The following is a list of the short clips heard occasionally between song tracks on SomaFM’s DEF CON Radio stream. These clips are all sourced from the DEF CON media server and linked thereto.
Listen to DEF CON Radio on SomaFM using the macOS, iOS, or tvOS apps, on many streaming services including Roku, Echo, Sonos, and more, including the trusty web.
SomaFM has been present in the DEF CON Chillout Lounge since DEF CON 21 with a variety of DJs playing music from morning to evening, streamed live from the annual event in Las Vegas.
Click the banner to listen to DEF CON Radio on SomaFM
| DC# | Speaker(s) | Talk Title | Clip Name | Text | URL |
|---|---|---|---|---|---|
| 7 | Michael Martinez | Hackers and the Media – A Love/Hate Thing | Black Tee | You know, we have, again, our own preconceptions of the sixteen year old wearing black tee shirts in a darkened room when the sun is out and all they’re doing is playing on a computer for twenty four hours straight, um, that actually may be some of you, I don’t know. I so see some black tee shirts here and they look wonderful | Direct Link |
| 7 | Michael Martinez | Hackers and the Media – A Love/Hate Thing | Busted | Don’t do anything that’s gonna get you busted, okay, I have seen stories that, a reporter says, hey, I hooked up with these guys and I went on IRC with them while they were hacking, and it was so cool, and this is what they did. You can be within 48 hours of that story being published the FBI called that reported and said we need to know everything. | |
| 7 | Michael Martinez | Hackers and the Media – A Love/Hate Thing | Emails | I will get emails, sometimes, that are longer than the original story. I’m a little less inclined to read them because I’m like, why are you doing this to me. | |
| 7 | Michael Martinez | Hackers and the Media – A Love/Hate Thing | Hacker | Give you guys some hints for when, the next clueless reporter comes up and says hey man, what’s it like to be a hacker. | |
| 7 | Michael Martinez | Hackers and the Media – A Love/Hate Thing | Hire | There are still come security companies our there that won’t hire anybody who says they are a hacker, which kinda blows my mind | |
| 7 | Michael Martinez | Hackers and the Media – A Love/Hate Thing | Interview | If the virus spreader comes forward, I’d like to get him for an interview | |
| 7 | Michael Martinez | Hackers and the Media – A Love/Hate Thing | IRC | Say I go, actually I’m a reporter that knows about IRC, and I go to #hackphreak or #hack or something, and I get somebody who uses a lot of threes when he spells, and I think, ooh that’s kinda funky, maybe he’s a hacker. Maybe he’s a script kiddie who has like three warez on his hard drive, I don’t know. | |
| 7 | Michael Martinez | Hackers and the Media – A Love/Hate Thing | Kick | If any reporter comes up and tell you that their reporting is one hundred percent unbiased, you may feel free to kick them. Actually, I can’t advocate violence either, that’s bad. | |
| 7 | Michael Martinez | Hackers and the Media – A Love/Hate Thing | Quake | The next time I play Quake, and I going to have an erased hard drive? Who knows. | |
| 7 | Michael Martinez | Hackers and the Media – A Love/Hate Thing | Sexy | It’s sexy, it will sell papers. You didn’t think of yourselves as sexy, did you. It’s true. Yes, you are sir. | |
| 7 | Michael Martinez | Hackers and the Media – A Love/Hate Thing | Surf Well | You’re going to get reporters who, the only reason they’re a tech writer at their particular publication or television station is because they can surf the web really well, that’s it. | |
| 7 | Michael Martinez | Hackers and the Media – A Love/Hate Thing | Trashed | If you fake your knowledge, and you give incorrect information to a reporter, and that gets into print, your name is trashed. | |
| 7 | Michael Martinez | Hackers and the Media – A Love/Hate Thing | Website | Why do these people hate me, I just wanna run my website! | |
| 7 | Ira Winkler | Myths of Hiring Hackers | Add Five | Do you have the most recent hot fixes, and Windows service pack loaded on your system, add one. What if you don’t have Microsoft? Add Five. | Direct Link |
| 7 | Ira Winkler | Myths of Hiring Hackers | Arsonists | Arsonists can not put out fires or engineer fire safe buildings. They know how to take a bunch of papers together, take gasoline, spread around, light everything up. Same thing with script kiddies. They know how to take a bunch of tools, you know, shoot it off at the websites. Do it. | |
| 7 | Ira Winkler | Myths of Hiring Hackers | Business Card | No matter what your business card says, that doesn’t automatically guarantee you’re a quote unquote security expert either | |
| 7 | Ira Winkler | Myths of Hiring Hackers | CIO | I’m rephrasing, I can train a monkey to hack a computer in a few hours to I can teach a CIO to break into a computer in a few hours. Honestly, though, I’m not sure if that’s less insulting. | |
| 7 | Ira Winkler | Myths of Hiring Hackers | Hacker | You know, all the sudden you walk around, you call yourself a hacker, and 60 Minutes is putting a camera in front of your face now days. | |
| 7 | Ira Winkler | Myths of Hiring Hackers | Janitors | I would remind you that NSA and CIA have janitors and, they don’t know much about security either. | |
| 7 | Ira Winkler | Myths of Hiring Hackers | Kill -9 | Everybody wants to go out and hire a hacker, and as the presentation before just started to discuss, you don’t know what you get when you hire a hacker. You know, you could get somebody like Mudge, or one the other hand you could get somebody like, the people that are out there trying to figure out that kill -9 is a Unix command and are trying to do that on Windows 95 | |
| 7 | Ira Winkler | Myths of Hiring Hackers | l0pht | Remember, why is the l0pht called the l0pht? Because they have a loft filled with computer equipment, and it was kind of a joke. The loft was not called the internet. These are people that break into their own computers, not the internet’s computers. | |
| 7 | Ira Winkler | Myths of Hiring Hackers | Misguided | Benjamin Netanyahu, the Israeli Prime Minister, called The Analyzer a Misguided Genius. I like that one. | |
| 7 | Ira Winkler | Myths of Hiring Hackers | MIT | So the hackers at MIT were really true hackers in every sense of the word. | |
| 7 | Ira Winkler | Myths of Hiring Hackers | No Brain | I never met this guy, but what the hell, you’re sitting here in a field with no brain. You might as well come with me, and he was like “okay†| |
| 7 | Ira Winkler | Myths of Hiring Hackers | Script Kiddie | When a script kiddie doesn’t get in using his tools, they’ll give up hacking, if they’re not passionate. They’ll go away and say “damn, that little script didn’t work, I’ll go find another one†and then when that one doesn’t work they’ll go find another one and after the third or fourth one doesn’t work they’ll hopefully give up and maybe find that women exist | |
| 7 | Ira Winkler | Myths of Hiring Hackers | Security Professional | Most security professionals become one when their employer tells them they’re a security professional | |
| 7 | Ira Winkler | Myths of Hiring Hackers | Soul | The people who know how to break into computers best are the really good system and network administrators. Those are the people who know the systems in their soul. | |
| 7 | Ira Winkler | Myths of Hiring Hackers | Take Anything | If you’re not good, you might as well take anything you can get though, let’s face it. | |
| 7 | Ira Winkler | Myths of Hiring Hackers | Unique | First of all, again, the main issue is that the companies and government try to make you believe that hackers have some sort of unique skills and abilities that can’t be picked up by other people | |
| 7 | Ira Winkler | Myths of Hiring Hackers | Word | Anybody that knows how to use Microsoft Word and knows what a macro is considered a computer genius these days. Hackers are trying to jump on this because they know a little more than Microsoft Word. | |
| 7 | Dead Addict | Set Technology | Complicated | Oh my goodness, this is complicated. Well, this is a protocol | Direct Link |
| 7 | Dead Addict | Set Technology | Currency | It’s possible and feasible to implement your own currency systems if you can get enough people to go along with it. | |
| 7 | Dead Addict | Set Technology | Nut | I found every time I attempt to fully understand, let alone re-communicate how currency systems work, I sound like a complete nut | |
| 7 | Dead Addict | Set Technology | Sell | I wouldn’t suggest anyone in the audience do this. Hackers have a tendency to, uh, sell those credit cards to the FBI, so, I don’t recommend that either. | |
| 11 | Cat Okita | Aura – A Reputation System | A Dog On the Internet | I mean, you can be a dog on the internet, and as long as you post reasonably, no one cares | Direct Link |
| 11 | Cat Okita | Aura – A Reputation System | Cookies | My friends say that these chocolate mint cookies are really good | |
| 11 | Cat Okita | Aura – A Reputation System | Don’t Even Know His Name | See I’ve giving him a bad reputation by standing up here and saying all sorts of things about him and I don’t even know his name | |
| 11 | Cat Okita | Aura – A Reputation System | Flags | Some of you may have had the experience of having someone ask you the interview question: what are the flags to “lsâ€. This is an evil question, and really it’s easier to say what aren’t the flags to “lsâ€, but that’s neither here nor there. | |
| 11 | Cat Okita | Aura – A Reputation System | Got A Room | And you know if the three of you get a room and make a movie you can make a lot of money. | |
| 11 | Cat Okita | Aura – A Reputation System | Grassroots | And I’m much more interested in grassroots ability for everyone to communicate with everybody else and have their dependencies | |
| 11 | Cat Okita | Aura – A Reputation System | Reliability | If you can claim that everyone is 99.7 or 100 percent reliable, I’d like to hear it from one of you right now | |
| 11 | Grifter | Dumpster Diving | Streak | For those of you that don’t know what the hell that was, on the scavenger hunt list it says “streak through Grifter’s talk†Good times, lots of man ass today. | Direct Link |
