Defcon XVI Overview
Saturday, August 16, 2008
Last year was my first year at Defcon so I was sucking up as much information as possible but generally I just went to the talks and then back to the room to play with the things that I had learned. I didn't get into the social scene very much.
This year I still attended a ton of the talks but instead of taking time to go back to the room and play, my friends and I made more of an effort to get into the Defcon social scene.
Overall Experience
Just like last year I had a blast but I think even more this year because of some of the people we met. I've seen some posts complaining about the situation at Defcon about how it was too crowded and they missed some talks because of this. It sounds to me like a lot of people have gone to things like Microsoft Events where you stand around some muffins and coffee and then sit through 2 hours of talks.Defcon hacks the conservative convention idea and takes into account the amount of hackers that have ADD.They offer 5 tracks of talks at the same time, lock picking training, wireless village, general hang outs, and more. Then when the talks are all done, there are parties all over the city. It's not cup of coffee, stand in line, polite conversation kind of gathering but rather a red bull and vodka, bum rush, punch in the face cluster of people from all over world meeting to show solidarity in the hacker community. At least that's the my ideal perspective of what Defcon should be, it may be growing in a different direction.
List of talks I attended:
- Welcome by DT & Making the DEFCON 16 Badge with Joe "Kingpin" Grand
- Clinton Wong - Web Privacy & Flash Local Shared Objects.
- Roger Dingledine -Security and anonymity vulnerabilities in Tor: past, present, and future
- Robert Ricks -New Tool for SQL Injection with DNS Exfiltration.
- Magnus Bråding -Generic, Decentralized, Unstoppable Anonymity: The Phantom Protocol.
- Eric Schmiedl -Advanced Physical Attacks: Going Beyond Social Engineering and Dumpster Diving Or, Techniques of Industrial Espionage
- Fyodor -NMAP-Scanning the Internet.
- Matt Yoder-Death Envelope: Medieval Solution to a 21st Century Problem.
- John Fitzpatrick -Virtually Hacking.
- Nathan Evans -De-TOR-iorate Anonymity
- Movie Night With DT: Premiere of "Hackers Are People Too
- Cameron Hotchkies-Under the iHood.
- Jay Beale-Owning the Users with Agent in the Middle.
- Luciano Bello & Maximiliano Bertacchini-Predictable RNG in the Vulnerable Debian OpenSSL Package, the What and the How.
- Panel: All your Sploits (and Servers) are belong to us.
- Mike Perry-365-Day:Active https cookie hijacking.
- Tony Howlett-The death of Cash: The Loss of anonymity & other danger of the cash free society.
- Ryan Trost-Evade IDS/IPS Systems using Geospatial Threat Detection.
- Rick Hill-War Ballooning-Kismet Wireless "Eye in the Sky"
- Jay Beale-They're Hacking Our Clients! Introducing Free Client-side Intrustion Prevention.
- DAVIX Visualization Workshop
- Stealing the Internet
Tor
I've been following Tor for a while now so it was interesting to go to the two Tor specific talks – both about vulnerabilities in Tor. Roger Dingledine presented a general overview of past, present, and future vulnerabilities in the Tor network and Nathan Evans went over a specific vulnerability which allowed an attacker to find out all nodes in a circuit. Both talks were interesting and I'm going to go into much more detail in future blog entries.
Sidejacking Redux
Last year, the concept of sidejacking was in its infancy. Sidejacking or session hijacking is when an attacker uses a man in the middle to steal the current session of something a user is accessing. For instance, with this attack, an attacker could steal the cookies used to authenticate a person's gmail account which would grant the attacker access to Gmail and all other Google services for the amount of time that session was valid. This year Jay Beale of the company Intel Guardians released a tool called “The Middler” which automates this process and Mike Perry of Riverbed and the Tor Project pointed out a flaw in the way that some companies have tried to protect users from this exploit.
Since last year, services like Gmail have offered SSL encryption to protect from this attack but they didn't force users to use SSL which lead to Mike Perry's talk. He pointed out an attack on a Gmail where even though the user was using an SSL connection, the cookie could be transmitted in clear text allowing a session hijack. This was done by doing a MITM attack, using a tool to check which online service the user was using, inject a piece of html that pointed to the non-SSL encrypted version of that online service and then perform a session hijack after reading in the credentials. He even pointed out a simple fix that he has told Gmail and Yahoo about where you can set a bit in the cookie to only transmit in SSL.
