PH-Neutral, My First and Last One

PH-Neutral KeynoteI’m writing the final touch of my PH-Neutral wrap-up from the Berlin airport waiting for my flight back to Belgium. The 0x7DB edition was the first time for me but also the latest one as FX, the founder, decided to not organize the event next year. A page is over!

What differentiate  PH-Neutral from the other conferences? It’s different that’s all! Don’t try to find something equivalent on earth! It’s a mix of party, drinks, talks (yes, there was and good ones!) and social networking. Honestly I never saw so many top-notch hackers per square meter at the same place. Very “big names” were present. I saw lot of known friends and, even better, make new contacts and put faces on nicknames. I won’t give a list because I’ll for sure miss some of them. Anyway, here are some Tweets which give an idea of the atmosphere:

If there was a magic quadrant for infosec cons, PH-Neutral would be in the top right corner with all others looking up.” (@wimremes)

As the last #phneutral night fades, it starts drizzling in Berlin. I take that as heaven cries seeing one of the best cons die!” (@phonoelit)

If only partying was a competitive sport. Olympics.” (@iiamit)

Ph-neutral may have been “End of Lifed” but my liver will never forget.thanks @41414141 @phonoelit 4 the best training/music/party worldwide” (@indi303)

#phneutral has found its well-deserved place among the legendary cons that once have been. I’m glad I could be a part of it. You guys rock!” (@stfn42)

I landed in Berlin on Friday morning and met Sandro Gauci at the airport station. We booked our rooms in the same hotel and spent the day walking through Berlin (it was also my first visit in this city). All the hotels around the Universal Hall were full of hackers. Nice 🙂 Around 19h, we moved to the conference location and started to … drink some Club-Mate! Due to huge waiting queue at the registration desk, the keynote, presented by FX, was delayed but very nice. Congrats to the PH-Neutral team! Then, back to the bar for more drinks and nice conversations. Yes, I survived to the day #1…

Saturday, 11h, back to the Universal Hall. It looks that the first night was already short (or still ongoing) for some hackers. The scheduled talks started later, thanks to Club Mate (again) for the support.

(Click to enlarge)

Here are the talks that I attended:

  • SniffJoke” by vecna. Interesting idea: how to force sniffers (this includes IDS and other devices listening for network traffic) to detect fake traffic which can be never received by the destination hosts or with a different payload that the one really sent. The research is based on the fact that the Internet Protocol has been designed to let two components to talk to each others but nothing is available to take care of a third in the middle host. In a real attack scenario, forget packets could be sent to the sniffer and the real malicious packets sent to the victim.
  • WLAN router horror stories“: Presented by two students. A very nice talk. They spent a long time to analyze most common Wi-Fi routers proposed by ISPs (mainly in Germany) and searched for weaknesses in their configuration. It’s clear that ISP still do not consider the Wi-Fi security as it should be for their customers. The best quote was the one of this ISP which recommends to its customer to NOT change the default password of their router.
  • Printer Hacking” by Andrei Costin. I already saw this presentation during last year.
  • Building your own TETRA radio sniffer” by Harald Welte (aka laforge). A great talk about TETRA, the communication network used by emergency services, military, transport services and other critical infrastructure like power/nuclear plants. The introduction was complete (maybe a little too deep) but it proven that security could be increased as in most cases, the encryption is simply not used! One of the reason is the increased price asked by vendors to implement security (specific firmware and increased load to maintain the shared keys). Then, Harald explained how to capture the traffic and decode it. Event a Wireshark module is available (developed by a Chinese university) to reconstruct the communications. Of course, a demo was proposed: The audience was able to listen to a few minutes of conversation between people working for the Berlin subway. Impressive! And this with a receiver looking like a standard USB stick. So discrete!
  • Chip & PIN is definitely broken was presented by Andrea Barisani and Daniele Bianco. Again, same presentation as the one performed last week during HITB in Amsterdam.

I did not attend the remaining talks as they were too high-level for me (revese engineering, assembler & co). Another nice opportunity to perform social networking and party time!

Ready for the last day. Again too-short night of course, back at the hotel, I add interesting discussions with Italians hackers. I arrived just in time, some people passed all night long at the conference venue. I attended the following talks:

  • 1 fact + 2 rules – 3 outcomes = 0 good news for you” presented by Jason Street. A talk without long explanations but facts based on nice pictures. Very interesting to follow with nice anecdotes based on Jason’s experience. This talk could be dedicated to CIO’s. I liked the Jason’s citation: “Going for a job, I did not get it but I got all your data“. This is a good resume.
  • Exploit Next Generation ++” by Nelson Brito, a Brazilian security researcher. May-day! Even hackers use the term “Next Generation” now (if you follow my blog, you know that I don’t like this term). The topic was about a new way to develop malicious software based on the “Permutation Oriented Programming“. Basically, most tools uses signatures (patterns) to detect malicious code. ENG++ is a new way of bypassing them. Again, oriented to programming, not evident for me.
  • Airtravel hacking” by Hendrik Scholtz. This was maybe the most awaited talk of today. This is a main problem for most of hackers: Attending conferences is very expensive Why not try to reduce it? Hendrik like traveling and tried to found some ways to reduce the costs. It’s clear that his research was a success. I explained with lot of examples how air companies compute the total to pay for a ticket. Very nice information!

What about the venue? Nice place, easy to reach by public transports, not far from facilities and a nice Wi-Fi network provided by the “Wi-Fi Tree”. A solution specifically designed to provided wireless network during conferences:

The Wi-Fi Tree
(Click to enlarge)

The conference ended with a post-PH dinner organized in a restaurant with a buffet. Another opportunity to have great conversations! PH-Neutral is an private event based on invitations. I’d like to thank here Wim for introducing me and to FX for the acceptance. Thanks Guys, it was a blast! It’s not time to get some sleep!

More information about the conference is available here.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.