I know that somebody will be pissed and mad at me right now, but who gives a fuck :). Here is the first batch of videos of 47 sessions and panels (of a total of 122), from the world largest hacker conference, DefCon 15, which was held on August 3 – 5, 2007 at the Rivera Hotel and Casino in Las Vegas, Nevada.
All videos together is a set of 10 DVD-ROMs!!! full of movie files. Bear with me while I am working on getting the rest of the videos up on-line. It’s a pain in the ass and a lot of tedious work.
The videos are sold commercially for several hundred dollars, but who has that amount of money flying around, right? Okay, I paid the money. So you are welcome.
And anyway, isn’t DefCon not about making exploits and scams public? I make them public, alright? Not the way some might have planned, but that is not my problem. I did not get the “Black Hat” sessions and have now second thoughts about it. They cost much less if you ordered it on-site. Damn, I hope somebody else will put them up on the Internet.
Okay, the first batch includes the following sessions, which are IMO the most interesting ones.
- T536 – The Edge of Forever – Making Computer History by Jason Scott from TextFiles.com who also did the documentary BBS – The Documentary, which is also available on-line at Google Video.
- T539 – Internet Wars 2007 (Panel Discussion)
- T503 – Anti Spyware Coalition (Panel Discussion)
- T504 – Disclosure Panel (Panel Discussion)
- T505 – Dirty Secrets of the Security Industry by Bruce Potter
- T506 – Self Publishing in the Underground by Myles Long, Rob “Flack” O’Hara and Christian “RaD Man” Wirth, founder and leader of the artscene group “ACiD” who did in 2004 a presentation called The Art of Textmode, the history of ASCII art, which is also available at my videos section.
- T107 – Tactical Exploitation by H.D.Moore & Valsmith
- T166 – Biting the Hand that Feeds You – Storing and Serving Malicious Content From Well Known Web Servers by Billy Rios & Nathan McFeters
- T109 – Fingerprinting and Cracking Java Obfuscated Code by Subere
- T111 – Meet the Feds (Panel Discussion)
- T112 – No-Tech Hacking by Johnny Long
- T131 – The SOA/XML Threat Model and New XML/SOA/Web 2.0 Attacks & Threats by Steve Orrin
- T137 – Creating Unreliable Systems – Attacking the Systems that Attack You by Sysmin & Marklar
- T140 – The Emperor Has No Cloak – Web Cloaking Exposed by Vivek Ramachandran
- T161 – HoneyJax (aka Web Security Monitoring and Intelligence 2.0) by Dan Hubbard
- T162 – Hacking Social Lives: MySpace.com by Rick Deacon
- T163 – The Inherent Insecurity of Widgets and Gadgets by Aviv Raff & Iftach Ian Amit
- T164 – Greater Than 1 – Defeating “Strong” Authentication in Web Applications (for Online Banking) by Brendan O’Connor. I blogged about that session and put the slides from the presentation up on-line.
- T207 – It’s All About the Timing by Haroon Meer & Marco Slaviero
- T201 – Church Of WiFi’s Wireless Extravaganza by Church of WiFi’s
- T202 – SQL Injection and Out-of-Band Channeling by Patrik Karlsson
- T206 – Virtual World, Real Hacking by Greg Hoglund
- T212 – Trojans – A Reality Check by Toralv Dirro & Dirk Kollberg
- T232 – Malware Secrets by Valsmith & Delchi
- T234 – Click Fraud Detection with Practical Memetrics by Broward Horne
- T235 – Fighting Malware on your Own by Vitaliy Kamlyuk
- T238 – Webserver Botnets by Gadi Evron
- T239 – The Commercial Malware Industry by Peter Gutmann
- T301 – Analysing Intrusions & Intruders by Sean Bodmer
- T304 – Re-Animating Drives and Advanced Data Recovery by Scott Moulton
- T307 – When Tapes Go Missing by Robert Stoudt
- T309 – Hacking UFOlogy – Thirty Years in the Wilderness of Mirrors by Richard Thieme
- T312 – The Executable Image Exploit by Michael Schrenk
- T337 – Hacking your Access Control Reader by Zac Franken
- T338 – Security by Politics – Why it Will Never Work by Lukas Grunwald
- T361 – Hacking the EULA – Reverse Benchmarking Web Application Security Scanners by Tom Stracener & Marce Luck
- T362 – Network Mathematics – Why is it a Small World? by Oskar Sandberg
- T363 – Beyond Vulnerability Scanning – Extrusion and Exploitability Scanning by Matt Richard
- T401 – Disclosure and Intellectual Property Law – Case Studies by Jennifer Granick
- T402 – Computer and Internet Security Law – A Year in Review 2006-2007 by Robert Clark
- T404 – Everything you ever wanted to know about Police Procedure in 50 minutes by Steve Dunker
- T431 – The Market for Malware by Thomas Holt
- T433 – Routing in the Dark – Pitch Black by Nathan Evans & Christian Grothoff
- T435 – Social Attacks on Anonymity Networks by Nick Mathewson
- T438 – Saving the Internet With Hate by Zed Shaw
- T441- Portable Privacy by Steve Topletz
I was writing about one particular session already twice here at my blog, here and the second time here.
It’s the session with Brendan O’Connor titled “Greater than 1: Defeating “Strong” Authentication in Web Applications”. If you did not believe me, watch it with your own eyes and hear it with your own ears.
Here is the video of that session. There is unfortunately no video recording of the discussion that happened afterwards in a different room, but I think that the session will be enough to open some people’s eyes.
Got it? Gee….
Update: Get the DefCon 15 Session Videos Batch II remaining sessions from track one.
Update II: Get the DefCon 15 Session Videos Batch III remaining sessions from track two and three and …
DefCon 15 Session Videos Batch IV (final batch) remaining sessions from track four and five.
Enjoy the videos! Cheers!
Carsten aka Roy/SAC
you are welcome… but why didn’t you digg it, if you like it?
This comment has been removed by the author.
keep’em coming Carsten!!
i linked to your article on my site as well, big ups and much respect.
I guess I will create smaller batches then, to be able to release stuff sooner, rather than waiting to be able to put all the stuff up and post it all at once.
It’s a bitch and takes a while. I probably make it 5 more batches to cover the missing sessions and panels, one for each of the 5 tracks
Oh, there will be a bonus DVD. There a re a large number of Audi files.
I have them up on SendSpace.com for now, but I can only keep files there temporarily for 30 days. I have to find a better place for those.
Oh, here is another goodie :).
The DefCon CD’s from DefCon 11, 12, 13, 14 and 15. Cheers!
That was really a great move, but why about to uploading at Google? well, i just downloaded some, but as the other ones, the downloading process just gets intercepted and no choice to resume them.
If it’s okay for you, i can provide a huge amount of spaces to upload the videos there, and people could access/download them directly.
Hey, thanks for that offer, but there are already arrangements made to put all 10 DVDs up on a server for direct dowload access.
This will take a few weeks though and I will complete the upload to Google Video, because there is not that much left anymore and some people prefer to watch individual sessions online.
I just downloaded the 6+ GIGs of session videos from DefCon 13 (2005) and I don’t know if many people would actually do that. Thanks again for the offer and stay tuned for updates on that.
still waiting on the ddl site of the videos!!! thx!
me too. I sent one physical copy to somebody and another one electronically.
None of the guys did put all ISOs up yet as they promissed. One of them put 6 of the 10 isos up, which you can access here.
Nobody is reliable anymore nowadays. I am not active in the scene anymore and thus have no access to underground FTP sites either. I would pack it up as a full release and let things go their natural way.. but .. mmh.
Sorry for the delay, but it is not entirely up to me.
After a month no sign of the other 4 ISO’s
Please contact me because i believe that we can arrange a way of sharing all the dvd’s.
Forget about my previous post. I had a bookmark direct to this page and after posting i saw the other dvd’s on the frontpage!
Yep, no problem. I explained the reasons for the delay. How goes the saying? “If you want to be sure that something gets done, do it yourself.”
awesome man, thx for keeping information free (as it should be), awesome stuff!
Hey Carsten i want to thank you for sharing with all of us that dont have the money to actually buy this stuff,much respect!