Defcon talks posted online
The defcon talks from this year are available now:
http://www.defcon.org/html/links/dc-archives/dc-18-archive.html
I think the other stuff like the code for the badges will be posted soon.
-Rez
Defcon 18 summary
I like....hacking conferences.
First off, I did not participate in the Crack Me If You Can contest. I had all my code ready as well as some dictionaries, however the competition was ungodly. My home-brewn code was singlethreaded, and would take 4 days to go through a 2gb dictionary on my machine. The winners of this contest had 11 people with off the shelf software, and quad-core or greater with sli latest-gen gpu crunching power. I think the stats were that 60% of the hashes were cracked within 48 hours average across all teams.
I unfortunately did not get to participate in the badge hacking contest either. I arrived on the first day to registration at maybe 3:30pm, and they had just sold out all of the hackable badges at 2:00pm. So they gave me a paper badge. Luckily on the closing ceremony some extra 9 came in, and I got one. It's weird that Kingpin(the guy who designs the badges) doesn't like the arduino(referred to it as retarduino). Arduino is my first, but now I will have to try out the microcontroller on the badge and see what non arduino mcs are all about.
Altogether the talks this year were more mediocre than Defcon 17. Amongst these there were some gems however, and DC18 had more less shiny gems than DC17's less more shiny gems.
But the bad talks were baaaaaaad. There were guys giving python talks that admitted on stage that they only started learning python a week before their talk. There was a girl who demonstrated how to rip songs from internet websites........which any 'retarduino' as kingpin puts it, can do with 5 minutes of googling. Then there was a guy who just read off his slides which were a million pages long with no demonstration at the end. He basically theorycrafted.
Now, EFF is cool but the amount of EFF pimping was too much. I donated a little bit, but it seemed around every corner I was getting asked to donate and then being scowled/shunned for not giving more money.
So, one of the things EFF was doing to raise money during defcon was giving 50$ mowhawk haircuts. At the ending ceremony some EFF spokesperson(I think it was Kellie Brownell) was like "thanks for the money, we are SOO grateful", and someone in the audience yelled "wheres your mowhawk?" Then the audience started chanting "do it on stage, do it on stage," the EFF spokesperson said she would get one later and disappeared with haste. Everyone with a mowhawk in the audience, of which there were many, quickly realized how hard they were trolled. I lol'ed.
The How I Met Your Girlfriend talk was an all around 10. Every point made had a purpose, and it all fit together very nicely.
That said, there were many script based attacks. I'll be dipping my toe in this area from piqued curiosity.
There was an increase in talks relating to radio technology. DCFlux's moonbouncer was really cool, and the talk on how to intercept cellular GSM data. This defcon (18) was more useful from the hardware hacking side. Lots of "Oh I didn't think it would work but I never thought to look at it that way." Talks this year were waay more practical and elegant.
One thing that I didn't like though was the no camera policy was changed. You are now allowed to take 'public' photos, which means anybody can photograph anybody else at defcon.
-Rez
My Descent
This is the second year I am going to Defcon, and for the past few days I have been trying to get up to speed on cracking hashes for a contest. I've never done this before.
My first reaction was to try brute force, so I whipped up a program in OSX to do it, but it became evident that the process would take too much time..
My second try was to do rainbow tables, but they can take longer. I cracked for three days and only got one password out of a practice hash list.
So now I am just going to gather all the dictionaries that I can and use them. The contest is Crack Me If You Can, and contestants will have two days to crack 53,000 hashes. The person who has cracked the most at the end wins.
The competition is totally hardcore though.
Leaving the 29th and coming back the 1st or 2nd.
-Rez