We’re sitting in Chris and bunnie’s awesome silicon hacking workshop at ToorCon 9 right now. It’s going really great and we’ll be posting updates from the conference through the weekend. Let us know if the comments if your going to be here too.
We’ve been waiting with bated breath for our favorite hacker con, ToorCon, to post this year’s site. In the mean time, they’ve posted all of last years videos to Google Video. We had published a few of our own, but now you get to see the whole conference. After the break I’ve embedded one of my favorite talks from last year: Matt Fisher’s Everything About SQL Injection. It covers everything from the basics to some very clever attacks.
I’m attending ToorCon Seattle Beta this weekend. Today was a single track made up of 20 minute talks. ToorCon is really best in breed when it comes to hacker conferences. Highlights follow:
Beetle, from the Shmoo, opened the conference with WiFight Club. Of course, by me mentioning that, you’re officially in WiFight Club. This will eventually become a competition that is summarized best with the phrase: “Faraday Cage Match”. He mentioned interesting projects like GNU Radio and others. I really want to see where this goes. It looks like a lot of fun.
Rodney Thayer’s talk on credit cards boiled down to this: everyone worries about internet security when doing online transactions, but that doesn’t really matter since the credit card company security policies are garbage.
I promised that I’d follow up on some Toorcon stuff later this week, so here it is. I believe I was present for the first ever anonymous presentation at a con. I’ve been waiting for the presentation information to get posted on the TOR wiki, and today I finally found it. The presentation is from the TRON: HE FIGHTS FOR THE USER talk. The idea worked out very well. We could hear the presenter quite well the entire time The combination of TOR, VNC, and Ventrillo was unique. We were even able to ask the speaker questions at the end. The talk opens up some very interesting possibilities. Instead of being able to arrest someone before/after a talk, someone could present on a controversial issue with less fear of corporate/government fallout. Check out the wiki page for more information.
Eliot and I caught Scott Moulton’s talk on Hacking Hard Drives for Data Recovery. You can catch his slides here – but most of the content was in the talk. It was a great walk through of hard drive technology. Some interesting points: 85% of the time, software recovery is successful. 10% of the time, replacing the controller board succeeds. So, 95% of the time you can probably recover your data fairly easily.
Scott showed off a peltier enhanced drive sled for keeping a drive cooled for optimal operation/recovery conditions. He even got into replacing drive heads. If you’ve ever gutted a drive, you’ll know how fragile those heads are. You can actually fold a postit note to keep the heads apart and tranfer an arm with heads from a donor drive to get your drive working again. The difficulty of the operations seem to increase exponentially as the number of platters increases.
I made it to the nostalgia panel on saturday night. It was pretty amusing. Captain Crunch joined the panel along with Dan, dnm, grey and Damon. It was a bit of a popcorn affair puncuated by ascii art(pr0n), and assembly code. Captain Crunch was great. I know he was at Defcon, but I’ve been out of the cons for a while, so it was my first chance to hear him. He talked about how he got into phreaking, his first blue box and the blind kids that inspired his phone line adventures. (Today he’s got a $10 home phone line with an asterix box combined with voipstunt connection that gives him free calls legally.) A couple highlights from Captain Crunch: He wrote a little program and left it for Woz . The next day Steve was really ticked off at him. Woz used his program to set the apple phone board to call Jobs house over and over again. He scored the CIA crisis number that seemed to get Nixon on the line. He traded it and the group that he gave it to called up ‘Olympus’ and reported that they were out of toilet paper. Damon pulled out an apple scripted apple ][e emulator.