Technical — Security

Security topic main goal is to provide talks about the differents interactions that exist between free software and security :

  • the security of the free (as in freedom) softwares ;
  • free software security software ;
  • free software impact on security in general.

This year main topics covered will be :

  • network and applications security
  • IAM and authentication
  • security and privacy in your digital life

A special focus : Paul Rascagneres will set up a workshop on reverse engineering on open source platform.

2 Interviews have been done with 2 speakers, Werner Koch et Eric Leblond :

Security topic chairmen will be this year Mathieu Blanc and Christophe Brocas.

The schedule :

Recent advances in Suricata IDS/IPS

Speaker(s) : Eric LEBLOND

  • Language : Français
  • Level : Confirmed
  • Nature : Conférence
  • Date : Monday 9 July 2012
  • Schedule : 14:00
  • Duration : 40 minutes
  • Place : Uni Mail R280
Target audience : ProfessionalsGeeks
The development of Suricata IDS/IPS has been really fast paced in the last year. New great features like file extraction and TLS handshake analysis have been introduced after the core has been finished in 2010. This talk will present Suricata and its ecosystem including associated software. It will ... Read more

Advanced network scanning with nmap 6

Speaker(s) : Henri DOREAU

  • Language : Français
  • Level : Confirmed
  • Nature : Conférence
  • Date : Monday 9 July 2012
  • Schedule : 14:40
  • Duration : 40 minutes
  • Place : Uni Mail R280
Target audience : ProfessionalsGeeks
Nmap is the de-facto industry standard tool for network scanning. Version 6 was recently released, with full IPv6 support, numerous major scripting engine (NSE) related improvements, a brand new OS fingerprinting engine and much more. This talk will present advanced uses of nmap for in-depth network... Read more

Naxsi - a positive approach to web application filtering

Speaker(s) : Didier CONCHAUDRON, Sébastien BLOT

  • Language : Français
  • Level : Confirmed
  • Nature : Conférence
  • Date : Monday 9 July 2012
  • Schedule : 15:20
  • Duration : 40 minutes
  • Place : Uni Mail R280
Target audience : ProfessionalsGeeks
Over the last few months, we have been developing Naxsi, an open source, high performance, low rules maintenance, Web Application Firewall(WAF) module for Nginx, the infamous web server and reverse-proxy. Naxsi is an
official OWASP project.
Naxsi is different from most WAFs, as it does not rely on s... Read more

LemonLDAP::NG WebSSO : presentation and new features of the 1.2 version

Speaker(s) : Clément OUDOT

  • Language : Français
  • Level : Confirmed
  • Nature : Conférence
  • Date : Monday 9 July 2012
  • Schedule : 16:20
  • Duration : 40 minutes
  • Place : Uni Mail R280
Target audience : Decision makersGeeks
LemonLDAP::NG is a FOSS for WebSSO, access management and identity federation developed since 2005. Its community is active and regurlarly proposes new versions.
This talk will first present the software and its main functionalities:
Multi-domain SSO Configuration and session management Form replay... Read more

Reverse Engineering on open source platform

Speaker(s) : Paul RASCAGNERES

  • Language : Français
  • Level : Confirmed
  • Nature : Conférence
  • Date : Monday 9 July 2012
  • Schedule : 17:00
  • Duration : 40 minutes
  • Place : Uni Mail R280
Target audience : Geeks
The reverse engineering is the process of discovering the technological principles of a device, object, or system.
Many open source software can help to realise this work. We will present a set of software for performing reverse engineering.
Example of tools :
memory dump analysis syscall tracer d... Read more

Introduction about antivirus and ClamAV prsentation : a free (as in freedom) antivirus for a free system

Speaker(s) : Antoine CERVOISE

  • Language : Français
  • Level : Confirmed
  • Nature : Conférence
  • Date : Tuesday 10 July 2012
  • Schedule : 09:20
  • Duration : 40 minutes
  • Place : Uni Mail R280
Target audience : ProfessionalsGeeks
This presentation will be in three parts: after a little bit of virus history, the first part will expose differences between virus, worm, trojan, etc. and the different ways used by antivirus for detecting malware.
The second part will show the importance of having an antivirus on Linux/Unix: no sy... Read more

