Fishing To Phishing: It's All About Slimy Creatures

DEF CON 23

Presented by: Wayne Crowder
Date: Friday August 07, 2015
Time: 00:00 - 00:00
Location:

Fishing at a professional level shares a lot of traits with security professionals. Deep analysis of the environment, weather, and water conditions. A passion and certain stubbornness are what successful professional fisherman have. A security analyst requires similar skills and motivations to achieve their objectives. Not surprisingly, if you can market yourself well, you don't have to be the best at either industry to make money. This talk will poke fun at both of the industries work in and love. The technology available now for those how like to chase slimy creatures is nothing short of amazing. The sonar and mapping market has made the learning curve on most lakes very short for those who can afford the devices. The growth of this industry has left these units open for an interesting security review.

We will take a fun journey researching a powerful, yet poorly implemented network device found on a lot of fishing boats. Abuse of the lack of controls can lead to a bad day on the water. Imagine a fishing pole that could also double as an omnidirectional Wi-Fi antennae showing the poached signals and "hot spots" of other anglers. The talk will be fun, a little tongue-in-cheek, but more importantly should show the risks of enabling Wi-Fi for just about every device with a display. The underlying hardware and software of the units will be discussed. If the fish aren't biting, the "custom" build loaded on a device can pass the time as if you were home. The talk will conclude with thoughts about a few other examples where screen sharing over Wi-Fi could lead to problems. I will challenge attendees to think differently about the Internet of Things and how hacking and security research is crucial to make things safer, smarter and better. Or, just come to watch fishing porn.

Wayne Crowder

Wayne Crowder (Twitter: @wacbass) After the dream of becoming a fisheries biologist was crushed under the reality of low pay for 8+ years of school, Wayne turned to his love of technology. IT and Security have been very kind to Wayne's fishing habit. For many years it supported him while he moonlighted as a professional fisherman. Stints on TV, radio and seminars for boat or outdoor shows has led to at least a dozen autographs. Incident response and threat intel keep him busy. Wayne is proud he has more fishing poles than certifications.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats