| 14:30 |
Potter
|
Opening Remarks, Rumblings, and Rants |
| 15:30 |
Fuller
|
Attacker Ghost Stories: Mostly Free Defenses That Give Attackers Nightmares |
Kovah
|
Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration |
|
| 16:00 |
Shapiro
|
The Evolution of Linux Kernel Module Signing |
| 16:30 |
Miller,
Miller
|
How Hackers for Charity (Possibly) Saved Me a Lot of Money |
Poz
|
Introduction To Reverse Engineering Software |
|
| 17:00 |
Brooks,
Schroeder
|
CCTV: Setup, Attack Vectors, and Laws |
| 17:30 |
Gee-Clough
|
Security Analytics: Less Hype, More Data |
Franklin
|
An Introduction to Cellular Security |
|
| 18:00 |
Weasel
|
Dissipation of Hackers in the Enterprise |
| 18:30 |
Goldberg
|
Privacy Online: What Now? |
| 19:30 |
Ondricek
|
Android Forensics & Security Testing |
| 19:50 |
Stanislav
|
Eyes on IZON: Surveilling IP Camera Security |
| 20:10 |
Stratton
|
Get Out of Jail Free Cards? What Aviation Can Teach Us About Information Sharing |
| 20:30 |
Rash
|
Crossing the Streams with State Machines in IDS Signature Languages |
| 20:50 |
Magniez
|
Another Log to Analyze – Utilizing DNS to Discover Malware in Your Network |
| 21:10 |
Fuller
|
Windows Attacks: AT Is the New Black |
| 21:30 |
Bransfield,
Coffee
|
Weaponizing Your Pets: War Kitteh and the Denial of Service Dog |
| 21:50 |
Clarke
|
Womens Tech Collective, and Gender Equality in Tech |
| 10:00 |
Lackey
|
Genuinely "Trusted Computing:" Free and Open Hardware Security Modules |
Walker
|
Introducing DARPA's Cyber Grand Challenge |
|
Brown
|
Technology Law Issues for Security Professionals |
|
Poz
|
Introduction To Reverse Engineering Software (repeat) |
|
Kallenberg
|
Introduction To Software Exploits |
|
| 11:00 |
Emeterio,
Sanchez
|
Malicious Threats, Vulnerabilities, and Defenses in WhatsApp and Mobile Instant Messaging Platforms |
Ossmann,
Spill
|
Unambiguous Encapsulation - Separating Data and Signaling |
|
Popovich
|
I Found a Thing and You Can (Should) Too: ISP's Unauthenticated SOAP Service = Find (Almost) All The Things! |
|
Kovah
|
Intermediate Intel x86: Architecture, Assembly, Applications, & Alliteration |
|
Kallenberg
|
Exploits 2: Exploitation in the Windows Environment |
|
| 12:00 |
Bernstein,
Lange
|
SafeCurves: Choosing Safe Curves for Elliptic-Curve Cryptography |
Giametta,
Potter
|
A Critical Review of Spatial Analysis |
|
Harrison,
Li
|
Arms Race: The Story of (In)-Secure Bootloaders |
|
Kovah
|
The Life of Binaries |
|
Ondricek
|
Android Forensics & Security Testing (repeat) |
|
| 14:00 |
Harman
|
Controlling USB Flash Drive Controllers: Expose of Hidden Features |
Miller,
Ottenheimer
|
Data Whales and Troll Tears: Beat the Odds in InfoSec |
|
Dahlstrom,
Van Vlack
|
Syncing Mentorship Between Winners And Beginners |
|
Kovah
|
Rootkits: What they are, and how to find them |
|
Kini
|
Introduction to ARM |
|
| 15:00 |
The Shmoo Group
|
0wn the Con |
Barnum,
Chernin
|
Operationalizing Threat Information Sharing: Beyond Policies and Platitudes |
|
Schneier
|
The NSA: Capabilities and Countermeasures |
|
Kovah
|
Malware Dynamic Analysis |
|
Actis
|
Flow Analysis & Network Hunting |
|
| 16:00 |
Schroeder,
Truncer,
Wright
|
AV Evasion With the Veil Framework |
Shakarian
|
The "Science of Cyber" and the Next Generation of Security Tools |
|
Thomas
|
How to Train your Snapdragon: Exploring Power Frameworks on Android |
|
Kovah
|
Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration (repeat) |
|
Gilman
|
Pcap Analysis & Network Hunting |
|
| 17:00 |
Torres,
Williams
|
ADD -- Complicating Memory Forensics Through Memory Disarray |
Butterworth,
Kallenberg,
Kovah
|
Timing-Based Attestation: Sexy Defense, or the Sexiest? |
|
Butterly,
Schmidt
|
LTE vs. Darwin |
|
Poz
|
Reverse Engineering Malware |
|
Zebrowski
|
Offensive, Defensive, and Forensic Techniques for Determining Web User Identity |
|
| 18:00 |
Cintron
|
Introduction To Vulnerability Assessment |
Ouyang
|
Lessons-Learned in Designing a Training Course for Professionals |
|
| 18:20 |
Gilsinn
|
You Name It, We Analyze It |
| 18:40 |
Schearer
|
Having Your Cake and Eating It Too: FOIA, Surveillance, and Privacy |
| 19:00 |
Gardner
|
Building An Information Security Awareness Program From Scratch |
| 19:20 |
Hinkel
|
TrendCoins: Making Money on the Bitcoin/Altcoin Trends |
| 19:40 |
Little
|
Writing Your Own Disassembler in 15 Minutes |
| 10:00 |
Spill
|
An Open and Affordable USB Man in the Middle Device |
Gatti
|
"How I Met Your Mother" or The Brief and Secret History of Bletchley Park and How They Invented Cryptography and the Computer Age |
|
Franklin,
Jablonski,
McCoy,
Tarlecki
|
Malicious Online Activities Related to the 2012 U.S. General Election |
|
| 11:00 |
Harrison,
Li,
Li
|
unROP: A Tool for In-Memory ROP Exploitation Detection and Traceback |
Beuhring,
Salous
|
Raising Costs for Your Attackers Instead of Your CFO |
|
Lancaster
|
Vehicle Forensics - The Data Beyond the Dashboard |
|
| 12:00 |
Mayer
|
Introducing idb - Simplified Blackbox iOS App Pentesting |
Sconzo,
Wylie
|
Practical Applications of Data Science in Detection |
|
Moulton
|
You Don't Have the Evidence |
|
| 13:30 |
Caceres,
Graham,
McMillan,
Potter,
Tentler
|
Large Scale Network and Application Scanning |
| 14:30 |
Potter
|
Closing Remarks |
This "Old School" schedule is an automatically-generated evolution of a manually-generated hack Darth Null has been using at ShmooCon since 2007. It won't work too well for a large conference, like DEFCON, but for smaller events like ShmooCon or BlackHat DC, it might be useful.
Simply print this out at whatever scale is most helpful to you. For example, for ShmooCon: print at 65%, fold Friday and Sunday back behind Saturday, and laminate, for a two-sided 3" x 4" card that you can keep in your shirt pocket.