Reviewing the submissions took us a while longer than anticipated. The reason was the high-quality content you submitted. We had to make some tough decisions and could have easily filled three or four days of In-Depth security talks and many more workshops. We hope that the schedule we published yesterday satisfies your interest and gives some CIOs something to think about.
We tackle the security of the GSM network (which is failing, as was reported at DeepSec 2009 already). We also show you how to probe the security of GSM networks (there’s a whole two-day workshop if you want to dive into the gory details). Watch out for remote binary planting! Just yesterday Mitja Kolsek reveiled that about 200 Microsoft Windows applications are vulnerable to remote code execution. We deal with SAP security by having a talk about attacking SAP users and by offering a full two-day workshop about SAP Security In-Depth. Please attend if you have to deal with SAP (or SAP dealing with you) before the attackers deal with your core infrastructure. We investigate the security of electronic locks. We have a research talking about the marriage of VoIP and steganography. We have a crazy guy from Italy running TOR on the iPhone. 😉 We tell you what to do when thinking about outsourcing or how to visualise log information in the Cloud. We give you detailed instructions how to build Weapons of Mass Destruction by using LISP. We have experts in social engineering who can explain to you why these are not the droids you are looking for (Sharon and Martin kindly agreed to stage a full two-day workshop on this in room 101). Ever heard of Identicate and Authentify? If your answer is yes, then you might want to hear the talk by JJ on this matter. By the way, do you run a web application based on PHP? If so, we strongly recommend attending TEHTRI Security’s workshop on Advanced PHP Hacking. Laurent has a talk about pentesting handheld devices and promised to tell you some news never published before. Speaking of which, we also have someone explain the Detection of Hardware Keyloggers to you (this was never published before, too).
I most definitely cannot describe all top talks here. Please come to see for yourself. The keynote is held by Ivan Ristić, well-known author of the Apache mod_security module. The title of his keynote is Stop complaining and solve a security problem instead!. There you go!
We hope to meet you all at DeepSec 2010!