ShmooCon Post-Mortem - Matt's Blog

I was lucky enough to score a ticket to ShmooCon and spent most of my weekend there. I did miss the big party on Saturday night because I had other obligations but having been to Heaven and Hell more than once in the 90s I don’t feel like I missed too much. Drunken hackers and nerds are usually a pretty fun crowd though…

I was generally pleased with content at the conference, there were some very good talks. In particular I liked:

Cyber Fast Track - I was impressed to see DARPA embracing the hacker community and making it easier to get .gov funding for infosec related work. My wife does work for DARPA and it was cool to see our worlds collide.

Building Measurement and Signature Intelligence (MASINT) Capabilities on a Hacker’s Budget: Tracking and Fingerprinting RF Devices for Fun and Profit - I thought this was pretty groudbreaking work. This stuff in the hands of common folk is exciting.

Soft Markers in Attack Attribution - I like the anthropologic nature of this talk. The national / culteral breakdown of attackers and types of attacks is really fascinating.

TTL of a Penetration - Good talk, good speaker, he knew his material and he was great at working the crowd. .

There were other talks that I liked quite a bit too, disposable spybots, java and android exploitation, more reasons why RFID is horrible. So many interesting sessions to attend… The only thing I felt was missing were IPv6 specific talks. I heard people asking IPv6 questions in various sessions but I did see any speakers talking about IPv6 security specifically. There is an opportunity to present IPv6 topics at shmoocon. There is so much meat there! Perhaps I’ll try to put something together for next year. Another area I would like to see more focus is in physical security, datacenter, cage, rack and host security in meatspace. I think this is an area where there has been little focus which presents an opportunity to learn more. I’ve worked with a lot of the big retail datacenters and many of them have weak spots in their security practices. The biggest providers are the worst offenders too.