War-Ballooning
One of the most fun talks that I attended was Rick Hill's War-Ballooning demonstration. They were planning on doing a live demo from the roof of the Riveria but at the last minute, some authorities decided to stop them. War-Ballooning was a development of last years idea of War-Rocketing which shot a rocket in the air and then searched for wireless signals while it parachuted to the ground. This year they took a professional balloon that was used by photographers for shooting aerial shots, attached a cooler filled with various wireless gear, and configured a orbital webcam that controlled which direction the yagi antenna was pointing. So they gave a video of the demonstration which was recorded the day before in a park five miles out of town. For added drama, they used Kismet's feature to read wireless networks out loud as it found them. They had the balloon up for ten minutes and found over 300 wireless signals as it broadcast a 7 mile radius. 30% of those were unsecured.
Hackers Are People Too - Ashley Schwartau
And how could I forget to add something about my acting debut in the documentary Hackers Are People Too which was premiered at Defcon XVI. Well ok, maybe I was on the screen for less than 2 seconds and I wasn't quoted as saying anything but hey, to be in a hacker documentary was really cool. Ashley even recognized me when I came up to her vendor booth. But enough of my vanity, the documentary was so cool and people really should pick it up to show to their friends and family and get the scarey idea of what hackers are out of their heads.
External Links
http://www.hackersarepeopletoo.com - link to the Hackers Are People Too official website (BUY BUY BUY!!!)
http://fscked.org/ - Mike Perry's website
http://www.defcon.org-Defcon
http://www.intelguardians.com/ - Intel Guardians will soon be releasing "The Middler"
sLabels: Ashley Schwartau, Defcon, Defcon 16, Defcon XVI, GMail, hackers, Hackers Are People Too, Intel Guardians, Mike Perry, Roger Dingledine, session hijacking, side jacking, Tor, war driving
Last year was my first year at Defcon so I was sucking up as much information as possible but generally I just went to the talks and then back to the room to play with the things that I had learned. I didn't get into the social scene very much.
This year I still attended a ton of the talks but instead of taking time to go back to the room and play, my friends and I made more of an effort to get into the Defcon social scene.
Overall Experience
Just like last year I had a blast but I think even more this year because of some of the people we met. I've seen some posts complaining about the situation at Defcon about how it was too crowded and they missed some talks because of this. It sounds to me like a lot of people have gone to things like Microsoft Events where you stand around some muffins and coffee and then sit through 2 hours of talks.Defcon hacks the conservative convention idea and takes into account the amount of hackers that have ADD.They offer 5 tracks of talks at the same time, lock picking training, wireless village, general hang outs, and more. Then when the talks are all done, there are parties all over the city. It's not cup of coffee, stand in line, polite conversation kind of gathering but rather a red bull and vodka, bum rush, punch in the face cluster of people from all over world meeting to show solidarity in the hacker community. At least that's the my ideal perspective of what Defcon should be, it may be growing in a different direction.
List of talks I attended:
- Welcome by DT & Making the DEFCON 16 Badge with Joe "Kingpin" Grand
- Clinton Wong - Web Privacy & Flash Local Shared Objects.
- Roger Dingledine -Security and anonymity vulnerabilities in Tor: past, present, and future
- Robert Ricks -New Tool for SQL Injection with DNS Exfiltration.
- Magnus Bråding -Generic, Decentralized, Unstoppable Anonymity: The Phantom Protocol.
- Eric Schmiedl -Advanced Physical Attacks: Going Beyond Social Engineering and Dumpster Diving Or, Techniques of Industrial Espionage
- Fyodor -NMAP-Scanning the Internet.
- Matt Yoder-Death Envelope: Medieval Solution to a 21st Century Problem.
- John Fitzpatrick -Virtually Hacking.
- Nathan Evans -De-TOR-iorate Anonymity
- Movie Night With DT: Premiere of "Hackers Are People Too
- Cameron Hotchkies-Under the iHood.
- Jay Beale-Owning the Users with Agent in the Middle.
- Luciano Bello & Maximiliano Bertacchini-Predictable RNG in the Vulnerable Debian OpenSSL Package, the What and the How.
- Panel: All your Sploits (and Servers) are belong to us.
- Mike Perry-365-Day:Active https cookie hijacking.
- Tony Howlett-The death of Cash: The Loss of anonymity & other danger of the cash free society.
- Ryan Trost-Evade IDS/IPS Systems using Geospatial Threat Detection.
- Rick Hill-War Ballooning-Kismet Wireless "Eye in the Sky"
- Jay Beale-They're Hacking Our Clients! Introducing Free Client-side Intrustion Prevention.
- DAVIX Visualization Workshop
- Stealing the Internet
Tor
I've been following Tor for a while now so it was interesting to go to the two Tor specific talks – both about vulnerabilities in Tor. Roger Dingledine presented a general overview of past, present, and future vulnerabilities in the Tor network and Nathan Evans went over a specific vulnerability which allowed an attacker to find out all nodes in a circuit. Both talks were interesting and I'm going to go into much more detail in future blog entries.
Sidejacking Redux
Last year, the concept of sidejacking was in its infancy. Sidejacking or session hijacking is when an attacker uses a man in the middle to steal the current session of something a user is accessing. For instance, with this attack, an attacker could steal the cookies used to authenticate a person's gmail account which would grant the attacker access to Gmail and all other Google services for the amount of time that session was valid. This year Jay Beale of the company Intel Guardians released a tool called “The Middler” which automates this process and Mike Perry of Riverbed and the Tor Project pointed out a flaw in the way that some companies have tried to protect users from this exploit.
Since last year, services like Gmail have offered SSL encryption to protect from this attack but they didn't force users to use SSL which lead to Mike Perry's talk. He pointed out an attack on a Gmail where even though the user was using an SSL connection, the cookie could be transmitted in clear text allowing a session hijack. This was done by doing a MITM attack, using a tool to check which online service the user was using, inject a piece of html that pointed to the non-SSL encrypted version of that online service and then perform a session hijack after reading in the credentials. He even pointed out a simple fix that he has told Gmail and Yahoo about where you can set a bit in the cookie to only transmit in SSL.
War-Ballooning
One of the most fun talks that I attended was Rick Hill's War-Ballooning demonstration. They were planning on doing a live demo from the roof of the Riveria but at the last minute, some authorities decided to stop them. War-Ballooning was a development of last years idea of War-Rocketing which shot a rocket in the air and then searched for wireless signals while it parachuted to the ground. This year they took a professional balloon that was used by photographers for shooting aerial shots, attached a cooler filled with various wireless gear, and configured a orbital webcam that controlled which direction the yagi antenna was pointing. So they gave a video of the demonstration which was recorded the day before in a park five miles out of town. For added drama, they used Kismet's feature to read wireless networks out loud as it found them. They had the balloon up for ten minutes and found over 300 wireless signals as it broadcast a 7 mile radius. 30% of those were unsecured.
Hackers Are People Too - Ashley Schwartau
And how could I forget to add something about my acting debut in the documentary Hackers Are People Too which was premiered at Defcon XVI. Well ok, maybe I was on the screen for less than 2 seconds and I wasn't quoted as saying anything but hey, to be in a hacker documentary was really cool. Ashley even recognized me when I came up to her vendor booth. But enough of my vanity, the documentary was so cool and people really should pick it up to show to their friends and family and get the scarey idea of what hackers are out of their heads.External Links
http://www.hackersarepeopletoo.com - link to the Hackers Are People Too official website (BUY BUY BUY!!!)http://fscked.org/ - Mike Perry's website
http://www.defcon.org-Defcon
http://www.intelguardians.com/ - Intel Guardians will soon be releasing "The Middler"
s
Labels: Ashley Schwartau, Defcon, Defcon 16, Defcon XVI, GMail, hackers, Hackers Are People Too, Intel Guardians, Mike Perry, Roger Dingledine, session hijacking, side jacking, Tor, war driving