Posts bybsdaemon

See About in my website

H2HC Brazil, Cancun and H2CSO… The true behind organizing conferences

So, thank you for starting reading this post.  I’m not going to announce the conferences that I organize here.  What I’m going to do is to explain why I organize them.

Many people ask me why I try to organize those conferences.  Some others says that I make a lot of money out of the conferences, and others ask for ideas/references or guidance on how to create a security research conference.

H2HC or Hackers to Hackers Conference is the oldest security research conference still in activity in Brazil and had a huge grow in the past years.  We have many other great conferences in Latin America, like the YSTS, Ekoparty and BugCon.  We collaborate with all of them.

Why is that?  Because the idea of organizing a conference, at least to me, is to grow the investments in security research in the area, to bring more companies, to create more researchers and with that, create more opportunities.

If the conference makes money, use it to grow the conference in the next year, to create other versions, like the H2CSO (Hackers to CSOs) which was a great idea by Fernando Santos (from Area Manager of Check Point in Brazil).

So, what do I have as benefit of that?  Meeting people, growing the network, sharing knowledge and more companies willing to pay for security projects… :)

Organizing a conference is very timing consuming.  And it is all about risk-taking.  Don’t expect to make money.  Don’t depend only in getting sponsors.  Try to guarantee the sponsors in the beginning of the initiative.  Try to guarantee the good local people are with you, and are going to support you.  And mostly important:  Don’t compete with others, create partnerships, alliances.


Rodrigo (BSDaemon).

Hack in the Box Conference – Dubai

It’s time again!

Hack in the Box Conference will happen in Dubai, from 20th to 23rd april and I’ll be there talking about Advanced Payloads.

The presentation will discuss what changed in the nowadays attacks, and why the protections have not evolved as well.

With the focus on the advanced payloads and how to detect them passing through the network, the presentation will show many samples for improvements of actual technologies.

You can see the conference agenda here:

Let’s meet there folks!


Rodrigo (BSDaemon).

H2HC – Hackers to Hackers Conference Brazil is over!

So, it’s finally over!

To be honest, it ended a month ago, but I just have some time to rest now!  H2HC this year was amazing… Lot’s of foreigns came to Brazil for the conference, great speakers and many people from corporations also showed up.  This was the first year open for sponsors… And we received sponsorship from Immunity, Microsoft, Check Point and iDefense, which shows how recognized the conference are.
As the organizer of the conference I’m happy… As an atendee I’m not… I had no time at all to really enjoy the conference itself, but the after-conference parties I really loved.

Next year all of you are already invited to join us in Sao Paulo, one of the biggest cities in the world, with an amazing night life in a real ‘hacking-style’ conference in Brazil.

Follow this link:

The materials are already online:

see you next year!

Rodrigo (BSDaemon).

Overview: Hack in The Box Dubai and Troopers Munich

So, I’m back and now have some time to write about my travel in two amazing security conferences:
Hack in the Box in Dubai and Troopers in Munich

Both conferences are really well organized and with an amazing content! (I’ll not give my opinion about the each talk, mainly because I have not paid enough attention in important talks).

In HITB the after-conference party was sponsored by Argeniss and was in a boat – amazing drinks and view around Dubai Marina… In troopers we went to a typical Germany
place (old era) to eat an amazing meat (pay attention, please… I’m Brazilian and I’m saying it’s an AMAZING meat over there), sponsored by ERNW.

Back to conference content, in both conferences I had enough time to exchange ideas with attendees and speakers… Troopers received a lot of system administrators from
companies around Germany, which was important to me to better understand the security ideas they have in Germany. Also, some legal discussions about the new laws in this
country (I’m better informed now).

HITB Dubai this year was bigger then in the past year, but the CTF game was not so funny (there is no money involved, hehehehe)… Our team at Scanit (Oger Systems R&D Lab) won
(to be honest, Chaitanya Sharma from Scanit India passed the Zone-h web challenges steps and Julio Auto the reverse engineering steps – I just gave a lucky hint in the latest one – a off-by-a-few overwrite).

Lots of well known names went to Dubai this year, just to tell some: Skyper, Cesar Cerrudo, Alexander Kornbrust, Raoul Chiesa, pdp…

Troopers surprised me!! Really… It’s a new conference, but lots of important guys went there: Alexander Kornbrust, Andrew Cushman, Dan Berstein, Raoul Chiesa, Ariel Waissbein…

Anyway, now I’m back to Brazil (yeah, I left Scanit) to work @Check Point… good luck to me, hope to see you guys in some conference (why not Hackers 2 Hackers Conference in Brazil? –

Copy and Paste Security Bugs?? The *BSD case…

So, it’s time to another blog entry, another idiot/dumb post…

And for sure DragonFlyBSD and TrustedBSD* are also affected for this issue… why?

The bug occur because bsd developers does not know how integer convertion is done? Or just because you have copy and paste the bug from another BSD to yours? It’s always a problem when you copy code from another location. How secure is that code? What is the historical security problems it has? Let’s audit it!
Congratulations to you, OpenBSD guys, who simply don’t support things you don’t audit… why someone wanna use firewire? hehehe . Yeah! Is pretty easy talk about the problems, but, how I can help to solve it? I really dunno… In my mind, you need to understand the code you are copying, but, for god, please, copy it 😉


Rodrigo Rubira Branco (BSDaemon).

Vulnerability Disclousure Pratices in Open-Source Systems

A lot of discussion has been done worldwide about the disclousure (or not) of new information systems vulnerabilities.

First we have people who like full-disclousure (bug-details, including how to explore it and an exploit for it), in the other hand, who doesn’t agree on the vulnerability disclousure (need the disclousure of patches, not the details of what bug it corrects).

This kind of idea facilitates the attackers’ sucess (they just need to verify the differences between a system and the patched version of this system, using bindiff tools to help in this process). The users, who don’t need to really update systems (just update when a security flaw exists not just because an update exist) can’t know when is secure not update the system (so, let’s sell more systems…).

My first blog entry does not try to discuss it, but discuss this position:

“The policy of the FreeBSD Security Team is that local denial of service bugs not be treated as security issues; it is possible that this problem will be corrected in a future Erratum”

Interesting to see this kind of answer for a security problem in the system, mainly when the bug can be exploited (yeah, it can be exploited).

But, local denial of service is not a problem? Hum, sorry for hosting companies who uses FreeBSD!!


Rodrigo Rubira Branco (BSDaemon).