ToorCon Seattle Beta


I’m attending ToorCon Seattle Beta this weekend. Today was a single track made up of 20 minute talks. ToorCon is really best in breed when it comes to hacker conferences. Highlights follow:

Beetle, from the Shmoo, opened the conference with WiFight Club. Of course, by me mentioning that, you’re officially in WiFight Club. This will eventually become a competition that is summarized best with the phrase: “Faraday Cage Match”. He mentioned interesting projects like GNU Radio and others. I really want to see where this goes. It looks like a lot of fun.

Rodney Thayer’s talk on credit cards boiled down to this: everyone worries about internet security when doing online transactions, but that doesn’t really matter since the credit card company security policies are garbage.

Matt Peterson presented on Web 2.0 pr0n. Using 25 encode machines, 3 ripping machines and 1 150 disk SCSI DVD jukebox they can process 200 DVDs in 24 hours… which is all I can safely say on that topic.

Quinn Norton’s body hacking talk was surprisingly fascinating. I had known about her experience implanting rare earth magnets, but this talk was more about the societal issues. Like why are athletes allowed to get LASIK, but not use steroids.

RSnake showed off the Master Reconnaissance Tool aka Mr. T. It’s a demo of how much info a site can pull using JavaScript. This could be used to automatically pick intelligent attack vectors or targeted marketing. You can download it here.

Toby Kohlenberg presented the KB6 project. It’s goal is to create a vulnerability taxonomy so that it’s easier to see when a new vuln actually makes an old vuln more vicious. Hopefully it’ll be open sourced soon.

Dr. Raid talked about MySpace being used for botnet control. Unfortunately I wasn’t able to find anything out of the ordinary with a simple search.

|)ruid patched Asterisk so that he could do VoIP fuzzing with it (and other packet manipulations).

Dan Kaminsky showed a lot of pretty pictures (more than usual). He was able to do live autocorrelation on an MP3 stream. It easily shows patterns in music… and coincidentally breaks audio captchas.

David Maynor and Robert Graham presented on their data seepage idea. It was met with mixed reactions. Mostly a “you’re sniffing, so what?”

In the lightning round, Chris Abad ranted that Web 4.0 should have no idiot users; I’m not sure why he didn’t just go for the ideal case: no users. Felix Domke’s 5 minute talk about the Xbox 360 hack was the shining star in the bunch.

Comments

  1. Pedro says:

    absolutely brilliant! toorcon sounds fuckin’ awesome – it’s a shame I don’t live in America and am unable to travel. I’d love to go to toorcon and defcon.

    hell, I’d even settle for videos of the talks.

  2. Alan says:

    I thought that said Wii Fight Club for a second. :) I was envisioning teams of people playing Wii boxing…

  3. alex mccown says:

    once i get my license i will start going to these things is this a yearly event?

  4. Eliot says:

    ToorCon is every year in San Diego, usually in September. Seattle is an invite only event.

  5. bird603568 says:

    the wifight club looks like it can be really fun especially if you are in a college town. also i made this facebook group so it might be easier to find other members http://psu.facebook.com/group.php?gid=2352304052

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 91,338 other followers