SecBarbie’s talk picks of the week:
Black Hat
Wednesday 1:45pm – 3pm
Augustus 1 & 2
Barnaby Jack – Jackpotting Automated Teller Machines Redux!
Wednesday 3:15pm – 4:30pm
Roman
Dan Kaminsky – Black Ops Of Fundamental Defense: Web Edition
Wednesday 4:45pm – 6pm
Augustus 5 & 6
Fyodor – Mastering the Nmap Scripting Engine
Milano 5 – 8
Alex Hutton / Allison Miller – Ushering in the Post-GRC World: Applied Threat Modeling
Thursday 10am – 11am
Augustus 3 & 4
Chris Hoff – Cloudinomicon: Idepotent Infrastructure, Survivable Systems & Bringing Sexy Back to Information Centricity
Thursday 11:15am – 12:30pm
Roman
Cesar Cerrudo – Token Kidnapping’s Revenge
Forum 25
Lee Kushner, Mike Murray – Your Career = Your Business
Milano 5 – 8
Tiffany Rad – The DMCA & ACTA vs. Academic & Professional Research: How Misuse of this Intellectual Property Legislation Chills Research, Disclosure and Innovation
Thursday 3:15pm – 4:30pm
Milano 1 – 4
Samy Kamkar – How I met your girlfriend
Wednesday also has the Cloud Security Alliance Summit with some pretty amazing, insightful, and wicked cool folks such as:
Chris Hoff – Cloudersize Keynote
Josh Pennell – Hacking the Hypervisor 2010
Steve Riley – Security and compliance in the Amazon cloud
Security BSides – Las Vegas 2010
I can’t even begin to pick the Security BSides talks (special mention to the InfoSec Mentor Panel that I’ll be on Wednesday at 6pm) as I would whole-heartedly endorse all of them. Bravo to the talk selection guys! So, here is the BSides Schedule:
| TRACK 1
On The Keys |
TRACK 2
AFK |
||||
| 7/28/2010 | |||||
| 10:00 AM | David Rook | Injecting Simplicity not SQL | Daniel Molina | Top 10 Things IT is Doing to Enable CyberCrime | |
| 11:00 AM | Ryan Linn | Multi-Player MetaSploit | Will Gragido | Through the rabbit hole: An Expose of Darknets and the Onion Routed Underground | |
| 12:00 PM | Christopher E. Pogue | Sniper Forensics | Gene Kim | Mobilizing the PCI Resistance: Lessons Learned From Fighting Prior Wars (SOX-404) | |
| 01:00 PM | Chris Lytle,
Leigh Hollowell |
CCDC | Andrew Hay,
Chris Nickerson |
Building Bridges – Forcing Hackers and Business to Hug it Out | |
| 02:00 PM | Sean-Paul Correll,
Luis Corrons |
Catch That Butterfly: Stopping Mariposa in its Tracks and Revealing a Growing Underground Network of Amateur Hackers | Vik Phatak | ExploitHub: Arming the Pen Testers to Plug the Holes | |
| 03:00 PM | Dave Kennedy (Rel1K) | SET 0.6 release with special PHUKD Key | Paul Judge, David Maynor | The Dark side of Twitter, Measuring and Analyzing Malicious Activity on Twitter | |
| 04:00 PM | frank^2 | Fuck Tools, Do It yourself Jerk | Grecs | Infosec Communities for Career Success: Understanding, Participating, and Cooking One Up | |
| 05:00 PM | Jabra | Joseph Sokoly | Infosec Young and Restless | ||
| 06:00 PM | Jim MacLeod | Stupid IP Tables Tricks | INFOSEC Mentoring, Mentee-ing Panel | ||
| 7/29/2010 | |||||
| 10:00 AM | Jimmy Shah | Mobile Hackery | Josh Corman, Dennis Fisher, HD Moore, Jack Daniel | InfoSec Speed Debates | |
| 11:00 AM | Egyp7 | Beyond r57 | Chris Sumner | Social Network Special Ops | |
| 12:00 PM | HDM | Fun with VxWorks | Frank Breedijk, Ian Southam | The road to hell is paved with best practices | |
| 01:00 PM | Davi Ottenheimer | Keypad Bypass Hacks | Bruce Potter | How to Make Network Diagrams that Don’t Suck | |
| 02:00 PM | Zach Lanier | It Melts In Your Hand: An Overview of Security (Failures) In Mobile Applications | Eric Smith | Roman Profiles : The 6 Mistakes of | |
| 03:00 PM | Ray Kelly | A mechanics view of SQL injection | ValSmith | Social Engineering the CFP Process | |
| 04:00 PM | Moxie Marlinspike | How technology killed my heroes, and why they will never be born again | Chris Roberts | Planes, Trains and Automobiles: (OK, Cars and Buses) | |
| 05:00 PM | Jason Ross | Who Owns the Internet? AKA: Where did all that cyberspace go? | Andre Gironda | App Assessments Reloaded |
DefCon 18
Friday 1pm – 2pm
Track 4
Dennis Brown – How Hackers Won the Zombie Apocalypse
Friday 2pm – 3pm
Track 3
Jim Rennie, Eric Rachner – Search & Seizure & Golfballs
Friday 3pm – 3:30pm
Track 5
Righter Kunkel – Air Traffic Control Insecurity 2.0
Friday 4pm – 5pm
Track 4
Tottenkoph – An Introduction to Virtual Graffiti
Friday 5pm – 6pm
Track 2
Sumit Siddharth – Hacking Oracle from Web Apps
Friday 6pm – 6:20pm
Track 5
Marisa Fagan – Be A MENTOR!
Friday 9pm – ???pm
Track 1
Hacker Jeopardy!!!!!!! – Bring Booze!
Saturday 10am – 11am
Track 2
Jeremy Brown – Exploiting SCADA Systems
Saturday 10am – 11am
Track 4
Chris Paget – Extreme-range RFID Tracking
Saturday 11am – 12pm
Track 4
Barnaby Jack – Jackpotting Automated Teller Machines Redux!
Saturday 12pm – 1pm
Track 1
Nicholas Percoco, Christian Papathanasiou – “This is not the Droid you’re looking for..”
Saturday 1pm – 2pm
Track 1
frank^2 – Trolling Reverse-Engineers with Math: Ness…. It Hurts…
Saturday 3pm – 4pm
Track 2
James Arlen – SCADA and ICS for Security Experts: How to avoid Cyberduchery
Saturday 3pm – 4pm
Track 5
Garry Pejski – My Life as a Spyware Developer
Saturday 4pm – 5pm
Track 4
Jayson Street – Deceiving the Heavens to Cross the Sea: Using the 26 stratagems for Social Engineering
Saturday 5pm – 6pm
Track 4
Leigh Honeywell, follower – Physical Computing, Virtual Security: Adding the Arduino Microcontroller Development Environment to your security toolbox
Saturday 7pm – 9pm
Track 5
DefCon Security Jam III: Now in 3D?
Saturday 10pm – ??pm
Track 4
10,000 Cent Pyramid
Sunday 10am – 11am
Track 4
Mike Bailey – Web Services we just don’t need
Sunday 11am – 12pm
Track 2
Valsmith, Colin Ames, Anthony Lai – Balancing the Pwn Trade Deficit
Sunday 1pm – 2pm
Track 5
mc.fly, rvd, vyrus, no maam – ChaosVPN for Playing CTFs
Sunday 2pm – 3pm
Track 3
David Smith, Samuel Petreski – A new approach to forensic methodology – !!BUSTED!! Case Studies
Sunday 4pm – 5pm
Track 1
The Suggmeister – Social Networking Special Ops: Extending Data Visualization Tools for Faster Pwnage
Sunday 5pm – 6pm
Track 1
Justin Morehouse, Tony Flick – Getting Social with the Smart Grid
Sunday 6pm
CLOSING CEREMONIES!!!!!
Please reclaim all lost livers here!
If you are NOT going to be in the melt-your-face-off land of Las Vegas next week, you can follow all of the action and some of the parties via my live-conference feed on twitter.