| 11 | Grifter | Dumpster Diving | Cool Ringtone | I’m tired and irritable, so if your cell phone’s on, shut it off, unless it has a cool ringtone, in which case we can all enjoy | |
| 11 | Grifter | Dumpster Diving | I Have A Dumpster | I have a dumpster in my back yard and I practice on it all the time | |
| 11 | Grifter | Dumpster Diving | Our Names | I’m Grifter, nice to meet all of you, let’s go around and say all names. Start over here. | |
| 11 | Grifter | Dumpster Diving | Yelling | Before I even get started, if you’re going to start yelling at me from the back or something about how ethical this is, and how I’m horrible and I’m promoting identity theft I don’t wanna hear it so shut up. | |
| 11 | Viki | Today’s Modern Network Killing Robot | IRC | Geeks are generally not so good at expressing themselves, so they go on to IRC and they can use these tools to express their feelings towards others, feelings like anger, rage, hatred, resentment | Direct Link |
| 15 | Dan Kaminsky | Black Ops 2007 | Let’s Break Some Things | What’s up guys? You guys are nuts. Look at this frikkin’ crowd. Alright, we have so much stuff to go over. Let’s break some things eh? | Direct Link |
| 15 | Dan Kaminsky | Black Ops 2007 | Actually Winn Schwartauing | Data suggest that the DNS based attacker has a remarkably high chance of actuallywinning | |
| 15 | Dan Kaminsky | Black Ops 2007 | Anywhere | We need to have disaster recovery plans that include how to handle the discovery of a flaw in any mission-critical code anywhere | |
| 15 | Dan Kaminsky | Black Ops 2007 | API | Never presume and API is ever smarter than it had to be to ship, it rarely actually is | |
| 15 | Dan Kaminsky | Black Ops 2007 | BGP | Interesting questions, which would you rather own? PGP, or DNS? | |
| 15 | Dan Kaminsky | Black Ops 2007 | Dancing | The game is to get compliance from the user to assist in executing the attack, and since users wanna see dancing pigs, this is not necessarily that hard | |
| 15 | Dan Kaminsky | Black Ops 2007 | Anyone here work somewhere where they get emails from the Internet | ||
| 15 | Dan Kaminsky | Black Ops 2007 | Game Security | Game developers have time to do many, many things. Write secure code that can deal with crappy servers is just not one of them. Or at least hadn’t been, because it wasn’t a ship requirement. | |
| 15 | Dan Kaminsky | Black Ops 2007 | He Asked | Who did you get a cert for? Login do live dot com. And how did you get it? I placed an order on a big CA’s website for it. He asked. | |
| 15 | Dan Kaminsky | Black Ops 2007 | Hosed | I’m the first to say, this bug should not nearly be as interesting as it actually is. The reason this bug is interesting is because everything else is hosed. | |
| 15 | Dan Kaminsky | Black Ops 2007 | Make Locks | I think this is what happened to pixel artists: They all went to make locks for bank websites. | |
| 15 | Dan Kaminsky | Black Ops 2007 | Malaysia | If your DNS is bad, two boxes physically next to each other are going to route to each other by way of Malaysia. | |
| 15 | Dan Kaminsky | Black Ops 2007 | Poison | Don’t bother poisoning foo dot com or google or yahoo, just poison everything | |
| 15 | Dan Kaminsky | Black Ops 2007 | Salva | Don’t worry, SSL will totally save us all | |
| 15 | Dan Kaminsky | Black Ops 2007 | Serviceable | Service-ability is survivability, and no one has ever made the link that says how serviceable a network is a major selling point, a major metric for the quality of a system | |
| 15 | Dan Kaminsky | Black Ops 2007 | SSL | People say “But SSL, SSL will save us!†| |
| 15 | Dan Kaminsky | Black Ops 2007 | Surface | I think we may have some new attack surface to play with. | |
| 15 | Dan Kaminsky | Black Ops 2007 | Wrong | It’s not about how the network works when things are going right, it’s how the network works when things are going wrong. | |
| 15 | Johnny Long | No-Tech Hacking | Back To the Hotel | I’m like, what do you mean we’ve gotta go. He’s like, we’ve gotta go back to the hotel. | Direct Link |
| 15 | Johnny Long | No-Tech Hacking | Bumper Stickers | I swear I’m gonna get bumper stickers for this. | |
| 15 | Johnny Long | No-Tech Hacking | Cookout | I got these pictures from a cookout that I wasn’t invited to. | |
| 15 | Johnny Long | No-Tech Hacking | Mitnick | I’m also a professional one of these, although I’m not dead yet, I’m more like one of these, although I look nothing like Kevin Mitnick, which this guy looks like. | |
| 15 | Johnny Long | No-Tech Hacking | Ninja Hat | So, the ninja puts on a hat, gets a ladder, and a can of compressed air. So, he goes from ninja to old guy in hat. | |
| 15 | Johnny Long | No-Tech Hacking | On With the Show | Alright, and on with the show. | |
| 15 | Johnny Long | No-Tech Hacking | Prox | These folks, I’m not sure exactly where they work cause they took their badges off, but they left their prox cards out. Well, the funny things about prox cards is that if you get a good picture of them, you take these really complex numbers here, you punch them into a telephone, a nice person answers and you read the numbers off the top of the card, and guess what they tell you. They tell you the address, the building, the floor, and the room that the card will work on. Clever. | |
| 15 | Johnny Long | No-Tech Hacking | The Whole System | So, for no money, and hardly any materials, he took down the whole system | |
| 15 | Johnny Long | No-Tech Hacking | Very Nice Color | Which I think is a very nice color | |
| 15 | Johnny Long | No-Tech Hacking | WoW | Did anybody else notice the World of Warcraft icons down in the dock? | |
| 16 | GMark Hardy | A Hacker Looks At 50 | The 70s | Again, bad passwords were all the rage back in the 70s | Direct Link |
| 16 | GMark Hardy | A Hacker Looks At 50 | 1984 | Navy has no need for computer security, from Washington, 1984 | |
| 16 | GMark Hardy | A Hacker Looks At 50 | AARP | Because, yes indeed, I am now a card carrying member of the only organization that’s more liberal than Barack Obama, and that’s the AARP | |
| 16 | GMark Hardy | A Hacker Looks At 50 | APL | Alright, what does APL stand for? A Programming Language, that’s cool. | |
| 16 | GMark Hardy | A Hacker Looks At 50 | ASCII | We have the best tic tac toe, and everything else. Didn’t have porn in it because it was ASCII but… | |
| 16 | GMark Hardy | A Hacker Looks At 50 | Billions | But what did they have that we didn’t have? Vision. What did they end up with that we didn’t have? Billions. | |
| 16 | GMark Hardy | A Hacker Looks At 50 | Capability | So I realize that even though you have the capability, sometimes it’s not a good idea to use it. | |
| 16 | GMark Hardy | A Hacker Looks At 50 | Carbon | It’s not the silicon network in life that counts, it’s the carbon network that counts. It’s the people in your life. | |
| 16 | GMark Hardy | A Hacker Looks At 50 | Control | And you spend a week owning anything that moves, trying to think about what you want to do with your life, you get control back. | |
| 16 | GMark Hardy | A Hacker Looks At 50 | DQ | There are people out there who will disqualify you, there are people who love to disqualify you, but don’t do it to yourself. | |
| 16 | GMark Hardy | A Hacker Looks At 50 | Dressed | And unfortunately, back in the 70s, being a computer geek was not cool. We didn’t dress in black, we dressed in corduroys | |
| 16 | GMark Hardy | A Hacker Looks At 50 | Global Domination | Noooooo, total global domination! | |
| 16 | GMark Hardy | A Hacker Looks At 50 | Hockey | There was ASCII porn but we didn’t understand that. Hey, this was Buffalo. There’s not much to do up there but hockey and shovel | |
| 16 | GMark Hardy | A Hacker Looks At 50 | Just Ask | One of my observations in life? Just ask. | |
| 16 | GMark Hardy | A Hacker Looks At 50 | Low | What the next words out of my mouth were the following: Sometimes I go that low. | |
| 16 | GMark Hardy | A Hacker Looks At 50 | No Help | Okay, with no manuals, no readme, no help button, no F1 on the keyboard. There it is, go figure it out. | |
| 16 | GMark Hardy | A Hacker Looks At 50 | Owned | So we kinda sat there for a minute or two, the operator tried to log in, realized he’d been owned, changed the password. | |
| 16 | GMark Hardy | A Hacker Looks At 50 | Pens | Big gigantic thing, not quite the size of this room, but huge. Ton of air conditioning equipment, and works in a big glass room. And the only way in and out was to wear a white lab coat and four different kinds of pens. | |
| 16 | GMark Hardy | A Hacker Looks At 50 | Pi | I can remember this: three, fourteen, fifteen, nine. Three, fourteen, fifteen, nine. Three one four one five nine. Okay. That was the root user ID, was Pi. Cool, and we’ve got the password. | |
| 16 | GMark Hardy | A Hacker Looks At 50 | RPG | Take away porn and role playing games and what you’ve got left is nothing, right, for your life. | |
| 16 | GMark Hardy | A Hacker Looks At 50 | Seated | And, the chip wasn’t seated right and that was the problem and it worked perfectly. So Billy lived. | |
| 16 | GMark Hardy | A Hacker Looks At 50 | Talk | A whole life of things that we depend on today just didn’t exist so we had to do the strangest thing in the world and that was talk face to face to other people. | |
| 16 | GMark Hardy | A Hacker Looks At 50 | TTL | We got a TTL that’s a hidden field in life | |
| 16 | GMark Hardy | A Hacker Looks At 50 | Two Ten | And so I have a legitimate W-2 doing computer security work, full time, for 1976, for two dollars and ten cents an hour. Have we come a long way or what. | |
| 16 | GMark Hardy | A Hacker Looks At 50 | Unattended | But, we found where the console was. It was sitting over in the corner, and it was unattended. | |
| 16 | GMark Hardy | A Hacker Looks At 50 | Wisdom | The problem is, wisdom has a diode. I can not be taught, it can only be learned. | |
| 16 | FX | Barcoding | Configure | The scanners that phase outside to a potentially hostile barcode are actually configured by barcodes. | Direct Link |
| 16 | FX | Barcoding | DOD | You can send pretty much everything, anywhere for free and it will be trusted because the sender ID says “this is the Department of Defense†| |
| 16 | FX | Barcoding | Injections | That brings us to actually having SQL injections and format string attacks in barcodes. You will be surprised at how good this works. | |
| 16 | FX | Barcoding | Newspaper | So, you’re point your browser to a not-to-you-known URL, automatically, with your newspaper. Is that potentially a bad idea? Anyone? | |
| 16 | FX | Barcoding | Porn | And that usually tends to be a really good driver for technology. Either making more money or porn. | |
| 16 | FX | Barcoding | Printing More | Have you noticed that putting more stuff in to something than it was expecting is something that hackers really like? So, yes, it does happen. We did find buffer overlooks with barcodes simply just by printing more. | |
| 16 | FX | Barcoding | Shell Code | Um, warning, it is, a pain to develop shell code on barcodes | |
| 16 | FX | Barcoding | Trust | Do not trust a printed number | |
| 16 | FX | Barcoding | XSS | You get to cross site script people with your newspaper! | |
| 16 | Jason Scott | Making A Text Adventure Documentary | Awesome | How many people here, and nobody’s looking at you, don’t know what a text adventure is? Alright, there’s one person. They were awesome. | Direct Link |
| 16 | Jason Scott | Making A Text Adventure Documentary | Creative Commons | I think some times it’s overused, like any good tool, and I think that some times people apply Creative Commons to places it shouldn’t be and they don’t entirely understand it but at the very least they did the right thing, they created a simple to understand legal framework for people to release things under a copyright other than The Copyright which at this point has been kinda fortified with eleven vitamins and terrible constitutional nonsense because everybody was scared that somebody was going to take away Leonard DiCaprio’s paycheck | |
| 16 | Jason Scott | Making A Text Adventure Documentary | Delete That Letter | I’ve gotten some wonderful letters, heartfelt letters, telling me to please delete stuff. The only thing I delete is that letter. | |
| 16 | Jason Scott | Making A Text Adventure Documentary | Fat | It was tough, and I’ve gotten dinged on a few things, but it’s all like, so, having given away all this history you failed at A, B, and C, and I’m like “that’s why you’re fat†| |
| 16 | Jason Scott | Making A Text Adventure Documentary | Freak | I believe that the modern human can’t really sustain more than fifteen to thirty seconds of a person talking without any change in the shot before they start to freak out. | |
| 16 | Jason Scott | Making A Text Adventure Documentary | Mythos | And I’ve been very lucky over the past eight years or so talking directly to people who I’d only thought of as words on a page or on a box or otherwise in some way completely in the realm of mythos, which disappears when you’re in their kitchen | |
| 16 | Jason Scott | Making A Text Adventure Documentary | Scheduling | At this juncture, I say, as I watch people kind of storm out, you either go, I want to see even more of this or you say, I have made an enormous scheduling error | |
| 16 | Jason Scott | Making A Text Adventure Documentary | The Thing | It’s gonna do the thing, isn’t it | |
| 16 | Jason Scott | Making A Text Adventure Documentary | Twinkie | You know, secretive isn’t the word so much, they try to obfuscate how and where caves are located because they don’t want people to just kind of, you know, pack a Twinkie and go in and die, so. | |
| 16 | Jason Scott | Making A Text Adventure Documentary | Wife | I still get fan mail every week about the BBS Documentary. It all comes down to “Oh God, thank you†nobody understands me. Now my wife understands me. It’s mostly used as a wife education tool. | |
| 16 | Jason Scott | Making A Text Adventure Documentary | You Won | I don’t regret one moment of this, so, if nothing else, from my talk, take some amount of heart if you’re working on a project that nobody else understands because if, at the end of the day, you enjoyed it and you appreciated it, then you won | |
| 16 | DT and Joe Grand | Making the DEF CON 16 Badge | 128k | Because if yore’s ting to transfer more than 128k at 771 bits a second, I don’t even know what to say. | Diret Link |
| 16 | DT and Joe Grand | Making the DEF CON 16 Badge | 8500 | Trying to find 8500 of anything is hard | |
| 16 | DT and Joe Grand | Making the DEF CON 16 Badge | Acoustic Couplers | For those of you who remember acoustic couplers, anybody, it’s like that | |
| 16 | DT and Joe Grand | Making the DEF CON 16 Badge | Cardboard | I felt really bad seeing all of these green cardboard badges everywhere | |
| 16 | DT and Joe Grand | Making the DEF CON 16 Badge | Guarantee | So, pretty much, I mean no matter how much you plan in advance, there’s always going to be problems and yeah, this year we didn’t plan as much in advance as we could have, which is why next year we’re going to try, but next year there’s going to be a different problem, I don’t know what it is gonna be, but there will be one, I can guarantee that. | |
| 16 | DT and Joe Grand | Making the DEF CON 16 Badge | Jail | You make sure Grifter’s son is gonna stay out of jail and can be a hacker | |
| 16 | DT and Joe Grand | Making the DEF CON 16 Badge | Knight Rider | So ti’s a little hard to see, but you take one badge, you turn it into receive mode, which is the first mode where the LEDs go back and forth like Knight Rider, because I love David Hassellhoff | |
| 16 | DT and Joe Grand | Making the DEF CON 16 Badge | More | So, number of badges. Every year, we’re making more and more. The first year 6500 badges, last year 6800, this year 8500, That’s a lot of hackers. That’s really cool. Hopefully it’s all hackers and not just like more feds have come. | |
| 16 | DT and Joe Grand | Making the DEF CON 16 Badge | Tax | And when you’re sending fifty thousand dollars worth of parts through China, they want their tax. | |
| 16 | DT and Joe Grand | Making the DEF CON 16 Badge | User Error | I’m like, well, there’s little indicator on the battery holder to put it in the right way. That sounds like user error. | |
| 16 | Jay Beale | Owning the Users With Agent In the Middle | All Muscle | Hi Priest, don’t hurt me. He’s a very nice man who’s got a weight ratio of three to one on me. And I’m telling you it’s all muscle. | Direct Link |
| 16 | Jay Beale | Owning the Users With Agent In the Middle | Block | I wanna reiterate you can’t block doors, you absolutely can not block doors. It’s not good to block doors, that is how people die. And I do not mean the people you block from getting our, I mean you, as you get trampled, really badly, it’s no fun. So first, don’t block doors, second, keep a clear aisle for some definition of an aisle, that means Goons should be able to run down. They may do it as like a test. And, again, the Goons are called Goons for a reason so don’t block the aisles either. | |
| 16 | Jay Beale | Owning the Users With Agent In the Middle | Burn | Every year I bring a laptop here and I, when I get home I burn the laptop. No, I burn the hard drive. I pull the hard drive out, it was a fresh one that went in before I got here, it didn’t have any real data on it. I just installed some kind of, well | |
| 16 | Jay Beale | Owning the Users With Agent In the Middle | Ethics | Which really, you gotta think, there’s gotta be some kinda ethics to doing bad things, I mean you can be bad, but there are like levels of badness, you know, there’s like, you know, shoving somebody in line, or cutting in line, and then there’s like eating a kitten. Eating a kitten is really bad, okay. | |
| 16 | Jay Beale | Owning the Users With Agent In the Middle | Livejournal | Maybe we wanna be the DNS server, that’s a good person to be too, cause you start saying wow, everybody who like asks for say dub dub dub dot live journal dot come that’s like my laptop | |
| 16 | Jay Beale | Owning the Users With Agent In the Middle | Modify | This is, what you’ve kinda gotta understand, is what you’ve gotta tell your friends, you gotta tell your family, you’ve gotta tell your place of employ, you’ve gotta tell everybody on the Earth.If we share a LAN, if you and I share a LAN, I can view and modify your traffic. | |
| 16 | Jay Beale | Owning the Users With Agent In the Middle | Route My Packets | Now, I’m going to tell you guys something, because we’re at a hacker con, and I’ve been on a lot of good networks gone bad, if your’e going to do that to me, if you’re going give me a DHCP lease instead of the real person, you’re going to do any of these network games, please route my packets. | |
| 18 | Tottenkoph | An Introduction to Virtual Graffiti | And That’s Math | Hackers, it’s something new to exploit and learn about, and the young people because hormones plus destruction of someone else’s property equals lols and that’s math, you can’t argue math. | Direct Link |
| 18 | Tottenkoph | An Introduction to Virtual Graffiti | Cursing Her Name | Next thing I knew i was cursing her name and submitting my CFP | |
| 18 | Tottenkoph | An Introduction to Virtual Graffiti | Do It | Do I think it’s possible? Yes. I just thing we need to get off our butts and do it. | |
| 18 | Tottenkoph | An Introduction to Virtual Graffiti | Irrelevant | The software company that distributes the software actively discourages the use of Apple and/or Linux machines unless there’s an XP virtual running on it because they think that XP security issues are irrelevant | |
| 18 | Tottenkoph | An Introduction to Virtual Graffiti | Makes the Girls Sigh | Susperium Polarum Celitus Threakes, or Celitus the Thoracian makes the girls sigh. | |
| 18 | Tottenkoph | An Introduction to Virtual Graffiti | Slides | This just gave up the fact that I didn’t do my slides. Unfortunately tottendad is the one who does all my slides and Nikita yells at me to do my own damn slides and this is why. | |
| 18 | Tottenkoph | An Introduction to Virtual Graffiti | Wear A Hat | Wear gloves and be as inconspicuous as possible. If you’re the only blue or purple haired person in your town, wear a hat. | |
| 18 | RAIN | Build/Beat A Lie Detector | Deception Comes | Deception comes naturally in all living things | Direct Link |
| 18 | RAIN | Build/Beat A Lie Detector | Horribly Bad | More than three decades of psychological research has shown that most individuals are bad at knowing when they’re being lied to | |
