PhreakNIC 0x0b Schedule (Mostly confirmed)

Friday, October 19, 2007

Saturday, October 20, 2007

Kickoff

What the heck is this stuff in the schwag this year? Why are we worried about aliens this year? Didn't the prophet predict that next year is when we'll be foooooood? Learn the answer to all of these things at the kickoff to PN0x0b, where all of the P's and x's are silent.

RFID 2.0 - Kn1ghtl0rd and lowtek mystik

Last year's presentation was high level functionality and basic knowledge of what RFID is. The year they will present the low level technical specs on different communication types, the physics behind RFID reading and transmitting, and the actual circuitry of an RFID tag and what it takes to make them operate more consistently. The presentation will also cover actual tag data and coding schemes with standardization including EPC Gen 2 and other ISO standards such as PayPass RFID enabled credit cards. There will be reader/writer demonstrations as well as other proof of concept demonstrations.

ReactOS - Qui Gon Gene and PJ

This talk gives a brief overview and many kinks and quirks in the F/OSS implementation of the Microsoft Windows OS that is ReactOS. Join Qui Gon Gene and newcomer PJ in the fun as they discover what ReactOS is, what it can and cannot do, and why, despite being an extremely noble project, it isn't quite ready for primetime. Skill levels from n00b all the way to network and OS gods are welcome to attend.

Postal Experiments - CypherGhost

A review of the USPS entrails explained with strange things sent through the mail. What is the heaviest thing that you can send in a flat rate box? What happens if you mail a sphere? How do digital postage meters work? How modern automation allows you to send a letter 3000 miles for only 41 cents and what security vulnerabilities might exist in that infrastructure. How to postmark your own mail, how the new "PLANET" barcode will track all mail in the future. 100% legal, but sure to make the mailman wonder. Postal inspectors welcome.

Analyzing Intrusions and Intruders - Sean Bodmer

Intrustion analysis has been primarily reserved for network junkies and bit biters. However, due to the advances in network systems automation we now have time to pay more attention to the subtle observations left by attackers at the scene of the incident. Century old sciences have enabled criminal investigators the ability to attribute attacks to specific individuals or groups. Intrusion Analysis and Criminal Sciences can be combined to learn more about the cyber threats slipping into your systems. You will walk away from this talk with a better understanding of how to approach and intrusion and analyze more than just the minutia. I will attempt to convey processes and procedures that you can implement in your Security Program that supports a deeper approach to Intrusion Analysis and Attacker Characterization.

Designing and Responding to Targeted Network Attacks against the Enterprise - Presmike and Cygnus

Corporate and federal networks are under attack by increasingly sophisticated attackers employing information warfare tactics. Gone are the days of simple port scans or IIS worms. The target is no longer the network but its users and information. The goal has changed from destruction to passive control. These targeted attacks and their methods will become commonplace in the next five years. Currently, and for the near future, only advanced, threat aware, incident response teams are capable of prevention, discovery, and recovery from such attacks. We will discuss the application of information warfare techniques as they relate to attack design, defense and recovery.

The Magical Hacker Journey - Rick Dakan

Rick Dakan, the author of Geek Mafia and the forthcoming Geek Mafia: Mile Zero, will be discussing the creative process involved in writing books for and about the hacker community. This will be an interactive session, where audience members will be allowed to voice their comments and suggestions for future projects.

Why AJAX Makes the Baby Jesus Cry - Billy Hoffman

Billy has a tendency to break things. Not that this is a bad thing, but often times what he breaks are things that people have come to rely upon, like web applications, payment systems, and gravity. Find out whether or not Billy will one day have to tell his kids, "Daddy drinks because AJAX is so bad."

The Down and Dirty on the Security Industry - Bruce Potter

This presentation will poked everyone in the room squarely in the eyes. The goal of this talk is to call out all the 800 lb. gorillas in the security industry - the real issues that hound us everyday but are uncomfortable to talk about. Training, profiteering, cheating and even using Microsoft products will all be fair game. It should be noted that this talk has the same title as the talk that I presented at Defcon, but since this is PhreakNIC, I won't pull any punches. This will be a new talk with new information, because frankly, I can never rant about the same thing twice.

Stupid WiFi Tricks - Catonic

Wireless networks have been around for a few years, however the ways to extend, use and abuse them haven't changed too much. While not a completely new look at things, this presentation will touch on some previously undiscovered territory which should be of interest to any wireless security researcher, as well as discuss a few ideas on unusual uses of antennas and dishes, oddball antennas and just general wi-phun.

Introduction to Vulnerability Analysis - RedPantz

This presentation will cover the basics of vulnerability analysis. It will cover topics ranging from reading a public advisory, to analyzing binaries, and finally identifying the location of the problem. An overview of various tools used and how to use them in tracking down a bug will also be given.

An Introduction to Hardware Hacking - Obi Won Shinobi

People spend money every day on cool new gadgets. Sometimes these new toys take the place of things they already have. Sometimes that device has the same features as something you already have, but you simply didn't know it. Best of all, even new toys sometimes have hidden functions that we didn't even know about. People throw out what they consider worthless technology every day, or let it sit on a shelf collecting dust. There will be demonstrations of technology doing things that the manufacturer didn't think of, and possibly things that they hoped you would never think of, and how to unlock those hidden features.

Turn-Key Pen Test Labs - Thomas Wilhelm

Currently, those interested in learning how to professionally conduct Information System Penetration Tests have very little options available to them - they can either illegally attack Internet-connected systems, or create their own PenTest Lab. For those who prefer to avoid legal complications, they really only have the last option - a lab. However, this can be a very complicated and expensive alternative. In addition, scenarios have to be created that actually represent real-world scenarios; for a beginner this is a Catch-22 since they don't yet have the experience to even know what these scenarios might look like, let alone design them in a challenging way. In order to provide a simply way for both beginners and experts to improve their skills in Penetration Testing, I have designed what is, in effect, a Turn-Key Pen Test Lab using LiveCDs and minimal equipment requirements. The LiveCDs each represent different scenarios that mimic real-world systems and services, which provide essential challenges to improve critical skills in the field of Pen Testing.

Creativity and Hacker Culture: The Role of Local and Hyper-Local Interaction - Froggy

Hacker cons have been around for about 20 years. The concept of a con where people with similar interests can interact together has been around long before that in the areas of science fiction, etc. However, with the growth of a few hacker "mega cons", there is an increased focus and interest in regional, local and hyper-local get-togethers and events. Are smaller events better than the larger events? What can smaller events and gatherings provide, with sufficiently limited resources as compared to large events, that those larger events only wish they could? In this discussion I hope to explore some of these issues, get feedback and develop with participants new structures in which to view and appreciate events such as Notacon and PhreakNIC.

Democracry 2.0 - Bringing an Open Source Revolution to the Ballot Box - smoke

This talk will be a major update on the third track discussion led at HOPE 6. Various topics will include the building blocks of democracy 2.0, reviews of open source voting software and electronic voting machines, and how I believe these steps can go a long way towards turning back the tides of war, corruption, greed and the constant assault on our liberties.

Cryptanalysis with Field Programmable Gate Arrays - Decius

This talk is an attempt to build a community around doing distributed computing with Field Programmable Gate Arrays. The first target is Cryptanalysis of DES. Most of the alloted time will be spent actually working on this, so bring your computer, and if you are really interested in this, order a Digilent Spartan 3-1000 prototyping board and bring it to the con. They can be obtained for about $150. Hacking is not a spectator sport. This talk is for people who actually want to roll up their sleeves and work on a cool technical project. This project is starting from scratch at PhreakNIC.