Shmoocon 2013 Feb. 15, 2013 to Feb. 17, 2013, Washington,USA

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Hackers get Schooled: Learning Lessons from Academia N/a "The contrast between the information security research performed in academia and that performed in the ... Security
Is Practical Information Sharing Possible? Sean Barnum , Ben Miller , Doug Wilson "Over the last few years, there has been an increased emphasis on sharing threat information ...
Beyond Nymwars: An Analysis Of The Online Identity Battleground Aestetix Originally inspired by getting suspended from Google Plus in the #nymwars fiasco, aestetix set out ... Security
Attacking Scada Wireless Systems For Fun And Profit - And Fixing Atlas of D00m Leased lines are recurring costs throughout the power grid. The bottom line demands the use ... Security
Wipe The Drive!!! - Techniques For Malware Persistence Mark Baggett , Jake Williams Let’s face it: sooner or later you will be owned. As a security professional, you ...
Page Fault Liberation Army Or Better Security Through Trapping Sergey Bratus , Julian Bangert x86 processors contain a surprising amount of built-in memory translation logic, which is driven by ...
Bright Shiny Things = Why We Need Intelligent Data Access Controls Mark Mcgovern , Bob Bigman , Craig Rosen , David Ferraiolo Establishing, monitoring and managing access control is a basic requirement for information security. Ultimately no ...
How To Own A Building: Exploiting the Physical World With Bacnet and the Bacnet Attack Framework Brad Bowers The integration of computer technology to monitor the inner works of large office buildings, factories ... Security
Crypto: You're Doing It Wrong Ron Bowes "As a group. the security industry has solved a lot of difficult problems. Firewalls do ... Security
PunkSPIDER: An Open Source, Scalable Distributed Fuzzing Project Targeting The Entire Internet Alejandro Caceres By combining the principles of offensive security and distributed computing we were able to build ... Security
Armor For Your Android Apps Roman Faynberg Our defensive security talk is primarily targeted towards Android developers. We will share "war stories" ... Security
Bringing The Sexy Back To...Defense In Depth Martin Fisher "“Defense In Depth” is considered by most to be a useless marketing trope that vendors ... Security
C10M – Defending the Internet At Scale Robert Graham A decade ago, engineers tackled the “c10k” scalability problems that prevented servers from handling more ... Security
Hacking As An Act Of War G. Mark Hardy Once the exclusive domain of a small number of geniuses, hacking has gone "mainstream" as ... Security
Malware Analysis: Collaboration, Automation & Training Richard Harman "Whether you're a novice or a professional at analyzing malicious code, you'll have a desire ... Security
Mastiff: Automated Static Analysis Framework Tyler Hudak "Malware analysis consists of two phases – static and dynamic analysis. Dynamic analysis, or analyzing ... Security
Openstack Security Brief Matt Joyce "This talk is a break down of security concerns relating to the OpenStack cloud software. ... Security
The Computer Fraud and Abuse Act: Swartz, Auernheimer, and Beyond Orin Kerr , Marcia Hoffmann "The Computer Fraud and Abuse Act is controversial for its broad reach and potential for ...
Running a CTF: Panel and Discussion on the Art of Hacker Gaming Branson Matheson , Jordan Wiens , Brett Thorson , Liam Randall , Tyler Nighswander "What makes a good Capture The Flag(CTF)? How hard is it to put one on? ...
Paparazzi Over IP Daniel Mende , Pascal Turbing Almost every recent higher class DSLR camera features multiple and complex access technologies. For example, ...
Apple iOS Certificate Tomfoolery Tim Medin "Mobile devices rely on many complex systems for security, reintroducing mistakes in implementation and design ... Security
Forensics - ExFat Bastardized for Cameras Scott Moulton In forensics there is a new file system called ExFat. Microsoft has made a deal ... Security
From "Shotgun Parsers" to Better Software Stacks Sergey Bratus , "meredith Patterson , Dan 'tq' Hirsh" Everyone agrees that aggressive input checking and validation of input-handling code are crucial to secure ...
Identity-Based Internet Protocol Network David Pisano "The Identity-Based Internet Protocol (IBIP) Network project is experimenting with a new enterprise oriented network ... Network IncludeThinkstScapes Defence IBIP
The Cloud - Storms On The Horizon Tyler Pitchford At its heart, the “cloud”, as it’s so lovingly referred to, is really just shorthand ... Security
NSM And More With Bro Network Monitor Liam Randall Bro is a stateful, protocol aware open source high speed network monitor with applications as ... Security
Generalized Single Packet Authorization For Cloud Computing Environments Michael Rash Cloud Computing environments such as those provided by Amazon and Google can be your passport ... Security
DIY: Using Trust To Secure Embedded Projects Teddy Reed , David Anthony This presentation and paper provides a DIY guide to using Trusted Computing on embedded devices. ...
Ka-Ching! How To Make Real Money Margaret Russell Emerging security technology –your technology—is overlooked, undersold, and underutilized partly because big customers often procure ... Security
How Smart Is Bluetooth Smart? Mike Ryan We are entering a golden age of affordable broad spectrum wireless sniffing. I will demonstrate ... Security
These Go to Eleven: When the Law Goes Too Far Michael ( theprez98 ) Schearer "Agents line up at a non-descript door which houses command and control servers for a ... Security
Protecting Sensitive Information on iOS Devices David Schuetz "We've seen the deep technical research showing what makes iOS devices secure (or sometimes not ... Security
Chopshop: Busting The Gh0St Wesley Shields , Murad Khan In incident response or intelligence gathering the question “what happened on the network” is commonplace. ...
0wn The Con The shmoo Group Join us as we go over the all the background details of planning ShmooCon. We’ll ... Security
Hide And Seek, Post-Exploitation Style Tim Tomes , TJ O'Connor Geo-location allows us to translate the virtual location of an object to its physical location ... Attack IncludeThinkstScapes Tool Geolocation
Moloch: A New And Free Way To Index Your Packet Capture Repository Eoin Miller , Andy Wick Moloch is a highly scalable and open source full packet capture system that has just ...
Mainframed: The Secrets Inside That Black Box Phil Young "The mainframe is not legacy, far from it. Not only is it not legacy, but ... Security