| 18 | RAIN | Build/Beat A Lie Detector | Own Truth | But what you need to understand is that our present view is rooted in the very modern philosophical sense that the individual self, as an autonomous being is the possession of it’s own truth | |
| 18 | RAIN | Build/Beat A Lie Detector | Spock | Ended up losing a game of Rock Paper Scissors Lizard Spock to urbanmonkey, frikkin paper disproving Spock. | |
| 20 | Bruce Schneier | Answers Your Questions | Google Customer Service | Actually, Google has great customer service, the problem is you’re not customers. Right, become a Google customizer, an advertiser, and they have customer service all over the place | Direct Link |
| 20 | Bruce Schneier | Answers Your Questions | Known List of Attacks | In a sense, they’re all sorta equally mediocre, because all the standards ever do is secure the system against a known list of attacks | |
| 20 | Bruce Schneier | Answers Your Questions | Lose Slower | Sometimes the best we can do is lose slower. | |
| 20 | Bruce Schneier | Answers Your Questions | Make Security Systems Work | I think it’s our job, in security, to make security systems that work with actual users, that educating the user is a mistake. | |
| 20 | Bruce Schneier | Answers Your Questions | Most Common Password | But we’ve made some progress, right, the most common password is now password1 instead of password, but that took a decade! | |
| 20 | Bruce Schneier | Answers Your Questions | New Meanings for Words | Richard Thieme told me this, that they have a list of attributes at the NSA, on their signage, and one of them is transparency. Clearly we’re inventing new meanings for words here. | |
| 20 | Bruce Schneier | Answers Your Questions | New Person – Old Problem | And this is why a new person can go to a old problem and look at it in a new way and figure out a way in | |
| 20 | Bruce Schneier | Answers Your Questions | Not Going to Ban Them | And that is the way it will be, you know, we’re not going to ban them from coming cause I think that’s wrong too, and you know they could always pretend they’re from someplace else | |
| 20 | Bruce Schneier | Answers Your Questions | Quantum Computing | Come back here in ten years and there might be a quantum computing room at DEF CON. That would be kind of fun. | |
| 20 | Bruce Schneier | Answers Your Questions | Subvert the System | How can I subvert the system for my personal aim. | |
| 20 | Bruce Schneier | Answers Your Questions | Thank You Are There Any | I’m Bruce Schneier. Thank you, are there any questions? | |
| 20 | Bruce Schneier | Answers Your Questions | Tube of Ants | I look at this and say, you mean I can send a tube of ants to anybody I want? What a great country! | |
| 20 | Bruce Schneier | Answers Your Questions | Way of Thinking Doesn’t Change | The talks we’re seeing here at DEF CON this year are not the same types of talks we saw fifteen, twenty years ago. The world’s changing, but that way of thinking doesn’t change. | |
| 20 | Bruce Schneier | Answers Your Questions | What Hackers Do | How can I take this system and make it do something that it’s not supposed to do. That it’s not intended to do. That the organizers, the creators didn’t envision it to do. | |
| 20 | Bruce Schneier | Answers Your Questions | You Can Never Have | You can never have a standard of Is It Secure. You can have a standard of is it not insecure in this particular way. | |
| 20 | Cory Doctorow | Beyond the War on General Purpose Computing | Bootlocking | It’s a safe bet that totalitarian governments will happily take advantage of bootlicking and move surveillance right into the box | Direct Link |
| 20 | Cory Doctorow | Beyond the War on General Purpose Computing | Can’t Make It Secure | If you’re not allowed to know what software is running on your computer then you can’t make it secure. | |
| 20 | Cory Doctorow | Beyond the War on General Purpose Computing | Certainly Becomes | Now in a world where the computers that we’re discussing can see you, and hear you, where we insert our bodies into them, when they fly our planes and drive our cars, where they’re surgically implanted inside us, certainty becomes a very big deal. | |
| 20 | Cory Doctorow | Beyond the War on General Purpose Computing | Computer In Everything | A car is just a computer that we put our body in, a 747 is a flying Solaris box full of SCADA controllers, hearing aids and pacemakers and other prosthesis are just computers we that put inside our body and that means that all our sociopolitical problems in the future are going to have a computer inside them | |
| 20 | Cory Doctorow | Beyond the War on General Purpose Computing | Control and Knowledge | Whether you want to be free, or want to enslave, you need to have control and you need to have knowledge. | |
| 20 | Cory Doctorow | Beyond the War on General Purpose Computing | Control Your Environment | Remember that security is relative, you are secured from attacks on your ability to freely use your music if can control your computing environment | |
| 20 | Cory Doctorow | Beyond the War on General Purpose Computing | Convergent | The technical needs of helicopter parents, school systems, and enterprises are convergent with the governments of Syria and China | |
| 20 | Cory Doctorow | Beyond the War on General Purpose Computing | Devil In the Details | As with everything important, the devil is in the details | |
| 20 | Cory Doctorow | Beyond the War on General Purpose Computing | Doctrine of First Sale | Now, we like the doctrine of first sale, it’s an important piece of consumer law.. It says that once you buys something, it belongs to you. And you should have the freedom to do anything you want with it, even if that hurts the vendor’s interests | |
| 20 | Cory Doctorow | Beyond the War on General Purpose Computing | DRM | DRM and it’s cousins are deployed by people who believe that you can’t and shouldn’t be trusted to set policy on the computer that you own | |
| 20 | Cory Doctorow | Beyond the War on General Purpose Computing | Human Rights | If your world is made of computers, then designing computers to override their owner’s decisions has significant human rights inplications | |
| 20 | Cory Doctorow | Beyond the War on General Purpose Computing | If We Don’t Start | We need to start thinking about now about the principles that will apply when the day comes, because if we don’t start now, it’s going to be too late | |
| 20 | Cory Doctorow | Beyond the War on General Purpose Computing | No Reasonable Distinction | The reason employers give us these mobile devices is because there’s no longer any meaningful distinction between personal life and working life | |
| 20 | Cory Doctorow | Beyond the War on General Purpose Computing | Surveillance | Surveillance in the middle of the network is nowhere near as exciting as surveillance at the edge of the network might be, whether that edge of the network is in your ear or in your laptop | |
| 20 | Cory Doctorow | Beyond the War on General Purpose Computing | War On General Computing | The war on general purpose computing is what happens when the control freaks in government and industry demand the ability to remotely control our computers | |
| 20 | Cory Doctorow | Beyond the War on General Purpose Computing | We Don’t Know How | We don’t know how to make computers that can run all the programs we can compile except for the one that pisses off a regulator or distorts a business model or abets a criminal | |
| 20 | Cory Doctorow | Beyond the War on General Purpose Computing | You Can Do Almost Anything | You can do almost anything if you say that you’re protecting shareholders or children | |
| 20 | Dan Kaminsky | Black Ops | Cancer | Carbohydrates cause cancer, that’s a real link, proteins cause cancer, fats cause cancer, alcohol causes cancer, uh oh. | Direct Link |
| 20 | Dan Kaminsky | Black Ops | Computers Are | Computers are small networks of interconnected devices on asynchronous networks that communicate with each other at their own time and pace. That’s how they work. Every single computer has different devices talking to each other from different clocks. These clocks are not synchronized. Even if they had an error of one part per million. That’s a bit per second per megahertz. We have way more than that actually going on. | |
| 20 | Dan Kaminsky | Black Ops | Dead Bodies | I don’t know if you realize this, it took hundreds of year for medicine to get it’s scientific act together, and they had dead bodies. | |
| 20 | Dan Kaminsky | Black Ops | Deterministic | Okay, look, anyone who thinks computers are completely deterministic devices has clearly never written threaded code | |
| 20 | Dan Kaminsky | Black Ops | Doghma | Let’s not just assume because it violates dogma that it might not be a better path to protecting these networks | |
| 20 | Dan Kaminsky | Black Ops | Fool’s Errand | Predicting what some other language is going to do, given arbitrary input is a um, fool’s errand | |
| 20 | Dan Kaminsky | Black Ops | Fundamental Difference | What is the fundamental difference between offense and defense, between the attack and the defense? You can tell when an attack doesn’t work. | |
| 20 | Dan Kaminsky | Black Ops | If Language Got Us | Coined by Len Sassman and Meredith Patterson as a corollary: If language got us into this mess than perhaps it can get us out | |
| 20 | Dan Kaminsky | Black Ops | IRQs | Anyone remember IRQs? | |
| 20 | Dan Kaminsky | Black Ops | Lack of Consensus | We’re not going to talk about busting the bad guys. I don’t know if you noticed but there seems to be some, uh, lack of consensus on who the bad guys are. | |
| 20 | Dan Kaminsky | Black Ops | One Nanosecond | One nanosecond is the amount of noise that you can insert on a network interface, that is going to destroy an entire class of security vulnerability with a single command. That is kinda cool. | |
| 20 | Dan Kaminsky | Black Ops | One of These Days | One of these days we’re going to be spending as much time and money on security research as we are on medical research | |
| 20 | Dan Kaminsky | Black Ops | Random Numbers | This is stuff that we’ve been fretting about twenty years. Twenty years ago someone was saying I hope we’re not worrying about this twenty years from now, and they’re screwed. | |
