BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Assburger/consched/v1.0//EN METHOD:PUBLISH BEGIN:VEVENT SUMMARY: On the Current State of Remote Active OS Fingerprinting [Ofi r Arkin] CATEGORIES: Defcon 13 DESCRIPTION: " Active operating system fingerprinting is a technology, wh ich uses stimulus (sends packets) in order to provoke a reac tion from network elements. The implementations of active sc anning will monitor the network for a response to be, or not , received from probed targeted network elements, and accord ing to the type of response, and the conclusions following ( part of an implementation's intelligence), knowledge will be gathered about the underlying operating system. This talk e xamines the current state of remote active OS fingerprinting technology and tools: the different methods used today, the issues associated with them, the limitations, where the cur rent technology is, what can and cannot be accomplished, and what should be done in the future. The talk also highlights the accuracy aspects of several active operating system fin gerprinting tools, analyzes them and compare between them. D uring the talk a new version of Xprobe2, a remote active OS fingerprinting tool will be released. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Arki n DTSTART: 20050729T110000 DTEND: 20050729T115000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Introducing the Bastille Hardening Assessment Tool [Jay Beal e] CATEGORIES: Defcon 13 DESCRIPTION: " Bastille has been re-released as an assessment and hardeni ng tool. With the help of the US Government's TSWG, we've ad ded full hardening assessment capabilities, complete with sc oring. This allows Bastille to measure and score an individu al system's security settings against user-provided guidelin es, possibly before allowing a system onto the network. Secu rity or system administrators can use this to assess the rel ative state of a given system compared to Best Practices, to other systems in the organization, or to an organization-su pplied minimum standards file. They can also use it to learn what hardening steps would be helpful for the given system. Bastille's new mode can even help in verifying compliance w ith new legislation, including Sarbanes Oxley, GLBA and HIPA A. It can also help in lowering insurance premiums - AIG, th e largest provider of cybersecurity insurance, decreases pre miums by 15% for organizations following best practices in p roactive defense. Open source tools have hardened systems in the past (Bastille, Titan, YASSP), while free or open sourc e tools have measured security settings in the past (COPS, C IS Unix Scoring Tool). No popular open source tool besides B astille can do both, using the weaknesses found in an audit to harden systems. This functionality would normally be foun d only in a separate tool and thus warrants the re-release o f Bastille. We originally released Bastille Linux/Unix in 19 99 as a host hardening tool, built to tighten security setti ngs on a system, set stronger policies on that system and ed ucate system administrators. Bastille has been extremely pop ular and has since been ported to seven Linux distributions, OS X and HP-UX. Support for FreeBSD and Solaris is underway . Bastille ships by default with Gentoo, Debian(apt-get) and HP-UX, the latter of which has made it part of the installe r and contributes two developers to the project. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Beal e DTSTART: 20050731T120000 DTEND: 20050731T125000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Development of An Undergraduate Security Program [Daniel Bur roughs] CATEGORIES: Defcon 13 DESCRIPTION: " At the University of Central Florida, an undergraduate pro gram in security is currently being developed. This program will offer students a bachelor's degree through the College of Engineering. It is intended to be an interdisciplinary de gree combining coursework from the School of Engineering and Computer Science, College of Health and Public Affairs, and the National Center for Forensic Studies. The purpose of th is talk is to present the program being developed and to rec eive feedback regarding what material and what areas such a program should cover. The department that it is being offere d through (Engineering Technology) is an applied engineering department, taking a very hands-on approach to learning. As such it is necessary to develop our courses of study based on feedback from industry and the community. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Burr oughs DTSTART: 20050729T163000 DTEND: 20050729T165000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Auto-adapting Stealth Communication Channels [Daniel Burroug hs] CATEGORIES: Defcon 13 DESCRIPTION: " Intrusion detection systems and firewalls generally follow one of two methods of attack detection, signature or anomal y. Signature detection detects known attacks and anomaly det ection covers unusual activity (with the hope that it will d iscover new attacks). Often what is detected by the IDS or f irewall is not the original attack, but rather the communica tion that occurs afterwards. Known methods are easily picked up by signature detection, new methods are either picked up by anomaly detection or have a limited lifespan (signatures are created to detect them). That leads us to the dilemma o f trying to create a covert communication scheme with no (ea sily) detectable pattern and one that does not cause statist ical anomalies. The key to solving this dilemma is to use a scheme that is not consistent in its appearance and adapts i tself to match its current surroundings. The traffic on one network will very from that on another network. This means t hat what will look unusual or out of place on one network mi ght not look so strange on another. By analyzing the conditi ons that exist on a network and then adapting the communicat ion scheme to fit in with those conditions, a well camouflag ed communication channel can be created. This talk covers th e concepts for such a communication system. It will cover th e development and research being performed currently as well as providing a moderately technical discussion of the backg round concepts for such a system. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Burr oughs2 DTSTART: 20050729T150000 DTEND: 20050729T152000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Routing in the Dark: Scalable Searches in Dark P2P Networks [Ian Clarke, Oskar Sandberg] CATEGORIES: Defcon 13 DESCRIPTION: " With peer to peer networks under fire by organizations usi ng the legal system to attack participants, it seems that th e only sustainable future is for dark, encrypted, networks w here participants only talk to peers that they know and trus t. Such networks, like WASTE, already exist to some extent, but they scale poorly and do not allow global communication. This does not need to be the case, however. The "small worl d" observations, going back to Milgram's famous experiments in the sixties, show that social networks have all the right characteristics for being easy and efficient to navigate an d search. It stands to reason that, under the right circumst ances, so should a Darknet. We present algorithms for making routing possible in such networks, based on the real mathem atics of how small worlds function. The goal is to build pee r to peer networks that are difficult for outsiders to detec t and infiltrate, making the job of those who wish to shut t hem down much harder. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Clar ke DTSTART: 20050729T130000 DTEND: 20050729T135000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Countering Denial of Information Attacks [Greg Conti] CATEGORIES: Defcon 13 DESCRIPTION: " We are besieged with information every day, our inboxes ov erflow with spam and our search queries return a great deal of irrelevant information. In most cases there is no malicio us intent, just simply too much information. However, if we consider active malicious entities, the picture darkens. Den ial of information (DoI) attacks assail the human through th eir computer system and manifest themselves as attacks that target the human's perceptual, cognitive and motor capabilit ies. By exploiting these capabilities, attackers reduce the ability of humans to acquire and act upon desired informatio n. Even if a traditional denial of service attack against a machine is not possible, the human utilizing the machine may still succumb to a DoI attack. Typically much more subtle ( and potentially much more dangerous), DoI attacks can active ly alter the decision making of humans, potentially without their knowledge. This talk explores denial of information at tacks and countermeasures and uses network visualization sce narios to illustrate the problem. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Cont i DTSTART: 20050730T170000 DTEND: 20050730T175000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Sketchtools: Prototyping Physical Interfaces [Matt Cottam] CATEGORIES: Defcon 13 DESCRIPTION: " Industrial designers working in traditional media have the luxury of sketching, playing, and experimenting with their materials before constructing a finished product. Designers working with electronics and computers are relatively impove rished. To "sketch" with electronics or computers would typi cally require extensive training in engineering and ready ac cess to inexpensive parts--requirements that most designers can't easily meet. This deficiency--this inability to work c losely with materials before building with them--hampers des igners' efforts to make products sensitive to human use. Thi s paper describes an attempt to address this problem in a hu man-computer interaction (HCI) design studio at a major desi gn school. The course itself was an exercise in design: it w orked within severe constraints to address a human need. We describe our attempt to shape the course to meet students' m ost pressing needs; our students' attempts to work within th e constraints of the course; and the outcomes of the course for students and faculty. The paper suggests that the course offers one way to experiment with HCI concepts, produce inn ovative solutions to design problems, and--crucially--humani ze new technologies and the design process." " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Cott am DTSTART: 20050730T180000 DTEND: 20050730T185000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: The Information Security Industry: $3 Billion of Snake Oil [ David Cowan] CATEGORIES: Defcon 13 DESCRIPTION: " A raging fear of The Computer Evildoers has driven enterpr ises to the safety of the herd, buying whatever elixirs the big vendors peddle. Security consumers waste billions of dol lars on ineffective (but well integrated!) solutions. Howeve r, as technology users grow more sophisticated about securit y threats (often learning the hard way), opportunities will surface for innovative startups to deliver effective IT surv ival mechanisms. This talk will review the industry's blunde rs, and sources of opportunity. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Cowa n DTSTART: 20050730T140000 DTEND: 20050730T145000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: CISO Q&A with Dark Tangent [Scott Blake, Pamela Fusco, Ken P fiel, Justin Somaini, Andre Gold, David Mortman] CATEGORIES: Defcon 13 DESCRIPTION: " The Dark Tangent, founder of DEFCON, invites Chief Informa tion Security Officers from global corporations to join him on stage for a unique set of questions and answers. What do CISOs think of David Litchfield, Dan Kaminsky, Joe Grand, Me tasploit, Black Hat, and DEFCON? How many years before deper imeterization is a reality? Is security research more helpfu l or harmful to the economy? What privacy practices do CISOs personally use? These questions and others from the audienc e will be fielded by this panel of security visionaries. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#DT DTSTART: 20050729T140000 DTEND: 20050729T145000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Whiz Kids or Juvenile Delinquents: A Sociological Perspectiv e The Construction of Hacker Identity [Amanda Dean] CATEGORIES: Defcon 13 DESCRIPTION: " The paper I will be presenting serves as a rudimentary lit erature review on how hackers may be constructed as either d eviants or non-deviants in society. This presentation begins by placing hackers within the framework of sociological lit erature on deviance. I talk about how deviance has historica lly been a social construction, with the more powerful membe rs of society defining what it is to be deviant, and those w ith less power are frequently applied the label. I apply soc iological definitions of of deviants to hackers, and am able to refute these claims in many cases. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Dean DTSTART: 20050729T170000 DTEND: 20050729T172000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Introduction to Lockpicking and Physical Security [Deviant O llam] CATEGORIES: Defcon 13 DESCRIPTION: " Physical security isn't just a concern of the IT world. Be sides securing server rooms, locks of all sizes and styles a re scattered throughout our lives. However, much of the gene ral public is unaware of the insecurities present in many lo ck designs. Through discussion and direct example, Deviant O llam will address the strengths and weaknesses of standard p in tumbler locks, combination locks, warded locks, wafer loc ks, and more. Discussion of effective tools, advanced techni ques, master key theory, and lesser-known picking techniques will also be covered. This talk is aimed at lockpick novice s who are interested in better security and learning lockpic king skills. While always the first to admit that he's no Ba rry Wels, Deviant hopes to have a good time with this lockpi ck talk and looks forward to hand-on audience participation. Many styles of practice locks and picks will be made availa ble. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Devi ant DTSTART: 20050730T110000 DTEND: 20050730T125000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: The Hacker's Guide to Search and Arrest [Steve Dunker Esq] CATEGORIES: Defcon 13 DESCRIPTION: " Have you ever been pulled over by the Cops? Do you worry a bout your home being searched by the Feds? The Hacker's Guid e to Search and Arrest is presented in a down and dirty fast pace. You won't hear a single boring case citation here. In stead you get information you can use in every day life, pre sented in a way that won't make your eyes gaze over. Learn w hen the Government can legally perform searches or make arre sts. Find out what you can do if you are a victim of an ille gal search or seizure. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Dunk er DTSTART: 20050730T100000 DTEND: 20050730T105000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Ask EFF: The Year in Digital Liberties [Annalee Newitz, Wend y Seltzer, Kevin Bankston, Kurt Opsahl, Seth Schoen] CATEGORIES: Defcon 13 DESCRIPTION: " Get the latest information about how the law is racing to catch up with technological change from staffers at the Elec tronic Frontier Foundation, a digital civil liberties group fighting for freedom and privacy in the computer age. This s ession will include updates on current EFF issues such as DR M, file-sharing, spyware, the USA-Patriot Act, and bloggers' rights. But over half the session will be given over to que stion-and-answer, so it's your chance to ask the panelists q uestions about issues important to you. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#EFF DTSTART: 20050730T110000 DTEND: 20050730T125000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: The Power to Map: How Cyberspace Is Imagined Through Cartogr aphy [Kristofer Erickson] CATEGORIES: Defcon 13 DESCRIPTION: " An ongoing project for scholars in Geography has been to e xplore how power and cartography are mutually implicated. Ge ographers have traditionally been concerned with making maps of the earth, but until recently we have seldom reflected o n how particular forms of knowledge and power are privileged in the production of maps, and how those maps themselves pr oduce particular geographic imaginations. As new virtual spa ces are opened up through communication technologies such as the Internet, maps remain one of the important ways that th ese spaces are articulated to the public. However, when crea ting these new maps of cyberspace, it is necessary to remain aware of the political meaning contained in these represent ations. Maps of the internet that depict it as a disembodied , decentralized and unregulated space may in fact promote pa rticular interests such as capitalism and national security, while suppressing others. The aim of this presentation is t o open up a dialogue where we can collectively critique exis ting maps of cyberspace and imagine alternatives that may be more sensitive to a competing range of interests, including those of the hacker community. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Eric kson DTSTART: 20050729T173000 DTEND: 20050729T175000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Meet the Fed [Jim Christy and various other Feds] CATEGORIES: Defcon 13 DESCRIPTION: " A unique opportunity to surrender and confess all of your crimes to law enforcement agents from multiple federal and p ossibly international agencies. The "Meet the Fed" Panel is again chaired by Special Agent Jim Christy, Director of the Department of Defense Cyber Crime Institute. Jim will have o n his panel representatives from: National Security Agency ( NSA) (2) Federal Bureau of Investigation (FBI) US Postal Ser vice General Accounting Office (GAO) The Internal Revenue Se rvice (IRS - always a favorite) Department of Defense Cyber Crime Center (DoD) If you don't want to confess yourself, yo u can certainly drop a dime on one of the other DEFCON atten dees. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Fed DTSTART: 20050730T130000 DTEND: 20050730T135000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Hacking Nmap [Fyodor] CATEGORIES: Defcon 13 DESCRIPTION: " While many security practitioners use Nmap , few understan d its full power. Nmap deserves part of the blame for being too helpful. A simple command such as "nmap scanme.insecure. org" leaves Nmap to choose the scan type, timing details, ta rget ports, output format, source ports and addresses, and m ore. You can even specify -iR (random input) and let Nmap ch oose the targets! Hiding all of these details makes Nmap eas y to use, but also easy to grow complacent with. Many people never explore the literally hundreds of available options a nd scan techniques for more powerful scanning. In this prese ntation, Nmap author Fyodor details advanced Nmap usage--fro m clever hacks for teaching Nmap new tricks, to new and undo cumented features for bypassing firewalls, optimizing scan p erformance, defeating intrusion detection systems, and more. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Fyod or DTSTART: 20050729T100000 DTEND: 20050729T105000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: A Safecracking Double Feature: Dial 'B' For BackDialing and Spike the Wonder Safe [Leonard Gallion] CATEGORIES: Defcon 13 DESCRIPTION: " This presentation will introduce two powerful, non-destruc tive safe opening techniques. The first "Dial B For BackDial ing," will trace the history of backdialing all the way from Richard Feynman working on the atomic bomb (and opening saf es) in the 1940's, to today. This presentation will show how mechanical safes have changed since Feynman's time, but how most are still vulnerable to both his method and the simple r Nascar(tm) technique. The next part of the presentation, " Spike the Wonder Safe" will demonstrate how to defeat the tw o locking mechanisms of a popular office safe using just an ink pen and a battery, all in under two minutes. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Gall ion DTSTART: 20050730T140000 DTEND: 20050730T145000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Hacking in a Foreign Language: A Network Security Guide to R ussia (and Beyond) [Kenneth Geers] CATEGORIES: Defcon 13 DESCRIPTION: " Has your network ever been hacked, and all you have to sho w for your investigative efforts is an IP address belonging to an ISP in Irkutsk? Are you tired of receiving e-mails fro m Citibank that resolve to Muscovite IP addresses? Would you like to hack the Kremlin? Or do you think that the Kremlin has probably owned you first? Maybe you just think that Anna Kournikova is hot. If the answer to any of the above questi ons is yes, then you need an introduction to the Gulag Archi pelago of the Internet, the Cyberia of interconnected networ ks, Russia. Do not let the persistent challenges of crossing international boundaries intimidate you any longer. In this briefing, we will follow several real-world scenarios back to Russia, and you will learn valuable strategies for taking your investigations and operations one big geographical ste p further. A brief introduction to Russia will be followed b y 1,000 traceroutes over the frozen tundra described in deta il, along with an explanation of the relationship between cy ber and terrestrial geography. Information will be provided on Russian hacker groups and law enforcement personnel, as w ell as a personal interview with the top Russian cyber cop, conducted in Russian and translated for this briefing. Quick : name one significant advantage that Russian hackers have o ver you. They can read your language, but you cannot read th eirs! Since most Westerners cannot read Russian, the secrets of Russian hacking are largely unknown to Westerners. You w ill receive a short primer on the Russian language, to inclu de network security terminology, software translation tools, and cross-cultural social engineering faux-pas (this method will apply to cracking other foreign languages as well). Ha cking in a Foreign Language details a four-step plan for cro ssing international frontiers in cyberspace. First, you must learn something about the Tribe: in this case, the chess pl ayers and the cosmonauts. Second, you must study their cyber Terrain. We will examine the open source information and th en try to create our own network map using traceroutes. Thir d, we will look at the Techniques that the adversary employs . And fourth, we will conquer Translation. The goal is to le vel the playing field for those who do not speak a foreign l anguage. This briefing paves the way for amateur and profess ional hackers to move beyond their lonely linguistic and cul tural orbit in order to do battle on far-away Internet terra in. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Geer s DTSTART: 20050729T210000 DTEND: 20050729T220000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Bacon: A Framework for Auditing and Penetration Testing [Her nan Gips] CATEGORIES: Defcon 13 DESCRIPTION: " Nowadays there is a lack of adequate frameworks to make th e security consulters and pen testers life easy. A lot of se parated or integrated tools like automating penenetration Te stingtools improve their performance but aren't very useful for the real world consultant. Also some languages, which ar e not too powerful and complex like python makes others tool s hard to expand to the public in general. In reality, the n eed for flexible, modular and extensible but also powerful k ind of tool is growing in today's computing security scene d ue to substantial increases in the security, pen testing and code audit market. The goal of this paper is to motivate a renewed interest and present a solution based on nowadays te chnologies capable to handle the real world challenges and t o be useful. Bacon is an introduction to a generic framework for penetration testers and consultants. Baconis an Open So urce modular framework. Bacon's core component is developed in C# and is able to load modules compiled to run in ECMA Co mmon Language Infrastructure, for example C#, C++.NET, VB.NE T, IronPython and others. So the core component, GUI and the modules are multi platform. These modules would run on Wind ows using the Microsoft CLI or Linux using Mono or another C LI implementation. Bacon's core also provides a set of facil ities to generate custom reports, utility libraries and modu le communication. The actual development of Bacon is focused in the core component and three modules, one of them for co de auditing, other for web application auditing and the last one for database auditing. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Gips DTSTART: 20050730T100000 DTEND: 20050730T105000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Intro to High Security Locks and Safes [Michael Glasser, Dev iant Ollam] CATEGORIES: Defcon 13 DESCRIPTION: " This "Talk" will focus on the next step beyond basic locks and lock picking. You will NOT learn about basic cylinders. You will not learn how to shim a padlock. You will learn ab out Medeco side bars and how they've been beaten. You will l earn about mul-t-lock pin-in-pin cylinders and how they've b een beaten. You will learn the basics of safe manipulation. This is not a "Talk" that will teach you how to pick, the "p ick-proof" locks. It will give you the foundation and method s that will allow you to understand these locks, and the con cepts behind picking them. Punch and Pie will be served. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Glas ser DTSTART: 20050730T130000 DTEND: 20050730T135000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Inequality and Risk [Paul Graham] CATEGORIES: Defcon 13 DESCRIPTION: " Previous attempts to hack the connection between wealth an d power have aimed mainly at eliminating economic inequality . They've all ended in disaster, because economic inequality is closely related to risk: you can't eliminate inequality without eliminating startups, and with them growth. So if yo u want to get rid of injustice, the place to attack is one s tep downstream, where wealth turns into power. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Grah am DTSTART: 20050729T203000 DTEND: 20050729T210000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Top Ten Legal Issues in Computer Security [Jennifer Granick] CATEGORIES: Defcon 13 DESCRIPTION: " This will be a practical and theoretical tutorial on legal issues related to computer security practices. In advance o f the talk, Granick will unscientifically determine the "Top Ten Legal Questions About Computer Security" that Defcon at tendees have and will answer them as clearly as the unsettle d nature of the law allows. While the content of the talk is audience driven, Granick expects to cover legal issues rela ted to vulnerability disclosure, copyright infringement, rev erse engineering, free speech, surveillance and civil libert ies. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Gran ick DTSTART: 20050730T200000 DTEND: 20050730T205000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Surgical Recovery from Kernel-Level Rootkit Installations [J ulian Grizzard] CATEGORIES: Defcon 13 DESCRIPTION: " Conventional wisdom states that once a system has been com promised, it can no longer be trusted and the only solution is to wipe the system clean and reinstall. This talk goes ag ainst the grain of conventional wisdom and asks are there mo re efficient ways to repair a system other than complete rei nstallation. Specifically, this talk will focus on the detec tion of and recovery from the installation of both tradition al and kernel-level rootkits. Included in the presentation i s a demonstration of an operating system architecture and in trusion recovery system (IRS) that is capable of recovering from some of the most prevalent rootkits seen in the wild. P rototype recovery tools will be released. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Griz zard DTSTART: 20050731T130000 DTEND: 20050731T135000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Lost in Translation [Christian Grothoff] CATEGORIES: Defcon 13 DESCRIPTION: " This presentation describes the possibilities of steganogr aphically embedding information in the "noise" created by au tomatic translation of natural language documents. An automa ted natural language translation system is ideal for stegano graphic applications, since natural language translation lea ves plenty of room for variation. Also, because there are fr equent errors in legitimate automatic text translations, add itional errors inserted by an information hiding mechanism a re plausibly undetectable and would appear to be part of the normal noise associated with translation. Significantly, it should be extremely difficult for an adversary to determine if inaccuracies in the translation are caused by the use of steganography or by perceptions and deficiencies of the tra nslation software. A prototype, Lost in Translation (LiT), w ill be presented. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Grot hoff DTSTART: 20050729T140000 DTEND: 20050729T145000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: The Insecure Workstation II `bob reloaded` [Deral Heiland] CATEGORIES: Defcon 13 DESCRIPTION: " The insecure workstation II `Bob Reloaded`. Exploring atta ck vectors within Microsoft desktop systems. A close look at third party applications that still suffer from api call vu lnerabilities and how attackers can use these vulnerabilitie s to escalate there rights to system level . Also will be ex ploring this year's security research into "attacks against the local desktop login". Demonstration of desktop access wi thout logging in. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Heil and DTSTART: 20050731T130000 DTEND: 20050731T135000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: No Women Allowed? Exploring Gender Differences In Hacking [T homas J. Holt] CATEGORIES: Defcon 13 DESCRIPTION: " The President of Harvard University, Lawrence H. Summers, recently suggested the lack of women in the sciences is due to innate differences between men and women. He speculated a variety of reasons for this including genetics and social f actors, and his comments created a stir among academics and the general public. While the accuracy of his statements are suspect, he raises an intriguing question in light of decli ning female enrollment in computer science and engineering d egree programs at MIT and other universities. And if women a re falling out of these fields, what is happening to the pop ulation of female hackers and security professionals? What h ave their experiences been up to this point? Research sugges ts men dominate the underground, and sociological research s uggests this is attributable to social practices rather than innate sex differences. However, the female hackers' perspe ctive has not been well documented. Furthermore, the existin g literature on this issue is based largely on anecdotal rat her than empirical evidence. As such, it is necessary to exa mine the gendered experiences of hackers to expand our knowl edge of how these experiences impact individuals and their b ehavior. The purpose of this talk is to introduce my researc h agenda to study male and female hackers, and examine varia tions across gender. During the talk, I will lay out fundame ntal theoretical concepts used to discuss the different expe riences of men and women on and off-line. Then I will introd uce my research proposal and call for interested individuals to participate in this study. Throughout the presentation, the audience is welcome to share their personal feelings, be liefs, and knowledge about gender and hacking. The start of an open dialogue, whether formal or informal, regarding gend er differences in hacking is critical to advance our underst anding of this important issue for information technology an d the sciences. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Holt DTSTART: 20050729T150000 DTEND: 20050729T152000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Meme Mining for Fun and Profit [Broward Horne] CATEGORIES: Defcon 13 DESCRIPTION: " Technology trends are treacherous. Should you learn java o r visual basic? Pay for Windows or download Linux? Will that investment in Bluetooth pay off? Or will you get suckered b y a faddish book written by a fading technology guru? You ca n't know the future (yet), but you can make educated guesses and tilt the odds in your favor. Meme Miner is a simple pro gram for trend tracking. Its power lies in the business and social bandwidth concepts behind its creation. Meme Miner sh ows current technology trends, but also gives an historical perspective of their past. You will NOT get a lesson in HTTP hacking in this session, but you will get practical and val uable business concepts to help survive (and perhaps prosper ) in the next technology upheaval. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Horn e DTSTART: 20050731T110000 DTEND: 20050731T115000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: GeoIP Blocking, A Controversial But (Sometimes) Effective Ap proach [Tony Howlett] CATEGORIES: Defcon 13 DESCRIPTION: " What if I told you, than in a few minutes and at no extra cost, you could be blocking up to 30% of all malware headed for your network? Sound to good to be true? Well it doesn't work for everyone and there are a lot of caveats, but it can be an effective way to eliminate a large portion of the mal icious traffic aimed at your network. In this talk we will c over why you would want to GeoIP block and why it might not be a good choice for you. We will then get into the mechanic s with actual IP blocks given and strategies for both full a nd limited GeoIP blocking. You have nothing to lose and may gain a valuable tool in your network security arsenal. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Howl ett DTSTART: 20050731T140000 DTEND: 20050731T145000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: The Next Generation of Cryptanalytic Hardware [David Hulton] CATEGORIES: Defcon 13 DESCRIPTION: " Encryption is simply the act of obfuscating something to t he point that it would take too much time or money for an at tacker to recover it. Many algorithms have time after time f ailed due to Moore's law or large budgets or resources (e.g. distributed.net). There have been many articles published o n cracking crypto using specialized hardware, but many were never fully regarded as being practical attacks. Slowly FPGA s (Field Programmable Gate Arrays) have become affordable to consumers and advanced enough to implement some of the conv entional software attacks extremely efficiently in hardware. The result is performance up to hundreds of times faster th an a modern PC. This presentation will provide a walk throug h on how FPGAs work, review their past applications with cry pto cracking, present basic tips and pointers to developing a fast and efficient crypto cracking design, discuss overclo cking FPGAs, and analyze the future growth of FPGA hardware and it's relation to current crypto ciphers. Then, a new ope n source DES cracking engine will be released and demonstrat ed which is able to crack windows Lanman and NTLM passwords at a rate over 600,000,000 crypts per second on a single low -cost Virtex-4 LX25 FPGA and provide brute-force performance comparable to lookups on a hard-drive based rainbowtable at tack. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Hult on DTSTART: 20050729T153000 DTEND: 20050729T155000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Credit Cards: Everything You have Ever Wanted to Know [Rober t "hackajar" Imhoff-Dousharm] CATEGORIES: Defcon 13 DESCRIPTION: " Identity theft is at an all time high. With businesses, un iversities and banks being compromised the threat is real ri ght now. The media covers these area's but miss one importan t location that your most suseptiable to fraud, everywhere y ou swipe your credit card. We will pull out all the stops to help you understand credit cards, their history and how to protect yourself. Ever wonder what was in the magnetic strip of a card? Where that information goes? Who keeps your pers onal information, and for how long? Who is data mining this information? Who do they sell it to? All these questions and more will be answered in this presentation Defcon 11 we tal ked about social engineering to steal your credit card infor mation. Defcon 12 we gave a live example on stealing credit card data from merchant networks. Now we will show you what that information is, and how to protect yourself against fra ud. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Imho ff DTSTART: 20050729T140000 DTEND: 20050729T145000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Doing Not-For-Profit Tech: The Hacker Foundation Year in Rev iew [Jesse Krembs, Nick Farr, Emerson Tan, Frazier Cunningha m, Jennifer Granick, James Schuyler, Christian Wright & Will iam Knowles, & other select members of the Foundation Board. ] CATEGORIES: Defcon 13 DESCRIPTION: " Fresh from a year of grappling with Tsunamis, the IRS and building IT in Uganda, members of The Hacker Foundation will tell the story of their first year as a federally recognize d non-profit organization while providing practical insight on doing charitable IT work throughout the world. Tips and t ricks on everything from funding for free software projects to keeping a dust storm from killing your laptop will be pre sented. The Hacker Foundation serves as a research and servi ce organization to promote and explore the creative use of t echnological resources across frontiers with a global outloo k. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Krem bs DTSTART: 20050731T130000 DTEND: 20050731T135000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: A Linguistic Platform for Threat Development [Ben Kurtz] CATEGORIES: Defcon 13 DESCRIPTION: " Sick of hand-coding each and every exploit? The past few y ears have seen the rise of some generalized frameworks for t he exploitation of vulnerabilities, but none of them are gen eral-purpose enough to accommodate arbitrary hardware and ne twork protocols. By applying programming language theory to the development of new networks attacks, we can create next- generation platforms capable of quickly handling arbitrary p rotocols and hardware, and exponentially reducing threat dev elopment time. The advances made in compilers in the past de cades allow us to divorce ourselves from the tedious mechani cs of custom-crafting network attacks and focus only on what we want the attack to do. This new platform has serious imp lications for both good (rapidly adding 0-day exploits to yo ur lab's regression testing with no programming knowledge) a nd for evil (allowing people with no programming knowledge t o wield a database of malevolence). The Linguistic Platform can simultaneously accomodate both the generation of network traffic and the decomposition of packet captures for subseq uent modification and playback. Using this system, a user ca n capture a malicious traffic stream in Ethereal, modify it as needed, and play it back on a live network. By deploying several clustered systems, it can even play back multi-node conversations, such as a man-in-the-middle attack. The desig n of new threats and the organization of threats into a data base are also drastically simplified by this system. In this talk, I will introduce a simple and incredibly powerful app roach to the scripting, capture, and playback of malicious n etwork traffic, and detail the design goals and consideratio ns of a Linguistic Platform for Threat Development. Some fam iliarity with linguistics or finite automata will be helpful , but is not required. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Kurt z DTSTART: 20050731T140000 DTEND: 20050731T145000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Introducing Unicornscan - Riding the Unicorn [Robert E. Lee, Jack C. Louis] CATEGORIES: Defcon 13 DESCRIPTION: " 2.2 Abstract Unicornscan is an open source (GPL) tool desi gned to assist with information gathering and security audit ing. This talk will contrast the real world problems we've e xperienced using other tools and methods while demonstrating the solutions that Unicornscan can provide. We will use Uni cornscan to collect information from large networks, data mi ne the collected information, and test systems for susceptib ility to specific vulnerabilities. Some of the more interest ing content includes: How to take stable working exploits an d use Unicornscan as a delivery agent. How to deliver platfo rm specific exploits using just the information from one Tar get response packet (SYN/ACK). How to avoid the kernel fixin g packets that we have specifically created to be invalid. H ow to get more mileage out of the information contained insi de the TCP stream for OS and possibly application fingerprin ting. An introduction to the Scatter Connect method of TCP C onnection State information tracking. During the talk we wil l release a new DEFCON specific version of Unicornscan that contains many enhancements that we will demonstrate during t he talk. The DEFCON version will also contain a couple of sp ecial payload configuration files not included in the standa rd release. To get the most out of this talk attendees shoul d have a strong working knowledge of TCP/IP, C programming, assembly, and OS/Application fingerprinting techniques. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Lee DTSTART: 20050729T120000 DTEND: 20050729T125000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: The Dark Side of Winsock [Jonathan Levin] CATEGORIES: Defcon 13 DESCRIPTION: " The Winsock SPI, or Service Provider Interface, has been a part of Winsock since the advent of version 2.0. It enables providers to extend the Winsock API transparently, by insta lling their own hooks and chains to application API calls. H owever, its formidable capabilities are not put to widesprea d use... aside from spyware (remember Kazaa's "sporder.dll"? ). The talk will discuss (and demonstrate) some of the more insidious uses of the SPI. From collecting connection statis tics, through eavesdropping on data, or rerouting connection s, with the application remaining totally oblivious! " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Levi n DTSTART: 20050730T180000 DTEND: 20050730T185000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Google Hacking for Penetration Testers [Johnny Long] CATEGORIES: Defcon 13 DESCRIPTION: " Google Hacking returns for more guaranteed fun this year a t Defcon 13! If you haven't caught one of Johnny's Google ta lks, you definitely should. Come and witness all the new and amazing things that can be done with Google. All new for De fcon 13, Johnny reveals basic and advanced search techniques , basic and advanced hacking techniques, multi-engine attack query morphing, and zero-packet target foot printing and re con techniques. Check out Google's search-blocking tactics ( and see them bypassed), and learn all about using Google to locate targets Google doesn't even know about! But wait, the re's more! Act now and Johnny will throw in the all new "Goo gle Hacking Victim Showcase, 2005" loaded with tons of scree nshots (and supporting queries) of some of the most unfortun ate victims of this fun, addictive and deadly form of Intern et nastiness. Think you're too uber to be caught in a Google talk? Fine. Prove your badness. Win the respect of the audi ence by crushing the live Google Hacking contest! Submit you r unique winning query by the end of the talk to win free bo oks from Syngress Publishing and other cool gear! Or don't. Just listen to your friends rave about it. Whatever. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Long DTSTART: 20050730T190000 DTEND: 20050730T195000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Death of a Thousand cuts - Forensics [Johnny Long] CATEGORIES: Defcon 13 DESCRIPTION: " In this day and age, forensics evidence lurks everywhere. This talk takes attendees on a brisk walk through the modern technological landscape in search of hidden digital data. S ome hiding places are more obvious than others, but far too many devices are overlooked in a modern forensics investigat ion. As we touch on each device, we'll talk about the possib ilities for the forensic investigator, and take a surprising and fun look at the nooks and crannies of many devices cons idered commonplace in today's society. We'll look at iPods ( and other MP3 players), Sony PSP devices (and other personal video products), digital cameras, printers, fax machines, a ll-in-one devices, dumb phones, "smart" phones, cell phones, various network devices and even wristwatches, sunglasses, pens and all sorts of other devices that contain potential e vidence. For each device, we'll look at what can be hidden a nd talk about various detection and extraction techniques, a voiding at all costs the obvious "oh I knew that" path of fo rensics investigation. All this will of course be tempered w ith Johnny's usual flair, some fun "where's the evidence" ga mes, and some really cool giveaways. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Long 2 DTSTART: 20050729T200000 DTEND: 20050729T202000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Visual Security Event Analysis [Raffael Marty] CATEGORIES: Defcon 13 DESCRIPTION: " In the network security world, event graphs are evolving i nto a useful data analysis tool, providing a powerful altern ative to reading raw log data. By visually outlining relatio nships among security events, analysts are given a tool to i ntuitively draw conclusions about the current state of their network and to respond quickly to emerging issues. I will b e showing a myriad of graphs generated with data from variou s sources, such as Web servers, firewalls, network based int rusion detection systems, mail servers, and operating system logs. Each of the graphs will be used to show a certain pro perty of the dataset analyzed. They will show anomalous beha vior, misconfigurations and simply help document activities in a network. As part of this talk, I will release a tool to ol that can be used to experiment with generating event grap hs. A quick tutorial will show how easy it is to generate gr aphs from security data of your own environment. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Mart y DTSTART: 20050731T120000 DTEND: 20050731T125000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: The Six Year Old Hacker: No More Script Kiddies. [Kevin McCa rthy] CATEGORIES: Defcon 13 DESCRIPTION: " Computer use in elementary schools is problematic. Seldom are computers well integrated into the general curriculum. O ften, they are used merely as instructional surrogates to "d rill" skills. Particularly disturbing is the lack of explora tion of the computer itself, and the culture of technology. Programming can teach vital problem solving skills, project management, respect for others work, and the value of collab oration. So why not cultivate the methods and ethics of hack ing in young children? For the last 2 years I have been doin g just that. Working with 6 to 12 year olds in a small Monte ssori school, I have begun to develop a program to encourage curiousity in our created, technological world, in the same way that their teachers encourages such curiousity in the n atural world. I would like to open a discussion on the value of this approach, and the methods I employ. Perhaps I can e ncourage others to help cultivate the next generation of hac kers. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#McCa rthy DTSTART: 20050729T160000 DTEND: 20050729T162000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Trust Transience: Post Intrusion SSH Hijacking [Metalstorm] CATEGORIES: Defcon 13 DESCRIPTION: " Trust Transience: Post Intrusion SSH Hijacking explores th e issues of transient trust relationships between hosts, and how to exploit them. Applying technique from anti-forensics , linux VXers, and some good-ole-fashioned blackhat creativi ty, a concrete example is presented in the form of a post-in trusion transparent SSH connection hijacker. The presentatio n covers the theory, a real world demonstration, the impleme ntation of the SSH Hijacker with special reference to defeat ing forensic analysis, and everything you'll need to go home and hijack yourself some action. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Meta lstorm DTSTART: 20050730T160000 DTEND: 20050730T165000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: ATM Network Vulnerabilities [Robert Morris] CATEGORIES: Defcon 13 DESCRIPTION: " When was the last time you visited an actual human being t o withdraw some spending money? In a world were most people visit computers for cash, ATM Networks have been traditional ly thought of as a secure haven. Financial data theft is mor e of a reality than ever, but the backbone for the majority of cash to consumer transactions is not a target. I will sho w you why that is about to change. During my years at the NS A, I witnessed the growth of the electronic banking industry and observed many poor security design decisions as the ATM network was built. The means for authentication, the protec tion of data, and the methods for transferring sensitive inf ormation are just the tip of the iceberg. The ATM network is the next financial hacking pot of gold. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Morr is DTSTART: 20050729T130000 DTEND: 20050729T135000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Hacking the Mind (Influence and NLP) [Mystic] CATEGORIES: Defcon 13 DESCRIPTION: " Do you ever find your self wondering if good social engine ers and highly influential people are just born that way? We ll, you might be surprised to find out that any human skill can be duplicated including being a master at influence. Thi s is what forms the basis for a field of study known as NLP or Neuro-Linguistic-Programming. In this talk I will give an introduction to what NLP is and how it is used and will als o provide you with some tools to help you better understand how you and others are influenced and how to exploit it. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Myst ic DTSTART: 20050731T120000 DTEND: 20050731T125000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: A New Hybrid Approach for Infrastructure Discovery, Monitori ng and Control [Ofir Arkin] CATEGORIES: Defcon 13 DESCRIPTION: " An enterprise IT infrastructure is a complex and a dynamic environment that is generally described as a black hole by its IT managers. The knowledge about an enterprise network's layout (topology), resources (availability and usage), elem ents residing on the network (devices, applications, their p roperties and the interdependencies among them) as well as t he ability to maintain this knowledge up-to-date, are all of critical for managing and securing IT assets and resources. Unfortunately, the current available network discovery tech nologies (active network discovery and passive network disco very) suffer from numerous technological weaknesses which pr event them from providing with complete and accurate informa tion about an enterprise IT infrastructure. Their ability to keep track of changes is unsatisfactory at best. The inabil ity to "know" the network directly results with the inabilit y to manage and secure the network in an appropriate manner. This is since it is impossible to manage or to defend somet hing, or against something, its existence is unknown or that only partial information about it exists. The first part of the talk presents the current available network discovery t echnologies, active network discovery and passive network di scovery, and explains their strengths and weaknesses. The ta lk highlights technological barriers, which cannot be overco me, with open source and commercial applications using these technologies. The second part of the talk presents a new hy brid approach for infrastructure discovery, monitoring and c ontrol. This agent-less approach provides with real-time, co mplete, granular and accurate information about an enterpris e infrastructure. The underlying technology of the solution enables maintaining the information in real-time, and ensure s the availability of accurate, complete and granular networ k context for other network and security applications. Durin g the talk new technological advancements in the fields of i nfrastructure discovery, monitoring and auditing will be pre sented. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Ofir DTSTART: 20050730T200000 DTEND: 20050730T205000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Causing the Law [Mark Pauline] CATEGORIES: Defcon 13 LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Paul ine DTSTART: 20050729T190000 DTEND: 20050729T200000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Social Engineering Do's & Don'ts (A Female Perspective) [Bet h Louis (Phen)] CATEGORIES: Defcon 13 DESCRIPTION: " Social Engineering Do's and Don'ts is more informative the n technical. Over the course of the lecture, I plan on going over some information you may not have thought of in your p ursuits. Such as, telephone surveys, the importance of being well informed, along with basics such as the importance of both phone & social etiquette, surveillance, going undercove r, corporate fraud and of course identity theft. There will be live demonstrations & explanations. This is the talk for everything you wanted to know about social engineering but w ere to technical to ask. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Phen DTSTART: 20050729T152000 DTEND: 20050729T160000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Bypassing Authenticated Wireless Networks [Dean Pierce, Bran don Edwards, Anthony Lineberry] CATEGORIES: Defcon 13 DESCRIPTION: " As the demand for mobile internet access increases, more a nd more public wireless access points are becoming available for general usage. Unfortunately, as awareness of these acc ess points increases, some companies have been capitalizing on the idea, charging monthly and hourly rates. This talk di scusses methods of silently bypassing current implementation s of authenticated wireless networks. An automated proof of concept tool is released and explained. Some theoretical met hods of authentication that might be implemented in the futu re are also discussed. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Pier ce DTSTART: 20050729T163000 DTEND: 20050729T165000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Suicidal Linux [Bruce Potter] CATEGORIES: Defcon 13 DESCRIPTION: " I spend a lot of my time shooting at random targets. Last year I was on a Bluetooth holy war, trying to raise awarenes s of Bluetooth security (or lack therein). My talk at BH 04 was actually a two day experiment using Bluetooth to track a ttendees around the conference (code available from bluetoot h.shmoo.com). While the technology was simple, the message n eeded to get out. Bluetooth enabled phones are dangerous and are flying under the security industry's radar screen. Fast forward a year, and the situation is much better. Bluetooth security is getting more and more coverage and research ( w ww.trifinite.org is a great site for BT security issues), an d people are (finally) getting scared. So I decided to shift gears into a bigger hornet's nest... The holy war of Operat ing System security. No, not the standard issue "OpenBSD is uber secure, Windows sucks" discussion. Rather, I've been fo cusing on the long term impact of each of these operating sy stems on the security of enterprise networks and the Interne t as a whole. Any reasonable tech geek can be trained to loc k down a host. Give them a checklist and some procedures and lock it down and *boom* a secure host. However, while that host may be secure today, what are the differences in long t erm security between the major operating systems. As it turn s out, a lot of the long term security issues revolve around the development method used to develop the OS. Windows is d esigned as one big systems, and to some extent the BSD's are as well. But Linux... Linux is designed with duct tape in m ind. Linux distros are held together with spit and tape, and the ramifications on security are dire. I've been gathering data from mail lists, looking at code, and talking to peopl e running big systems in an attempt to figure out how bad th ings really are. I'm sure many of you will find this talk in flammatory, and that's a good thing. "Knowing is half the ba ttle."... even if you don't want to hear it. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Pott er DTSTART: 20050729T130000 DTEND: 20050729T135000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Assymetric Digital Warfare [Roberto Preatoni (aka Sys64738), Fabio Ghioni] CATEGORIES: Defcon 13 DESCRIPTION: " The speech will be intended to let the attendees understan d where and how the digital conflicts are conducted today bu t we will dig deeply into the future. We will take as exampl e the US Army program F.C.S. (Future Combat System) as the p erfect example on how a developed superpower might carry on a super-advanced war program, all based on combat computer s ystems and networks that control unmanned vehicles as well a s wheeled combat drones, to discover at the end that the ado ption of such systems might introduce conceptual vulnerabili ties that a wise enemy might exploit by means of hacking. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Prea toni DTSTART: 20050729T200000 DTEND: 20050729T210000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Pen-testing the Backbone [Raven] CATEGORIES: Defcon 13 DESCRIPTION: " Despite its crucial importance, the network backbone is of ten ignored or exempted from security testing. This talk wil l cover how to sanely and effectively perform a pen-test aga inst routers, switches, and similar network infrastructure e quipment. Avenues of attack will range from the physical to the routing protocol-based, from the local to the remote, an d suggested mitigation measures will also be discussed. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Rave n DTSTART: 20050730T150000 DTEND: 20050730T155000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Licensing Agreements 101: The Creative Commons License [Jim "FalconRed" Rennie] CATEGORIES: Defcon 13 DESCRIPTION: " Increasingly, users are adding licensing agreements to all of their online content. One of the most popular licensing agreements for non-coders is the Creative Commons license. I ts integration into several popular web products and ease of use have quickly made it the standard license for bloggers. While the Creative Commons provides a "human readable" vers ion of the license, that version doesn't tell the whole stor y. There are several rights and restrictions in the real con tract that most users never see. This talk will give some qu ick background on the Creative Commons license - why exactly it was created and who created it. More importantly, this t alk will dissect the "lawyer" version of the license and exp lain some of the key terms hidden from the average user. Fin ally, this talk discuss way to maximize your protection unde r the license and protect your content from possible legal p itfalls. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Renn ie DTSTART: 20050730T180000 DTEND: 20050730T185000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Hacking Windows CE [San] CATEGORIES: Defcon 13 DESCRIPTION: " Security threats to PDAs and mobiles become more and more serious. This presentation will show a buffer overflow explo itation example in Windows CE. It will cover some knowledge about ARM architecture and memory management, the features o f processes and threads of Windows CE. It alse show how to w rite a shellcode in Windows CE (including some knowledge abo ut decoding shellcode of Windows CE with ARM processor), and a live attack demonstration. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#San DTSTART: 20050729T180000 DTEND: 20050729T185000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Legal and Ethical Aspects of WarDriving [Matthew L. Shuchman ("Pilgrim"), Frank Thornton, Robert V. Hale II] CATEGORIES: Defcon 13 DESCRIPTION: " This is a proposal for a panel discussion on the legality of accessing WiFi signals without the permission of the owne r and will include a review of the legal and ethical issues presented by freely available WiFi both to the owner of the AP and to the users. Included in the panel will be a present ation of recent cases involving WiFi access, WarDriving, and theft of data by WiFi, as well as a review of the Federal l aws that cover use and misuse of WiFi including the Electron ic Communications Privacy Act (ECPA) and the Computer Fraud and Abuse Act (CFAA.) The panel members hope is that by pres enting some of the legal and ethical issues that we can take the first steps towards guidelines for ethical conduct whil e WarDriving (and Bluesnarfing.) " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Schu chman DTSTART: 20050730T160000 DTEND: 20050730T165000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Building WarDriving Hardware Workshop [Matthew L. Shuchman ( "Pilgrim")] CATEGORIES: Defcon 13 DESCRIPTION: " WarDriving is becoming a popular sport among hackers and D EFCON attendees, and WiFi site surveying has become an impor tant tool for the IT security professional. This workshop wi ll describe the basic equipment required for WarDriving and WiFi site surveying. There will be a brief presentation on t he benefits and features of different types of WiFi hardware , adapter cards, chipsets, cables, pigtails, and antennas. T he session will include an overview of the design and perfor mance characteristics of different types of antennas. A prim ary focus of the workshop will be to show the participants h ow to select the components and parts required and how to co nstruct their own cantenna (directional) and spider (omnidir ectional) antennas. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Schu chman2 DTSTART: 20050730T170000 DTEND: 20050730T175000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Why Tech Documentaries are Impossible (And why we have to do them anyway.) [Jason Scott] CATEGORIES: Defcon 13 DESCRIPTION: " Documentaries have a place in telling the history and stor y of many different cultures and events, but documentaries a bout technical subjects tend to run into common problems: to o light, too wrong, too hated. Is the patient terminal? Can you create a film that is both informative and of interest t o a general audience? Having spent 4 years creating a tech d ocumentary of his own on the era of the Dial-up Bulletin Boa rd system, Jason Scott of textfiles.com talks about what uni que challenges exist in the film medium for telling a highly technical story, as well as what choices had to be made thr oughout production. The talk will be illustrated with sequen ces from the resultant five and a half hour BBS Documentary Mini-series. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Scot t DTSTART: 20050731T150000 DTEND: 20050731T155000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Forensic Data Acquisition Tools [RS] CATEGORIES: Defcon 13 DESCRIPTION: " Proper recovery of evidence can be critical to a successfu l investigation or prosecution. This talk focuses on the dif ferent tools and techniques that are used by US Law Enforcem ent to get an uncontaminated copy of digital evidence from a suspect machine. The goal of this presentation is to teach not only how to copy all the data from a suspect machine, bu t also to instruct on how to make sure that any evidence col lected can be used in court. Both hardware and software base d forensic acquisition tools will be covered, with the vario us strengths and weaknesses of each product discussed. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Shee hy DTSTART: 20050731T110000 DTEND: 20050731T115000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: DIRA: Automatic Detection, Identification, and Repair of Con trol-Hijacking Attacks [Alexey Smirnov, Tzi-cker Chiueh] CATEGORIES: Defcon 13 DESCRIPTION: " Buffer overflow attacks are known to be the most common ty pe of attacks that allow attackers to hijack a remote system by sending a specially crafted packet to a vulnerable netwo rk application running on it. A comprehensive defense strate gy against such attacks should include (1) an attack detecti on component that determines the fact that a program is comp romised and prevents the attack from further propagation, (2 ) an attack identification component that identifies attack packets and generates attack signatures so that one can bloc k such packets in the future, and (3) an attack repair compo nent that restores the compromised application's state to th at before the attack and allows it to continue running norma lly. Over the last decade, a significant amount of research has been vested in the systems that can detect buffer overfl ow attacks either statically at compile time or dynamically at run time. However, not much effort is spent on automated attack packet identification or attack repair. We present a unified solution to the three problems mentioned above. We i mplemented this solution as a GCC compiler extension called DIRA that transforms a program's source code so that the res ulting program can automatically detect any buffer overflow attack against it, repair the memory damage left by the atta ck, and generate the attack signature. We used DIRA to compi le several network applications with known vulnerabilities a nd tested DIRA's effectiveness by attacking the transformed programs with publicly available exploit code. The DIRA-comp iled programs were always able to detect the attacks, produc e attack signatures, and most often repair themselves to con tinue normal execution. The automatically produced signature s are context-aware as they describe all attack packets and accurate because each of the packets is described as a regul ar expressions. To the best of our knowledge DIRA is the fir st system capable of producing accurate attack signatures fr om a single attack instance and performing post-attack repai r. Related tools: GCC, http://gcc.gnu.org Project home page: http://www.ecsl.cs.sunysb.edu/dira " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Smir nov DTSTART: 20050731T110000 DTEND: 20050731T115000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Attacking Web Services: The Next Generation of Vulnerable Ap ps [Alex Stamos, Scott Stender] CATEGORIES: Defcon 13 DESCRIPTION: " Web Services represent a new and unexplored set of securit y-sensitive technologies that have been widely deployed by l arge companies, governments, financial institutions, and in consumer applications. Unfortunately, the attributes that ma ke web services attractive, such as their ease of use, platf orm independence, use of HTTP and powerful functionality, al so make them a great target for attack. In this talk, we wil l explain the basic technologies (such as XML, SOAP, and UDD I) upon which web services are built, and explore the innate security weaknesses in each. We will then demonstrate new a ttacks that exist in web service infrastructures, and show h ow classic web application attacks (SQL Injection, XSS, etc. ..) can be retooled to work with the next-generation of ente rprise applications. The speakers will also demonstrate some of the first publicly available tools for finding and penet rating web service enabled systems. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Stam os DTSTART: 20050730T110000 DTEND: 20050730T125000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Hacking Google AdWords [StankDawg] CATEGORIES: Defcon 13 DESCRIPTION: " The AdWords program is an advertising system used by Googl e. It is a pay-per-click system like may others but Google d oesn't give it the attention to design that it deserves. Not only does Google take some liberties with the Terms of Serv ice and what they allow and don't allow in the program, but also have several flaws in the logical design of the system. There are several loopholes in this system and they will be explained and demonstrated with proof of concepts for every example. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Stan kDawg DTSTART: 20050729T150000 DTEND: 20050729T160000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: The Revolution Will Not Be Copyrighted: Why You Should Care About Free Culture [Elizabeth Stark, Fred Benenson] CATEGORIES: Defcon 13 DESCRIPTION: " The purpose of this paper is to explain and introduce the free culture movement and organization to the hacker communi ty. We make the case that hackers should not only care about the ideas of free culture in the literal sense in that we s eek to protect technological and digital rights, but also in a broader cultural sense. The idea of using and reusing bit s of culture(the goal in a free culture) parallels the centr al tenets of the hacker ethos where manipulation, reuse, and recontextualization are essential. To that end, we'll show some compelling examples of art and music that we consider t o be culture hacking. From reengineered Nintendo cartridges to electronic albums consisting almost totally of samples to an early 20th century modernist Mona Lisa hack, we'll demon strate that some of the most innovative and radical cultural works are also the most derivative. We also intend to empha size the significance of political and social action in orde r to maintain an environment of innovation and progress. The re are highly significant cultural and technological issues that need to be addressed in society and we cannot stand by passively while leaving the control in the hands of the gove rnment, corporations, and other entities. In essence, free c ulture is deeply ingrained in the hacker ideal. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Star k DTSTART: 20050730T190000 DTEND: 20050730T195000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: End-to-End Voice Encryption over GSM: A Different Approach [ Wesley Tanner, Nick Lane-Smith] CATEGORIES: Defcon 13 DESCRIPTION: " Where is end-to-end voice privacy over cellular? What effo rts are underway to bring this necessity to the consumer? Th is discussion will distill for you the options available tod ay, and focus on current research directions in technologies for the near future. Cellular encryption products today mak e use of either circuit switched data (CSD), or high latency packet switched networks. We will discuss the advantages an d disadvantages of these services, focusing on details of GS M cellular channels specifically. The highlight will be our current research project: encrypted voice over the GSM voice channel. We'll dig into how this works, and why it is usefu l. This talk will touch on some fundamentals of modem design , voice codecs, GSM protocol basics, cryptographic protocols for voice links, and a bunch of other interesting stuff. Th ere will be demonstrations with MATLAB/Octave and C, and we will provide some fun code to experiment with. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Tann er DTSTART: 20050729T120000 DTEND: 20050729T125000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Physical Security Bypass Techniques: Exploring the Ethics of Full Disclosure [Marc Weber Tobias, Matt Fiddler] CATEGORIES: Defcon 13 DESCRIPTION: " Recent public disclosures detailing physical lock and safe bypass techniques have raised consumer awareness detailing the efficacy of the hardware that protects some of our most important assets. This talk will address the ethics of full- disclosure, the liability for failure to disclose, and the i mpact of public dissemination. Demonstrations and new discov eries of lock bypass techniques will be reviewed. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Tobi as DTSTART: 20050730T100000 DTEND: 20050730T105000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Internet Survivability, Threats and Efforts [Paul Vixie, Gad i Evron] CATEGORIES: Defcon 13 DESCRIPTION: " In this lecture we will begin with a brief introduction on a couple of the common or not so common threats that exist to the Internet and Internet infrastructure today, provide w ith some statistics and discuss the harm rather than potenti al risks. We will then proceed to discuss problems we face d ealing with these threats, and what actually gets done to co mbat them, globally - and by who. We will also try and deter mine "where do we go from here", and if time allows take que stions from the audience to form a short discussion. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Vixi e DTSTART: 20050729T120000 DTEND: 20050729T125000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Hackers and the Media- Misconceptions and Critical Tools To Combat Them [Patty L. Walsh/ Muckraker] CATEGORIES: Defcon 13 DESCRIPTION: " Ever wonder what to do with the media when it seemingly (a nd definitely) reports inaccuracies with regard to hackers a nd hacking in general? Fed up with the constant misconceptio ns you feel the media has of hackers? What is to be done? Th is forum shall act as an interactive discussion on the misco nceptions between hackers and the media, what to do in order to protect yourself, ho to handle the media and your (as we ll as the media s) constitutional and legal rights. There sh all be a special surprise at the end for those in dire need of alleviation their stress towards ? The Media. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Wals h DTSTART: 20050729T180000 DTEND: 20050729T185000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Trends in Licensing of Security Tools [Chuck Willis] CATEGORIES: Defcon 13 DESCRIPTION: " Do you think that all those tools you download for securit y testing are free? Well, they may be free of cost for some uses, but the licenses of many tools commonly used by the se curity community are getting more restrictive and complicate d. This interactive discussion will look at the current stat e of security tool licensing and also look at where this fie ld may be headed. Specific examples of license restrictions in many commonly used tools will be presented in order to il lustrate the current trends and also help tool users in the audience navigate the bumpy road of security licensing issue s and stay on the right side of the law. Also discussed will be possible actions for tool users, tool authors, and other s to make tool licensing simpler in the future. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Will is DTSTART: 20050730T170000 DTEND: 20050730T175000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Attacking Biometric Access Control Systems [Zamboni] CATEGORIES: Defcon 13 DESCRIPTION: " This talk explores how to attack biometric authentication systems, primarily physical access control systems. Previous literature on this topic has focused on attacking a biometr ic reader in the form of spoofing a biometric trait. This pr esentation goes a step further and provides a general method ology for attacking on complete biometric systems. The metho dology can be applied to any biometric system and outlines h ow to find common weaknesses in these systems. Real world ex amples and case studies are included. The talk concludes by illustrating possible defense strategies. This talk is techn ical but no prior knowledge of biometrics or physical access control systems is needed to understand it, a brief overvie w of both is included. A knowledge of conventional penetrati on testing techniques would be helpful but is no required. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Zamb oni DTSTART: 20050730T150000 DTEND: 20050730T155000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: The Unveiling of My Next Big Project [Philip R. Zimmermann] CATEGORIES: Defcon 13 LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#Zimm ermann DTSTART: 20050729T110000 DTEND: 20050729T115000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Mosquito - Secure Remote Code Execution Framework [Wes Brown , Scott Dunlop] CATEGORIES: Defcon 13 DESCRIPTION: " Mosquito is a lightweight framework to deploy and run code remotely and securely in the context of penetration tests. It makes a best effort to ensure that the communications are secure. Special care is taken to ensure that deployed code is not stored outside of process memory space, making it dif ficult for an eavesdropper to obtain the code. It protects t he confidentiality and trade secrets of code that is deploye d and run on the target, whether an exploit methodology, or a tool. The proof of concept deployable binary weights in at 120K. The framework makes use of Lua as the scripting langu age, and is freely available with a BSD license. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#brow n DTSTART: 20050729T170000 DTEND: 20050729T175000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Analysis of Identity Creation Detection Schemes post-9/11 [C erebus] CATEGORIES: Defcon 13 DESCRIPTION: " Have you wondered exactly how personal information is bein g used to help in the detection of Identity Creation in the post-9/11 world? Exactly how safe are social security number s as a means to identity? How easy is it to creat ea valid S SN that will pass inspection by the Identity detection syste ms in place for business and government today? Or how you ca n recreate someone's ssn only knowing their date of birth an d the last four digits of their ssn? This presentation will explain how current identity creation detection schemes work . You will leave understanding what these schemes look for t o flag someone as needing more investigation to establish th at they are who they say they are. You will also learn about the history of the social security number, what the number means, and how it is used to establish identity. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#cere bus DTSTART: 20050731T140000 DTEND: 20050731T145000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Check-in for Wardrive in Athena CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#chec kinforwardrive DTSTART: 20050729T100000 DTEND: 20050729T110000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Chillout in Parthenon 2 CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#chil lout1 DTSTART: 20050729T100000 DTEND: 20050729T110000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Chillout in Parthenon 2 CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#chil lout2 DTSTART: 20050730T100000 DTEND: 20050730T110000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Chillout in Parthenon 2 CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#chil lout3 DTSTART: 20050731T100000 DTEND: 20050731T110000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Coffee Wars in Athena CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#coff eewars DTSTART: 20050729T100000 DTEND: 20050729T110000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Mudge CATEGORIES: Defcon 13 LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon000 DTSTART: 20050729T110000 DTEND: 20050729T115000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Booksigning: Richard Thieme, "Islands in the Clickstream" CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon001 DTSTART: 20050729T110000 DTEND: 20050729T115000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Booksigning: Kevin Mitnick, "Art of Deception" and "Art of I ntrusion" CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon002 DTSTART: 20050729T120000 DTEND: 20050729T125000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Dunk Tank Opens CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon003 DTSTART: 20050729T120000 DTEND: 20050729T125000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Booksigning: Contributors of "Stealing the Network: How to O wn an Identity" including Johnny Long, Chris Hurley, Ryan Ru ssell, Jay Beale, Russ Rogers, The Dark Tangent CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon004 DTSTART: 20050729T150000 DTEND: 20050729T160000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: WarDrive: King of the Hill begins (ends at 20:00) CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon005 DTSTART: 20050729T160000 DTEND: 20050729T185000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: DC Groups CATEGORIES: Defcon 13 LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon006 DTSTART: 20050729T190000 DTEND: 20050729T195000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Panel: A discussion of the regional DEFCON Groups CATEGORIES: Defcon 13 LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon007 DTSTART: 20050729T190000 DTEND: 20050729T195000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: WarDrive: King of the Hill ends CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon008 DTSTART: 20050729T190000 DTEND: 20050729T192000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Booksigning: Contributors of "Aggressive Network Self Defens e" including Grifter, Chris Hurley, Bruce Potter, Johnny Lon g CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon009 DTSTART: 20050729T193000 DTEND: 20050729T200000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Black And White Ball Setup CATEGORIES: Defcon 13 LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon00a DTSTART: 20050729T200000 DTEND: 20050729T210000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: DEFCON Forum Meeting in Athena CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon00b DTSTART: 20050729T200000 DTEND: 20050729T210000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: TCP/IP Drinking Game with Mudge CATEGORIES: Defcon 13 LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon00c DTSTART: 20050729T230000 DTEND: 20050730T000000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Hacker Jeopardy until... CATEGORIES: Defcon 13 LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon00d DTSTART: 20050729T235000 DTEND: 20050730T005000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Registration closes CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon00e DTSTART: 20050729T230000 DTEND: 20050730T000000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: WarDrive: Fox and the Hound, Tag begins (ends at 14:00) CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon00f DTSTART: 20050730T110000 DTEND: 20050730T115000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Booksigning: Andrew Lockhart, "Network Security Hacks" CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon010 DTSTART: 20050730T120000 DTEND: 20050730T135000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: WarDrive: Fox and the Hound, Tag ends CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon011 DTSTART: 20050730T140000 DTEND: 20050730T145000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Dr. Linton Wells, Assistant Secretary of Defense for Network s and Information Integration CATEGORIES: Defcon 13 LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon012 DTSTART: 20050730T150000 DTEND: 20050730T155000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Booksigning: Contributors of "Penetration Tester's Open Sour ce Toolkit" CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon013 DTSTART: 20050730T150000 DTEND: 20050730T155000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: PGP Keysigning Party with the Dark Tangent in the Athena (en ds at 18:00) CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon014 DTSTART: 20050730T160000 DTEND: 20050730T165000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: WarDrive: LockPick Crossover, Lady and the Tramp begins (end s at 20:00) CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon015 DTSTART: 20050730T170000 DTEND: 20050730T195000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Booksigning: Johnny Long, "Google Hacking for Penetration Te sters" CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon016 DTSTART: 20050730T200000 DTEND: 20050730T205000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: WarDrive: LockPick Crossover, Lady and the Tramp ends CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon017 DTSTART: 20050730T200000 DTEND: 20050730T205000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Movies with the Dark Tangent until 01:00 CATEGORIES: Defcon 13 LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon018 DTSTART: 20050730T210000 DTEND: 20050730T215000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Hacker Jeopardy until... CATEGORIES: Defcon 13 LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon019 DTSTART: 20050730T210000 DTEND: 20050730T215000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Black & White Ball until 04:00 CATEGORIES: Defcon 13 LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon01a DTSTART: 20050730T210000 DTEND: 20050730T215000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Registration closes CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon01b DTSTART: 20050730T220000 DTEND: 20050730T230000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: WarDrive:Running Man, The Last Crusade begins (ends at 14:00 ) CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon01c DTSTART: 20050731T110000 DTEND: 20050731T125000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Booksigning: Jay Beale's "Snort 2.1 Intrusion Detection" CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon01d DTSTART: 20050731T130000 DTEND: 20050731T135000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: WarDrive:Running Man, The Last Crusade ends CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon01e DTSTART: 20050731T140000 DTEND: 20050731T155000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Booksigning: Contributors to "InfoSec Career Hacking" includ ing Aaron Bayles and Chris Hurley CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon01f DTSTART: 20050731T140000 DTEND: 20050731T155000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Steve Dugan CATEGORIES: Defcon 13 LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon020 