DefCon2010
With DefCon2010 quickly approaching (I am driving to Vegas tmrw to start attending presentations), I wanted to outline some of the speeches I planned on seeing. If anyone has questions on the content presented in these speeches, I plan on taking extensive notes, and will gladly discuss any topic in the comments of this post. Here are some of the topics I plan on attending, and taking detailed notes on:
- Hacking The Future: Weaponizing The Next Generation
- Perspectives on Cyber Security and Cyber Warfare
- Cloud Computing, a Weapon of Mass Destruction?
- DNS Systemic Vulnerabilities and Risk Management: A Discussion
- How Hackers Won the Zombie Apocalypse
- Lord of the Bing: Taking Back Search Engine Hacking from Google and Bing
- Tales from the Crypto
- Exploiting WebSphere Application Server's JSP Engine
- Hacking Oracle From Web Apps
- Hacking and Protecting Oracle Database Vault
- Black Ops Of Fundamental Defense: Web Edition
- Live Fire Exercise: Baltic Cyber Shield 2010
- Exploiting SCADA Systems
- App Attack: Surviving the Mobile Application Explosion
- This Needs to be Fixed, and Other Jokes in Commit Statements
- Cyber[CrimeWar] Charting Dangerous Waters
- The Power of Chinese Security
- SCADA and ICS for Security Experts: How to Avoid Cyberdouchery
- The Night The Lights Went Out In Vegas: Demystifying Smartmeter Networks
- How to Hack Millions of Routers
- Hacking .Net Applications: A Dynamic Attack
- Cyberterrorism and the Security of the National Drinking Water Infrastructure
- Connection String Parameter Attacks
- An Examination of the Adequacy of the Laws Related to Cyber Warfare
- Industrial Cyber Security
- Browser Based Defenses
- Repelling the Wily Insider
- Seccubus - Analyzing vulnerability assessment data the easy way...
- Open Source Framework for Advanced Intrusion Detection Solutions
- You Spent All That Money And You Still Got Owned...
- Getting Social with the Smart Grid
- Securing MMOs: A Security Professional's View From the Inside
So that's the list of presentations I would really like to see, but I doubt I will make them all. Please ask questions on any presentation, or just ask questions in general. I am bringing an entire blank notebook, that I plan on filling by the time I leave.
You should be able to tell that my focus for this event is primarily on Internet security, security of key global infrastructure, security involving automated scripts, and in general preparing for the future of script kiddies, hacker 'teams', and botnets. I am not so much focusing on specific exploits (although I will detail many!), as I am focusing on the new emerging threats resulting from large scale botnets, cloud computing, and vital systems being moved online. We need to rethink the way we approach the Internet, what used to be dominated by the individual player is quickly becoming a team sport.