the round-up roundabout:
- the ctf - rocking. the bar was raised. here's two custom daemon and four vulnerable codes - write the exploit. it's all about the exploit
- the speakers - how many times do i have to say hackers are the coolest bunch of geeks?
- the post-conference party - we set kl tower on fire - literally. the smoke detectors went off, the lift went out which caused belinda to get stuck in the lift, and the kl tower's management have to called the bomba (fire-fighter) that there was no fire... there was too much smoke. and we did get drunk, fashionably.
- the microsoft team - they're a bunch of nice guys but thanks for coming to the conf and hang out with us hackers. and oh, here's what tony chor said about ie.
- joanna rutkowska - she's hot. a geek gooddess according to sashi
- the crew and volunteers - we had some really great crew members this year - adli, niresh, yomuds, prabu, paul, the MMU kids - you guys rock but only one of you actually drink (you know who you are), and others that i can't remember names. great job.
- the music - sadly we didn't have much of a variety this year. i didn't bring my hard disk. i also lost two cds of essential mixes. and underword's everything everything was played three times!
all in all, a great fun. i got myself a good headache and hangover (post-conference party), extreme tiredness and lack of sleep (
alpha and i didn't for 40 hours prior to the ctf game), an
xfocus t-shirt, and
zone-h's clustermind t-shirt, signed by the speakers. and of course i meet new faces and make new friends.
media coverage of the event can be found at
hitb. microsoft seems to benefit a lot this time around, considering that this is the first time that they are sharing ie's security technology with hackers. i think at the post-conf party i mentioned to tony chor that m$ sucked because they don't go along well with the hackers. i may have said something else but i was under the influence... via however seems to be getting publicity that they don't deserve, because everyone in the industry knows that protocol level attack against encryption system can't be done in two days, especially when you're talking about AES.
next on the agenda: i'm gonna do a full write-up about the ctf (together with black bitch
alphademon) which basically outline the ctf game, how it can be improved especially the scoring system, and technically - how to win the hitbsecconf ctf game.
after three years, i am tired and have had enough of ctf - i've had 5 major ctf games under my belt. the first two was when i was a participant. our team did great and we won. then followed by 3 big games which started at hitbsecconf2003. the game progresses and improved year after year. this time though, i'm really tired of it and hitbsecconf2005's ctf game was my last.
so we are going to write that article, and hopefully it will guide future organizers on how to make the game more challenging.
Listening to: UNKLE - Essential Mix