| 20 | Dan Kaminsky | Black Ops | Random Output | I seem to not that every attack against random number generators involve looking at large amounts of output from them. So you know what I want to do? Not that. | |
| 20 | Dan Kaminsky | Black Ops | Screw Around for 10ms | Nothing a computer like to do more than screw around for 10 milliseconds. Where’d you go? I dunno. | |
| 20 | Dan Kaminsky | Black Ops | Starving for Entropy | This is a thing that happens in technology all the time. You get too good at one solution and another failure mode crops.up. We are starving for entropy. | |
| 20 | Dan Kaminsky | Black Ops | Stateless TCP Stack | We’re going to build a stateless TCP stack. It just sends data, it doesn’t remember to who. The other guy remembers that he’s talking to me. | |
| 20 | Dan Kaminsky | Black Ops | Structured Queries | It turns out, this really matters. It turns out that SQL is a language that’s really good a structured queries. | |
| 20 | Dan Kaminsky | Black Ops | The Low End Theory | There’s a rule called, the high end keeps getting higher, but the low end never goes away. | |
| 20 | Dan Kaminsky | Black Ops | The Vision | Our languages that are popular are artistic endeavors generally by one person, supported by others, but one guy’s got the vision. | |
| 20 | Dan Kaminsky | Black Ops | Two Threads – One INT | Now here’s my favorite of these: Two threads, one INT | |
| 20 | Dan Kaminsky | Black Ops | We Call That Compliance | Defense that doesn’t involve offense, you know what happens? Defense gets stupid. We call that Compliance. | |
| 20 | Dan Kaminsky | Black Ops | We Hold the Gun | Well, nobody has ever written a parameterized query in their life without a gun to their head. We know. We hold the gun. | |
| 20 | Barkode | DC20 Closing Ceremonies | Long Story Short | And uh, long story short, I’m not dead yet. So, whichever foreign power or intelligence agency I forgot to give a Ninja badge to, I’m super sorry about that. But you’re going to have to do a lot better than that. | Direct Link |
| 20 | Barkode | DC20 Closing Ceremonies | Ninjatel Was Born | But when we were trying to figure out what to do this year to kinda go out with a bang, we thought, it’s DEF CON 20, what were we all doing twenty years ago? We were all phone phreaks, most of us in the group were anyway, we were on the phone, we thought how can we bring that nostalgia back, let’s do something with phones, so that’s how NinjaTel was born. | |
| 20 | DT | DC20 Closing Ceremonies | Concieved | How many people were conceived at DEF CON? | |
| 20 | DT | DC20 Closing Ceremonies | Free Beer | Free booze, that was the other thing we did is we had some free beer that Thursday night for the people that showed up early, and that seemed to go over really well, but I could see that could be a losing battle. You could probably go broke giving away free beer here. | |
| 20 | DT | DC20 Closing Ceremonies | Getting Carded | We have a lot of volunteers and so, this is a quick little story of me showing up at the con, and uh, and one of my new goons, you know, cards me. He’s like, where’s your badge, and so the guy next to be is busting up like, oh god, he’s getting so busted. And uh, actually it’s like that’s totally cool, that’s exactly what he should do right. so, if he doesn’t know who I am, and I don’t have a badge, he should stop me. | |
| 20 | GMark Hardy | DC20 Closing Ceremonies | SQL Injection to Win | Nobody had the right answer, but one of the guys put in their answer key. They did a SQL injection and they won it. | |
| 20 | Jason Scott | DC20 Closing Ceremonies | Without Them We Are Nothing | You know, originally I thought was just a lattice work of interrelated groups, but it is in fact a burlap sacks full of ball bearings smashing into each other, all with their own goals, but every single one stood up and said I believe in DEF CON, I believe in Jeff’s dream, and I believe in our people. Without them we are nothing | |
| 20 | LosT | DC20 Closing Ceremonies | How Many of You Met | For my benefit, how many of you out there met somebody else because of the badges this year? | |
| 20 | LosT | DC20 Closing Ceremonies | Mystery Challenge Challenges | So, they had to do everything from doing a crimp from The Mighty Boosh, that they had to memorize in like less than like an hour, to cracking crypto that was written on some skull faces. At the very end they received a skull made out of paper mache and filled with plaster of Paris that had a thumb drive embedded inside it that they had to chisel out and they would spend hours on the crypto on the thumb drive only to find out that there was a micro SD card inside of the thumb drive that they had to crack open to find. | |
| 20 | pyr0 | DC20 Closing Ceremonies | 50 Pounds of Metal | I ran into zoo after he won and he was packing around this huge bag of all the change and he was talking about how he’s going to go through the airport and not check it, like he’s just going to carry it on to the plane. Because they can’t separate you from your money even though that’s like 50 pounds of metal or something like that | |
| 20 | Riverside | DC20 Closing Ceremonies | Cookies in the Clear | If you’re a security researcher on reddit, in Ask Me Anything, you make sure that your cookies are not in the clear | |
| 20 | Riverside | DC20 Closing Ceremonies | Morse Code Over ICMP | We invented three new steganography techniques just for this event, and actually one of the teams did get my morse code over ICMP. | |
| 20 | Riverside | DC20 Closing Ceremonies | Own Wireshark | We had a six year old girl capturing packets and owning Wireshark. It was awesome. | |
| 20 | Winn Schwartau | DC20 Closing Ceremonies | 20 Years Ago | Twenty years ago tonight, Jeff said let the games begin, and we began it in DEF CON 2 | |
| 20 | Winn Schwartau | DC20 Closing Ceremonies | 75 Seconds | I can take 3.25 million ip addresses, I can sweep them from my little $200 Opteron box on a really nice pipe, I can get 800 megs of http data, the scan takes 75 seconds. | |
| 20 | Winn Schwartau | DC20 Closing Ceremonies | Weight Around My Neck | DEF CON has been a weight around my neck for twenty years, Jeff. | |
| 20 | Renderman | Hacker + Airplanes | Birthday Paradox | But first I wanna address something, the Kaminsky problem. Over multiple cons, Dan Kaminsky and I are speaking at the same time. I’ve have yet to see him actually speak. This is getting absolutely ridiculous. On his blog he actually plugs it as the Renderman birthday paradox. Which is highly ironic because yesterday was my birthday. And I don’t think he has any cookies this year. Oh hell. Apparently I get to drink. | Direct Link |
| 20 | Renderman | Hacker + Airplanes | For the Love of Spongebob | For the love of Sponge Bob, do not try anything you’re about to see | |
| 20 | Renderman | Hacker + Airplanes | We As Hackers | We as hackers have unique insight, we think about things in terms of security. We always think about the outside, we always think about that x-factor, that thing that nobody else in the world seems to do | |
| 20 | Jayson Street | How To Channel Your Inner Henry Rollins | Fifteen Thousand | Fifteen thousand opportunities for you to network and find a new friend that shares the same passion you have | Direct Link |
| 20 | Jayson Street | How To Channel Your Inner Henry Rollins | Get Up Here | I wanna hear what you have to say. You got research, you got valuable information you can share. Get up here, with me, and speak it. | |
| 20 | Jayson Street | How To Channel Your Inner Henry Rollins | Having A Blast | You have to have passion, you have to want it, because the guys on the other side of the keyboard are having a blast | |
| 20 | Jayson Street | How To Channel Your Inner Henry Rollins | Jumper | Being a hacker is thinking, you know, realistically this is not supposed to happen, but let me put this jumper there anyway. | |
| 20 | Jayson Street | How To Channel Your Inner Henry Rollins | Want To See It Better | I love this community, I love these people. And I just want to see it better. | |
| 20 | Zach Fasel | Pwned in 60 Seconds | And That’s the Story | And that’s the story, thanks for coming guys | Direct Link |
| 20 | Zach Fasel | Pwned in 60 Seconds | Judge Me | Judge me based on the quality of this talk, not based on a list of certs | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Action | And you’ve gotta be willing to lean forward and make change happen because if you just sit back and complain, nothing’s going to happen | Direct Link |
| 20 | Priest | Q&A With the Men (and Women) In Black | Alameda | Where are the nuclear vessels in Alameda | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Build Things | You know it’s great to break things. I need people who can help me build things, not just break them. We’ve got about 30 seconds left. | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Caught Tired | And as I said in the program, we promise, no extreme renditions or mind control unless you really deserve it, so if you see me reaching for my microphone, don’t run. You’ll just get caught tired. | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Even at my size | And even at my size I don’t want to be somebody’s bitch | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Failure of Imagination | One of the things in the 9/11 commission was that intel, and the intelligence community, had a failure of imagination | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Feds are People Too | Feds are people too | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Fez are Cool | And you get a really cool Fez, cause Fezes are cool. | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Like Sushi | That answer is kinda like eating sushi. You’re full right afterwards then after about and hour you’re like man, I’m hungry. | |