DTSTART: 20050731T150000 DTEND: 20050731T155000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Award Ceremonies hosted by Dark Tangent CATEGORIES: Defcon 13 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#even tAnon021 DTSTART: 20050731T160000 DTEND: 20050731T165000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Your Defense is Offensive [hellNbak] CATEGORIES: Defcon 13 DESCRIPTION: " Every Corporation in the world has run out and purchaed ID S, Patch Mangement and other products that are selling secur ity. This talk will outline ways that these so called "secur ity products" can actually be used against an organization. Organizations should fear their poorly impelemented "Securit y" " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#hell Nbak DTSTART: 20050729T190000 DTEND: 20050729T200000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Passive Host Auditing [jives] CATEGORIES: Defcon 13 DESCRIPTION: " Traditionally, IDS systems such as snort have been used to monitor attacks against or within a network. This talk will give the outline for turning those tools around and instead using them to audit networks. We will discuss how to identi fy OS's, tell who is patching, what services are being deplo yed (perhaps insecurely), and other methods for policy enfor cement. This discussion is ideally suited for administrators and security professionals in open and/or decentralized env ironments, especially those charged with auditing the networ k. While several signatures and sample scripts will be discu ssed during this talk, this is a relatively new area of audi ting and network security so questions, comments and volunte ers will all be welcome. " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#jive s DTSTART: 20050729T160000 DTEND: 20050729T162000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Black Ops 2005 [Dan Kaminsky] CATEGORIES: Defcon 13 DESCRIPTION: " Another year, another batch of packet related stunts. A pr eview: A High Speed Arbitrary Tunneling Stack Expanding on l ast year's talk demonstrating live streaming audio over DNS, I will now demonstrate a reliable communication protocol ca pable of scaling up to streaming video over multiple, arbitr ary, potentially asymmetric transports. Realtime visualizati ons of large network scans Building on Cheswick's work, I wi ll demonstrate tools for enhancing our comprehension of the torrential floods of data received during large scale networ k scans. By leveraging the 3D infrastructure made widely ava ilable for gaming purposes, we can display and animate treme ndous amounts of data for administrator evaluation. Applicat ion-layer attacks against MD5 We will show how web pages and other executable environments can be manipulated to emit ar bitrarily different content with identical MD5 hashes. A Tem poral Attack against IP It is commonly said that IP is a sta teless protocol. This is not entirely true. We will discuss a mechanism by which IP's limited stateful mechanisms can be exploited to fingerprint operating systems and to evade mos t intrusion detection systems. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#kami nsky DTSTART: 20050729T230000 DTEND: 20050730T000000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Old Skewl Hacking - InfraRed [Major Malfunction] CATEGORIES: Defcon 13 DESCRIPTION: " Infra Red is all around us. Most of us will use an Infra R ed controller on more or less a daily basis, to change the T V channel, or open a car or garage door, but how often have you thought about how it actually works? This talk will desc ribe not only how to analyse the signals being sent by your remote, but also how to use that information to find hidden commands and reveal functions you didn't even know your syst ems had. You will learn how to brute force garage doors, car doors, hotel pay-per-view TV systems, take over LED signs, vending machines and even control alarm systems, using cheap or home made devices and free software... " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#majo r DTSTART: 20050730T160000 DTEND: 20050730T165000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: The NMRC Warez 2005 Extravaganza [Simple Nomad, NMRC Collect ive: HellNBak, Disturbing; ertia, Hacker; Weasel, Hacker; jr andom, Hacker; MadHat, Hacker] CATEGORIES: Defcon 13 DESCRIPTION: " Lock up your children and mid-sized barnyard animals, NMRC is coming to DEFCON13. From their underground bunker locate d somewhere in North America, NMRC will emerge with your bas ic shitload of handy tools and toys, geared for helping the humble hacker in everyday chores. Look for crypto, utilities , and other hackerish tools to bring your hacker dreams aliv e. Most of these tools are being presented for the first tim e at DEFCON. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#nmrc DTSTART: 20050729T160000 DTEND: 20050729T170000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Automation - Deus ex Machina or Rube Goldberg Machine? [Sens epost] CATEGORIES: Defcon 13 DESCRIPTION: " How far can automation be taken? How much intelligence can be embodied in code? How generic can automated IT security assessment tools really be? This presentation will attempt t o show which areas of attacks lend themselves to automation and which aspects should best be left for manual human inspe ction and analyses. SensePost will provide the audience a gl impse of BiDiBLAH - an attempt to automate a focussed yet co mprehensive assessment. The tool provides automation for: Re porting Exploiting the vulnerabilities found Discovering kno wn vulnerabilities on the targets Fingerprinting targets Fin ding networks and targets " LOCATION: Apollo URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#sens epost DTSTART: 20050730T130000 DTEND: 20050730T145000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Shmoo-Fu: Hacker Goo, Goofs, and Gear with the Shmoo [Bruce Potter] CATEGORIES: Defcon 13 DESCRIPTION: " Last Summer, they dared to make a Wi-Fi sniper rifle that fried their eyeballs and scared the crap out of UPS. They bu ilt a robot that owned your Mom's access point and showed yo u the password to her underwear drawer, too. Last Winter, th ey ran up a $3000 bar tab at a nightclub in D.C. with severa l hundred ShmooCon attendees--then donated just as much to E FF for shits and grins. This DefCon, the Shmoo Group brings you a slew of hacker goo, goofs, and gear to go with your sh iny new "Notice to Law Enforcement" stickers. Can you resist ? Probably. Will you? Nope. Why? Because they have cool shit all over again. IDN fallout and homograph attacks on person al identities thanks to 3ricj. Hot models wearing spy action wear designed by Pablos--fresh from his ninja lair of alien technology. Revving up rainbow tables with Dan "Don't Be Cra zy" Moniz. New Wi-Fi kung-fu with "Rogue Squadron" and EAP-p eeking by Beetle. Rodney Thayer explains how to blow $1 MILL ION on commercial security shtuff and still get owned by a g rade-school punk addicted to Xbox. CowboyM returns to show o ff new geeky tactical gear designed for close-quarters wirel ess combat--do NOT try this at home, kids, and certainly not inside a Faraday cage. Finally, because you've all been wai ting for it, Bruce Potter pours gasoline on his security mod el self and lights a fucking match! Mo' better and with no b low-up dolls, the Shmoo Group returns to rant on recent proj ects and review new ones. Rated R for strong violence, adult situations, disturbing images, nudity, language, and epic w arfare. " LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#shmo o DTSTART: 20050729T170000 DTEND: 20050729T185000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: "Shadow Walker" -- Raising The Bar For Rootkit Detection [Sh erri Sparks, Jamie Butler] CATEGORIES: Defcon 13 DESCRIPTION: " Last year at Black Hat, we introduced the rootkit FU. FU t ook an unprecented approach to hiding not previously seen be fore in a Windows rootkit. Rather than patching code or modi fying function pointers in well known operating system struc tures like the system call table, FU demonstrated that is wa s possible to control the execution path indirectly by modif ying private kernel objects in memory. This technique was co ined DKOM, or Direct Kernel Object Manipulation. The difficu lty in detecting this form of attack caused concern for anti -malware developers. This year, FU teams up with Shadow Walk er to raise the bar for rootkit detectors once again. In thi s talk we will explore the idea of memory subversion. We dem onstrate that is not only possible to hide a rootkit driver in memory, but that it is possible to do so with a minimal p erformance impact. The application (threat) of this attack e xtends beyond rootkits. As bug hunters turn toward kernel le vel exploits, we can extrapolate its application to worms an d other forms of malware. Memory scanners beware the axiom, 'vidre est credere' . Let us just say that it does not hold the same way that it used to. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#spar ks DTSTART: 20050731T150000 DTEND: 20050731T155000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Be Your Own Telephone Company...With Asterisk [Strom Carlson & Black Ratchet] CATEGORIES: Defcon 13 DESCRIPTION: " Since the invention of the step-by-step switching office b y Almon B. Strowger in 1889, telephone switching technology has constantly become more efficient, more complex and easie r to manage. Today, anyone with a computer, a telephone and some spare time can assemble a homebrew telephone switching system and become their own miniature telephone company with the aid of a program called Asterisk. This presentation wil l give a brief overview of Asterisk, how to set it up, what it can do, and how to integrate it with your existing networ k. Furthermore, you will be introduced to a whole world of f eatures and capabilities you didn't even know existed but wh ich you will find yourself inexplicably compelled to set up and play with. Covered topics will include hardware, trunkin g, PSTN termination, integration with the Web and customizat ion. A Q&A session will follow the talk, accompanied by give aways of selections from Strom's massive pile of vintage tel ephone equipment. If you can't make it to the talk itself, y ou will still be able to participate; a call-in Q&A queue wi ll be provided for those watching the talk on TV in the hote l. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#stro m DTSTART: 20050730T190000 DTEND: 20050730T205000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Recapturing the Revolutionary Heart of Hacking [Richard Thie me] CATEGORIES: Defcon 13 DESCRIPTION: " A revolutionary program for preparing the future using pas t models of creativity and ingenuity. Deeply personal and im plicitly political, this talk illuminates the potentials and possibilities of hacking in a transparent society, a survei llance society, a society that neutralizes dissent. It defin es identity hacking as a transformational process requiring all of our resources and skills. Identity hacking is alive i n an underground now that is gathering itself for a defiant refusal to be captured and managed. That revolutionary heart is recaptured in the willingness to understand the mechanic s of reinvention and to commit ourselves to a higher code or path than the broken options offered by a consumer society in a globalized world tilted far to the right. Hackers in th e future will have to be wily and guiltless, transparent and duplicitous, treacherous and faithful. They must know how t o live in this world but never surrender, they must learn ho w to splice multiple possibilities into a single destiny in the moment of execution. That moment, fusing self-transcende nce and action, is the revolutionary heart of hacking. It is also a means of practice for a trans-planetary quest. " LOCATION: Parthenon 3 & 4 URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#thie me DTSTART: 20050729T100000 DTEND: 20050729T105000 DTSTAMP: 20050729T215859Z END:VEVENT BEGIN:VEVENT SUMMARY: Death of a Thousand cuts - Forensics [Johnny Long] CATEGORIES: Defcon 13 LOCATION: Tent URL: http://www.defcon.org/html/defcon-13/dc13-speakers.html#thou sandcuts DTSTART: 20050729T200000 DTEND: 20050729T202000 DTSTAMP: 20050729T215859Z END:VEVENT END:VCALENDAR