a hollow, decrepit shell of its former self.. ... oh the 0ld days, ;) "We'd appreciate some more ethics." - GOBBLES - https://www.youtube.com/watch?v=DAJSxOzrD1g [ GOBBLES Security - still disappointed in 2014 ... ] ---- regarding the current line up: https://defcon.org/html/defcon-22/dc-22-speakers.html "Detecting Bluetooth Surveillance Systems" - what about RFID? "Dropping Docs on Darknets: How People Got Caught" - see also, EPICFAIL "How to Disclose an Exploit Without Getting in Trouble" - if you thought ice cream had many flavors, welcome to the brave new world of 'responsible disclosure'! "NSA Playset: PCIe" - the lack of any VT-d mention makes for mediocre. TAO tools better include a VM breakout and uCode errata exploitation. (spoiler alert - i don't think this is actually dropping NSA exploits) "The Monkey in the Middle: A pentesters guide to playing in traffic" - this middle perspective, however, is absolutely a tailored favorite. a gift that keeps on giving... "Investigating PowerShell Attacks" - this is now pointless, what with pass the hash dead. IT'S ALL OVER, JUST GO HOME. *sobbing* [c.f. http://www.harmj0y.net/blog/penetesting/pass-the-hash-is-dead-long-live-pass... ] "Screw Becoming A Pentester - When I Grow Up I Want To Be A Bug Bounty Hunter!" - one step further to enlightenment. the industry that should not exist; better yet to become build engineer or test automationer or devops devotee and build security in at unsexy day jobs for not fame and not riches. #hashtagInfosuckprotipyolo "In the forest of knowledge with 1o57" - nothing to say here other than i'm selling 1o57's uber badge for bitcoin to highest bidder. come find me :P~ "RF Penetration Testing, Your Air Stinks" - my discriminator for a delicious sw defined deployment: a) new grc blocks or custom sdr pipeline? b) wideband and full duplex? c) opportunistic and ad-hoc capabilities? - if you answered no to any of the following please try again, with more harder! [c.f. http://www.pervices.com/buy-crimson/ dual 10GigE, 100kHz – 6GHz, <= 800MHz bandwidth, 4 x (16 bit, 370 MSPS ADCs), 2 x (quad channel, 16 bit, 2500 MSPS DAC), 10MHz, 10ppb, reference OCXO] P.P.S. if you want do your own training on "WB Quad System" without travel to FVEY facilities this is how ;) "Panel - Diversity in Information Security" - i was not invited to this panel. credibility lost. "Android Hacker Protection Level 0" - because more fingers in the dike is more fingers. "Blinding The Surveillance State" - i am soliciting donations for premium consulting expertise. i don't think Soghoian's free advice will be instrumental, but Cowboy Alexander has some sweet new shit (you get what you pay for? :) [ c.f. http://www.foreignpolicy.com/articles/2014/07/29/the_crypto_king_of_the_NSA_... ] "Summary of Attacks Against BIOS and Secure Boot" - aka, why to coreboot and kill AMT with fire. ok Intel chipsec peeps i got bones to pick SEE YOU IN VEGAS --- how about the talks you want so much but will never see? those billions for your discretion clearly benefiting profitability over pervasive security. best regards,