[Joe Grand] is designing the Defcon badges for the third year in a row. Just like the previous years, they’ll be hosting a badge hacking contest. This time around though, they’re going to start leaking clues in advance. Earlier contests were often frustrating because of the specialized equipment needed to talk to the microcontroller. Hopefully this year it will be a lot more accesible. The specs for the badge have not been released yet, but after last year’s 95 LED scrolling marque, we can’t wait to see what this year will bring. [Joe] has posted info on the previous two badge designs and resulting contests.
Almost every security conference we’ve attended in the last year has uploaded videos from their speaker tracks. Explore the archives below, and you’re bound to find an interesting talk.
- Defcon 15, Las Vegas, NV
- ToorCon 9, San Diego, CA
- 24C3, Berlin, Germany
- ShmooCon 2008, Washington D.C.
- Notacon 5, Cleveland, OH
- LayerOne 2008, Pasadena, CA
The Last HOPE has just released a list of all the schedule talks at the conference. 97 different talks will be divided over three tracks during the course of the three day conference. It looks like a lot of interesting events will be going down. The Cold Boot encryption attack tools will be released. Representatives from Graffiti Research Lab will be showing The Complete First Season and unveiling their One Laser Tag Per Child system. Virgil Griffith from WikiScanner will be mining even deeper into the wretched hive of scum and villainy. Karsten Nohl will present why hardware obfuscation is an impossibility and how they defeated the MiFare crypto. The Last HOPE will be in New York City July 18-20, 2008
Lots of con news is coming in these days so lets do a quick roundup of upcoming events:
June 13-15, 2008
The Last HOPE
July 18-20, 2008
New York City
August 8-10, 2008
The DEFCON team also released the first batch of speakers for this year’s convention. Qualification starts tonight at 10PM EST for the capture the flag (CTF) contest so be sure to get registered. Check the txt for more information. We recently talked about the beverage cooling contraption contest, but you can find many other contests on the forums.
The second ToorCon Seattle got off to a quick start last Friday with a round of Lightning Talks at the Public Nerd Area. Each talk was limited to 5 minutes and covered a broad range of topics. Some talks were just supplying a chunk of information while others were a call to action for personal projects. Here are a few of the talks that we found interesting.
We’re headed to Cleveland at the end of the week (we’ve heard rumors it rocks) and thought it would be good to list the events we’re planning on hitting in the next five months.
- Notacon / Blockparty April 4-6 Cleveland, OH – This will be a first for us, but we’re definitely excited, especially for the demoscene madness at Blockparty (like Trixter’s MONOTONE PC speaker tracker).
- ToorCon Seattle April 18-20 Seattle, WA – In its second year, this small gathering is sure to be a blast just like last year.
- The Last HOPE July 18-20 New York, NY – Our first HOPE and the last one ever.. since the hotel is being torn down.
- Black Hat US August 2-7 Las Vegas, NV – If anything gets released this year, it’ll be here.
- DefCon August 8-10 Las Vegas, NV – The first con we ever went to. It’s not the best con, but it’s always interesting.
- SIGGRAPH August 11-15 Los Angeles, CA – SIGGRAPH is where you need to be if you want to see cutting edge graphics and interaction projects. It’s a favorite of ours and a nice break from computer security.
Anything we’re missing?
UPDATE: Maker Faire May 3-4 San Mateo, CA – Can’t believe we forgot it. Thanks [pt]!
Now that the CCC is over, we finally dug ourselves out of a ginormous pile of cables (Kabelsalat ist gesund!) to bring you this round up post about the best stuff from the last two days of the con.
First up on day 10 was I See Airplanes!, Eric Blossom’s excellent speech on creating hardware for making homebrew radars and software using the GnuRadio project. He uses bistatic passive receivers in the 100 MHz range doing object detection using other peoples’ transmitters. The project has a lot yet to accomplish including the use of helical filters (if there are any antenna freaks reading this, contact Eric, he’s looking for a bit of help).
Next on the third day we attended Ilja van Sprundel‘s huge fuzzing extravaganza. Fuzzers generate bad data that is designed to look like good data and will hopefully break something in an interesting way. Our fav part? When the list of irc clients broken by his ircfuzz tool was so long he had to use 10pt font to get it all on one slide (see slide 53)! His paper can be found here and the slides here.
We then wandered to Harald Welte‘s talk on hacking the Motorola EZX series phones (which we’ve reported on here before). In case you forgot, the EZX series has a linux kernel. Incidentally the phone runs lots of stuff it really doesn’t need (like glibc, 6 threads for just sound processes, and even inetd). He presented the project for the first time in an official context since we saw him at 0Sec in October. Apparently lots of kinks have been worked out and there’s an official code source tree here.
The clincher for day 11 was FX and FtR of Phenoelit‘s semi-controversial talk on Blackberry security (covering both handheld devices and server based RIM products). This talk was a bit of a wake up call for RIM and thus the slides are still not available online so keep a sharp eye out for the video when it’s released by the CCC.