Web Application Security
Back to list
NoSuchCon CFP 2.0 / 15-17 May 2013 / Paris, France
Feb 25 2013 01:37AM
Jonathan Brossard (endrazine gmail com)
PARENTAL ADVISORY: 100% technical content
= NoSuchCon - CFP 2.0 =
= ** http://www.nosuchcon.org/#cfp ** =
= 15-17 May 2013 / Paris / France =
-- + --
The US have the NSA, hackers have the NSC.
The first edition of the NoSuchCon conference will take place in Paris
from May the 15th to May the 17th of 2013.
NSC is the badass hardcore technical security conference. Of death.
We think hacking is a science, not an art. It's largely the science of
experimentation and self learning. Best effort is not enough anymore. The
number of hackers reaching the level where they can actually discover
by themselves has never been so high. And at the same time, the
ratio in our traditional communication channels (IRC, mailing lists,
conferences, informal gatherings...) has never been so low.
So we though we might give it a shot: we're trying to build a 0% bullsh!t
conference. It's tougher than one might expect, but with the help of many
(see in particular the support from our hardcore Programming Committee of
death), we are confident that passion will prevail and that we'll
learn something from each other :)
If you're tired of people making money on your back by monetizing your
whenever you go to a conference, we have good news: we're 100% non-profit.
We're also not affiliated with any .gov or .com or any other organization.
We work hard at night. Our aim is to learn stuff. If this
sounds a lot like your own life, we'd be happy to have you among us.
It's also worth remembering that hacking is *not* a competition. As such,
there is no winner or rockstar. All you'll find here is people
and seeking truth in code and RFCs.
Finally, we'd like to insist on respect. Respect among attendees of course,
which goes without saying (we all share the same passion; let's not get
into ego problems and instead let's learn from each other. You know deep
yourself that even though *you* certainly did your part of hard work, there
would be no computers or network without the help of many), but also for
researchers who come over, often from very far away, to present months
night work to their peers. This is why NSC is strictly single track:
that makes it in deserves to be attended to, and everyone deserves to be
treated with equal esteem and respect. There's no such thing as a
NSC: if you're after fame and profit, we're sure you'll find many other
to go to these days.
--[ Press people / Media / Media Analysts / Bloggers:
NSC is not a top secret conference. You are welcome to come over and
participate. NSC staff will do their best to make your job easier.
Please, bear in mind that you'll have to comply with strict hacker ethics,
particularly in terms of privacy, personality rights and respect the
of people who do not want to appear in your publications: you cannot take
pictures of people without their *prior* consent, and people do not
answer to any question if they don't feel like it.
The NSC conference will be hosted in the French Communist Party's amazing
headquarters. This astonishing building was designed by the recently
Brazilian architect Oscar Niemeyer.
The address is:
Espace Oscar Niemeyer - Siege du Parti Communiste
2 Place Colonel Fabien, 75019 Paris, France
Tickets will be available for sales within days via our main website.
l33t sponsor ticket 1337 EUR
Evil sponsor ticket 666 EUR
Regular entrance ticket 300 EUR
Regular online ticket 250 EUR
Early bid ticket 2 200 EUR before 2013/04/30
Early bid ticket 150 EUR before 2013/04/01
Student ticket 50 EUR (50 tickets available)
The aim of NSC is best summarized in 3 words: quality, quality and
That, and hard work !
We believe that there is a place for quality independent security research
disclosure. We think that this place should be run on a non-profit basis.
We do our best to ensure that the chosen talks are of the upmost quality
thanks to the highly respected security researchers who form our selection
As a result, we hope to deliver in a 3 days single track conference some
seriously disruptive food for thoughts to security enthusiasts.
Whether you will like a given talk or not depends on several factors
involving your personal interests... and your general appetite for
That being said, we totally think that every talk selected for NSC
attention of the entire audience. We therefore do stick to a single track
format. That's a kind of respect for speakers.
As a speaker, it doesn't mean you have to lower the bar of your talk. It's
rather the opposite, this is intended to cut down the number of "fillers";
not-so-sexy-talks. We actually encourage highly technical talks and writing
code is somewhat compulsory (...unless you are better at solder ironing and
have an electronic solver !). Don't assume ridiculous prerequisites, but
assume people grasp new concepts quickly (isn't that what hacking is all
--[ Disclosure policy:
We consider researchers as outstanding grown adults. We therefore impose
the following disclosure policy: DO WHAT YOU WANT.