| 20 | Priest | Q&A With the Men (and Women) In Black | NCIS is True | Conspiracies are hard. Never assume conspiracy when ignorance or stupidity will do. I have one comment, everything you see on NCIS is true. | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Nobody On the Planet | Nobody on the planet said that the Department of Defense should be prepared to shoot down airliner on the tenth of September, 2001, and everybody on the 12th of September though that should have been done | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Raise Your Hand | All you FBI agents in the room, raise your hand. | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Read the Comic Books | He’s the guy that read the comic books to the other SEALs | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Smile for the Picture | So when you go outside and smile for the satellite picture, she’s the one that gets to see it. | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Space Aliens | I’d like to thank everybody for not asking about the space aliens | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Spot Some Feds | Who in here has heard of the Defense Industrial Base Cyber Pilot. One, two, three people. Y’all wanna spot some feds, there you go. | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Stop and Reorganize | We as a federal government need to stop and reorganize. We are not set properly for this mission set in a large sense. | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Ten Foot Fence | I will not build a ten foot fence when I know I’m going to be attacked by two foot midgets | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Told You I Wasn’t Cheap | Priest, you can’t ask those questions, and I gave you a six pack of Corona just a couple of minutes ago. I told you I wasn’t cheap, sir. | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Toy Budget | I have a half million dollar a year budget just for myself for toys, that we put together. It doesn’t pay as much, but like I said you get the really really good toys, and in his case, you get to kill people. | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Translation | Tow things, I speak Fed and I speak English. So if they say something blah blah blah raise your hand and I’ll be happy to translate it for you | |
| 20 | Priest | Q&A With the Men (and Women) In Black | Unicorns Exist | Unicorns exist sir, they really do exist. | |
| 20 | Priest | Q&A With the Men (and Women) In Black | We Need A Whole New Way | We need a whole new way to think. What we need to do is capture what the federal government does well and what private industry does well. | |
| 20 | Richard Thieme | Twenty Years Back, Twenty Years Ahead | Always Waving | And whenever a fed said something that’s bullshit they waved the pendant, like this, and those pendants were always waving | Direct Link |
| 20 | Richard Thieme | Twenty Years Back, Twenty Years Ahead | Daring | Wilson said in Concilliance, all artists, all scientists are characterized by passion, and obsessiveness, and daring | |
| 20 | Richard Thieme | Twenty Years Back, Twenty Years Ahead | Going Liquid | Computersization and digitalization means preexisting cultural forms are going liquid | |
| 20 | Richard Thieme | Twenty Years Back, Twenty Years Ahead | Hacker Definitions | A Black Hat Hacker is a Hacker. A Grey Hat Hacker is a Hacker that knows when to fudge the truth. A White Hat Hacker is a Hacker who put the truth down somewhere and forgot where they left it. | |
| 20 | Richard Thieme | Twenty Years Back, Twenty Years Ahead | Narrow Self Interest | Humans being, kind of the land mammal we are, we will do almost anything for narrow self interest and short term gain even if it means suiciding ourselves, not with a bomb, but with disease | |
| 20 | Richard Thieme | Twenty Years Back, Twenty Years Ahead | Recognizably Persistent | The functions of the intelligence community today is de facto to make sure that people know that when they wake up in the morning the world in which they went to sleep will pretty much be recognizably persistent | |
| 20 | Richard Thieme | Twenty Years Back, Twenty Years Ahead | See Context | Hackers see the context. They see more deeply. They see that the thing can be made to do all kinds of things it wasn’t intended to do. | |
| 20 | Richard Thieme | Twenty Years Back, Twenty Years Ahead | Some of My Best Friends | Some of my best friends are from NSA. I wouldn’t want my daughter to marry somebody from NSA. I wouldn’t wanna live next door to someone from NSA, but some of my best friends are there. | |
| 20 | Richard Thieme | Twenty Years Back, Twenty Years Ahead | Transparent Balls | How can you even have the balls to put the word transparency up there as one of the things to which you are committed | |
| 17 | egypt | Automatic Browser Fingerprinting and Exploitation with Metasploit | Give Me A Shell | You know you want to give me a shell…awww. | Direct Link |
| 17 | egypt | Automatic Browser Fingerprinting and Exploitation with Metasploit | Javascript | They implemented RSA and the implemented RC4 in Javascript. Holy Crap | |
| 17 | egypt | Automatic Browser Fingerprinting and Exploitation with Metasploit | Middle | Any time you can get in the middle, browser exploits become incredibly interesting. | |
| 17 | egypt | Automatic Browser Fingerprinting and Exploitation with Metasploit | Obfuscation | The downside to obfuscation is of course that it’s not crypto, it’s just obfuscations. A human would be able to figure this out relatively easily. | |
| 17 | egypt | Automatic Browser Fingerprinting and Exploitation with Metasploit | Shells | Which exploit do you send? If you send one Internet Explorer exploit and all of your people connect up with a vulnerable version of Firefox, you’re missing out on shells. And everybody loves shells, you don’t want to miss out on them. | |
| 17 | egypt | Automatic Browser Fingerprinting and Exploitation with Metasploit | User Agent | People that change their user agent are people that, you know, kinda know things about computers | |
| 24 | Jennifer Granick | Slouching Towards Utopia – The State of the Internet Dream | Expertise | If it’s going to really be a global marketplace for ideas, there can’t be an expertise price to pay for getting in the door | Direct Link |
| 24 | Jennifer Granick | Slouching Towards Utopia – The State of the Internet Dream | Future Web | I think it’s possible that the Dark Web is the Future Web | |
| 24 | Jennifer Granick | Slouching Towards Utopia – The State of the Internet Dream | Law | The fact that people can break the law is necessary for the evolution of our society | |
| 24 | Jennifer Granick | Slouching Towards Utopia – The State of the Internet Dream | Letters | How can we let companies that write letters tell us what is and isn’t a crime? | |
| 24 | Jennifer Granick | Slouching Towards Utopia – The State of the Internet Dream | Norm | And we’re headed towards a world that’s less like the utopian dream that I described and more a world where surveillance, censorship, and centralized control by companies and governments is the norm | |
| 24 | Jennifer Granick | Slouching Towards Utopia – The State of the Internet Dream | Declaration | Governments of the industrial world, ye weary giants of flesh and steel, I come from cyberspace, the new home of mind. On behalf of the future, I ask you of the past to leave us alone. You are not welcome among us. You have no sovereignty where we gather. | |
| 24 | Jennifer Granick | Slouching Towards Utopia – The State of the Internet Dream | Dream | The dream of a free, open, interoperable, reliable internet where people can speak their minds and anyone who wants to hear it can listen | |
| 24 | Jennifer Granick | Slouching Towards Utopia – The State of the Internet Dream | Enemy | The warrant requirement is the enemy of mass surveilance | |
| 24 | Jennifer Granick | Slouching Towards Utopia – The State of the Internet Dream | Hackers | Hackers were people who wanted free access to information and were willing to take time to build tools to make it so. | |
| 24 | Jennifer Granick | Slouching Towards Utopia – The State of the Internet Dream | Role | And when technology has done what it’s done, and made information collection about us so cheap, so easy, and so ubiquitous, then the law has a role to play | |
| 24 | Jennifer Granick | Slouching Towards Utopia – The State of the Internet Dream | Very Far | We have moved very far from the idea that people get to see whatever information they want to see. | |
| 17 | Joe Grand & Zoz | The Projects of Prototype This | Bagels | Talking to Joe on the radio, how are you doing? Terrible, I’m terrified of the sharks. I’m really sick, and all we’ve got are jalapeño bagels. I thought he was joking about those bagels because who’d ever heard of jalapeño bagels? | Direct Link |
| 17 | Joe Grand & Zoz | The Projects of Prototype This | CAD Design | To me that was one of the coolest things about the whole show. And I can not freaking wait until we have this in our house. That we could design the electronics, CAD model and enclosure, print it out, put it together, and put it in the water without ever having to go outside our own building. | |
| 17 | Joe Grand & Zoz | The Projects of Prototype This | Couch | It helps to have a couch that you don’t care what you crash it in to. Yeah, or cars. | |
| 17 | Joe Grand & Zoz | The Projects of Prototype This | Destroying | A system that was more than capable of totally destroying itself if you got things wrong | |
| 17 | Joe Grand & Zoz | The Projects of Prototype This | Don’t Care | Not only do they not know anything about the engineering details, they really don’t care. | |
| 17 | Joe Grand & Zoz | The Projects of Prototype This | Hot Nerds | So here’s, like, some hot nerds getting body scanned. | |
| 17 | Joe Grand & Zoz | The Projects of Prototype This | Luggage | They disassembled it and carried it on the plane in checked luggage. | |
| 17 | Joe Grand & Zoz | The Projects of Prototype This | Rocket | It’s a computer controlled plane. You can’t just take of on a runway somewhere because it’s a beach, so of course you have to launch it by a rocket. Yeah yeah, rocket. Rubber bands won’t do. | |
| 17 | Joe Grand & Zoz | The Projects of Prototype This | Sharks | Sharks will put up with a robot for quite a long time, but not indefinitely | |
| 17 | Joe Grand & Zoz | The Projects of Prototype This | Superheroes | Some people are like, yay, superheroes. I love those guys. | |
| 17 | Joe Grand & Zoz | The Projects of Prototype This | TRUE | And I put true in quotes because nothing in TV is really real, or true | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Aliases | We only agreed to do it if we could testify under our hacker aliases | Direct Link |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Demonstrate | A lot of the questions were, well, if somebody can take the entire internet down, why haven’t they done it, to demonstrate it. | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Dumpsters | You know, here are some kids, in Boston, who did nation-state stuff out of dumpsters as far as they were concerned | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Example | I figured that the FBI, or the DoJ, was going to, at some point, just for the media, try to make an example out of us | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Good Things | You find something that you love and, good things are going to happen | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Hackers | Hackers are people who get stuff to do things that the creator didn’t think could be done | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Here’s Data | That’s how I rebooted DARPA. That was the entire framework. That was the 125 lines of code malware that took half a billion dollars away from Keith Alexander, and redirected it. It was like, we brought data, what do you have? An opinion? That’s great, here’s data. | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Internet Down | Let’s assume that you weren’t the good guys. How long would it take you to take the internet down today? | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Jail | Do some research on the laws, don’t cross the lines, stay out of jail | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Long Game | Play the long game. Everybody else is optimizing locally. Optimize globally and for the long term. | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | MSDN | It used to be that if I wanted to exploit every single network driver on the planet, I would go find a bug in the MSDN example code because everyone would cut and paste that. | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Mudge | They fixed it. Then they sent out to the same press folks the exact same thing, with my real name replaced by Mudge | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Offers | The answer was no, but if you’d like to be the first, we’re willing to entertain offers. Luckily, they laughed. | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Opaque | You can’t hide behind it, you can’t make it opaque. Here’s how it works so both offense and defense can understand it. | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Overlaps | I don’t think you have it embrace it. I think you have to respect it and figure out where you have overlaps and where everybody can move forward without trying to co opt people | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Pause | It is amazing and terrifying and it is 15 years old and hasn’t been updated, and it is still the exemplar of the best thing out there, which should make people pause | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | People | It may be harder to exploit things. It has become easier to exploit people | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Press | We were getting a lot of press, and that’s actually what kinda started this in my mind. We were getting a little too much press. | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Proof of Concept | I always wonder if I shouldn’t have actually released a proof of concept for that | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Responsible | All of you are directly responsible for me | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Sausage | So our big message to them then was, do not make it illegal to se what’s in the sausage | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Value | What people didn’t realize is there’s no value in actually taking down all of the internet because you take down all of your targets as well | |
| 26 | L0pht | 20 Years Later (and Other Things You Were Afraid to Ask) | Wired | If it’s good enough for the US Senate, it’s good enough for Wired. | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Bean Bags | I know the bean bags are going to get stolen, because I mean who wouldn’t want to steal one. I think we’ve already stopped some of the staff from stealing them. | Direct Link |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Biggest | Hello, and welcome, and thank you for coming to our biggest conference ever | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Black Badge | For those of you who don’t know, if you win a black badge competition at DEF CON, you get an Uber badge, which is free entrance to DEF CON for the rest of your life. | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Cats | And so then it’s just professional cat herding. And, I’m not saying you guys are cats, but, you’re cats. | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Coffin | I’m going to run a Mystery Challenge, and then I’m going to put a nail in that coffin and it’s never going to be resurrected again. | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Community | Did you think about this, or did you think about doing this? Because this really is a community effort and badge is all about you guys. | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Darwinian | And through this sort of Darwinian process we’ve ended up with what we’ve got. | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Dog Name | I’m not going to let you see the lanyard unless you tell me your dog’s name. | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Entropy | I just really want it to be this boiling cauldron of randomness, right, this entropy | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Every Minute | I’m sorry for the extra bandwidth I decided to make that run every minute | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Find Something | Do what you like to do and I’m just here to try to provide a stage, so if you’re not interested in that anymore, great. Find something else you’re interested in. | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Foiling | I’m sorry that I consistently used my Chinese name, and this time randomly switched to my Korean name, there foiling any searches for said information | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Interesting | So, if you don’t know what that is, I’d suggest you look that up. It’s interesting, and this is a hacker con. | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Jumping | What I love about this community is you see people and they’ll be doing social engineering one year, car hacking the next. They’ll start a contest, they’ll play in a contest | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Perpetuate | You’re here to challenge the speaker. This is not meant to be sort of a passive, you receive the information, active I’’m telling you the information. I really want it to be challenge the speaker. If they’re saying something you don’t like or you don’t agree with or if you think is inaccurate, you’ve got to say something. Otherwise you’re just letting the misinformation perpetuate and that’s not cool. | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Servos | And come to Closing Ceremonies and there may be just a little bit extra that may have to do with those servos in the back | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Show of Hands | By a show of hands, how many of you are familiar with the Mystery Challenge | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Split | We week really hard to try to figure out ways to get you split into smaller groups so you can meet each other | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | Turn | And we don’t trust you do to that whole 2001 lip analysis so we’re going to turn our heads away from you | |
| 24 | L0sT & The Dark Tangent | DEF CON Welcome and Badge Talk | What Is That? | If you come to me and you say I want to do a Bio Hacking village I say great, that sounds really cool, what is that? | |
| 26 | Maggie Mayhem | Sex Work After SESTA FOSTA | Asymmetric | It’s important to remember that asymmetric enforcement of a law will always infringe on the fundamental rights of the non-criminal party | Direct Link |
| 26 | Maggie Mayhem | Sex Work After SESTA FOSTA | Competent | I think there is no greater pleasure on Earth than doing dangerous things with competent people | |
| 26 | Maggie Mayhem | Sex Work After SESTA FOSTA | Negotiation | As long as there are haves and have nots, negotiations will occur between the two parties | |
| 26 | Maggie Mayhem | Sex Work After SESTA FOSTA | Rat Trap | If you build a better rat trap, you will always have a better rat | |
| 26 | Maggie Mayhem | Sex Work After SESTA FOSTA | Shame | So if you can’t arrest somebody, you can always shame them | |
| 26 | Maggie Mayhem | Sex Work After SESTA FOSTA | Uh Oh | Presence of multiple computers, cell phones, pagers, credit card swipers and other technology. Uh oh, uh oh. | |
| 26 | Morgan Gangwere | t’s Assembler Jim but not as we know it abusing binaries from embedded devices for fun and profit | 32-Bit | Because, nobody runs 32-bit x86 anymore, right? | Direct Link |
| 26 | Morgan Gangwere | t’s Assembler Jim but not as we know it abusing binaries from embedded devices for fun and profit | ARM1.00 | The ISA actually hasn’t changed in about 20 or 30 years. You can still read ARM 1 assembly from the 80s, kind of figure it out, and run it on a brand new ARM chip today. | |
| 26 | Morgan Gangwere | t’s Assembler Jim but not as we know it abusing binaries from embedded devices for fun and profit | Bowie Knife | But unfortunately you’ve lost the jar of piss and all you have left is the Bowie knife | |
| 26 | Morgan Gangwere | t’s Assembler Jim but not as we know it abusing binaries from embedded devices for fun and profit | Dash | It’s one part science, one part estimation, a dash of bitter feelings about everything in the world. And a little bit of what the #$%@ was the EE thinking when they made this? | |
| 26 | Morgan Gangwere | t’s Assembler Jim but not as we know it abusing binaries from embedded devices for fun and profit | Embedded | There are many targets you can attack. There are ARM devices and embedded Linux devices all around you. | |
