Archive for the ‘conference’ Category


August 14, 2008

DEFCON is always entertaining as it’s the largest hacker conference in North America. Back to back with it’s corporate counterpart, Black Hat, it generally draws thousands of hacker-type people to Las Vegas every summer. The related parties, shenanigans, and drama surrounding it are legendary, and this year was no different.

Below are my thoughts on the talks I was able to attend.



CSI-SX 2008

April 30, 2008

CSI-SX is the new branding for the CSI NetSec conference, which is co-located with Interop Las Vegas, and is essentially the security-focused portion of the overall conference. As with the annual CSI conference, this conference targets a different demographic than I’m used to speaking for as the attendance is usually comprised of very large enterprise and government employees and I usually speak for conferences targeted at the research and hacker communities.

The night before the first day of conference sessions a speaker reception was held which I attended. I met a number of people from the conference staff whom I had not met before as well as a few of the other speakers. Surprisingly I was well-received by this crowd, even with my spiked green hair, which I’m sure they don’t see a lot of at this type of conference.

Below are my thoughts on the couple of talks I was able to attend.


ToorCon Seattle 2008

April 22, 2008

The ToorCon organization puts on some of the best conferences in my opinion, and this last weekend was version 1.0 of their Seattle conference (beta was last year, which I also attended). Friday night was entirely 5-minute lightning talks and then Saturday was entirely 20-minute turbo talks. Sunday was workshops, which unfortunately I could not attend since I had to fly back to Austin mid-day. Last year was invite only and if you were there last year you received a coupon code for a discounted rate this year ($300), otherwise it was a little expensive to attend ($1000). Overall there were a number of excellent speakers with excellent content.

Due to the sheer number of talks (and I did see all of them), I’ll only cover the ones I found most interesting below:


CSI 2007

November 8, 2007

CSI 2007 was the first time I’ve ever attended a CSI conference. I was actually a CSI member way back in the day when I was running my own consulting firm and needed as many business development avenues to explore as possible, but after closing my consultancy and going back to work for The Man(tm) I didn’t keep up my membership as I really wasn’t getting much out of the organization at that point. For some reason I had never attended any of their conferences. The CSI Annual Conference is billed as “The leading management, strategy and policy event for today’s security professionals”, so it’s a very different conference from what I’m used to. While I generally attend the more technical events, this one was targeted at an entirely different demographic. There was a lot of large enterprise and government presence, and I got plenty of scowls as people noticed my green hair, but in the end I believe I won most of them over…

The evening of my talk there was also a Capture the Flag game. Unfortunately I wasn’t aware of this until I ran into Dave Aitel that evening and he told me about it, or I would have had my laptop with me and been prepared to compete. This game was essentially a race through various goals with clues and hints along the way. The guy that won achieved the final goal at just under 2 hours. One potential vulnerability that I pointed out to the event organizers was that most of the information was given away to the audience in the observation room near the start of the competition, and had the competition not been 3 floors underground where there was no cellular signal, I could have easily relayed the information to Dave’s mobile via SMS or AIM or something. Had we had some other form of local wireless communication, cheating would have been trivial. Perhaps next time they’ll not give away so much information at the beginning to the audience…

Below are my thoughts on the couple of talks I was able to attend. Unfortunately I was only there for the one day that I was speaking and I was busy preparing to speak and recording a shorter version of my talk to actually attend many of them.


ToorCon 9

October 23, 2007

ToorCon is always one of my favorite conferences of the year, and this year was no different. Actually, I take that back, it WAS different, it was even better than usual. I got something out of almost every talk that I attended, and the conference ran very smoothly. The conference is small and intimate and the speaker badges are green… I really can’t ask for much more. This year the conference was split between the two days; the first day being traditional hour-long presentations whereas the second day took the cue from ToorCon Seattle (beta) and was entirely 20-minute turbo talks. I thought the conference format worked out really really well and provided a much larger breadth of subject-matter than would normally have been possible with entirely traditional-length talks.

Below are my thoughts on the various talks I attended.


Speaking at CSI 2007

September 26, 2007

I’ve been invited to speak at the Computer Security Institutes’s Annual Conference (CSI 2007) this November in Washington D.C., on the subject of VoIP Attacks. This presentation was originally intended to be a “state of the industry” type talk given every year or so, and the last time I gave it was at EUSecWest last March so it’s about time to update it and present it again.

