security conference that aims to bring together the best and the brightest security talent within the Aus-Pacific region. The conference is a mixture of live presentations, activities and demonstrations presented by security experts from the Aus-Pacific region and invited guests from around the world. Ruxcon is widely regarded as a leading computer security conference within Australia attracting all facets of the security landscape from industry, academics, to enthusiasts.

Ruxcon presentations run for one hour, cover a diverse range of topics, and are presented by credible local and international speakers. Attendees have the opportunity to meet new people, either socially during the lunch or drink breaks, or during the many activities and competitions held over the weekend.

Talks I’m Looking Forward To

Mac EFI Rootkits - Unfortunately I own a Mac, so this should be sweet.

Practical Attacks On Payment Gateways - I’ve learned about payment gateway protocols, and how transactions are processed, now I want to see how they can get owned.

Reverse Engineering a Mass Transit Ticketing System - I’ve been doing a lot of research into Mayfair Classic cards, which are used as “Go” cards where I live. I’m really hoping these guys looked into this extensively, it might be another transit system, but that would be cool. I know there’s already vulnerabilities in the Mayfair Classic encryption model.

Homebrew Defensive Security - Take Matters Into Your Own Hands - Sounds awesome, security guy from Facebook.

Kernel Fuzzing For Beginners - I’ve done a lot of research into fuzzing for my current internship, but haven’t done anything as extensive as kernel fuzzing just yet. This should be a nice primer.

The Impacts of Advancing Technology On Forensics and E-discovery - I’ve done basic forensics, seems super intriguing!

Tracking Vulnerable JARs - Well, I sit right by Mr. Jorm at my internship, and he’s really awesome. So I’m definitely going to catch this talk. I have experience with Java as well.

Defibrillating Web Security - Most of my time in security research goes into web applications, whether I like it or not, this is my best field right now in my opinion. I should really catch this.

Well, actually my plane boards in 10 minutes, so I’m going to get going. I’ll be updating throughout the conference (probably after from somewhere because I don’t trust the network).

~Josh