As mentioned previously on this blog, I managed to win myself a ticket to the T2 conference in Helsinki. I have visisted the conference once before, last time I won a ticket, in 2016 and had a great experience at that time so expectations were high. This post is a short summary of my experience at the conference.
The T2 conference is a smaller two-day conference capped at 100 participants. This makes for an intimate setting where you actually can get a chance to talk to most of the attendees and speakers during coffee breaks and lunch, something I enjoy a lot. I also assume this is what makes the tickets a bit pricey at 1337€ so preferrably something you would get your employer to pay.
It started off very nice with me receiving a "friend or foe" badge at the opening ceremony. After formalitites had been cleared it was time for a keynote by halvarflake. I have never seen a talk by him previously and I this keynote was way less technical than one would expect from him. Nevertheless, it was a great opening to the conference covering the topic of risk and risk management, an area where technically inclined often are tempted to take an absolutist stance. I completely agreed with halvarflake on this issue that this is something we need to be better at. People who have discussed security with me previously know that I usually say that lack of understanding of risk management is one of the biggest give-aways for whether you should listen to someone's security advice. The talk also explored some interesting ideas on how this could be used in practice and establish track records, a very intriguing thought.
The conference continued with great talks (presentations) and great talks (conversations) throughout the two days including very nice lunches and dinner at the venue, a hotel close to the Helsinki harbour. My two favorite ones were probably Mark D's "Not having a total breakdown" about the handling of the massive WPP ransomware attack and Tomi & Timo's "Ghost in the locks". It was also very interesting to listen to Alex and Fabian talking about browser exploitation since modern exploitation really is an area I haven't really ventured into yet.
Mark described the process and timeline, from having to abort a team offsite via the initial hours of trying to understand all the way through the following weeks of rebuilding the systems. This was a prime example of a talk where the focus lies on the people and processes, not the tech, while staying engaging all the way. As much as I love a good exploit chain, I think we need more good talks where we talk about how we actually work with security in everyday work. Tomi and Timo's talk on the other hand was just the type of deep tech-gore I associated T2 with since the last time. My "newly" (a few years) found love for hardware probably made this talk even more interesting as they dug deep into the inner workings of hotel lock systems including physical design, magstripe cards, RFID badges and building their own hotel (virtually).
Overall, I had a great time in Helsinki. I don't even regret my choice of housing. Not caring much for fancy hotels, I stayed at The Yard Hostel in an eight-bed dorm. If you don't mind the occasional snoring person, I can wholeheartedly recommend it especially when you only are there for sleeping anyway and spend the rest of the day elsewhere. Hopefully I'll come back here next year to the 2019 T2 conference on the 24-25th of October.