I've been to 5 conferences ( KCONv2, XCON2013, ISC2013, OWASP Beijing 2013, Syscan Beijing 2013) in past months. The 1st four confs were sucks. But the Syscan brought us very high quality. Don't get me wrong. Some people think these 4 conferences are good. Because they are websec guys or windows guys. As a GNU/Linux sec guy, these conferences were drugging me to sleep;-) So, I only bullshit a little bit of Syscan here. Stefan Esser's presentation "Tales from iOS 6 Exploitation" shocked us;-) A lot of people thought Stefan many pieces technique elements in the process of exploiting and each one of them are difficult to deal with. But Stefan did them all at once. That's fuc*ing super awesome. NGUYEN Anh Quynh's presentation is about ROP gadgets. I don't know much about this field. I only used some open source ROP gadgets finder once or twice. Anyway, Nguyen's talk was also blowed up my mind in the 1st day of the conference. Because his apporach is combine a llvm compiler based( dude, you are using formal logic to deal with a sec shit! Fuc*ing awesome). Plz take a look at his slide. There were other great presentations. I'll leave the download slide in the end.
Another funny story is in the almost end of Jonathan's presentation. A guy who asked him about FE. He just told us FE is nothing but a good advertising company. The real heroes are grsecurity guys: They invented the concept of ASLR, and more....btw, take a look at how grsec deal with stack canary in the hardend kernel;-)
I've packed all slides into one tar.bz file.
Can you fucking imagine that the conference organizers( I wouldn't name you motherfuckers)
brought these girls( sexy? I don't think so) there? I don't care about
girls in a conference. As our type of guys, we'd go out to the club/bar after conference.
Unfortunately, I've already get married, which means "fuck around" part
is not belong to me;-)