Just a short post to close out the speakers for this year’s ShmooCon Firetalks… With several more submissions during the CFP extension, the selection committee has continued to pull together a diverse program with the most interesting talks combined with a good mix of established and new speakers. But before we get on to the talks I just wanted to again thank @jack_daniel, @jasonmoliver, @nathiet, and @dystonic for their continued hard work they’ve put in over the last few weeks.
I would also again like to put out a call for sponsors to companies or organizations interested in providing some goodies for the speakers, winners, and audience. It’s a great chance to get your name in front of a very unique crowd. For more information please see out sponsorship post from a few weeks ago. Perhaps I was trying to be a little too aggressive in growing things so we can definitely negotiate from those quoted levels.
And without further ado … we are pleased to announce the final four speakers (and the two alternates)!!!
Writing a Thumbdrive for Active Disk Antiforensics
by Travis “@travisgoodspeed” Goodspeed
We are taught to think of a disk as a well behaved block device, in which little chunks of data are reliably written and read back. This brief but fast-paced lecture demonstrates what fancy and unexpected things can be done when a neighbor controls a disk’s firmware, violating that assumption of a block device’s good behavior. As a concrete example, I’ll present a prototype of a thumbdrive which can reliably fingerprint the intentions of its host, distinguishing between a legitimate user and a forensics lab. In the case of a forensics lab, the disk wipes itself and switches to an innocent image before anything of importance is read. Code and hardware are both open source as part of the Facedancer and GoodFET projects.
Protecting Big Data From Cyber APT in the Cloud
by Bill “@oncee” Gardner
Vendors want to sell you magic solutions. The truth is that magic solutions cost money and alone might not provide you with the protection they promise. It’s time we all hide under our desk from vendors and make sure we are working on the only real solution: people, policies, and processes.
Extending the 20 Critical Security Controls to Gap Assessments and Security Maturity Modelling
by John “@pinfosec” Willis
The 20 Critical Security Controls are used to create and utilize a tailored methodology for gap assessment and remediation priorization and planning. The Critical Controls for Effective Cyber Defense are then evaluated for use in creating a standardized Security Maturity Model for baselining security posture and future comparison. The presentation is intended to elicit audience feedback and participation in determining the future of such methodologies and models.
Becoming a Time Lord – Implications of Attacking Time Sources
by Joe “@joeklein” Klein
On or about November 20, 2012 the NTP server at the USA Naval Observatory was rebooted and somehow reverted to the year 2000. The impact, though subtle, propagated downstream to many servers and systems which rely on NTP. Within days of this incident, a paper out of Carnegie Mellon University was released which discussed potential strategies for attacking GPS software, another source of the time standard. Just a day later, Wired magazine published an article discussing Google’s true time API and the importance of time in their data centers. Could this be a coincidence? Is the universe trying to tell me something? And why am I wearing a bow-tie?
- “HIPAA/HITECH How I Learned to Stop Worrying and Love the Bomb” by Sarah “@dystonic” Clarke and David Zendzian
- “In Defense of Cyberwar” by Ari “@angelofsecurity” Elias-Bachrach
Hope to see you all at ShmooCon! See ya!