--[ Programming Committee:
The programming committee plays a central role in ensuring the best
it to the conference. We are very humbled to have such a great team of
remarkable engineers giving a bit of their free time to help us build a
Alex Ionescu (CrowdStrike) @aionescu
Ange Albertini (Corkami) @angealbertini
Daniel Hodson (felinemenace/Ruxcon)
Aaron Portnoy (Exodus Intelligence) @aaronportnoy
Piotr Bania @PiotrBania
Bannedit (Corelan) @bannedit0
Carlos Sarraute (Grandata)
Cesar Cerrudo (IOActive) @cesarcer
Dhillon Kannabhiran (HackInTheBox) @hackinthebox
Nico Waisman (Immunity) @nicowaisman
Federico Kirschbaum (Ekoparty) @fede_k
FX (Phenoelit) @41414141
Fyodor Yarochkin (Academia Sinica/Plurk) @fygrave
Hugo Fortier (RECon) @hugofortier
Itzik Kotler @itzikkotler
Jason Martin (Shakacon) @shakacon
joernchen (Phenoelit) @joernchen
Jonathan Brossard (Toucan System) @endrazine
Julio Auto (iSIGHT Partners) @julioauto
Tarjei Mandt (Azimuth) @kernelpool
Laurent Gaffie (Spiderlabs) @laurentgaffie
Lurene Grenier (Immunity) @pusscat
Matthieu Suiche @msuiche
Nicolas Ruff (EADS Innovation Works) @newsoft
Pipacs (Linux Kernel Page Exec Protection)
Ravishankar Borgaonkar (Berlin University) @raviborgaonkar
Rodrigo Branco "BSDaemon" (Cipher) @bsdaemon
Sergey Bratus (Dartmouth College) @sergeybratus
Silvio Cesare (Deakin University) @silviocesare
The Grugq (Coseinc) @thegrugq
Tim Kornau (Google)
Travis Goodspeed @travisgoodspeed
Note: thanks heaps, we owe you dear PC members :)
We are interested in world domination 2013. We are glad you are willing
We highly encourage and will favour presentations with demos.
To assess the depth, novelty and relevance of submitted talks, we will
require a 2 to 3 pages whitepaper (as an order of magnitude...) along with
your submission. We know it's a lot of work for speakers, but we'll help
you get to Paris: it's not too bad a deal ;)
We are only accepting submissions in English.
The standard format will be of 35 mins presentation + 10 mins Q&A.
If you think your talk deserves more time, feel free to ask for two slots
(that is extended talk: 80min + 10mins Q&A).
Please note that any talk whose content will be judged commercial or non
neutral will be rejected and/or interrupted on stage.
General topics of interest are mostly offensive and include:
- Security problems that are not fixable,
- finding vulnerabilities and/or proving security properties of software,
- new exploitation techniques (new classes of bugs, heap overflows on
different memory allocators, win8...), proving things on binaries,
- bytecode vulnerability discovery and exploitation (java, .NET,
- reverse engineering, writing debuggers,
- exploit automation (targeted/worms),
- malware engineering,
- security assessment of new network protocols,
- hardware hacking (raspberry based automated network hacking ?),
- routers hacking,
- crypto: practical assessment of software, quantum computers, FPGA and
- BYOD for dummies: ARM/x86 android/IOS hacking, persistence, remote
- Botnets, Exploit kits and how to use them for targeted attacks,
- Anti forensics: Piercing network firewalls and proxies,
network ripping, data exfiltration, hiding your data from the CIA,
- owning corporate and government networks for ever,
- defeating new security protections,
- breaking out of hypervizors,
- hardware level vulnerabilities (cpu bugs?),
- Hacking UEFI & Secure Boot (Bootkitting UEFI, Bitlocker...),
- GNU Radio/SDR/anykindofwireless hacking, Signal Processing,
- Hacking web application frameworks (java, ruby, php, .NET,...),
- Be god on the internet, walk on water,
- break stuff.
We highly encourage any hardcore technical topics not listed in the above!!
Submit your presentation and materials and the below form via e-mail to
cfp (at) nosuchcon (dot) org [email concealed]
[ CFP ANSWER TEMPLATE ]
*** General information:
* Speakers name or alias
* Demo [Y/N]
* Number of lines of code written during your project?
* I need help with visas [Y/N]
* Presentation Title
* E-mail address
* Phone number
* Company (name) or Independent?
* additional requirements: Internet? Others?
*** Talk Format:
Please chose your talk format:
[ ] Standard (30min+10min Q&A)
[ ] Extended (80min+10min Q&A)
Specify if your submission contains any of the following information:
* Tool [Y/N]
* Slides [Y/N]
Please attach your whitepaper to your submission in one of the
following formats: raw ASCII 7bits text, TeX file, PDF file,
MS office or Open Office document or presentation. (No other
formats will be accepted: target your 0days ;)).
The CFP closes on March the 31st, 2013. The earlier you submit, the
all of us ;)
You shall be notified of your acceptance as a speaker by the 15th of April,
--[ Do I want to talk there anyway?
It's up to you mate. If you like the things we like, you may as well like
the conference. You may want to have a look at the 3 previous editions
we co-organized and see if it looks like something of interest to you.
We absolutely do encourage you to submit if you have something
say. In particular, academic researchers, hobbyists, or just regular
enthusiasts of any age and from all over the internet are welcome to
--[ Speaker benefits:
4 nights accommodation in Paris,
Travel reimbursement (up to $1000),
Much respect and love.
--[ More information:
Web site: http://www.nosuchcon.org/
CFP information/submissions: cfp (at) nosuchcon (dot) org [email concealed]
The No Such Association (NSA) team would like to thank the security
community for its continuous support. We would like to thank in particular
members of the Programming Committee, the past speakers, all of the
volonteers as well as all the attendees and the past sponsors, plus the
countless friends, that share our passion and are ready to share some of
time with us :)
--[ EOF ]--
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
[ reply ]
Copyright 2010, SecurityFocus