Tag Archives: Defcon

Introducing MJ Power

After 5 years, I have finally added a contributing writer to the blog. MJ Power (aka Mike Morton) is a good friend and fellow founder of NTO. Mr. Power and I created NTOSpider together, with me leading up the vision and him being the real C++ master and architect. After 9 years of NTOSpider development Mr. Power is ready to lend some of his experience and thoughtfulness to this blog and its readers.

His initial posts for the next few weeks will be his summary of the talks he attended during B-Sides and Defcon, so stay tuned.

Blackhat/Defcon/B-Sides 2011

Blackhat: Already kicked off and there are a number of good talks this year. I recommend the picks from Veracode for those going to Blackhat. As usual its unlikely that I will be attending any talks at Blackhat because I have so many meetings throughout the day.

B-Sides: Last year I kept hearing about all the great discussions going on at the mansion, and was very bummed that I didnt get time over there.
This year I decided that NTO needed to help out in any way it could, so we are sponsoring breakfast and co-sponsoring lunch on Thursday. If your there, please say hi and toss your card in to win a cool prize. Given the size of the audience, everyone has reasonable odds of winning.
I am also planning to sit in on as many talks at B-Sides as possible. For Wednesday track 3 looks the most interesting and fun to me, with two exception, the first at 1:30 Davi’s talk looks a bit more interesting than the DDoS talk in Track 3, and then again at 2:30 when Rafal Los does his talk. On Thursday its more of a mix,

  • 10:30 – Track 1 – How to Get Fired After a Security Incident
  • 11:30 – Track 1 – Cyber Fast Track (how can you pass on Mudge?!)
  • 12:30 – Track 1 – Long Beard’s Guide to Exploit Dev (Track 2 close 2nd place)
  • 1:30 – Track 3 – Cultural Cues from High Risk Professions (curious title, possibly very interesting)
  • 2:30 – Track 2 – Hacking webapps is more fun when the end result is a shell! (of course Im going to pick a web app talk)
  • 3:30 – Track 2 – Better to burn out than to fade away? (have to pick the panel, but HD Moore in track 1 is close 2nd)
  • 4:30 – Track 1 – How to pass audits with non-compliant systems (Track 3 a close 2nd)

Defcon: As usual Defcon always has an interesting collection of talks, and there are plenty to look forward to. However, due to scheduling issues I have to leave on Friday night, so I wont be able to catch much of anything this year. The ones I would look for are:

  • Malware Freak Show 3: They’re pwning er’body out there! (Nicholas Percoco is always interesting)
  • Cellular Privacy: A Forensic Analysis of Android Network Traffic
  • Gone in 60 Minutes: Stealing Sensitive Data from Thousands of Systems Simultaneously with OpenDLP
  • Bulletproofing The Cloud: Are We Any Closer To Security?
  • Tracking the Trackers: How Our Browsing History Is Leaking into the Cloud
  • Don’t Fix It In Software
  • Hacking Google Chrome OS
  • “Whoever Fights Monsters…” Confronting Aaron Barr, Anonymous, and Ourselves
  • Are You In Yet? The CISO’s View of Pentesting
  • Web Application Analysis With Owasp Hatkit

If your in town, ping me on my cell (if you have it) or send me a msg on Twittier @mightyseek