The schedule for DEFCON 20 is up.
Lawrence reminded me on Saturday that I also had not solicited panel requests, so this is your pre-DEFCON 20 post.
I’m flying out Wednesday morning and getting to Las Vegas around 1 PM. I’m hoping to visit the Mob Museum (just because it is new since my last visit, and I haven’t seen it) and to make a return trip to the two bookstores I visited last year. Lotus of Siam is also required.
There is some stuff going on at DEFCON on Thursday:
- “Breaking Wireless Encryption Keys“: I’m generally familiar with the how-to of breaking WEP, and the attacks against WPA. I keep meaning to set up a lab and do some WEP attacks, but I never get around to it (always something else going on), and I’ve never actually seen it done, so this panel intrigues me.
- “Intro to Digital Forensics: Tools & Tactics“: Another possibility. My experience with forensic tools is weak.
- “HF skiddies suck, don’t be one. Learn some basic Python.“: A maybe, more for the Python angle than anything else.
Here’s what I’m interested in on Friday:
- “Making Sense of Static – New Tools for Hacking GPS“: As you know, Bob, I’m fascinated by GPS, and I’m curious to see what these guys come up with.
- “Not So Super Notes, How Well Does US Dollar Note Security Prevent Counterfeiting?“: I don’t think I’ve mentioned this before, but I have an academic fascination with counterfeiting. Then again, who isn’t attracted to the idea of making your own money?
- “How to Hack VMware vCenter Server in 60 Seconds“: I have to work with VMware from time to time in my real job, so…
- “Bypassing Endpoint Security for $20 or Less“: I like cheap.
- “Safes and Containers: Insecurity Design Excellence“: “…design issues that allow locks and safes to be opened in seconds, focusing on consumer-level containers that are specified as secure for storing valuables and weapons, and in-room hotel safes that travelers rely upon.” Enough said.
Saturday, we have a possible tie for this year’s “Hippie, PLEASE” panel:
- “Twenty Years Back, Twenty Years Ahead: The Arc of DEF CON Past and Future“: the description doesn’t sound all that obnoxious, but Richard Thieme is a multiple past–winner of the “Hippie, PLEASE” DEFCON panel award.
- And, “Beyond the War on General Purpose Computing: What’s Inside the Box?” by none other than C*ry D*ctr*w.
I shan’t be attending either. The Saturday panels I am interested in:
- Either “Creating an A1 Security Kernel in the 1980s (Using “Stone Knives and Bear Skins”)” or “Defeating PPTP VPNs and WPA2 Enterprise with MS-CHAPv2“: I do kind of like historical perspective panels, but I’m also really interested in the MS-CHAP attack.
- “Exploit Archaeology: Raiders of the Lost Payphones“: Payphones? PAYPHONES? Apparently, those are still a thing you can attack. (“Stamp Out Hash Corruption! Crack All The Things” does deserve a nod, though, for the Hyperbole and a Half reference.)
- “Into the Droid: Gaining Access to Android User Data“: Android hacking is still hot.
- “Off-Grid Communications with Android: Meshing the Mobile World“: I like the idea of “Smart Phone AdHoc Networks”, if for no other reason than as a fallback in case of disaster.
- “The Safety Dance – Wardriving the Public Safety Band“: I’ve kind of dropped away from it, but I used to be a scanner/shortwave geek, and this panel has me curious.
- “Black Ops” or “Hacker + Airplanes = No Good Can Come Of This“: I’m a big fan of both Dan Kaminsky and Renderman, and I really really want to see both of these panels. I’ll probably hit Kaminsky’s panel unless I can’t get in. And I do resent the fact that DEFCON scheduled these two panels against each other. (“Spy vs Spy: Spying on Mobile Device Spyware” also sounds fun, but given a choice, I’ll take Kaminsky or Renderman.)
- “Busting the BARR: Tracking “Untrackable” Private Aircraft for Fun & Profit“: This will depend on how I feel at the end of the day: I’m kind of interested, and I think a couple of my friends will be as well, but if I’m feeling wore out, I may skip it. I’m also kind of curious about “The Darknet of Things, Building Sensor Networks That Do Your Bidding“: mostly I want to see if these guys are Arduino-based, and if they are, I might hit that instead.
Sunday! Sunday! Sunday! Live at DEFCON 20! Nitro-burning FUNNY CARS!
- “SIGINT and Traffic Analysis for the Rest of Us“: I’m also a big fan of Matt Blaze. As an ex-radio geek I’m interested in SIGINT. And I’ve read the P25 paper, so this pushes several buttons at once.
- “SCADA HMI and Microsoft Bob: Modern Authentication Flaws With a 90’s Flavor“: SCADA: hot. Plus gratuitous Microsoft Bob reference.
- “Owning the Network: Adventures in Router Rootkits“. Seems like the best thing going on in that slot at that time.
- “Hacking [Redacted] Routers“: See above.
- “SQL Injection to MIPS Overflows: Rooting SOHO Routers“: See previous two entries. At this point, I may be routered-out, so I reserve the right to skip this one.
- “Hacking the Google TV“: This might be my only chance to see someone hack what, so far, has been a total failure.
- Pretty much have to go to the closing ceremonies.
So that’s that. If anyone has any specific panel requests after looking over the posted schedule, let me know (by email on in the comments), and I’ll try to hit those events. Also, if anyone has any recommendations for new, cool, or interesting places to eat in Vegas, feel free to leave those in comments.
(Edited to add: It’s a Borepatch-o-lanche! Thank you, brother man!)
Save a mention for the serial number hacking panel, I’m sort of surprised there seem to be no Apple products on any of the panels this year. I would think that iDevice cracking would be a popular target given the high profile and widespread adoption of the platform.
Man, I’m jealous. I hope you post daily summaries.
That’s the plan, chief. 🙂
[…] “The Darknet of Things, Building Sensor Networks That Do Your Bidding” presentation. I was curious about this one, but it was opposite “Busting the BARR”. I note, however: “NO […]