| 26 | Morgan Gangwere | t’s Assembler Jim but not as we know it abusing binaries from embedded devices for fun and profit | Keep On Hacking | There are embedded systems everywhere. Keep on Hacking. | |
| 26 | Morgan Gangwere | t’s Assembler Jim but not as we know it abusing binaries from embedded devices for fun and profit | QEMU | You can run QEMU on ARM to pretend that it’s ARM if you have the wrong kind of ARM. | |
| 26 | Morgan Gangwere | t’s Assembler Jim but not as we know it abusing binaries from embedded devices for fun and profit | Seen One | Once you’ve seen one, you’ve sen them all | |
| 26 | Morgan Gangwere | t’s Assembler Jim but not as we know it abusing binaries from embedded devices for fun and profit | Shoving | Every vendor has their own way of shoving bits on to a device. They all suck! | |
| 26 | Morgan Gangwere | t’s Assembler Jim but not as we know it abusing binaries from embedded devices for fun and profit | TFTP | Don’t be afraid to look for TFTP | |
| 26 | Morgan Gangwere | t’s Assembler Jim but not as we know it abusing binaries from embedded devices for fun and profit | Wget | Especially if you look very carefully there. You can flash straight from wget straight to the device. | |
| 22 | Panel | Diversity in Information Security | Altair | Our history is that we took our blinky boxes called Altair, and we wanted to be real engineers and they said no. So we went and build our own party with blackjack and hookers and called it DEF CON because %#@^ those people. | Direct Link |
| 22 | Panel | Diversity in Information Security | Den of Thieves | There’s a lot of talk right now about DEF CON being this openly inclusive place and we all just want to learn from each other and make the world happier. When I came to DEF CON it was a den of @$#$ thieves | |
| 22 | Panel | Diversity in Information Security | Fail Well | I want you to fail well and I want you to fail often | |
| 22 | Panel | Diversity in Information Security | Flirting | My girlfriend’s watching on TV right now so, hopefully I’m not flirting with you too much. Just enough. | |
| 22 | Panel | Diversity in Information Security | Minority | Because hackers are now a minority at DEF CON | |
| 22 | Panel | Diversity in Information Security | Nowhere Else | DEF CON is a giant hacker family reunion. I feel at home in this place like nowhere else on Earth. | |
| 22 | Panel | Diversity in Information Security | Ours | An ours means that the thing that matters most when you’re is not what you look like, not what you smell like, not whether you have three dicks or two arms, but what you do, what’s in your head. If I hand you a problem, and I don’t help you solve it, what do you do with it. | |
| 22 | Panel | Diversity in Information Security | Part of It | I could come, and I could present research, and I never felt a part of it because it was me not letting myself be a part of it | |
| 22 | Panel | Diversity in Information Security | PC Police | And I think it’s important to keep that mantra, because as soon as we become the PC Police, and we start backing up for things other than our hacks? We don’t have our hacks anymore. | |
| 22 | Panel | Diversity in Information Security | Piviledge | Because I have substantial benefits because of who I am. Versus my white, male friends with glasses wearing black tee shirts. Try finding one of them in a crowd at DEF CON | |
| 22 | Panel | Diversity in Information Security | Safest | You will find that this is the safest environment you will ever be in to be who you really are. | |
| 22 | Panel | Diversity in Information Security | Say Hi | So, why not talk to somebody that you might not have talked to before. Go say hi. | |
| 22 | Panel | Diversity in Information Security | Tourist | Those people want to come here. They want to come to our space. They want to look at our tricks. They want to buy our bugs and then pretend like we did it to teach them. Look, if you have a badge and you’re here today. And you don’t hack stuff, and you’re really just here to observe it that’s great. I hope you have a great time and that nobody messes with you but understand that you are a @$%^ tourist! | |
| 22 | Panel | Diversity in Information Security | Wasn’t Fun | I obviously stood out and I was definitely the different kid and I got teased a lot for it and if I look at my pre-college life it wasn’t fun. | |
| 16 | Sandy “Mouse†Clark | Climbing Everest | Backdoor | But I don’t know what else you can call an intentionally coded function that, when it is called, it provides its user with complete root access to the system and it doesn’t require a password. That’s my definition of a backdoor. | Direct Link |
| 16 | Sandy “Mouse†Clark | Climbing Everest | Bar Key | He went home and he brought back his key to home mini bar and it is so familiar it’s identical. So if you have a home mini bar there’s a 90 percent chance you can unlock a Diebold voting machine. | |
| 16 | Sandy “Mouse†Clark | Climbing Everest | Black | And this PEB gives you complete root access to the machine and it doesn’t require a password. You just stick it in the slot and you have root. I don’t know what color it is, but ours was black. | |
| 16 | Sandy “Mouse†Clark | Climbing Everest | Critical Mass | Like anything, until we reach critical mass, until enough of us get involved in this, nothing is going to change | |
| 16 | Sandy “Mouse†Clark | Climbing Everest | Darts | So basically we threw darts, and wherever a dart landed, somebody went and looked. Lucky for us the systems were such crap that we couldn’t not find things. | |
| 16 | Sandy “Mouse†Clark | Climbing Everest | Family Values | So, 80 percent of the votes that are tallied in US elections are tallied on systems sold by companies owned by brothers. It gives a new meaning to the term Family Values | |
| 16 | Sandy “Mouse†Clark | Climbing Everest | Give It | If you can stick your removable media into that machine it will run whatever you give it | |
| 16 | Sandy “Mouse†Clark | Climbing Everest | Hard | We found a comment next to the hard coded password. It stated, I kid you not, we hard coded this password so that hackers couldn’t use it. | |
| 16 | Sandy “Mouse†Clark | Climbing Everest | Incompetence | I could never prove any maliciousness. I can tell you that the code is very poorly written. There is definite signs of incompetence. | |
| 16 | Sandy “Mouse†Clark | Climbing Everest | Make It | But you know, we’re hackers. In our community, if you can’t buy something, how do you get a hold of it? You have to make it. We made ours with a Palm and a magnet. | |
| 16 | Sandy “Mouse†Clark | Climbing Everest | More Ports | Ethernet ports, modem ports, serial ports, parallel ports. Every single vendor has at least one that you can get access to. | |
| 16 | Sandy “Mouse†Clark | Climbing Everest | Paperclip | But if you don’t own the key you can just pick the locks. You see, Ohio didn’t send us the keys for the first five days so in order for us to turn the machine on at all we had to pick the locks. Paperclip and a little jiggling. | |
| 16 | Sandy “Mouse†Clark | Climbing Everest | Plus One | When you think about voting, you think it should be as simple as Votes Candidate equals Votes+1. This is what voting in the US really looks like. | |
| 16 | Sandy “Mouse†Clark | Climbing Everest | Ports | Maybe it’s too much trouble to remove the seals. It’s too hard to get a key or pick the locks. You can always just access one of the many open and unprotected ports. | |
| 16 | Sandy “Mouse†Clark | Climbing Everest | Small Font | I apologize for the small font but it couldn’t get them all to fit on the screen | |
| 17 | Sherri Davidoff | Death of Anonymous Travel | AMTRAK | On Sept. 23 2008, AMTRAK and TSA conducted the largest joint, simultaneous northeast rail security operation | Direct Link |
| 17 | Sherri Davidoff | Death of Anonymous Travel | Call Information | There is evidence that at least, technically, they could have access to mass domestic call information | |
| 17 | Sherri Davidoff | Death of Anonymous Travel | Cash | If you care about your privacy you can still pay in cash, right? | |
| 17 | Sherri Davidoff | Death of Anonymous Travel | FTP | So if you’re a security geek, you probably did a little..whaaa? | |
| 17 | Sherri Davidoff | Death of Anonymous Travel | How on Earth | How on earth could we get people to carry around an RFID card with them wherever they go. | |
| 17 | Sherri Davidoff | Death of Anonymous Travel | Moved | So whether or not you’re on a watchlist doesn’t depend on whether you’ve tried to bring explosives to an airport. It can depend simply on how often you’ve moved. | |
| 17 | Sherri Davidoff | Death of Anonymous Travel | POLICE_USER | So, if the variable POLICE_USER is yes, and this is taken from the client side, you would show the accept or reject buttons | |
| 17 | Sherri Davidoff | Death of Anonymous Travel | Pretzel Vendor | It was a big camera emblazoned with the NYPD logo keeping tabs on a suspicious pretzel vendor | |
| 17 | Sherri Davidoff | Death of Anonymous Travel | Shiny Metal Things | So those of us who care about our privacy of course can just use those shiny, round, metal things and those paper things we call cash, right? | |
| 17 | Sherri Davidoff | Death of Anonymous Travel | SQL | They create what’s going to become a URL, and in the URL is a select statement, a SQL select statement | |
| 17 | Sherri Davidoff | Death of Anonymous Travel | Unfettered | He says that, the users of this line could have unfettered access to voice, data, and even physical location information | |
| 17 | Sherri Davidoff | Death of Anonymous Travel | Verisign | And then you can see there’s a cute little Verisign secured logo, which makes me feel much more confident | |
| 17 | Sherri Davidoff | Death of Anonymous Travel | Verizon | All the information from OnStar goes across Verizon’s network so the FBI already has access to it. | |
| 17 | Sherri Davidoff | Death of Anonymous Travel | Watching | Please turn off your cell phones. They’re watching you. | |
| 17 | Sherri Davidoff | Death of Anonymous Travel | Who Knows | So, as we run through this, some questions to keep in your mind. Who knows that you’re here? Who knows you’re in Las Vegas? Who knows that you’re at this hotel, Riviera? Who knows that you’re attending the DEF CON conference? Who knows that you’re in this room watching this presentation right now? |