This year, in order to better align the workload with the actual expertise of the reviewers, several topic-specific teams were formed. (More here.) Security related topics were staffed by a team of three to four core members. Additionally, six reviewers with differing security background were supporting the review.
Since in some cases the content of the actual presentations overlapped with the focus of more than one content team, submissions were shifted back and forth. Most of the overlap occurred between Hardware, DiY & Making, and Science & Engineering. Overlaps with Society, Politics & Ethics as well as Art & Beauty were also present, but were far less common.
Altogether, approximately 130 hours were allocated for presentations among the entire content-team of the 30c3. 30 hours from this pool were specifically allocated for the security track and further split into 30 and 60 minute slots. In the end, the security content track received additional timeslots and accumulated 31 hours of content in total. We initially received a collection of around 100 submissions, which is roughly a third of all submissions.
While filtering content, we initially focused on reverse engineering of software and protocols, cryptography, and hardware & embedded security-related topics. Fortunately, a large portion of the submissions fell into these categories so that we were not forced to reconsider this focus. The majority of the submissions covered contemporary IT security related issues and current developments, which have yet to receive sufficient public attention.
In the end, we tried to find a balance between various current and important security issues. In cases where multiple submissions covering a particular topic were received, the team made a conscious decision in favor of one particular talk to avoid redundancy. This also involved some difficult decisions pertaining to presentations covering unique, novel, or noteworthy topics.
Ultimately, the available time slots are limited. This resulted in recommending that talks instead be resubmitted at a later date or encouraging that they be presented as a lightning talk. In several cases requiring interaction with the audience or a hands-on approach, a workshop format was proposed instead.
In the coming days, the security track team will continue to publish a number of blog posts to highlight a few outstanding submissions from each of the three topic areas of the upcoming security track. Spoiler alert!