| 14:00 | Opening Remarks, Rumblings, Ruminations, and Rants |
|
| 15:30 |
Everette
|
Incident Response and the Attorney Client Privilege |
| 16:00 |
Amirrezvani
|
Ad-Laundering: Bribes & Backdoors |
| 16:30 |
Greenstadt,
Weerasingh
|
Machine Learning Models that Predict Mental Health Status on Twitter and Their Privacy Implications |
| 17:00 |
Huerta
|
How the Press Gets Pwned |
| 17:30 |
Gorka,
Miller
|
Kinder Garten Security: Teaching the Pre-college Crowd |
| 18:00 |
Blaze
|
It’s 2019 and Special Agent Johnny Still Can’t Encrypt |
| 19:00 | Firetalks Opening |
|
| 19:10 |
Renner
|
Shut up and Listen |
| 19:30 |
Schwartz
|
Specialists versus Jack-Of-All-Trades |
| 19:50 |
Iversen,
Wheeler
|
Équipe Rouge: The Ethics of Prosecuting An Offensive Security Campaign |
| 20:10 |
Stroud
|
Weapons of Text Destruction |
| 20:30 |
Giglio
|
Infosec and 9-1-1: When the Location of Your Emergency is in the Building |
| 20:50 |
[Redacted]
|
Whats the latest 411 on 419s? |
| 21:10 | Firetalks Closing |
| 10:00 |
Zelivansky
|
Writing a Fuzzer for Any Language with American Fuzzy Lop |
Smith
|
The Beginner’s Guide to the Musical Scales of Cyberwar |
|
Bilzer,
Burke,
Joyce
|
High Confidence Malware Attribution using the Rich Header |
|
| 11:00 |
Kseib,
Thet
|
CryptoLocker Deep-Dive: Tracking security threats on the Bitcoin public ledger |
Cox
|
The APT at Home: The attacker that knows your mother’s maiden name |
|
Bienstock
|
BECs and Beyond: Investigating and Defending Office 365 |
|
| 12:00 |
Rittle
|
Process Control Through Counterfeit Comms: Using and Abusing Built-In Functionality to Own a PLC |
Koran
|
Firemen vs. Safety Matches: How the current skills pipeline is wrong |
|
O’Neil
|
Five-sigma Network Events (and how to find them) |
|
| 14:00 |
Kaye,
Matwyshyn
|
Be an IoT Safety Hero: Policing Unsafe IoT through the Consumer Product Safety Commission |
Carstens,
Mudge,
Thompson
|
Ground Truth: 18 vendors, 6000 firmware images, 2.7 million binaries, and a flaw in the Linux/MIPS stack |
|
Blaze
|
Electronic Voting in 2018: Bad or Worse? |
|
| 15:00 |
Omaha
|
Trip Wire(less) |
Duff
|
Advancing a Scientific Approach to Security Tool Evaluations with MITRE ATT&CK™ |
|
Portera
|
Analyzing Shodan Images With Optical Character Recognition |
|
| 15:30 |
Vachon,
Wong
|
Social Network Analysis: A scary primer |
Brister,
Kollars
|
Mentoring the Intelligent Deviant: What the special operations and infosec communities can learn from each other |
|
Ridgway
|
Security Response Survival Skills |
|
| 16:00 |
Soda
|
Three Ways DuckDuckGo Protects User Privacy While Getting Things Done (and how you can too) |
Zajac
|
A Little Birdy Told Me About Your Warrants |
|
Cuevas,
Jensen
|
iPhone Surgery for the Practically Paranoid |
|
| 16:30 |
Paquin
|
Post-quantum Crypto: Today’s defense against tomorrow’s quantum hacker |
Meriwether,
Zaballos
|
A Tisket, a Tasket, a Dark Web Shopping Basket |
|
evm
|
A Code Pirate’s Cutlass: Recovering Software Architecture from Embedded Binaries |
|
| 17:00 |
Olsen
|
24/7 CTI: Operationalizing Cyber Threat Intelligence |
Blaich,
Flossman
|
Behind Enemy Lines: Inside the operations of a nation state’s cyber program |
|
The Shmoo Group
|
0wn the Con |
| 10:00 |
Patrick
|
Building and Selling Solo, an Open Source Secure Hardware Token |
FORTRAN
|
Deconstructing DeFeNeStRaTe.C |
|
Darkstar
|
Looking for Malicious Hardware Implants with Minimal Equipment |
|
| 11:00 |
Grayson,
Newlin
|
IPv666: Address of the Beast |
Abraham
|
Reversing SR-IOV For Fun and Profit |
|
Everspaugh
|
Un-f*$#ing Cloud Storage Encryption |
|
| 12:00 |
Seay,
Wiksell
|
Patchwerk: Kernel Patching for Fun and Profit |
Gillula
|
Encrypting the Web Isn’t Enough: How EFF Plans to Encrypt the Entire Internet |
|
Koscher
|
IMSI Catchers Demystified |
|
| 13:00 |
LoST,
Merrill,
Morris,
Potter
|
Closing Plenary: Between Two Moose |
| 14:00 | Closing Remarks |
This "Old School" schedule is an automatically-generated evolution of a manually-generated hack Darth Null has been using at ShmooCon since 2007. It won't work too well for a large conference, like DEFCON, but for smaller events like ShmooCon or BlackHat DC, it might be useful.
Simply print this out at whatever scale is most helpful to you. For example, for ShmooCon: print at 65%, fold Friday and Sunday back behind Saturday, and laminate, for a two-sided 3" x 4" card that you can keep in your shirt pocket.