| : blog | news | wiki |
July 4th, 2008
Shmoocon is this weekend! For anyone lucky or persistent enough to get tickets, we’ll see you there! It looks like there are some good presenters there. I’m looking forward to seeing Josh Wright’s new talk on PEAP: Pwned Extensible Authentication Protocol.
Videos for the HITB conference in Malaysia are now available online for free. There’s around 26 different talks that cover both days of the conference covering a range of topics including SCADA, web/ajax/database hacking, bluetooth, biometrics, protocol fuzzing, CCTV hacking and anti-forensics along with several others. I do like this trend of making conference materials (especially video) available online, and I hope it continues. Happy torrenting.
The CFP is now open for defcon. It officially closes June 15th, but getting a submission in early will help chances of being accepted since they pre-schedule a certain number of people before the deadline to encourage early submissions. The BlackHat USA conference during the same week in vegas is also having their CFP, though its deadline is May 1. Good luck submitters, 
.
Some of the MRL gang will be at Shmoocon in DC this weekend. Give us a shout if you’re in the area! I’d tell you to come by since it’s a great conference, but it’s been sold out for quite a while now. Check it out next year if you can, .
From all reports it sounds like the CCC conference in Berlin went very well this year with many great presentations. Those of us that were unable to attend are now lucky enough to see the videos that have already been posted online. It looks like many of them have made it to google video as well.
Also, following up on an earlier entry, Jeff Moss recently posted on a few mailing lists that the Black Hat US videos from 2006 are now available for download. It appears that the regular media page does not have it available, but if you subscribe to the RSS feeds you can get access to the iPod versions (video and audio).
For those interested in competing in the defcon robotics challenge, the new rules have been posted. It looks like the competition is similar to last year’s with some minor enhancements. The basic idea is to create a robotic gun that can take down small targets autonomously. Looks like fun, maybe I’ll slap together the airsoft gun and the servos I bought for last year’s competition, :). Any MRL people interested in helping out, let me know.
We have a couple conferences that we’ll be going to and also speaking at that are coming up over the next couple weeks. The first is Toorcon, and then the following week we have Security Opus. Both of which are very much worth attending (even if we weren’t speaking there, =), so you should come out and join us. Say “hi” if you’re around, we should have MRL stickers on hand. Here’s the schedule:
See you there!
I just noticed that the PhreakNIC video’s were online for the last couple years. I’ve never been, but it looks like there are at least a couple interesting talks going on this year. The conference will be held in Nashville, TN (Tennessee has hackers?) on October 20-22.
Pretty much anyone paying attention in the last few months has seen references to the wi-fi driver hacks that Johnny Cache and David Maynor have been talking about. Well, last weekend at BlackHat and Defcon they gave presentations on their work, which culimnated in showing a video of the attack taking place. This video is now online for your viewing pleasure. They didn’t really go into specific details about the attack during the presentations, but they did talk a bit about methodologies, and why they chose to investigate things are the driver level. They both wrote fuzzers at the wi-fi link layer, and both were able to find problems in the specific vendor implementations. They targeted a USB wi-fi device running on the mac (which caused quite a stink), and were able to get full access. Since this attack is on the driver/link layer, it bypasses any firewall or anti-virus setup, and allows direct access to the kernel/memory.
More defcon updates to follow — I’m still in recovery mode,
Kenshoto just announced the pre-qualification rounds for Capture the Flag at Defcon. Looks like it will be an all weekend event again (weekend of June 9th). MRL will put its hand into the ring as a first year team this year as 0×00ff00 seems to be mostly dissolved. Let me know if you’re interested in competing (reversers welcome, ;)).
0
0
0