Workshop : Reverse Engineering on open source platform

Speaker(s) : Paul RASCAGNERES

  • Language : Français
  • Level : Confirmed
  • Nature : Atelier
  • Date : Tuesday 10 July 2012
  • Schedule : 09:20
  • Duration : 120 minutes
  • Place : Uni Mail 2170
Target audience : Geeks
This workshop is complementary to the conference of the same name.
It aims to provide simple examples to realise our fisrt reverse engineering with open source software.
Example of tools :
- memory dump analysis
- syscall tracer
- disassembler tools
- data exploration
- ...
Paul Rascagnères is... Read more

Simplify authentication with Kerberos : from one single computer to a whole company

Speaker(s) : Matthieu CERDA

  • Language : Français
  • Level : Confirmed
  • Nature : Conférence
  • Date : Tuesday 10 July 2012
  • Schedule : 10:00
  • Duration : 40 minutes
  • Place : Uni Mail R280
Target audience : ProfessionalsGeeks
Be it for a single person, or a whole corporation, authentication and access management have always been problematic issues. There are several solutions to this, sometimes complicated, sometimes proprietary, but there is one that offers a good balance between difficulty and security: Kerberos. This ... Read more

Build your web application for managing LDAP directories content

Speaker(s) : Clément OUDOT

  • Language : Français
  • Level : Confirmed
  • Nature : Conférence
  • Date : Tuesday 10 July 2012
  • Schedule : 11:00
  • Duration : 40 minutes
  • Place : Uni Mail R280
Target audience : ProfessionalsGeeks
LDAP directories are deployed in numerous organizations and host lots of essentials data of the company : contact employees, list of services and structures, groups and mailing lists, etc..
The challenge then lies in the publication and administration of these informations. In most cases, the way to... Read more

(CANCELED) - OpenPGP and S/MIME are both on the STEED

Speaker(s) : Werner KOCH

  • Language : English
  • Level : Confirmed
  • Nature : Conférence
  • Date : Tuesday 10 July 2012
  • Schedule : 14:00
  • Duration : 40 minutes
  • Place : Uni Mail R280
Target audience : Geeks
Edit 29/06/2012 : This talk is canceled. Werner Koch will not be able to come to Geneva for personal reasons.
End-to-end mail encryption is still ignored by almost all users. The
mails are left in the clear in the mailboxes of the web mail
providers, where they are frequently collected by att... Read more

malicious use of connection tracking in firewalls

Speaker(s) : Eric Leblond

  • Language : Français
  • Nature : Conférence
  • Date : Tuesday 10 July 2012
  • Schedule : 14:00
  • Duration : 40 minutes
  • Place : Uni Mail R280
This talk aims to present a series of attacks on networks using a firewall connections tracking system. Eric will describe the mechanisms for monitoring connections by focusing on the implementation done in netfilter. He will then describe attacks for certain protocols before presenting the counterm... Read more

Mozilla BrowserID/Persona and the privacy in the Web

Speaker(s) : Jean-Yves PERRIER

  • Language : English
  • Level : Confirmed
  • Nature : Conférence
  • Date : Tuesday 10 July 2012
  • Schedule : 14:40
  • Duration : 40 minutes
  • Place : Uni Mail R280
Target audience : General publicGeeks
Numerous Web actors see users not as customers, but as products. This talk speaks about the privacy challenge on the Web and describes a concrete approach to make things better, throught Mozilla’s BrowserID/Persona project.
Jean-Yves Perrier is a Swiss engineer who worked during 15 years in C+... Read more

Verifiable on-line elections with Helios

Speaker(s) : Stéphane GLONDU

  • Language : English
  • Level : Confirmed
  • Nature : Conférence
  • Date : Tuesday 10 July 2012
  • Schedule : 15:20
  • Duration : 40 minutes
  • Place : Uni Mail R280
Target audience : General publicDecision makersGeeks
Electronic voting is being deployed in various situations around the
world, making the suject an active research topic. I will explain the
issues at stake and I will present Helios, a purely free and open-source
Web-based voting system that strives to be easy to use for the casual
voter while provid... Read more

L'accès à internet est un sport de combat

Speaker(s) : Kevin DENIS

  • Language : Français
  • Nature : Conférence
  • Date : Tuesday 10 July 2012
  • Schedule : 16:20
  • Duration : 40 minutes
  • Place : Uni Mail R280
Target audience : General publicGeeks
Hadopi, ACTA, filtering, limited access to Internet Limited, DPI, Revolution 2.0, net neutrality ... The time where Internet access was always done through public IP address and or filtering does not exist is over. Indeed, Net neutrality is challenged to the point we see the emergence of laws on the... Read more