I’m attending ToorCon Seattle Beta this weekend. Today was a single track made up of 20 minute talks. ToorCon is really best in breed when it comes to hacker conferences. Highlights follow:
Beetle, from the Shmoo, opened the conference with WiFight Club. Of course, by me mentioning that, you’re officially in WiFight Club. This will eventually become a competition that is summarized best with the phrase: “Faraday Cage Match”. He mentioned interesting projects like GNU Radio and others. I really want to see where this goes. It looks like a lot of fun.
Rodney Thayer’s talk on credit cards boiled down to this: everyone worries about internet security when doing online transactions, but that doesn’t really matter since the credit card company security policies are garbage.
Matt Peterson presented on Web 2.0 pr0n. Using 25 encode machines, 3 ripping machines and 1 150 disk SCSI DVD jukebox they can process 200 DVDs in 24 hours… which is all I can safely say on that topic.
Quinn Norton’s body hacking talk was surprisingly fascinating. I had known about her experience implanting rare earth magnets, but this talk was more about the societal issues. Like why are athletes allowed to get LASIK, but not use steroids.
RSnake showed off the Master Reconnaissance Tool aka Mr. T. It’s a demo of how much info a site can pull using JavaScript. This could be used to automatically pick intelligent attack vectors or targeted marketing. You can download it here.
Toby Kohlenberg presented the KB6 project. It’s goal is to create a vulnerability taxonomy so that it’s easier to see when a new vuln actually makes an old vuln more vicious. Hopefully it’ll be open sourced soon.
Dr. Raid talked about MySpace being used for botnet control. Unfortunately I wasn’t able to find anything out of the ordinary with a simple search.
|)ruid patched Asterisk so that he could do VoIP fuzzing with it (and other packet manipulations).
Dan Kaminsky showed a lot of pretty pictures (more than usual). He was able to do live autocorrelation on an MP3 stream. It easily shows patterns in music… and coincidentally breaks audio captchas.
David Maynor and Robert Graham presented on their data seepage idea. It was met with mixed reactions. Mostly a “you’re sniffing, so what?”
In the lightning round, Chris Abad ranted that Web 4.0 should have no idiot users; I’m not sure why he didn’t just go for the ideal case: no users. Felix Domke’s 5 minute talk about the Xbox 360 hack was the shining star in the bunch.
absolutely brilliant! toorcon sounds fuckin’ awesome – it’s a shame I don’t live in America and am unable to travel. I’d love to go to toorcon and defcon.
hell, I’d even settle for videos of the talks.
I thought that said Wii Fight Club for a second. :) I was envisioning teams of people playing Wii boxing…
once i get my license i will start going to these things is this a yearly event?
ToorCon is every year in San Diego, usually in September. Seattle is an invite only event.
the wifight club looks like it can be really fun especially if you are in a college town. also i made this facebook group so it might be easier to find other members http://psu.facebook.com/group.php?gid=2352304052