Hacktivity 2010 - part 1

Today was the day...when the Hacktivity (http://hacktivity.hu/) ended :(.

Hacktivity: where I shake hands with two international IT security celebrity on the very same day, and have the opportunity to hack something legally just for fun. Of course there were also IT security talks but that's just a side effect.


This weekend was reserved for the biggest IT security (so called hacker) happening in Hungary with more than 800 attendees, two auditoriums (Schneier Hall – the main; and Mitnick Hall – the small). Felix "FX" Lindner told us a joke, that in the Mitnick Hall you can feel like you were in a jail. Exactly.:)


I will write two posts about this topic, here comes the first.


The first day was Saturday, here is the short story from my point of view.


I was there with my colleagues because several interesting talks were scheduled, the keynote speaker of the day was Bruce Schneier (http://www.schneier.com/). He is a rather interesting person, an internationally renowned security technologist and author. Twofish, blowfish ciphers and perhaps a “future standard” skein hash algorithm are also related to him. One of the most interesting thing is that he started his talk with a long silence. Everybody expected a monolog or a presentation, but he just stood still and told us this short sentence: "I am waiting for the questions! I'm serius!". Still no questions...than he noted: „I came to Hungary to stare each other silently?”. After some embarassing minutes the questions started to appear silently and the talk begin about Bruce's wifi connection, government conspiracies and the future of IT security and cryptography. Another interesting thing in that speech was that Bruce wrote a book „Schneier on Security” which contains articles and blog posts from his site. The company I work for, and a famous publisher in Hungary published the Hungarian translation of the book, and I contributed to this book by doing jargon review on some chapters. So the most shocking thing for me was the point when Bruce suggested us that we should not buy the book if we just need a dedication from him, because he brought with him some flyers from the original english version, and it is only one page but all articles could be found on his web page, so we can read everything there. Finally, I bought the book, Bruce dedicated it to me and we shaked hands and said “Good Bye”. His dedication is not just a regular signature, it is some crypthographic code...really, I will look after it on the internet.


The next presentation was Alexander Kornbrusts (http://red-database.com/) about „Security Comparison of the Leading Databases”. Alex is the most experienced Oracle hacker, he hold a 5 day long Oracle (Anti-) Hacker Training for us in the summer, so I met him personally. We talked a lot during the training days, so I can tell that he is a typical German expert– precise, strict and thorough with a limited sense of humor. I was really surprised and it was an honour that he remembered at least my face after some months, because after the talk we met on the corridor and he recognized me, we spoke a few words, shake hands and said best wishes to each other.

I have to say it honestly that the Oracle (Anti-) Hacker Training was the best and deepest training I ever had in my life, almost 1300 slides/5days...unbelievable, with practical demonstrations and interesting facts. I suggest to take it if you are interested in the topic.


After this talk I wanted to go to the other hall to take part in the Buffer Overflow workshops but unfortunately the room was full, there were not even standing place, so I got angry about that and sat back to the Mitnic Hall where the talks were about laws, regulations, user agreement policies in which were not so interesting for me. Therefore, I started to play the Wargame. There were 3 kind of hacking games during the 2 days:

  • Wargame open for everybody

  • Hack The Vendor (checkpoint IronPort): open for everybody

  • Capture The Flag: open for pre-registered company teams consisting of 4 people

I'll write about the games next time, I have to collect and organize my notes and thoughts about it.


Overall the happening was good, the talks were almost interesting but I personally don't like this so called “underground feeling”, which means tumble-down building, comfortless seating, crowd and long rows everywhere. Last year it was exactly what I was expected from an event like this. It was comfortable, there were desks for laptops, space for legs, bags and people. I prefer comfort all the time!


To be continued...