| 14:00 |
Potter
|
Opening Remarks, Rumblings, Ruminations, and Rants |
| 15:30 |
Leger,
Ossmann
|
Pseudo-Doppler Redux |
| 16:00 |
Fischer
|
Don’t Ignore GDPR; It Matters Now! |
| 16:30 |
Dunin
|
The Friedman Tombstone — A Cipher in Arlington National Cemetery |
| 17:00 |
Wildani
|
Your Cerebellum as an Attack Surface: How Does the Brain Stay Secure? |
| 17:30 |
Smith
|
Tap, Tap, Is This Thing On? Testing EDR Capabilities |
| 18:00 |
Devonshire
|
Running a Marathon Without Breaking a Sweat? Forensic Manipulation of Fitness App Data |
| 18:30 |
Dodson
|
Keynote |
| 20:00 |
Woods
|
That’s No Moon(shot)! |
| 20:20 |
Schrodinger
|
Everything You Wanted to Know About Creating an Insider Threat Program (But Were Afraid To Ask) |
| 20:40 |
Erickson
|
Stack Cleaning — A Quest in Hunting for FLIRT |
| 21:00 |
Bort
|
Your Defense is Flawed (it’s only kinda your fault) |
| 21:20 |
Luczynski,
Romero
|
The First Thing We Do, Let’s Kill all the [CISOs] |
| 21:40 |
Biswas
|
Patching — It’s Complicated |
| 22:00 |
Jacobs
|
Libation Escalation — Scotch and Bubbles |
| 10:00 |
Morris
|
The Background Noise of the Internet |
Wyatt
|
IoT RCE, a Study With Disney |
|
Spill,
Temkin
|
Opening Closed Systems with GlitchKit |
|
| 11:00 |
Althouse,
Atkinson
|
Profiling and Detecting all Things SSL with JA3 |
Vyrus
|
Pages from a Sword-Maker’s Notebook pt. II |
|
Brom,
Johnson
|
When CAN CANT |
|
| 12:00 |
Flossman,
Galperin,
Quintin
|
Nation-State Espionage: Hunting Multi-Platform APTs on a Global Scale |
Joyce
|
Building Absurd Christmas Light Shows |
|
Goodspeed
|
Building a GoodWatch |
|
| 14:00 |
Bulazel,
Yener
|
Catch Me If You Can: A Decade of Evasive Malware Attack and Defense |
Blaze,
Hall,
Hursti,
MacAlpine
|
Electronic Voting in 2018: Threat or Menace |
|
Davis,
DeRosa
|
ODA: A Collaborative, Open Source Reversing Platform in the Cloud |
|
| 15:00 |
Figueroa
|
Someone is Lying to You on the Internet: Using Analytics to Find Bot Submissions in the FCC Net Neutrality Submissions |
Rege
|
A Social Science Approach to Cybersecurity Education for all Disciplines |
|
Regele
|
Better Git Hacking: Extracting “Deleted” Secrets from Git Databases with Grawler |
|
| 15:30 |
Shapiro
|
Bludgeoning Bootloader Bugs: No Write Left Behind |
Gallagher,
waxwing
|
Listing the 1337: Adventures in Curating HackerTwitter’s Institutional Knowledge |
|
Foster
|
CertGraph: A Tool to Crawl the Graph of SSL Certificate Alternate Names using Certificate Transparency |
|
| 16:00 |
Bourke
|
AWS Honey Tokens with SPACECRAB |
Black
|
Cyberlaw: Year in Review |
|
Voss
|
afl-unicorn: Fuzzing the ‘Unfuzzable’ |
|
| 16:30 |
Deason
|
Time Signature Based Matching for Data Fusion and Coordination Detection in Cyber Relevant Logs |
Escandor-O’Keefe
|
Skill Building By Revisiting Past CVEs |
|
Seymour
|
radare2 in Conversation |
|
| 17:00 |
Postnikoff
|
Defending Against Robot Attacks |
Gallagher,
Ragan,
Wagenseil
|
Hacking the News: an Infosec Guide to the Media, and How to Talk to Them |
|
Chang
|
OK Google, Tell Me About Myself |
|
| 21:00 | Saturday Night Party |
| 10:00 |
Highnam,
Puzio
|
Deep Learning for Realtime Malware Detection |
Zimmerman
|
This Is Not Your Grandfather’s SIEM |
|
Oliver,
O’Meara
|
Embedded Device Vulnerability Analysis Case Study Using TROMMEL |
|
| 11:00 |
King,
McMillan
|
Securing Bare Metal Hardware at Scale |
Carstens,
Stach,
Thompson,
Zatko,
Zatko
|
CITL — Quantitative, Comparable Software Risk Reporting |
|
The Shmoo Group
|
0wn the Con |
|
| 12:00 |
Wardle
|
Getting Cozy with OpenBSM Auditing on MacOS … The Good, the Bad, & the Ugly |
Handorf
|
Do as I Say, Not as I Do: Hacker Self Improvement and You |
|
Vachon,
Wong
|
SIGINT on a budget: Listening in, gathering data and watching–for less than $100 |
|
| 13:00 |
Daniel,
Gavigan,
Nather,
Potter,
Wharton
|
ShmooCon Debates |
| 14:00 |
Potter
|
Closing Remarks |
This "Old School" schedule is an automatically-generated evolution of a manually-generated hack Darth Null has been using at ShmooCon since 2007. It won't work too well for a large conference, like DEFCON, but for smaller events like ShmooCon or BlackHat DC, it might be useful.
Simply print this out at whatever scale is most helpful to you. For example, for ShmooCon: print at 65%, fold Friday and Sunday back behind Saturday, and laminate, for a two-sided 3" x 4" card that you can keep in your shirt pocket.