A taste of Finland - T2 2011

Once again we headed to Helsinki for T2 2011, with MWR’s own Alex Plaskett presenting his innovative research on Windows Phone 7; it was going to make for an exciting couple of days. His talk was well received by the audience and was particularly topical, with the recent business agreement between Nokia and Microsoft to deliver Nokia phones with Windows Phone OS.

T2 was founded by Tomi Tuominen, Jussi Jaakonaho and Mikko Hyppönen with the primary objective of creating a conference that they would be happy attending in Finland, a conference “from hacker to hacker”. They say that “big presents come in small packages”; you could say the same about T2. As Tomi said in this year’s introduction, "99 is a special number for T2”, as this is the maximum number of attendees they would ever accept. This number allows the conference to be almost private, creating an environment where you don’t just get to listen to speakers but “hang around” with them too! A good mixture of people and topics makes for interesting discussions, with talks ranging from technically “hard core” to infosec hot topics. The multi-cultural environment creates a diverse and interesting platform, where the sharing of knowledge is easy between attendees, speakers and organisers alike

The conference started with the keynote from Juha-Antero Puistola from the National Defence University, this provided the audience with a broader perspective on terrorism and counter terrorism from a cyber perspective. Juha-Antero’s talk posed many challenging questions which generated some very interesting discussions.

Travis Goodspeed presented two talks, with content that was impressive such as the pictures he used to illustrate how firmware can be extracted from the Freescale MC13224.

Andrea Barisani from Inverse Path described EMV flaws in PIN protection and illustrated skimming prototypes that can be used to harvest credit card information as well as PIN numbers. With his usual signature, Andrea topped his presentation with a funny video that allowed the audience to get the most out of the talk.

The two talks given by Toby from Intel were awesome, with excellent presenting skills; Toby described the approaches taken by Intel to overcome some of the problems found on Virtualization and business access controls. This allowed the audience to see how serious Intel is taking the resolution of these problem, where starting from a blank page may be the only way forward.

T2 could not have been better this year and there was no lack of 0-day. Tuomas Kärkkäinen surprised the audience with his innovative approach for automatically identifying security related commits in open source repositories, more specifically in Webkit.

Timo Hirvonen from F-Secure presented on the RSA breach and provided undisclosed information on the public domain, as step-by-step, Timo took the audience on the reverse engineering of the exploit used to attack RSA. An extremely interesting talk with deep technical concepts, made easy to digest for everyone.

Mark Debenham from Microsoft, through an extremely interesting presentation, explained Microsoft’s multiple operations, known as Project MARS, that they are undertaking to disrupt botnets and beginning to undo the damage botnets have caused, by helping victims regain control of their infected computers. From the Waledac Botnet to Rustock, Mark provided information on the innovative and ground breaking approach Microsoft is taking to stop botnets and how this is making the Internet a better place. This is the third year we have seen Mark presenting at T2, with interesting and ground breaking topics, presented through highly technical talks, which do not fail to amuse the audience.

For the last 3 years MWR has attended T2, as speakers and attendees. From what we have seen, speakers tend to hold something special back for T2 and always go that extra mile to satisfy the attendees. For T2 the formula and primary objective is to keep speakers happy, if speakers are happy they will deliver and ultimately the attendees will be happy. This is tried, tested and proven.

If you have interesting research to present or a training budget to spend consider T2 (http://t2.fi) as an excellent conference to learn, network, engage in interesting discussions and experience the magnificent Finish cuisine and drinks! :)