Tag Archives: defcon

Vegas 2012 by the Numbers

So, I’m finally back from a very long week in Vegas. How long you ask? well, here are some numbers that start to reflect how it felt:

  • Number of days in Vegas: 6+1 (un-planned extra day due to a missed flight)
  • Number of conferences attended: 3.5 (BlackHat, BSidesLV, Defcon, and IOAsis counts as a 1/2 con…)
  • Number of talks given: 2 (in the same day… BlackHat + BSidesLV)
  • Number of shipments to my room at Caesars: 3 (shirts, phone, and locks which ended up unused due to my failure to run the lockpick sessions at IOAsis 🙁 )
  • Volunteer gigs: 2 (BSidesLV and Skytalks)
  • Average hours of sleep per night: 3 (and that’s really stretching it)
  • Number of nights I went to sleep after sunrise: 2
  • Average number of parties visited per night: 3 (Freakshow skewed the numbers as there was NO reason to leave that place…)
  • No. of phones I came in with: 1
  • No. of phones I left with: 3 (Thank you NinjaTel!)
  • Average no. of meals per day: 1 (I know… but Alcohol does not count as food unfortunately)
  • Gallons of booze consumed: probably illegal in some states.
  • No of friends I caught up with: not enough. And the ones I did manage to catch up with needed much more time 🙁
  • Hangovers: 0 (keep drinking -> no hangover to deal with…)
  • Workouts: 2
  • Miles walked: waaaaay too many
  • Weight lost/gain: 3.5lbs lost. Guess that’s the result of adrenaline rushes, parties, Infected Mushroom, long walks in the hallways, not much food, and lots of alcohol.

Overall this was personally the best Vegas trip I’ve had. I did take up a little too much on myself that I should have (as a couple fo friends duly noted, and excused me for some fuckups due to that), and I wanted to meet so many more people that I managed to somehow miss this year.

Nevertheless, some of the experiences were priceless – like having a chat with Infected Mushroom and finding out that Erez used to run a BBS back in the days, and that (although I don’t like to mention my darker days of hacking) we “knew” the same scenes. Having the opportunity to help out with BSidesLV and being amazed again by our community and what it can achieve. Being inspired by so many people, and learning constantly. These are the things that really make up the week of BlackHat/BSides/Defcon for me. It’s not necessarily the talks, but the socializing and the opportunity to pick people’s brains on a personal basis which makes it worthwhile to get to the levels of exhaustion that this week takes you to.

Guess it’s time to wrap up and figure out what timezone my body is on…

This one time, at Defcon… (a blast from the past)

Wow, there’s a blog here…

Lucky for me there are other people who write new content that somehow relates to this blog so I have a chance to point to them and say “cool stuff, look there!”.

My good friend Itzik Kotler has just written a blog post about bypassing DLP systems using some of our elements from last year’s DefCon talk (and BSides, and Hashdays, and Brucon, you get the idea…). It features some awkwardly written code (yours truly) and some wickedly useful evasion techniques (still mostly unhandled :-)).

The post is right here: http://blog.ikotler.org/2012/07/modulation-and-data-loss-prevention-dlp.html so go check out Itzik’s blog, and feel free to fork off the code and improve (fix?) it.

See you all in a couple of weeks in Vegas! (at the SexyDefense session…)

SexyDefense comes to Vegas!

One of the best things that probably happened to the research on SexyDefense is that it has been accepted to BlackHat Briefings in Las Vegas!

It is truly one of the highest indicators for me that we are on the right track in making some change in the defensive paradigm, especially in light of the newly added defense track for BlackHat. An opportunity to capture the attention of a large and high-visibility audience while putting a harsh mirror in their faces is something that I have been looking forward to do for some time.

So there you go – Vegas this year is shaping up to be really interesting. With BSidesLV (in which I’m also involved as a volunteer and mentor) running along BlackHat, and the 20th DefCon, you really can’t miss it.

See you all there!

Intelligence on Ashiyane and the Iranian Cyber Army

One of my favorite OSINT resources internet-haganah have opened up a new thread on their forums that are dedicated to Iran, called Ashiyane.

This is basically the hacker forum that I was researching a couple of years ago (see my DefCon18 talk, and here, and here).

The forum thread is here: http://forum.internet-haganah.com/showthread.php?440-Ashiyane

And an interesting intelligence profile for the group actually quotes my past research (which unlike what it may seem was NOT done as part of my reserve duty tasks in the Israeli AriForce…)

Keep up the great work guys! Truly humbled to have my work mentioned on your site.

Upcoming conferences schedule: August-November 2011

So, as if I didn’t have enough flights this year, here is where you can find me and hang out / grab a beer / talk shop / hack:


BSidesLV (August 3-4). If you are in Vegas in August, this is THE place to be. I’ll be running a couple of talks there – one with my colleague Itzik Kotler on VoIP botnets, and another on advanced data exfiltration. I’ll also be on the PTES panel, and will help out with the conference security.

DefCon (August 5-7). I’ll also be presenting at DefCon with Itzik on VoiP botnets.


Brucon (September 19-20). Seriously one of the best cons out there. And you get to enjoy the Belgian beer. What can go wrong? 🙂


Hashdays (October 26-29). First time for me at this conference. Friends who attended in the past can barely be reached for comments. This year’s badge will blow away any badge you have ever seen in a con. Oh, and the lineup is sick!


GovCERT.NL symposium (November 15-16). This is one of the best CERT teams I have had a chance to know (people-wise as well as professionally), and I’m really excited to have a chance to work with them again on some of the more burning issues in national level security.

SecurityZone (November 28-30). Finally – Latin America. Again – my first time at this conference. Looking at the speaker lineup this should be really fun, and the opportunity to mix in with the local Colombian security scene should be terrific!

Bottom line – really excited to have a chance to attend and speak at all these cool conferences. This year’s con selection has been focused on events that I’m familiar with and know are really good, and some new events with people I know and trust to run a top-notch conference (a policy that haven’t failed me yet…).

See you around!