A famous symposium
SSTIC (Symposium sur la Sécurité des Technologies de l’Information et des Communications); I have heard of this event when I began my studies in Computer Science. It was and it still is one of the biggest conferences in France in the field of Information Security. Every year, I attempted to go but there was always something that prevented me from participating. It was often because of exams or a lot of homework.
But this year, during my internship, my colleagues told me they will go, as they usually do, and they asked me to come with them. I knew there was a student discount, so I gratefully accepted and bought my ticket. A few weeks after, I took a backpack, my laptop, and the fun could begin!
Before I continue, I would like to give one piece of advice for those of you who would like to have a ticket next year; be prepared and log onto the website ten minutes before the ticket office opens. There are a limited number of tickets…
A bunch of talks
Every year, the symposium helds in a university in Rennes. The first morning, I was a little bit lost and scared. Actually, at first glance, people who were here already knew each other. I was one of the youngest and of newest ones. The organizers gave me a little bag that had my badge, a tee shirt, an issue of a magazine and a big book which contained all the details of each conference. What more could I ask for? Then, after an hour, it really began.
The technical level was high. I cannot deny it. I appreciated the great diversity there was in the topics. Indeed, you could have a talk about management and another one about pentesting when you were at it. Of course, the security aspect was always predominant.
Even if I was not interested by all the talks, I enjoyed most of them. The ones I really loved were:
- How to play Hooker: A solution to analyze Android markets by Dimitri Kirchner and Georges Bossert
- Catch Me If You Can - A Compilation Of Recent Anti-Analysis In Malware by Marion Marschalek
- La radio qui venait du froid by Alain Schneider
- Bootkit revisited by Samuel Chevet
- Cryptocoding by Jean-Philippe Aumasson
You can also find detailed reviews (in French) about the talks on this blog and on the links that are at the bottom of the page.
The “Social Event”
Aside from these instructive talks, the other thing I really appreciated was the “Social Event”. In short, we were all in a community center the second night with free food, champagne and beer, at the end. That was the place where I met most of the people. I only knew a majority of them from Twitter or IRC like Pierre Bienaimé or Jonathan Salwan who gave me great advice for creating my own OS (the idea is still in my mind!).
Conversing with people was extremely interesting. Everyone was nice, recommending me websites I should look at, coding tricks I should try and books or papers to read. I also greeted Hervé Schauer, whom I met at La Nuit Du Hack in 2013 and saw again at ESIEA Secure Edition, earlier in the year. Unfortunately, I did not find the time to talk with QuarksLAB CEO Fred Raynal, also Director in Chief of MISC, and I did not see Travis Goodspeed after his great keynote about the International Journal of PoC | GTFO.
Finally during the breaks there were between conferences I had the opportunity to meet Nicolas Brulez who is, in my opinion, a personality in reverse engineering. Also Nicolas Ruff aka @newsoft. He was and still is an icon in the French community and one of the rare people who made me discover the real technical aspect of Information Security and has helped me, a few years ago, to find my vocation. As a matter of fact, I have talked with other people but I will not write the whole list here.
To conclude, I must say that I enjoyed SSTIC. I have learned a huge quantity of things about computer science thanks to great conferences and a bunch of suggestions from experienced and talented people. To put it in a nutshell, attending conferences and having a beer with people who are sharing the same passion as you is always an instructive pleasure!