[TriLUG] CarolinaCon - this weekend

Allen Freeman knieveltech at yahoo.com
Tue Mar 10 18:04:35 EDT 2009


Sleazy ambiance, expletives, live cracking demos AND hot presenters?! All that's missing is beer. Looks like I know what I'm doing on Saturday.

--- On Wed, 3/11/09, Alan Porter <porter at trilug.org> wrote:
From: Alan Porter <porter at trilug.org>
Subject: Re: [TriLUG] CarolinaCon - this weekend
To: "Triangle Linux Users Group General Discussion" <trilug at trilug.org>
Date: Wednesday, March 11, 2009, 2:02 AM

> Alan, can you please expound on why you think it
> would be good to go to?

"DefCon Lite"... maybe that's a good image.

On one hand, the entire thing had this unprofessional and low-budget
feel to it.  That was emphasized over and over by the MC, who had a
quirky self-deprecating sense of humor, with phrases like "you keep
their attention with your technical talk, while Nick and I run off with
admission money".  And other jewels, like introducing Sapna Kumar as (1)
hot (2) wicked smart and (3) really hot, all while she stood at the
podium, laughing.

The MC gave the entire event a kind of cheap and sleazy ambiance, sort
of like Krusty the Clown.... with more expletives.

Some of the talks showed live exploits of running systems, something I
had heard about, but never really understood fully.  We saw a web site
that was purposefully made vulnerable to SQL injections, and the use of
string format vulnerabilities to uncover the private key of anti-virus
software.

One presenter ran through the many ways that game consoles have been
modified to run custom software, or to bypass the normal authentication,
with pretty detailed treatment of the security measures employed by game
consoles, and how they were defeated because they had to be backwards
compatible with older systems.

There were other presentations that were given by security consultants
who work with police, discussing how they do forensics on a captured
machine.  And a guy from the Air Force who made a career out of planting
bugs and sweeping rooms for enemy bugs (after his presentation, he
revealed where he had hidden bugs in the meeting room).

There were other sessions on rootkits, and how they can get closer to
the metal (application, OS, VM, BIOS, etc).  Sapna Kumar talked about
the RIAA.  One guy showed lots of Firefox plugins that can be used for
web app development as well as to alter data going to web sites to test
for vulnerabilities.

And they wrapped it up with a Jeopardy-like game of hacker trivia.

For me, personally, I felt like it was a good exposure to a lot of
topics that I had little knowledge of before.  There were interesting
people in the audience, and plenty of technology and humor to keep my
attention.  All for just $20.

Alan






--
TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
TriLUG FAQ  : http://www.trilug.org/wiki/Frequently_Asked_Questions



      


More information about the TriLUG mailing list