Friday, 18 October 2013

HITB (Hack In The Box) Security Conference in KL 2013

Went to the Hack in the Box Security Conference held in Kuala Lumpur on the 16th -17th October 2013. Hosted in Intercontinental KL hotel, the conference was great. This is my third time in three years attending this conference and i have grown to love them. The tracks were good, the booths were awesome, the competitions such as Catch the Flag and HackWeekday were superb. Check out some of the photos of the conference.

Good Points: I will not deny that the topics of the presentations were great. They covered almost every aspects of hacking but focuses more on in depth hackings such as:
> OS/Software
> Exploitation
> Hardware

Some of the cool talks presented were the Facebook Hacking, Aviation Hacking and both Keynotes. For the HITB crew, i have to compliment them all the way. They were very friendly and approachable willing to assist and help anytime when approached. The food was superb and a 5 star class! I cant complain anything at all about the food and no one had to stand to eat (like some of the other conference i've been). The theme of the CTF was also eye catching! 'War of the Worlds: WMD'!! I mean like, seriously?!!! Even if i participated and didnt win, i still would feel good bragging to my friends that i participated in such a cool theme CTF event! The HackWeekday or should i say coding of applications competitions were superb and it had a number of categories giving each competitors to join in their respective specialized field. I've participated in several CTF competition but have yet to join one in HITB, and maybe one day i shall join. However i do like to put it out there that upon talking to the organizers of the HITB CTF, i can say that it is not those kind of straight forward network/web hacking competitions. One of crew shared that it involves more than just network/web hacking skills. One needs to have a fundamental knowledge on cryptography, steganography, reverse engineering, source code understanding, exploit engineering and binary analysis.. i was like..say what!!! damn..that is one tough CTF and whoever wins it should be respected for knowing and having the knowledge of all the mentioned aspects of computer security. Kudos to the Vietnam team for winning this.

Room for Improvement Points: While the topics were great, some of the deliveries were not. One example is the inability of some of the speakers to convey it in proper English (as some of them were from Europe and South America). One of the speakers were speaking out of a word document all the way with little interactions with the audience. Another were speaking without knowing the full stop. It was cute actually.

What i hope to see: Local Speakers at least! While the conference were attended by many locals, unfortunately none of the speakers/presenters were. Although im not a Malaysian, i would love to see some locals presenting their research in the conference. And of course, more ladies please! I've been to these conferences and sadly i rarely see any women hackers speaking. However there were a handful and countable women attending the conference. I also would hope to see topics in regards to penetration testing such as advanced network/web recon/exploitation, bypassing firewall and Anti Virus techniques which could attract more ethical hackers in these fields to attend. While there were booths that were very interesting especially when there's a mini 'challenge' or 'competition' to attract people, some were quite dull (there was even an empty booth with a single person sitting at it). I was impressed by Mozilla booth, because twice i was there, twice they had mini challenges. Such mini challenges can be seen in world class conferences such as Def Con and Black Hat and HITB booth representatives could take some tips from them. The Lock Picking by Toools were also a force to be reckoned with. Unlike Facebook booth where they were packed with people for free gifts and tshirts, the lock picking booth managed to attract more people with its complex challenges and outgoing reps.

Overall: I enjoyed myself. Its much much better than some of the conferences i've been to such as Hacker Halted hosted in Singapore. What i enjoyed most is making new friends, network and exchanging name cards and knowledge. The in between breaks were designed for that (i think) and i ended up making new friends! Great hotel, great food, awesome conference....what more could you ask? I've been to many conferences over the years and i have to say that HITB is one of the top 3 conferences that is in my list of MUST GO!!! Congrats HITB and Thanks for the great conference!

HITB Security Conference main logo banner

Tracks and Speakers displayed digitally



3 Different Tracks in 3 Different rooms

An interesting funny slide

The OWASP Booth


The Ship Captain Hackers!


The hardware used during the hack



CTF event in progress


Microsoft Wizards

Taking a pic with an Anonymous attendee

Winning a Mozilla Firefox Mug

Taking a pic with the winner of Best Windows 8 Application Competition

Stickers souvenirs from the Conference

For more information of future HITB events/conferences, visit http://conference.hitb.org/

No comments:

Post a Comment