| 09:00 |
Adams
|
Hacking the Hustle Hands-On, Infosec Resume and Career Strategies |
Wireless Essentials (Tue) |
||
| 10:00 |
Shostack
|
Opening Keynote -- Beyond Good and Evil: Towards Effective Security |
| 11:00 |
Spill
|
USB write blocking with USBProxy |
Aumasson
|
SHA-1 backdooring and exploitation |
|
Roytman
|
The Power Law of Information |
|
Irwin
|
#edsec: Hacking for Education |
|
Databeast,
Rogue
|
Skull And Bones (And Warez) - Secret Societies of the Computer Underground (and why you should create one too) |
|
| 11:35 |
Pilkington
|
So, you want to be a pentester? |
| 11:45 |
Adams
|
Evading code emulation: Writing ridiculously obvious malware that bypasses AV |
| 11:50 |
Maxwell,
Pinto
|
Measuring the IQ of your Threat Intelligence feeds |
| 12:00 |
Davison
|
Allow myself to encrypt...myself! |
Boatright,
Marpet
|
Custodiet watches your packets! The Open Source MSSP Framework |
|
| 12:10 |
Elliot
|
Securing Sensitive Data: A Strange Game |
| 14:00 |
Bratus,
Shubina
|
What reaction to packet loss reveals about a VPN |
Krabec,
Turner
|
Security Management Without the Suck |
|
Patterson
|
Strategies Without Frontiers |
|
Hardin
|
Brick in the Wall vs Hole in the Wall |
|
Crawford
|
C.R.E.A.M. – The Art of Social Engineering Report Writing |
|
Sistrunk
|
Master Serial Killer |
|
| 14:35 |
Robinson
|
Cut the sh**: How to reign in your IDS. |
| 15:00 |
moloch,
Petro
|
Untwisting the Mersenne Twister: How I killed the PRNG |
Sidek
|
Vulnerability Assessments on SCADA: How i 'owned' the Power Grid. |
|
Daniel
|
501(c)(3) for (un)fun and (non)profit |
|
| 15:10 |
Keslensky
|
Geek Welfare -- Confessions of a Convention Swag Hoarder |
| 15:30 |
Dorsey,
Sconzo
|
ClusterF*ck - Actionable Intelligence from Machine Learning |
| 15:45 |
Czarnik
|
No InfoSec Staff? No Problem. |
| 16:00 |
Sarwate
|
Anatomy of memory scraping, credit card stealing POS malware |
grecs
|
Malware Analysis 101 - N00b to Ninja in 60 Minutes |
|
Pollmann
|
Protecting Data – How Cultural-Political Heritage Shapes Security Approaches |
|
| 16:20 |
Blowers
|
Know thy operator |
Merrick-Tagore
|
Can I Code Against an API to Learn a Product? |
|
| 16:55 |
Orzechowski
|
Bridging the Air Gap: Cross Domain Solutions |
| 17:00 |
Torrey
|
Cluck Cluck: On Intel's Broken Promises |
TProphet
|
Travel Hacking With The Telecom Informer |
|
Rogers
|
FAP Fully Automated Pwning Techniques for Automated Reversing |
|
| 17:10 |
Conklin
|
Improving security by avoiding traffic and still get what you want in data transfers |
| 17:30 |
Lister
|
Back Dooring the Digital Home |
| 18:00 | The Semantic Age - or - A Young Ontologist's Primer |
| 09:00 |
Koniaris
|
You Hack, We Capture: Attack Analysis with Honeypots |
DaKahuna,
Dragorn,
Handorf,
Mellendick,
Zero Chaos
|
Wireless Essentials (Wed) |
|
| 10:00 |
Vincent
|
A Better Way to Get Intelligent About Threats |
Regalado
|
The untold story about ATM Malware |
|
Ross
|
iOS URL Schemes: omg:// |
|
Vargas
|
Business lessons that made me a better Security Professional |
|
I Am The Cavalry
|
Introduction and Overview: I Am The Cavalry and Empowering Researchers |
|
| 10:35 |
Munoz
|
Oops, That Wasn't Suppossed To Happen: Bypassing Internet Explorer's Cross Site Scripting Filter |
| 11:00 |
Guerra,
Raggo
|
Bring your own Risky Apps |
Grand
|
Using Superpowers for Hardware Reverse Engineering |
|
Edwards
|
Reverse Engineering Mac Malware |
|
I Am The Cavalry
|
Problem Space Overview: I Am The Cavalry |
|
| 11:10 |
MasterChen
|
What I've Learned As A Con-Man |
| 11:45 |
Davis
|
Training with Raspberry Pi |
| 12:00 |
Torres
|
Invasive Roots of Anti-Cheat Software |
Heath
|
Why am I surrounded by friggin' idiots?!? (Because you hired them!) |
|
Kennedy
|
Secret Pentesting Techniques Part Duex |
|
I Am The Cavalry
|
Building Skills, Understanding and Influencing People |
|
| 12:20 |
Lucero
|
Black Magic and Secrets: How Certificates Influence You! |
| 14:00 |
Gabor,
Grah
|
Vaccinating Android |
Bratus,
Jenkins
|
Demystiphying and Fingerprinting the 802.15.4/ZigBee PHY |
|
Foss
|
Attacking Drupal |
|
Perrymon,
Satterlee
|
RFID Hacking |
|
Thompson,
Widup
|
Ripped from the Headlines What the news tells us about Information Security Incidents |
|
| 14:35 |
Anderson
|
Hackers vs Auditors |
| 15:00 |
Hawk,
Vandenberg
|
Security testing for Smart Metering Infrastructure |
Westin
|
Insider Threat Kill Chain: Human Indicators of Compromise |
|
Lorenzin
|
Fuck These Guys: Practical Countersurveillance |
|
| 15:10 |
Coles
|
Third-Party Service Provider Diligence: Why are we doing it all wrong? |
| 15:30 |
Rizzolo
|
A Place to Hang Our Hats: Security Community and Culture |
| 15:45 |
Dunham,
Pience
|
Pwning the hapless or How to Make Your Security Program Not Suck |
| 16:00 |
Dalvi,
Trummer
|
The Savage Curtain |
Corman,
Kennedy,
Lanier,
Mortman,
Radcliffe
|
Booze, Devil's Advocate, and Hugs: the Best Debates Panel You'll See at BSidesLV 2014 |
|
Cardozo,
Opsahl
|
Ask the EFF |
|
| 16:20 |
Lariza
|
Teach a man to Phish... |
| 16:55 |
Mangler
|
The Lore shows the Way |
| 17:00 |
Young
|
We Hacked the Gibson! Now what? |
Kumar,
Singh
|
Pwning the Pawns with WiHawk |
|
Thieme
|
The Only Way to Tell the Truth is in Fiction: The Dynamics of Life in the National Security State |
|
| 18:00 | Closing Keynote |
This "Old School" schedule is an automatically-generated evolution of a manually-generated hack Darth Null has been using at ShmooCon since 2007. It won't work too well for a large conference, like DEFCON, but for smaller events like ShmooCon or BlackHat DC, it might be useful.
Simply print this out at whatever scale is most helpful to you. For example, for ShmooCon: print at 65%, fold Friday and Sunday back behind Saturday, and laminate, for a two-sided 3" x 4" card that you can keep in your shirt pocket.