November 23rd, 2014


I finally (mostly) recovered from Toorcon. It was as always, a blast and very enlightening. I saw lots of great talks, including our very own Jason Spence. He gave a great talk on BIOS and Flash hacking, and how we need to be careful because it’s easier than you think it put a rootkit in your BIOS, and patent lawyers really do suck because they’re just hurting security by keeping needed datasheets and information hidden. Jason also got “front page” coverage on for his talk, along with Dan Kaminsky whose talk was entertaining and interesting like always (but mostly overlap from defcon: MD5 collisions, IDS evasion with temporal IP fragmentation, and more video over DNS, and some pretty moving pictures from his data from scanning the entire internet, =).

Also excellent was Major Malfunction with his talk about hacking IR (I briefly showed him IRpet and SurveySays, and he seemed mildly interested). Andrea Bittau presented a new WEP attack, which shows that you can basically (slowly and iteratively) decrypt any given packet, even without the wep key, and given enough traffic, you could participate in the network without even needing the wep key at all. He had some novel approaches to this and other problems.

Microsoft hosted a big party there, which I thought was pretty funny, but it sounds like they behaved themselves pretty well, =).

So, tons of fun, loads of interesting and smart people, and if you didn’t go this year, reserve a spot for next year, I hope to see you there, =).

Leave a Response

Imhotep theme designed by Chris Lin. Proudly powered by Wordpress.
XHTML | CSS | RSS | Comments RSS