I know that somebody will be pissed and mad at me right now, but who gives a fuck :). Here is the first batch of videos of 47 sessions and panels (of a total of 122), from the world largest hacker conference, DefCon 15, which was held on August 3 – 5, 2007 at the Rivera Hotel and Casino in Las Vegas, Nevada.
All videos together is a set of 10 DVD-ROMs!!! full of movie files. Bear with me while I am working on getting the rest of the videos up on-line. It’s a pain in the ass and a lot of tedious work.
The videos are sold commercially for several hundred dollars, but who has that amount of money flying around, right? Okay, I paid the money. So you are welcome.
And anyway, isn’t DefCon not about making exploits and scams public? I make them public, alright? Not the way some might have planned, but that is not my problem. I did not get the “Black Hat” sessions and have now second thoughts about it. They cost much less if you ordered it on-site. Damn, I hope somebody else will put them up on the Internet.
Okay, the first batch includes the following sessions, which are IMO the most interesting ones.
- T536 – The Edge of Forever – Making Computer History by Jason Scott from TextFiles.com who also did the documentary BBS – The Documentary, which is also available on-line at Google Video.
- T539 – Internet Wars 2007 (Panel Discussion)
- T503 – Anti Spyware Coalition (Panel Discussion)
- T504 – Disclosure Panel (Panel Discussion)
- T505 – Dirty Secrets of the Security Industry by Bruce Potter
- T506 – Self Publishing in the Underground by Myles Long, Rob “Flack” O’Hara and Christian “RaD Man” Wirth, founder and leader of the artscene group “ACiD” who did in 2004 a presentation called The Art of Textmode, the history of ASCII art, which is also available at my videos section.
- T107 – Tactical Exploitation by H.D.Moore & Valsmith
- T166 – Biting the Hand that Feeds You – Storing and Serving Malicious Content From Well Known Web Servers by Billy Rios & Nathan McFeters
- T109 – Fingerprinting and Cracking Java Obfuscated Code by Subere
- T111 – Meet the Feds (Panel Discussion)
- T112 – No-Tech Hacking by Johnny Long
- T131 – The SOA/XML Threat Model and New XML/SOA/Web 2.0 Attacks & Threats by Steve Orrin
- T137 – Creating Unreliable Systems – Attacking the Systems that Attack You by Sysmin & Marklar
- T140 – The Emperor Has No Cloak – Web Cloaking Exposed by Vivek Ramachandran
- T161 – HoneyJax (aka Web Security Monitoring and Intelligence 2.0) by Dan Hubbard
- T162 – Hacking Social Lives: MySpace.com by Rick Deacon
- T163 – The Inherent Insecurity of Widgets and Gadgets by Aviv Raff & Iftach Ian Amit
- T164 – Greater Than 1 – Defeating “Strong” Authentication in Web Applications (for Online Banking) by Brendan O’Connor. I blogged about that session and put the slides from the presentation up on-line.
- T207 – It’s All About the Timing by Haroon Meer & Marco Slaviero
- T201 – Church Of WiFi’s Wireless Extravaganza by Church of WiFi’s
- T202 – SQL Injection and Out-of-Band Channeling by Patrik Karlsson
- T206 – Virtual World, Real Hacking by Greg Hoglund
- T212 – Trojans – A Reality Check by Toralv Dirro & Dirk Kollberg
- T232 – Malware Secrets by Valsmith & Delchi
- T234 – Click Fraud Detection with Practical Memetrics by Broward Horne
- T235 – Fighting Malware on your Own by Vitaliy Kamlyuk
- T238 – Webserver Botnets by Gadi Evron
- T239 – The Commercial Malware Industry by Peter Gutmann
- T301 – Analysing Intrusions & Intruders by Sean Bodmer
- T304 – Re-Animating Drives and Advanced Data Recovery by Scott Moulton
- T307 – When Tapes Go Missing by Robert Stoudt
- T309 – Hacking UFOlogy – Thirty Years in the Wilderness of Mirrors by Richard Thieme
- T312 – The Executable Image Exploit by Michael Schrenk
- T337 – Hacking your Access Control Reader by Zac Franken
- T338 – Security by Politics – Why it Will Never Work by Lukas Grunwald
- T361 – Hacking the EULA – Reverse Benchmarking Web Application Security Scanners by Tom Stracener & Marce Luck
- T362 – Network Mathematics – Why is it a Small World? by Oskar Sandberg
- T363 – Beyond Vulnerability Scanning – Extrusion and Exploitability Scanning by Matt Richard
- T401 – Disclosure and Intellectual Property Law – Case Studies by Jennifer Granick
- T402 – Computer and Internet Security Law – A Year in Review 2006-2007 by Robert Clark
- T404 – Everything you ever wanted to know about Police Procedure in 50 minutes by Steve Dunker
- T431 – The Market for Malware by Thomas Holt
- T433 – Routing in the Dark – Pitch Black by Nathan Evans & Christian Grothoff
- T435 – Social Attacks on Anonymity Networks by Nick Mathewson
- T438 – Saving the Internet With Hate by Zed Shaw
- T441- Portable Privacy by Steve Topletz
I was writing about one particular session already twice here at my blog, here and the second time here.
It’s the session with Brendan O’Connor titled “Greater than 1: Defeating “Strong” Authentication in Web Applications”. If you did not believe me, watch it with your own eyes and hear it with your own ears.
Here is the video of that session. There is unfortunately no video recording of the discussion that happened afterwards in a different room, but I think that the session will be enough to open some people’s eyes.
Got it? Gee….
Update: Get the DefCon 15 Session Videos Batch II remaining sessions from track one.
Update II: Get the DefCon 15 Session Videos Batch III remaining sessions from track two and three and …
DefCon 15 Session Videos Batch IV (final batch) remaining sessions from track four and five.
Enjoy the videos! Cheers!
Carsten aka Roy/SAC