The talks I attended over the wire, including links to the description and video and some comment on the content as I experienced it.

• mobile
  • Running your own GSM stack on a phone Video
    OsmocomBB - the Open source mobile communications BaseBand - is the first real step in a open gsm stack, which can be used to mess with the GSM networks.
    I read about the efforts early in 2010, and got the hardware supported by the software early.
    At this point you can make phone calls with the stack using a cisco style telnet interface.
  • Wideband GSM Sniffing Video
    Using OsmocomBB you can even mess with the GSM network itself, in this presentation, they used 4 (modified) Motorola C123 phones to build a working GSM sniffer, which allows receiving phone calls and sms.
    After this presentation, the price of the Motorola C123 skyrocketed from 1€ to 50€ on ebay.
    I really regretted handing out some phones to friends at this point, as I do not have 4 C123 myself left, but four C123 at 50€ are still slightly cheaper than commercial solutions for 50.000€ or more.
    Recommended.
  • The Baseband Apocalypse Video
    GSM is a old complex standard, and there is no exploit mitigation in the GSM stacks. Attacks on the baseband processor of a phone can access the operating system - without leaving traces. If you have a mobile, this may be of interest.
  • Android geolocation using GSM network Video
    Given this approach still requires internet, I was expecting more, given Harald Welte already mentioned another approach using RRPL.
• network
  • Node.js as a networking tool Video
    I was fairly impressed by the performance of node.js which was outlined in the presentation, serving a 1MB file to 100 concurrent clients (using the ab from apache), node.js served more than 800 requests a second, which is more than 800 MBytes/s, so a single process on a single core saturates 7 gigabit lines.
    I was impressed, I had doubts, and ran the benchmark on my own, in which case it even scaled better, maxing at 999 requests a second, which was about 1000Mbyte/s. As Node.js relies on the same eventloop dionaea uses, I tested dionaea's performance, and while dionaea scales not bad, it is no match to node.js. I was surprised enough to add some code to implement a poor mans http server in plain c, which was still slower than node.js, and identified some 'not that smart' decisions. But given dionaea was still pushing out more than 100MByte/s, and it is rather unlikely somebody saturates his gbit line with honeynet traffic, I decided not to mess with this further.
    Node.js is a rising star, if you want to get some serious network io done, it will be worth looking at it.
  • Recent advances in IPv6 insecurities Video
    Interesting presentation about design and implementation issues with IPv6, once IPv6 gets used, there will be real problems. Bonus for publishing the software used to mess with IPv6, if you want the full IPv6 attack toolkit developed by the presenter, you have to send in patches though. I doubt this will work out, or create any kind of additional contribution, a repository on github may be more appropriate.
  • Data Analysis in Terabit Ethernet Traffic Video
    I can't recommend this one, I think he even managed to avoid mentioning terabit during the whole talk, it is just an overview of the products used, not going into any technical details.
  • SIP home gateways under fire Video
    SIP is a messy protocol, which makes it easy to fail, not really surprising or new. I was expecting more from the presentation.
• hardware
  • USB and libusb Video
    I've never had any love for USB, but getting some details of the technology which makes USB made me really have some respect for USB.
    So if you never liked USB, this talk is recommended.
• reverse engineering
  • Console Hacking 2010 Video
    These guys got frustrated after Sony decided to remove linux support from the PS3, and decided to break the whole security system of the PS3 in exchange.
    
  • Code deobfuscation by optimization Video
    While I liked the idea, I was missing a good example of how well it works, like “this is skype without the obfuscation, but it still works and is even much faster”.
  • Reverse Engineering the MOS 6502 CPU Video
    Even though I did not really get the idea of why would one want to reverse engineer an cpu that old, it is a really interesting presentation.
  • Automatic Identification of Cryptographic Primitives in Software Video
    Same as for the Code deobfuscation by optimization, nice approach, but I was missing a good example of how well it works, like “this is what skype does”.
  • Adventures in analyzing Stuxnet Video
    Do not miss this one, Bruce Dang delivers an entertaining insight into the heat he experienced when stuxnet hit the media and Microsoft was in charge to say something about it.
• business
  • Rootkits and Trojans on Your SAP Landscape Video
    The Best-Run Businesses Run SAP - if your business survives SAP, it is one of the best-run buisnesses.
    From what I understood in this presentation, it is rather impossible to secure an SAP system.
• trolling
  • Desktop on the Linux... (and BSD, of course) Video
    Somebody gets a serious beatup for bashing on gnome, d-bus, devicekit, … as Lennart Poettering, who either maintain(s|ed), develop(s|ed) or has beers with the actual maintainer/devlopers of the said software is in the audience.
    If you are bored, this may be better than TV.