0 Day DEFCON 18 notes.

This year, I got in on Wednesday, which reduced the stress level considerably. Mike the Musicologist met me here; Andrew “Swordfish Trombone” Wimsatt is flying in tonight.

Mike and I had a pretty good (and cheap!) dinner Wednesday night at Four Kegs, which some of you may recognize from “Diners,  Drive-Ins, and Dives“.

DEFCON 18 panels that I may, or may not, attend, but will point out for Lawrence‘s benefit:

Weaponizing Lady Gaga, Psychosonic Attacks

I’ve already missed the “Hardware Black Magic: Designing Printed Circuit Boards” and “Go Go Gadget Python: Introduction to Hardware Hacking” panels, but I figure most of the information from those is on the DEFCON 18 CD.

Panels I want to attend:

I’m torn between the annual “Making of the Badge” panel, and the “How To Get Your FBI File (and Other Information You Want From the Federal Government)” panel. If I do get moving that early, I suspect I’ll end up at the latter one.

Build a Lie Detector/Beat a Lie Detector“. My desire to attend this is mostly based on nostalgia. When I was a young boy, my dad gave me several of the Radio Shack 50-in-1/100-in-1/250-in-1 electronic kits for Christmas. One of the projects in those was always a lie detector, and I always built that project.

Build your own UAV 2.0 – Wireless Mayhem from the Heavens!” How could anyone not go to that panel?

Exploiting Digital Cameras“. Another panel that seems designed to push multiple buttons on my user interface at once.

DCFluX in: Moon-bouncer“. Looks like it could be a fun panel on alternative methods of communication in a critical situation, like moon-bounce (something I’ve heard of from the amateur radio community).

Black Ops Of Fundamental Defense: Web Edition“. Dan Kaminsky. Again, enough said.

Extreme Range RFID Tracking“. I haven’t gotten that deep into RFID hacking yet (though I might change that this year), but I’m interested in this long-range low-power radio device stuff. Also, this is one of two Padget talks I want to see.

Jackpotting Automated Teller Machines Redux” The Black Hat version of this talk is already getting a lot of attention.

I’m having trouble deciding between “This Needs to be Fixed, and Other Jokes in Commit Statements“, which sounds like it could be very funny, and “Insecurity Engineering of Physical Security Systems: Locks, Lies, and Videotape“; I have a lot of respect for Tobias’ work.

Practical Cellphone Spying” is the other Padget talk I want to see.

We Don’t Need No Stinkin’ Badges: Hacking Electronic Door Access Controllers“: besides the title reference, this might make good background for that novel. I’m also considering “Wardriving the Smart Grid: Practical Approaches to Attacking Utility Packet Radios” as another possibility; I’d really like to see both.

Physical Security : You’re Doing It Wrong!” Well, if he’s going to talk about how to get vendors to take you to lunch, sure!

Physical Computing, Virtual Security: Adding the Arduino Microcontroller Development Environment to Your Security Toolbox“. I’ve been thinking about getting into microcontroller hacking, and this seems like it might be a good introduction to the Arduino (which is one of the environments I’ve considered).

Hacking with Hardware: Introducing the Universal RF Usb Keboard Emulation Device – URFUKED” and “Programmable HID USB Keystroke Dongle: Using the Teensy as a Pen Testing Device“: it sounds like there could be a lot of overlap between these two panels.

The Search for Perfect Handcuffs… and the Perfect Handcuff Key“. You never know when you might need to get out of a pair of handcuffs…

I haven’t decided between “Attack the Key, Own the Lock“, which sounds like it may be a rehash of some panels at previous DEFCONs, and “Constricting the Web: Offensive Python for Web Hackers“, which pushes the Python button.

Electronic Weaponry or How to Rule the World While Shopping at Radio Shack“. Not a lot of information on the DEFCON site; I’ll probably go and leave if I get bored.

Breaking Bluetooth By Being Bored“. I’m fascinated by Bluetooth attacks, so this is a must-see for me.

Panels I won’t be attending:

Getting Root: Remote Viewing, Non-local Consciousness, Big Picture Hacking, and Knowing Who You Are“. The usual hippie horse-pucky.

Any suggestions from anyone else who may be attending? Or presenting? Or wanted to go, but couldn’t?

One Response to “0 Day DEFCON 18 notes.”

  1. I would be interested in hearing about any panels on router vulnerabilities and attacks, since that seems to be a current topic of considerable interest.