In May I attended Positive Hack Days, a.k.a. PHDays, in Moscow. This is one of the three largest security events taking place in Russia. PHDays included a conference, Capture the Flag competition, workshops, hands-on activities, roundtables, investment proposal presentations, etc. Attendees from different countries and various security domains presented their results and shared their knowledge with approximately 2,000 visitors (the event was taking place during two days). In this post I would like to highlight several observations and insights that could be of interest to you.

phd_logo_black

The video of all the talks can be found here and presentations here.

The talks were given in parallel at four different halls, so I could not attend all of them. From the talks I saw I would like to select the following presentations for a mention in this post:

Smart TV Insecurity by Donato Ferrante and Luigi Auiremma. The presentation showed that an attacker can have root access or dump the entire application code of modern TVs.
My Journey Into 0-Day Binary Vulnerability Discovery in 2014 by Alice Schevchenko. I was pleasantly surprised. Twice. Firstly, I was surprised to discover Alice’s business acumen and her personality, since I have not met many women in the reverse engineering and fuzzing software field who are founders of their own companies. Secondly, I was surprised by the fact that there are plenty of 0-day vulnerabilities in binaries even in the latest software from the biggest companies.


Big Data on Social Networks No Need for NSA’s Special Surveillance to Keep Track of You by Igor Ashmanov. As Igor claimed, he is not interested in information security, however he showed us how to collect and use personal data from social networks. This presentation (to a degree) became the reason why I quit Facebook.
Comparing Iranian, Chinese & North Korean Hacking Worlds by William Hagestand. Apart from the overview of the different “hacking worlds” this talk gave a sight of ethical and cultural aspects of hacking in different countries.

Other noteworthy things from the hands-on experience/ activities:
– PHDays had a lot of small stands where one could try their “hacking” skills to break into an ATM machine or to hack an “industrial infrastructure”. The last one included a 2 by 2 meter model of an industrial infrastructure with the models of a power plant, railways, trains, factory, etc. on it
Capture the Flag of PHDays is, probably, the biggest CTF event in Russia so people who work in security can’t ignore this competition. Teams from all over the world (from the USA to Japan) participated in this CTF. The winners can be found on this page.

And on the marketing side:
– Presentation of a new OS from Kaspersky which will mainly be deployed in the industrial networks (I could not find video or slides of this talk). The development of this OS was announced approximately 2 years ago. Now, probably, for the first time the general architecture of the OS was presented.
Teach, Teach, and once again, Teach. If a company plans to succeed in the area of information security, its employees need to continue to improve their knowledge in the domain due to the fact that new offensive and defensive technologies appear and evolve each year.

Instead of conclusion:
PHDays-2014 is the fourth PHDays conference, and what’s amazing that with each year the number of participants/ visitors is growing. PHDays is not only a conference but also a place to share knowledge and ideas about one’s projects. Someone can try his skills in a “real” environment, another can meet new like-minded people to network with, exchange business cards, etc. The event is organized for everyone to find something interesting.

This year me and Jean-Philippe Aumasson (@veorq) are going to attend another security event in Moscow, called ZeroNights.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s