In Pursuit of Mysteries

Defcon 16 CD and Event Updates

For anyone that wants to find the Defcon 16 CD of presentations, it is on popular bittorrent sites but can also be downloaded here as well.

Most of the talks are pretty close to what was presented. A number of presenters did update talks at the last minute (and said so) but I haven’t seen a central clearing house for finding the updated talks.

Google Video has various short videos on Defcon 16 available and I would expect more to show up over time since presentations from Defcon 15 can be found there as well.

I also noticed that TechWebTV has short interviews and bits from Black Hat 2008 online. An interview with the fellows from “Satan is on my Friends List” is one example.

On a related note, the 25th Chaos Communications Congress has put up its Call for Participation for the event this December finally. The named theme this year is “Nothing to Hide.” This event takes place from December 27 through the 30 in Berlin and I expect that I will be going to it still.

Digital SLR Camera for me?

A lot of “cheaper” digital SLR cameras have been coming into the market during the last year. I am interested in moving beyond the land of my little point and shoot Fujifilm Finepix camera for a “real” digital camera. Of course, I know sweet FA about photography so I’m going to have to actually learn the skills to operate such a camera if I get one.

Does anyone have any suggestions for a decent digital SLR camera in the cheaper range for the dedicate amateur or hobbyist? I’ve heard decent things about some of the new Canon “Digital Rebel” models.

Since I’m going to Egypt in October with R for our annual trip, I’d like to get something and practice a bit with it in the hope of taking some nicer pictures of the various tombs and temples while we’re there.

Within the realm of point and shoot still, I’ve heard good things about the Sigma DP1 14MP Digital Camera. I have read that it has issues with speed (slow to focus, slow to store shots) but has very high quality for a point and shoot camera. Of course, it costs almost as much as the Canon XSi DSLR camera. It is hard to say what makes the most sense for me and for the photos that I want to talk. Nice cameras cost a lot of money though.

Update: My friend, John Mueller, advises me to get one of the Canon’s. He has an older generation of the Digital Rebel and has quite liked it but wishes he had a 40D, which is a nearly $1,000 camera when I looked.

Enjoying Defcon and Black Hat

I have been in Las Vegas since this last Tuesday attending Black Hat and Defcon security conferences. As those familiar with these events know, Black Hat is the more industry or corporate event and Defcon is really a hacker convention. There is massive overlap in attendee and some duplication in talks but there are quite a few people who come for Defcon that don’t go to Black Hat. This may partially be because Black Hat costs over $1,000 to attend (thank you, Mozilla!) and Defcon costs a little over $100.

You can see the schedule for Defcon at their site and a lot of talks will have their slides posted either their or in the forum. We did lose one talk, schedule for today, on subway card hacking in Boston for the MBTA. The presenters received an injunction to stop them (which came after we all received CDs with the slides from all presentations) on Friday. You can read about this here and here.

I’ve attended a bunch of talks on phishing, social network exploitation (including Livejournal for my friends there…), and man in the middle attacks. I particularly enjoyed Jay Beale’s talk on his tool, The Middler, which streamlines doing man in the middle attacks. For those unfamiliar, man in the middle attacks are attacks where an attacker is between two parties intercepting communications between them without their knowledge. In a common case (which Beale’s tool covers), the man in the middle can be software that is intercepting all web traffic (by pretending to be your wifi access point, for example), replacing SSL certificates for sites with its own or, more easily, just logging all of your cleartext traffic. Since a lot of sites use secure communications for logging in, it may be difficult to get someone’s password but, on most sites, communication after that is in the clear. So, I might not be able to log into your Gmail or Livejournal account as you but I can read over your shoulder as you do all of your private entries or e-mail…

I also attended a couple of sessions to do with Tor, which is one of the anonymity tools of which I am a proponent, both in general and in various ways at Mozilla. I got to see Mike Perry again, who works on the Torbutton Firefox extension, and to meet Roger Dingledine, who is one of the main forces behind Tor and their former project manager. I spent a bit of time talking to both of them outside of sessions and it was nice to get more of a chance to chat and to meet Roger in the flesh.

One area that I attended talks on that I hadn’t expected is on Cable Modems. Like many people, I have a cable modem at home (it’s Comtastic, which means it basically sucks). Even though I spend a lot of time in tech circles, with hackers, and on blogs, I had somehow missed the fact that people have been hacking cable modems for the last six or so years (and that there was a book published on it two years ago). I attended a talk on anonymous Internet access through cable modem hacking. This is basically using a cable modem with modified firmware to be able to do things like have anonymous net access or to control the upload and download speeds available to it. I also attended a talk on packet sniffing cable modem networks. I knew it was theoretically possible but hadn’t really investigated the idea. It turns out that everyone within a particular subnet on a cable network is basically sharing data and that while encryption is part of the standard for these communications, it is optional and weak. So, all of your cable modem data is either being transmitted to everyone else in your local subnode (which can have something like 200 other installations in homes) in the clear or it is being done with encryption that can be brute forced. The speaker, Guy Martin, used a cheap tv tuner card (with coax input) to pull data from a test cable network and to show how you could use a normal packet sniffer to look at the data. Not rocket science, by any means, but something that bears some thought if you use a cable modem at home, as I do.

This morning, I attended a talk by Peter Berghammer on Open Source Warfare (OSW), which I have been interested in for a few years. This is the application of open source techniques and information sharing by military groups, especially insurgents, over the last few years. Think of the evolution of IEDs in Iraq and how various decentralized groups pass information and technology (or techniques) to each other around the world. John Robb was the first person whose work I read much of on this and he maintains a blog that is pretty well known, as well as having a book out on the topic. Berghammer’s talk was fairly brief but he, I, and a few others spent most of the next hour in one of the Q&A rooms discussing OSW in more detail, which I found very informative.

For more posts about Defcon in blogs, try this search. You can also read the high quality posts on Defcon over at the Threat Level blog.

I have a couple of more talks to see and then I’ll be catching my plane back to Oakland. The last couple weeks of mostly travel have kind of wiped me out and I’m ready to be home until Burning Man in a few weeks.

Update: Mike Conner and I attended a last minute talk that showed how certain people with large amounts of net access could do a man in the middle attack on chosen portions of the Internet. They also happened to explain how Youtube was taken offline briefly back in February.