ToorCon Seattle Beta


I’m attending ToorCon Seattle Beta this weekend. Today was a single track made up of 20 minute talks. ToorCon is really best in breed when it comes to hacker conferences. Highlights follow:

Beetle, from the Shmoo, opened the conference with WiFight Club. Of course, by me mentioning that, you’re officially in WiFight Club. This will eventually become a competition that is summarized best with the phrase: “Faraday Cage Match”. He mentioned interesting projects like GNU Radio and others. I really want to see where this goes. It looks like a lot of fun.

Rodney Thayer’s talk on credit cards boiled down to this: everyone worries about internet security when doing online transactions, but that doesn’t really matter since the credit card company security policies are garbage.

Matt Peterson presented on Web 2.0 pr0n. Using 25 encode machines, 3 ripping machines and 1 150 disk SCSI DVD jukebox they can process 200 DVDs in 24 hours… which is all I can safely say on that topic.

Quinn Norton’s body hacking talk was surprisingly fascinating. I had known about her experience implanting rare earth magnets, but this talk was more about the societal issues. Like why are athletes allowed to get LASIK, but not use steroids.

RSnake showed off the Master Reconnaissance Tool aka Mr. T. It’s a demo of how much info a site can pull using JavaScript. This could be used to automatically pick intelligent attack vectors or targeted marketing. You can download it here.

Toby Kohlenberg presented the KB6 project. It’s goal is to create a vulnerability taxonomy so that it’s easier to see when a new vuln actually makes an old vuln more vicious. Hopefully it’ll be open sourced soon.

Dr. Raid talked about MySpace being used for botnet control. Unfortunately I wasn’t able to find anything out of the ordinary with a simple search.

|)ruid patched Asterisk so that he could do VoIP fuzzing with it (and other packet manipulations).

Dan Kaminsky showed a lot of pretty pictures (more than usual). He was able to do live autocorrelation on an MP3 stream. It easily shows patterns in music… and coincidentally breaks audio captchas.

David Maynor and Robert Graham presented on their data seepage idea. It was met with mixed reactions. Mostly a “you’re sniffing, so what?”

In the lightning round, Chris Abad ranted that Web 4.0 should have no idiot users; I’m not sure why he didn’t just go for the ideal case: no users. Felix Domke’s 5 minute talk about the Xbox 360 hack was the shining star in the bunch.

5 thoughts on “ToorCon Seattle Beta

  1. absolutely brilliant! toorcon sounds fuckin’ awesome – it’s a shame I don’t live in America and am unable to travel. I’d love to go to toorcon and defcon.

    hell, I’d even settle for videos of the talks.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.