#defcon
I should probably start backing up #DEFCON phone contacts I made. Probably going to be spinning up a new @nextcloud server for contacts, calendar, and stuff. Probably only going to locally host it at first on my #Start9 server on the @purism Librem Mini they sent me for a review, and see if I can connect it over @torproject to my homelab for now. I'll see eventually about possibly hosting it in clearnet down the road once I get #cloudflare tunnels figured out for myself #InfoSec #Cybersecurity
Man I really need to get a new #iphone because my 12 mini camera is no longer focusing, guess I will deal with that after my upcoming trip as I still have one more payment on the Pixel 7a I bought before #DEFCON with GrapheneOS. I am thinking of the plain iPhone 15 because it is the smallest, and apparently the least problematic.
I'll see about possibly repairing the camera so I still have a decent backup phone for travel.
#defcon Maintenance update: http://DEFCON.social will be down for some scheduled maintenance tonight between the hours of 8 and 10pm PDT. Thanks for your patience.
#DEFCON
A must read:
#Veilid: A secure #p2p network for apps that flips off the #surveillance economy
‘It’s like #Tor and #IPFS had sex and produced this thing’
"The system means there's no IP address, no tracking, no data collection..."
https://www.theregister.com/2023/08/12/veilid_privacy_data/
Today I took the time to look into the #Defcon 31 recordings. I was totally blew away by the talk from Cory Dotcrow about the #enshittificaton of the internet and how to fix it.
I already knew what enshittification is, but there are a lot of details that were new to me. For example, did you know it was once illegal to sell goods below their production cost? 🙀
Absolutely check it out: https://www.youtube.com/watch?v=q118B_QdP2k
Please welcome my friends in #cybersecurity to the #fediverse they’ll have an #introduction soon for #owlsec and more but I met @srhoe at #DEFCON recently and I met @jimididit through him as well.
They do offensive cybersecurity so please give them a warm welcome and consider a follow while they get comfortable with the #fediverse and #mastodon
#twittermigration #infosec #penetrationtesting #linux #kali
Update on my Future Badge:
Was able to scrounge up pcbs/components for 10 kits that will go to some indiegogo sponsors who didnt pickup @defcon.
I've ordered more pcbs/lanyards/components/etc but some delayed.
Looking at end Oct / begin Nov for ebay posts
#badgelife #defcon
Genuinely curious about this. I have heard from a few people that Summer Camp 2023 wasn't that good. Like, at all. Many people are talking about going next year, skipping the cons, and just having dinner with friends, or skipping Vegas entirely. Do others feel this way? Is this bitterness over a lack of an electronic badge, long lines, and overcrowded events in general? Or is this just old school hackers bitching? Inquiring minds want to know.
Spaß mit #Escape-#Sequenzen im #Terminal:
"DEF CON 31 - Terminally Owned - 60 Years of Escaping - David Leadbeater"
https://www.youtube.com/watch?v=Y4A7KMQEmfo
Ich wusste ja, dass Inband-Steuersequenzen übel sein können, aber dass es auch mit moderner Software immer noch so schlimm ist... 🙀
Tonight's #DEFCON movie is "To Live and Die in L.A." Music by Wang Chung! (T minus 1hr, 4min) https://www.rottentomatoes.com/m/to_live_and_die_in_la
For those who couldn't get a Sailor Moon badge at @defcon, we did another run and have some for sale on my eBay store (USA shipping only, sorry)
#badgelife #defcon
https://www.ebay.com/str/altbierdesigncache
For those who don't know about the Sailor Moon badge here are the details
https://sailormoon.altbier.us/
Funny and interesting talk. Sure as hell i was waiting whether the most loathed, scoffed at, tutted at („No gpu acceleration? How antiquated!“) terminal emulator was among those who can be tricked into executing arbitrary remote commands using #ansi escape code fuckery.
yes #xterm and no, apparently it can not. #terminal #shell #security #Defcon31 #defcon
https://www.youtube.com/watch?v=3T2Al3jdY38
https://www.yewtu.be/watch?v=3T2Al3jdY38
I haven't forgotten you! On a quick travel break and will be on again at 12PM PT on Sept 30th. Look out for popups! Twitch.tv/MissJackalope #defcon #jackalopearmy #hackers #infosec #dnb #cats #twitchstreamers
Cory Doctorow: An Audacious Plan to Halt the Internet's Ensh*ttification
Another fantastic talk from @pluralistic https://youtu.be/rimtaSgGz_4
#Enshittification #Defcon
They seem nice
(Watch my @defcon talk at https://www.youtube.com/watch?v=rimtaSgGz_4)
(support @eff at https://supporters.eff.org/donate/j)
#Apple #Defcon #TechnologicalSelfDetermination #Hatemail #enshittification
@kristinides Thats so cool. It sounds like a ton of fun. I would love to go to #defcon convention to check it out
what are your favorite #wazuh and #fail2ban guides?
setting up for a #defcon presentation at my local meetup.
I've already got a nice one for #vaultwarden https://github.com/dani-garcia/vaultwarden/wiki/Fail2Ban-Setup
and one for #mailu https://mailu.io/1.9/faq.html#do-you-support-fail2ban
Distroless and scratch container images are popular because they don't leave tools for the attackers (not even a shell). You can improve that with a read-only root filesystem, so any files pushed will be to a mount with noexec set.
But then this demo shows up explaining how you can attack it by writing to memory and executing that. Reverse shells and kubectl in distroless images.
https://youtu.be/poHirez8jk4
#docker #container #kubernetes #security #defcon
Expect your productivity to take another major hit courtesy of #DEFCON31. The music from Thursday and Friday is live on the #defcon Media Server! Help yrself to selections from the amazing DJs we hosted. But that’s not all - we’ve got video for those shows, too! Download now and you’ll also get the beautiful wall animation that everyone’s talking about. You get all this for the low, low price of we love you. Enjoy, shake your groove thing and pass it on.
just watched freshly uploaded #defcon talks and realized that i will never reach the same level :blobcatcry:
i had some researches in cyber security but almost all of them were either unsuccessful, unfinished or became rapidly outdated
and the ones that i’ve finished to some point successfully are just not interesting and nobody cares about them
@DropBear @Digital_Archivist @pluralistic Fresh, highly relevant talk from Doctorow at this year's #defcon
https://www.youtube.com/watch?v=rimtaSgGz_4
🔓 DEFCON 31 videos
https://www.youtube.com/@DEFCONConference/videos
@argv_minus_one I was thinking of @calyxos as I got great vibes from them at their vendor booth at #DEFCON
Since it's all online now, here are the resources for the "Second Breakfast" talk I gave at #defcon this year:
3. Recording (https://www.youtube.com/watch?v=v0fraChyonQ )
This is the longer version of the talk I gave at #blackhat, so there shouldn't be anything in that talk that wasn't in this one, except me wearing a suit.
Some day I might be confident enough not to wince a bit at seeing myself on video 😋
Nice surprise to find that Engadget posted a story about social engineering attacks today, referencing the lessons learned in the investigation of the "image spam" attack that made up part of my #Defcon presentation. These kinds of attacks can be incredibly devastating (as evidenced by #MGM) and very hard to discern.
These are pretty complicated investigations and, in my opinion, it would be nice to have people in elected office who are capable of tearing apart things like this to get to the root cause.
https://www.engadget.com/how-social-engineering-takes-advantage-of-your-kindness-170043531.html
#malware #socialengineering #spam #BVSD #SchoolBoard #Boulder
... Loading ...
View the premier of our recap video and the official BIC Village 2023 documentary on our channel :
https://www.youtube.com/@BlacksInCybersecurity
Thank you to our sponsors & partners Amazon Web Services (AWS), OpenVPN Inc., KC7 Foundation, Ford Foundation, CTF Room , Xcape, Inc. !
#BlacksInCyber #BIC_Village #BIC_CTF #CTFRoom #BlacksInCybersecurity #DEFCON31 #DEFCON #Xcape
... Loading ...
View the premier of our recap video and the official BIC Village 2023 documentary on our channel :
https://www.youtube.com/@BlacksInCybersecurity
Thank you to our sponsors & partners Amazon Web Services (AWS), OpenVPN Inc., KC7 Foundation, Ford Foundation, CTF Room , Xcape, Inc. !
#BlacksInCyber #BIC_Village #BIC_CTF #CTFRoom #BlacksInCybersecurity #DEFCON31 #DEFCON #Xcape
I've made a YouTube playlist of my favorite wifi, bluetooth and general RF hacking videos from DEFCON over the years. Very surreal to get to add my own talk to the list now.
https://www.youtube.com/playlist?list=PL-EJCU1MK719jHdGJ1hi68PK_LpB_DO53
Hey my #defcon talk is up. I wrote it a couple hours before I had to get on stage, so it's not too bad considering!
https://youtu.be/Vx0TPGutROo?si=vqFN4O2XG_f5A-Hf
Happy Friday! You can now watch the recording of my #Defcon talk about social engineering scams on Youtube.
It's that time of the year again - time to block off a weekend or two and watch videos from #defcon31 on #YouTube!
https://www.youtube.com/channel/UC6Om9kAkl32dWlDSNlDS9Iw
We've got all the main stage talks, a bunch of Village Stage talks, War Stories and the Policy series, all waiting to entertain and enlighten you. If this is somehow not enough, There's even more to choose from on media.defcon.org.
