Ax0n's DefCon 17 Wrap-Up

It's Monday, and I'm surprisingly spry considering the weekend I had. It might have something to do with the Infosec recharge I got. I'll let Asmodian X put together his own thoughts, as we rarely were at the same events and talks, for good reason. There were a lot of great talks overlapping one nother! I can't possibly upload every photo I took, so I'll just post a few here, and I'll make a slide show video later on when I have time.


Due to family matters, I had to hit the airport a whopping FOUR hours before my 6:40AM flight to Las Vegas via Denver International. That meant leaving home around 2:00 AM Thursday. This would pretty much set the pace for the weekend.

Dawn takeoff from MCI

I arrived at McCarran International a little after 9:00 AM and waited for Tom and his wife to show up. We rented a limo to get to our respective hotels. Yeah, we could have caught a cab. We should've, actually. But hey, it's Vegas.

I found out my roommates at Circus Circus wouldn't be in town for quite a while, so I spent most of Thursday dragging everything around with me.

I dropped by a few of Thursday's talks, but didn't stay through any of them. Lee Kushner was giving a similar "Infosec career" talk to the one I heard last year, the Intro to lockpicking was just that: an intro, and the talk on FPGAs was half-way finished and over my head by the time I got to it. The Apple TV talk/demo seemed like it would be interesting... if you have an Apple TV. I don't have one, nor do I even intend to. DefCon 101 and Defense? After attending DefCon for 11 years off and on, I didn't feel compelled to check them out. Yes, I'm elitist like that.

Actually, I just wanted a place to set my bags down and veg and an excuse to do it without feeling like I'm wasting half a day worth of talks to check out. That meant that after I got the badges and swung through some of the talks, I spent most of my time in the Chillout room at the Riv, messing with people.

I had Evil Wifi up and running pretty much everywhere on Thursday and determined a few things:
1) 6x 1.2v/2650mAh NiMH batteries run the Fonera for well over 4 hours
2) La Fonera WILL overheat and lock up after an hour or so in a backpack
3) There are a lot of suckers at airports. Even at 5:00 AM at Kansas City International.
4) There are even more suckers at DefCon. I snarfed well over 1,000 Session IDs and cookies from more than 100 people at DefCon on Thursday alone. The wall of sheep has nothing on me.

Before: Jasager overheating in the backpack at McCarren International Airport.

After: Jasager lashed to the outside of the backpack so it can breathe.

I got accused of "DoSing the wireless" by a pair of perplexed kids who couldn't get onto their MySpace or something, but the fact was I had blacklisted the DefCon and DefConA network from Jasager, so they had tried joining something else. They were probably just angry at getting schooled. At no point did I re-use any of the session IDs, but it was fun to go back and look at the gigantic list of accounts I could've potentially laid to waste. This is DEFCON, folks. Wise up.

Thursday Night, several of us pooled our funds and rented a tandem-axle F650 Limo to get to Toxic BBQ. At the end of everything, the Limo worked out to $8 per person including the Chauffeur tip.

Just about the polar opposite from the stretch F650, I caught a ride back the Riv on the HackBus with a bunch of other people. This Relic was having a hard time getting moving with all of us on board, but it was a fun ride all the same, if a bit uncomfortable.

After Toxic BBQ, I hung out for a few hours talking to some folks. After Asmodian X landed, we geeked out with the badges for a bit, trying to figure out what all they were up to. I weeded through some of the source code to find some interesting tidbits, but they'd all been spoiled already, as I soon found out.

After a quick breakfast at Denny's (it was PACKED), Asmo and I split. I hit the Opening keynote with Joe Grand to learn a little bit more about the badges. Again, it was mostly a "this is why we had to issue paper badges to a bunch of you yesterday" apology session. He also disclosed that next year's badges will likely be using the same processor and development environment as he had to double-order parts this year. This year's badge featured an RGB LED and a microphone. It was cool sitting in the chillout room watching it pulsate to the music! Scroll down to the hardware hacking village section for information about inter-badge communication.
[Slides not online yet. Here's a link to Make:Online]

I stuck around for Schneier's Q&A session. Schneier can come off like a know-it-all a-hole sometimes, but he seemed to be quite personable at this session. When you're a polymath such as Schneier, I suppose you're allowed to hold court without too much social backlash, though. As I've been following Schneier's work for quite some time, I can say that the vast majority of the answers to his questions were basically torn from his prior writings. Funny, then, that so many people flooded the room to see his talk while being so clueless about where he stands on most of the issues.
[No slides presented. Go read Schneier On Security, as almost all his answers are there.]

The DefCon Security Jam panel was funny, mostly a Fail Rant by a few of the industry's more prominent characters. It was enjoyable for a few good laughs yet unremarkable. I don't have much more to say about it.
[No Slides Presented]

Jason Scott from textfiles.com (who STILL archives stuff HiR was writing 12 years ago!) talked about what it's like to be sued for more than two billion (with a B) dollars, and provided sound advice to those who find themselves on the business end of a real life lawsuit. He also differentiated between real lawsuits and silly settlement offers and mundane legal threats. His advice: Talk to your friends, don't be scared, get a lawyer (the EFF is your friend), and don't cave if you think the litigation is unfair.
[Slides Not Online Yet]

I tried to get into Johnny Long's talk, Three Point Oh. No slides were to be found, but judging from the Schedule, it was THE talk to see. Given Johnny's story, I'm really hoping the video for this one leaks out to the Internet somewhere. I caught part of "Stealing Profits From Stock Market Spammers" - I had the idea of trying to get the early jump on stock market pump-and-dumps, but since it's hard to tell when they started, it's even harder to tell when to dump them.
[Slides Not Online Yet]

On Friday, I noticed that the blue element in my RGB LED wasn't lighting up anymore. I decided to swing by the Hardware Hacking Village to see if anyone had an RGB LED for sale or some spare parts to hack the badge with. I'm glad I showed up when I did, because a crew of hardware hackers was there putting the finishing touches on the DefCon 17 Badge puzzle. In his badge presentation, Joe said that the different badge classes (Human, Speaker, Press, Vendor, Contest, Goon, and Uber) fit together to form a circular disc. From there, you can wire them up over I2C to network them together. With the default firmware, the LEDs will synchronize, which looks pretty cool.

This team gathered badges from volunteers (including a DefCon-supplied Uber for the center) and wired it up in front of a crowd of excited people, including Joe and DT. Talk about timing!

As far as the blue LED goes, Joe Grand told me my battery was dying and that Blue is always the first one to stop responding. I verified it by hooking up the badge to a CR123A I had in the hotel room. Blue came back. Battery life on the DC17 badge: totally lame. Maybe Parallel button cells next year?

Friday night, several of us took a trip across town to the iDefense event, 52 stories in the air offering a fantastic view of Las Vegas at dusk. By the time the open bar shut down, I'd had my fill of partying for the night. Asmo and I called it a night. Some kept partying until well into the morning. I didn't have it in me. I got some shots of Las Vegas from high up, though. I haven't had a view like this since DefCon 9 when we were staying at the Stratosphere. Wait. is that an In-and-Out down there?! NOM NOM NOM!

I saw Joe Grand talk about electronic parking meters (just like everyone else). This was somewhat of a derivative of his talk given at InfoSec World 2008, but more focused on one type of device. Methodologies used in hardware hacking were covered in a case-study fashion with some very useful information presented in an entertaining fashion. Definitely check out the link below.
[slides and info]

Being a guy who is interested in emergency preparation, I headed over to see Renderman talk about Hackers and Disasters and Personal Survival Preparedness. Unfortunately, both of them were not what I was expecting. Renderman's a great guy, but the talk was too general and diluted. Personal survival preparedness felt like an intro crash-course to situational awareness, once the speaker's computer problems got sorted out. I left early to hit the skyboxes.
[You don't need to see the slides]

In skybox 207/208, video from Track 1 was being fed into the monitors. This let me catch the last part of the RFID Mythbusting track (wish I could have caught the whole thing!) and then I watched Adam Savage talk about how Failure affects all of us, how we can embrace failure, how to spot it coming and how to mitigate it before it ruins projects. Adam's a great speaker and seemed to be really enjoying the crowd's energy. It has me wondering if he wasn't disguised, lurking among us prior to his talk.
[Adam needs no slides. Adam needs to present at TED sometime.]

I snagged a not-so-quick Chipotle burrito with Chris from Securabit, then enjoyed watching Ricky Lawshae's talk on using TCP/IP sequence prediction to launch replay attacks against electronic prox-card door locks. You need to see the video for this one.
[Slides aren't online yet. Wired Article]

Easily the most entertaining presentation of the weekend for me was Sniffing Keystrokes with Voltmeters and Lasers. While voltmeters won't work (you really need a good O-scope), the attacks presented hold merit. One relies on data-to-ground leakage and unique clock frequencies in PS/2 Keyboards that allows you to compare electrical ground to true earth ground. This often discloses keyboard scancodes, but doesn't work on USB keyboards. The other method is a derivative of using lasers and photo-diodes for remote audio surveillance. This builds onto other work on statistical analysis of letter frequency, since each key will make a somewhat unique and repeatable sound when pressed (supposedly), they liken the analysis to a wheel of fortune puzzle.
[Slides from a similar presentation at a different convention] (pdf)

I helped set up for the podcaster's meetup after that, and then sat through the broadcast and Q&A Session. That was, as usual, a great time where I got to catch up with a few SecurityTwits.

Afrer that, the i-Hacked/PaulDotCom party took over and DOMINATED. i-Hacked set up a Liquid Sky display (oddly enough, an inch off the ground, give or take, not up in the air, which was a prismatic line-level green laser combined with a fog machine. The end result was a green, eerie swirling plane just off the floor.

Ulysses got a mohawk at the party next door.

I'm not sure how Mick Douglass ended up piloting the Hacker News Network news wagon.

I headed over to the Fireside lounge well after midnight to check out the event being put on by HiR's premiere sponsor, Edgeos. I finally caught up with Jay Jacobson (Founder/CEO) and enjoyed a few drinks on the house while chatting it up with a few of Edgeos' other employees. I've got a lot more information about Edgeos for you coming this month. Yes, it's powered by Nessus (and some other slick software) but they've done a great job with the UI, internal scanning engine and private label branding features. I'll stop there and show you some cool stuff in the coming weeks.

I didn't sleep Saturday night at all. A good chunk of my fellow Kansas City hackers were lounging at Kady's after throwing a successfully epic bash, so I kicked it with them and enjoyed a few cups of coffee. At about 4:30, I took off to the airport and made my way homeward.

Landing at DEN

I spotted a FED on my way home.

blog comments powered by Disqus