Shmoocon 2016 Jan. 15, 2016 to Jan. 17, 2016, washington,usa

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Keynote Neil Gershenfeld Prof. Neil Gershenfeld is the Director of MIT’s Center for Bits and Atoms. His unique ...
Closing Plenary: Information Security Programs in Academia Greg Conti , Matt Blaze , Rick Forno , Jeff Foster As information security grows nearly exponentially, it’s hard to remember back 15 years ago to ...
Users Are People Too: How to Make Your Tools Not Suck for Humans Gillian Brody As a technologist you craft systems that are reliable, scalable, and maintainable. As a security ...
Using the Algebraic Eraser to Secure Low-Power and Passive IoT Devices Derek Atkins The Algebraic Eraser (AE) is a Group Theoretic Public-Key Cryptosystem originally published in 2006 and ...
Crypto and Quantum and Post Quantum Jean-Philippe Aumasson This is an extension of my DEFCON 23 talk “Quantum computers vs computers security” where ...
Building an Encyclopedia of Malware Configs (to punch miscreants) Jon Bambenek According to VirusTotal, almost 500,000 unique malware samples are seen by them every day. That ...
Containing an Attack with Linux Containers and AppArmor/SELinux Jay Beale In the system hardening space, we’ve been using chroot jails to contain compromised programs. These ...
OSX Vulnerability Research and Why We Wrote Our Own Debugger Brandon Edwards , Tyler Bohan Although OSX has had a large gain in popularity, its underlying workings are still unknown ...
The Road to SYSTEM: Recycling Old Vulnerabilities for Unpatched Privilege Escalation and A New Network Attack Stephen Breen Microsoft Windows has a long history of outstanding security vulnerabilities that many of us in ...
AVLeak: Turning Antivirus Emulators Inside Out Alex Bulazel AVLeak is a tool for fingerprinting consumer antivirus emulators through automated black box testing. AVLeak ...
LostPass: Pixel-perfect LastPass Phishing Sean Cassidy LastPass holds all of your secrets. Its login prompts and alerts occur within the browser ...
No Easy Breach: Challenges and Lessons Learned from an Epic Investigation Matt Dunwoody , Nick Carr Every IR presents unique challenges. But–when an attacker uses PowerShell, WMI, Kerberos attacks, novel persistence ...
Software Security by the Numbers Chris Eng Every industry faces the challenge of securing software, so why do some industries “get it” ...
#thingswikfound #omarax: What is it, and why you may care? Jaime Filson #thingswikfound #omarax is a by-product of hunting for phishing and other badness on the internet. ...
Where Do the Phishers Live? Collecting Phishers’ Geographic Locations from Automated Honeypots Robbie Gallagher We’ve taken a novel approach to automating the determination of a phisher’s geographic location. With ...
Breaking Bulbs Briskly by Bogus Broadcasts Joseph Lorenzo Hall , Ben Ramsey Smart energy and building automation are powerful technologies with significant promise. Unfortunately, the global rush ...
Making Milware: An Interdisciplinary Tryst Trey Herr , Eric Armbrust How can political and computer science get together to make something beautiful? The pervasive development ...
Speak Security and Enter: Better Ways to Communicate with Non-Technical Users Jessy Irwin Every day, passionate security professionals encounter a common problem: after bringing a student or colleague ...
LTE Security and Protocol Exploits Roger Piqueras Jover The Long Term Evolution (LTE) is the newest standard being deployed globally for mobile communications. ...
Online, No One Knows You’re Dead Andrew Kalat Most hackers have a massive digital footprint: social media, servers at co-location sites, servers at ...
Reverse-Engineering Wireless SCADA Systems Karl Koscher Over the past few years, interest in ICS/SCADA systems security has grown immensely. However, most ...
This Message Will Self-Destruct in 10 Seconds: Avoiding Bilateral Enucleation 3alarmlampscooter Are you a Bond villain, whistle-blower, clandestine operative, secret courier, paranoid schizophrenic or generally sketchy ...
Political Pwnage: The Hacker’s Guide to Cybersecurity Policy Jen Ellis , Nick Leiserson In 2015, 74 bills containing the term “cybersecurity” were introduced in Congress; the Library of ...
Penetration Testing Custom TLS Stacks Alex Moneger With the ever growing number of attacks against SSL/TLS, quick turnaround time is required to ...
You Ain’t Seen Nothing Yet: New Paradigms for Policy, Regulation, and Community Engagement Greg Conti , Jeff ( Dark Tangent ) Moss , Vincenzo Iozzo , Mara Tam , Randy Wheeler ‘[E]very speaker, every writer, every practitioner in the field of cyber security who has wished ...
Ask the EFF Kurt Opsahl , Andrew Crocker , Bill Buddington , And Eva Galperin Get the latest information about how the law is racing to catch up with technological ...
Be Free, Little GuardBunny! Kristin Paget A few years ago I had cause to do some research into RFID “shielding” wallets, ...
Hiding from the Investigator: Understanding OS X and iOS Code Signing to Hide Data Joshua Pitts To hide data from a the forensic practitioner you need to exploit either a gap ...
Resistance is Futile: SDN Assimilating Our Networks Sarah Rees , Jonathan Medina In the age of an “Internet of Things,” centralized control over a wide variety of ...
Attack on Titans: A Survey of New Attacks Against Big Data and Machine Learning Rock Stevens , Andrew Ruef Big Data Analytics and Machine Learning are pervasive in the decision-making processes of major corporations ...
Exploiting Memory Corruption Vulnerabilities on the FreeRTOS Operating System Joel Sandin The platforms powering the growth of the Internet-of-Things include tried-and-true embedded Real-Time Operating Systems (RTOSes). ...
My Hash is My Passport: Understanding Web and Mobile Authentication David Schuetz The great thing about standards is there are so many to choose from. That’s especially ...
Hacking The Wireless World — Software Defined Radio Exploits Balint Seeber This presentation will explore how you can survey the wireless world of the radio spectrum ...
0wn the Con The shmoo Group For eleven years, we’ve chosen to stand up and share all the ins and outs ...
(P|G)Ohst Exploitation Carl Vincent This talk focuses on showcasing examples of the GO programming language being utilized to rapidly ...
Gatekeeper Exposed Patrick Wardle Gatekeeper is an anti-malware feature baked directly into OS X. Its single goal is to ...
Compressed Context Based Analytic Results for Use in Computer Vision System for Network Defense Rob Weiss , John Eberhardt John & Rob have been developing interesting ideas in how to present large analytic results ...