Please bingewatch responsibly, and pass it on.
Cory Doctorow gave a really good talk at Defcon about enshitification. Especially relevant in light of the recent Unity kerfluffle.
His diagnosis of the problem is spot on and compelling - toothless antitrust laws and the end-stages of capitalism where it becomes unprofitable to actually create value.
His proposed solution boils down to "the Democrats/EU/FTC will save us with better laws", at which point he deserves to be laughed off stage.
Regardless, it's worth your time to give it a watch.
#defcon's own @thedarktangent staying busy in the off season. #policy
https://cyberscoop.com/cisa-advisory-committee-recommendations/
Welp, I've set up what will (hopefully) be a long-term persistent veilid-server node, and now I eagerly await developers much better than me to create cool mobile apps that make use of this network. In the meantime, I'll be playing around with the python API.
Introduced recently at #defcon, it feels like this is a first glimpse into something that will become big and important for #privacy and human rights on the electronic frontier. #Veilid
If you’re a #defcongroups Point 0f Contact, keep your eyes open for a Roll Call email we sent out today. We’re updating the groups list and we would greatly appreciate your prompt participation. Thanks for all you do!
Curious as to what "post-quantum crypto" actually is? A panel at #defcon 's Crypto and Privacy village shared where we are in developing post-quantum cryptography, the concerns we have for the migration and its possible timeline, and how other technologies like MLS are being designed with PQC constraints in mind.
Let me know if there is anything I can make clearer!
#postquantum #cryptography #pqc
https://cendyne.dev/posts/2023-09-11-impact-of-pqc-on-cryptography-key-management.html
I'm so hype with all this BLE stuff:
DEF CON Safe Mode Wireless Village - FreqyXin - The Basics Of Breaking BLE v3
https://www.youtube.com/watch?v=X2ARyfjzxhY
thanks @nullagent to point this on your presentation. I could not find Freqy here to say thanks.
Many DJs didn't get to play their sets on the Sat Night of #DEFCON. I was one of those, so the next weekend I played my Saturday set on Twitch.
Here's the audio: https://mixcloud.com/djjackalope/miss-jackalope-def-con-31-is-cancelled-saturday-night-set/
Here is the video: https://youtube.com/watch?v=1fgx1ZvaznA
Twitch: twitch.tv/missjackalope
@defcon
@Defcon_Music
@DefconParrot
#defcon31 #Dc31 #jackalopearmy
#DEFCON #podcast #Russia #MikkoHypponen
Closing the circle on the 4 movies Humphrey Bogart and Lauren Bacall starred in together, this week's #defcon Movie Night selection is 'Key Largo'. Directed by the legendary John Huston, this 1948 film is set in a Florida Keys hotel, with our characters trapped together during a building storm. Join us in the movie-night-text channel of our Discord (discord.gg/defcon) at 8pm PDT September 9 to see how it all shakes out.
At #defcon31 #DARPA
announced a huge 2-year #AI #Cyberchallenge with the semis and finals hosted at good old #defcon. Over 18M in total prizes, access to cutting edge tech and a chance to help secure the open infrastructure we all rely on. If that sounds like your kind of fun, details are at http://aicyberchallenge.com
NBD, just got to march in a Labor Day parade in Louisville, CO because I am a candidate for local office. Got a chance to shake hands with my rockstar congressman Joe Neguse and thank Colorado's Secretary of State Jena Griswold for helping defend democracy in 2020 and beyond.
Pretty sure this was the first time any participant in the parade wore a #Defcon speaker badge!
All three fediverse lists for hacker groups/cons/bsides/spaces have been updated. If you know of any I missed, let me know 😺
📌Bsides & InfoSec Cons by Region
📌Hacker Meet-ups by Region
📌Hackerspaces by Region
#InfoSec #Hackerspace #Defcon #BSides #OWASP #CCC #2600 #CatSalad
Just finished watching the #Veilid intro presentation from #Defcon. Some highlights:
- Re: my questions about post-quantum cryptography and SNDL, there are two mitigating factors.
A) Veilid has tagged, upgradeable and migrateable cryptography. When today's algorithms are broken, they can swap out the encryption and nodes will use a read-1 write-2 strategy to migrate data incrementally.
B) data is broken into smallish chunks and distributed across nodes, so building up a meaningful
/1
Big Personal News: I have dropped off the #ballot #petition for my #SchoolBoard candidacy at school district HQ in #Boulder.
I finally figured out a great use for those vinyl bags they give out at #Defcon - they perfectly fit the legal-sized bundles.
I was required to obtain 50 signatures in order to qualify for the ballot. I received 104 signatures in total. I'm extremely grateful for the strong support I've received in Boulder County and across the district.
Once the signatures are validated, I will officially be a candidate!
Want to support me? Donate at https://BrandtForBVSD.co
The #defcon Show Special for #RFBitBanger, an #opensource #HF #QRP kit featuring the #scamp #digital mode and a class E amplifier design, has Sold Out.
Next stop is #qsotoday Academy on 9-10 September with a talk by team lead Dr. Daniel Marks. Event registration here https://www.qsotodayhamexpo.com/
Thank you to everyone supporting work like this at the non-profit ORI @OpenResearchIns
Poker tournaments at #Defcon? Awards ceremonies?
I care about section 702 and who is informing and shaping the conversation around it's renewal end of this year.
Matthew Guariglia reports about this in the deeplinks blog, but that's not the EFF I thought I knew...
What does this neglect to such a "big picture" issue mean?
Have we just given up on 702 reform? Is it foregone it will be renewed and EFF doesn't wanna look like we lost?
I look to EFF to lead.
#702 #FISA
DEF CON got Cancelled! My Saturday Night Pirate party set from DEF CON 31 is now up on Youtube: https://www.youtube.com/watch?v=1fgx1ZvaznA
@adrienne just want to add that here's the direct article from SNHD for anyone that doesn't want to browse the garbage NYPost website.
IMPORTANT NOTE for anyone who was at #DEFCON and stayed in the Caesar's Palace hotel OR the Orleans hotel -- there is a confirmed outbreak of Legionnaire's Disease. If you were there and, for instance, took any showers, you have potentially been exposed and you NEED TO GET CHECKED OUT if you are experiencing ANY symptoms. (Legionnaire's has a fairly low infection rate but a pretty high fatality rate! Early treatment is essential!) https://nypost.com/2023/08/27/las-vegas-hotels-caesar-palace-and-the-orleans-under-investigation-for-legionnaires-disease-cases/
@campuscodi So... Apparently I got a free exposure to Legionnaires' Disease along with my #DEFCON #COVID19 case. And both diseases have the exact same symptoms. Awesome. 🙄
Slides done, script done - recording the talk for #qsotoday academy about the #shortened #hf antenna work is next. I think I'm tardy in turning it in. 🙄
Voice still not totally recovered from running the #opensource #digital #radio exhibit at #defcon. So, I did not get very far into the 3300 words or so I got going on here before I had to quit for the night.
The script needs some additional editing to be a decent article. That attempt will begin after the recording is complete.
It's kind of crazy, we bought some servers last year when the November / December wave was hitting Mastodon signups.
Once things slowed there was no real need for any of it, we have been doing fine on our little server (16 core / 256Gig DDR4 2400MHz RAM).
But. The one thing we can do is split from this single server to two servers for more availability and less downtime for upgrades, like we have already done for our 30TB SSD block storage servers.
So we are working to finally get the new servers deployed sometime in October - no rush - we are aiming for after #FreeBSD 14 goes to Release.
In the end we will have way more capacity (We could scale to 100k+ users) but we may as well use what already own.
#MastoAdmin #DEFCON.social
Thank you to our staff, volunteers & members for an outstanding BIC Village @ DEF CON 31 !
@defcon
#BlacksInCyber #BIC_Village #BIC_CTF #CTFRoom #BlacksInCybersecurity #DEFCON31 #DEFCON #Xcape
Check out these #DEFCON31 snap shots 📸 from BIC Village 🌍 @defcon !
#BlacksInCyber #BIC_Village #BIC_CTF #CTFRoom #BlacksInCybersecurity #DEFCON31 #DEFCON #Xcape
Definitely will keep this in mind for my next stateside orders, likely for #HackerSummerCamp next year including #Toorcamp, #HOPE, and possibly #DefCon.
15 years ago a scheduled talk by some college kids on this subject did NOT happen at #defcon. This year some high school kids brought it back around with some new twists. Enjoy 'Boston Infinite Money Glitch: Hacking Transit Cards w/o Ending Up in Handcuffs', and pass it on.
Was wonderful speaking, training and just being at #DEFCON again! 🥰
Unfortunately the feeling didn’t last long! I just found out I was laid off due to cut backs. Devastated and looking for my next opportunity! 🫤
So now I’m a Hacker looking for work 😊
RTs appreciated 💜🤗💜
Fifty-one EFF supporters and friends played in the EFF Benefit Poker Tournament at #DEFCON. See how it all went down and who took home the grand prize. 🏆🫘🪙 https://www.eff.org/deeplinks/2023/08/eff-benefit-poker-tournament-def-con-31
#defcon31 update - the final versions of all the slide presentations from #defcon are posted up on our media server, awaiting your perusal in a brand new .rar. Get thee to http://media.defcon.org to kickstart your mental embiggening.
#DEFCON 31 is done, and hopefully everyone involved is fully recovered. Here are my experiences at the event, including my time at #AppSevVillage