Speaking at ToorCon 9

September 24, 2007

I’ve been invited to speak at ToorCon 9 in San Diego next month. My topic will be Context-keyed Payload Encoding in which I introduce a new method of keying an encoder which is based entirely on contextual information that is predictable or known about the target by the attacker and constructible or recoverable by the decoder stub when executed at the target. An active observer of the attack traffic, however, should be unable to decode the payload due to lack of the contextual keying information.

Real-time Steganography with RTP Video

September 21, 2007

Apparently, some guy purchased video of all of the DEFCON 15 talks on DVD, then ripped them all to MP4 and uploaded them to Google Video. If you couldn’t make DEFCON this year and wanted to see my talk, or don’t have the patience to read the 50 page paper but have about an hour to watch a video, you should check it out.


August 9, 2007

DEFCON 15, in their second year at the Riviera, seemed a little more settled than the turbulent vibe from last year. Unfortunately DEFCON already seems to be outgrowing this space as a couple of the talks I wanted to see were standing room only and attendees were spilling out into the halls.

The badge this year was a large rectangular PCB with the DEFCON logo parts down the left side and the letters “DEFCON” down the right side. In the center, oriented vertically, was a mini LED pixel display which was controlled by an on-board chip. In it’s default state, the display scrolled the text “I <heart> DEFCON”, however you could program the display through various sequences of pressing your fingers to the DEFCON logo parts down the left side. The badge this year was interesting, but it definitely had some quality issues. The controls to program the scrolling LED display were too easily triggered accidentally, causing most badges to be usually scrolling one of the menu texts instead of the custom message. Also, toward the end of the conference I was seeing a lot of the badges with stuck displays, only having a couple of random LED pixels lit up on them. The badges may have also been a little over-engineered as the instructional poem in the DEFCON book alluded to being able to solder on more components like an RF transceiver, an accelerometer, and potentially some other stuff. I identified at least three different places where you could add components to the badge. There was also WAY too much information about the badge in the DEFCON book such as what types of components you could add, where to get complete source code, how to debug it, etc. This seemed way more like being led down a path than actually being able to “hack” the badge.

Due to speaking this year and having a bunch of friends from DFW in town partying and gambling I didn’t really do the DEFCON social/party thing. I didn’t even have time to attempt Caezar’s Challenge, which from what I could tell merged this year with the Ninja Networks party since the challenge was on the back of the Ninja party pass. Oh well, the couple hundred bucks I made playing BlackJack and hanging out with my DFW friends was worth it.

Out of the presentations and events I attended, here’s my thoughts:


BlackHat 2007

August 9, 2007

BlackHat Briefings 2007 was a bit disappointing this year. This year, the first day of briefings had an entire track devoted to Voice Services. Being the sole VoIP researcher for TippingPoint’s DVLabs, I of course attended this entire track. In short, three words: waste of time. Out of 5 talks on VoIP security, I learned one single new piece of information. At best, the content was the same old attacks against new or attention-starved targets. At worst, it was the same old attacks against the same old targets. In all honesty, if the BlackHat CFP review board had accepted the updated version of my VoIP Attacks! talk that I had submitted, 80% of the attacks shown in the VoIP Services track would have been covered by about 50% of my slides. Maybe not in as much detail, or against the same targets, but that’s kinda the point of my VoIP Attacks! talk; almost all the attacks I speak about work against most protocols or multiple targets, just with slightly different implementations. But then I guess that would have removed the need for an entire VoIP track, which I’m guessing they wanted to have since it’s a hot topic. Also, my RTP Steganography talk that was accepted to DEFCON rather than BlackHat would have been much more appropriate for this track than some of the talks they accepted. I’m not bitter though (:

The second day I saw the talks by the other DVLabs researchers which of course were excellent.

One thing that struck me this year was the names of the people speaking. For a conference that’s actually named BlackHat, there was only a single person speaking under their handle or nym. To me that speaks volumes about the type of content being presented versus the image that the conference is purporting. Also, identifying the number of speakers associated with the conference sponsors versus those that aren’t is an interesting exercise for anyone that cares to look into it. I think this conference is becoming way to corporate and is beginning to do it’s attendees a disservice. This probably stems from the fact that the conference was sold recently and is now managed by a corporate entity.

Here are my summaries of the presentations that I attended: