Wednesday, February 18, 2009

Shmoocon Roundup

Shmoocon has to be my favorite computer security conference. Everyone's actually happy smart and nice which is amazing. As far as the content goes, you see a lot of work in progress, and initial findings which is a plus. Many of these talks will probably be polished up and the final product displayed in August when Defcon rolls around, but here you can get a rough snapshot of where the security community will be going in the next 6 months or so.

Then there's the Shmoo staff who as one person put it, is the only hacker group nobody hates, which says a lot. They really do their best to make the conference accessible, and ensure the conference helps the security community as a whole.

As far as the talks go, here is my take on the ones that stood out

Building an All-Channel Bluetooth Monitor by Michael Ossmann and Dominic Spill
  • This was the rockstar talk in my opinion. I've done a lot of wireless security, and the lack of tools to audit bluetooth has always worried me. Not currently exploitable, and secure are two different things. My worry is that someone will come out with an exploit against bluetooth and there is going to be trauma when it happens, (or worse yet we won't have the ability to effectively audit or protect against it). This research, (done by the good guys), is helpful since hopefully it will allow us to discover and fix the vulnerabilities before malicious attackers do. Furthermore, I'm playing around with GNU software defined radio right now so this talk was a double dose of amazing.
  • I was really impressed by their research, and their willingness to try live demos as well.

Automated Mapping of Large Binary Objects by Greg Conti, Ben Sangster and Roy Ragsdale

  • We really need this to help speed up the initial analysis phase of forensics investigations. By quickly identifying files of interest regardless of the file extensions or file headers, this will have a huge impact on the time it takes to analyze a hard drive.
  • From the talk it looks like the tool still falls pretty much into the proof of concept phase, but I downloaded it and look forward to playing with it. Hopefully I'm wrong about the tool's maturity, but even if I'm not this is certainly something I would like to see maintained and improved.
  • They also have a network visualization tool on their website, rumint which looks promising as well.

Building Wireless Sensor Hardware and Software by Travis Goodspeed and Joshua Gourneau

  • I watched this talk after shmoocon via a video I purchased from media archives.
  • Good technical data, and one of their implementation, (belt buckle) lost one of the creators his virginity. That's quality applied research right there ;)
  • I'm glad I bought this talk since it is one of those that I'll probably need to watch two or three more times to feel like I have a handle of the different points they are making. The short roundup though is they provided a lot of DIY info on how to build your own wireless devices.

802.11 ObgYn or "Spread Your Spectrum" by Rick Farina

  • Two thirds of this talk were very good. I could have done without the part on wireless IDS's though
  • Part of it made me wince, because I've been in conversations before where people said that "We aren't using the 802.11 spectrum so we are secure".
  • I'm so happy I bought that Ubiquity wireless card a few years ago since the tools were designed for it. I'm looking forward to doing some new wardriving with it.

Storming the Ivy Tower: How to Hack Your Way into Academia by Sandy Clark

  • I was kind of annoyed by the focus on Ivy League universities. Yes, part of it is because I'm going to a state school myself, but it's also a class thing. I think people's accomplishments should be based on what they do, not where they are from.
  • I also wished that they had spent some time talking about the ethical issues of doing hacking research at college.
  • That being said, there was some good advice for all those people out there looking at getting back to college.

Sunday I didn't really see that much. I had my presentation in the morning and then spent most of the rest of the day hanging out and talking with other people. I can't recommend that enough as I made a lot of good contacts and got the chance to have detailed discussions with people who have a lot more applied knowledge than I do. I really wish I could clone myself as I was constantly balancing the desire to see the presentations, participate in the contests, and meet new people. In short, I had a great time. My only problem is that there's a lot of different tools and techniques I want to play around with now so there goes my free time...

No comments: