Defcon Recap
As previously mentioned, I spent last weekend in Las Vegas for a family gathering at Defcon 18. First, I have to say that it was awesome. It was much better than I expected. My notes claim that I have about five more posts worth of stuff to talk about from the convention. Rather than drown you all in security I will spread it out over the next month or so.
Second, I must cry bullshit about the badge situation, Joe and Jon queued up to get our badges Thursday afternoon and happened to hit a two or three hour window in which good badges were not available. We met people who got good badges on Friday morning. Lame. Certain members of our party are quite keen on destroying good badges next year.
Third, a drink involving two cans of Monster, pineapple juice and vodka that is served in half gallon plastic footballs gives me blackjack super powers that mostly involve tipping the dealer too much, shooting off my mouth too much, and being a bit more of an ass hat than usual. Pretty much awesome.
Now for the swift yet obligatory presentation roundup. I saw eight talks, I don’t think any of them were on the list I gave out earlier, but there was much quality and entertainment regardless.
I attended a thing by some dudes who will soon be bringing unexpected ads to a digital camera screen near you. Not too much to say other than that they seem to have put way too much work into an endeavor that will inspire me to hunt them down and punch them in the nuts if it ever happens to me.
Another presentation showed me how easy it is to make the road construction message signs warn of zombies ahead and implanted a great fear of a time when I will be driving down the freeway and an electronic billboard will blast a picture of something horrible at me.
Next was a guy from Kingman who is a hacker turned amateur radio operator and did interesting things with micro waves and old satellite dishes. He was entertaining and had learned lots of useful things the very hard way. Defcon is a strange conference to come at from a hardware background rather than an IT/infosec background.
Then came one of my favorite presentations of the show, “Weaponizing Lady Gaga; Psychosonic Attacks.” It focused on hypnotism through background noise. The presenter was awesome and I am still unsure of whether or not we were attacked during the presentation. However I am now super paranoid about everything with sound.
The next day I attended two solid presentations on cyber warfare, learned that it would be trivial to lock everyone out of the badge readers at my work, and also learned that being a physical security consultant is a pretty horrible career move.
It is a great conference and I can’t recommend it enough. I am looking forward to next year at the Rio and hope to see some of you there.
Being the person who ended up attending one of Dave’s listed presentations I’ll give a quick recap of The Law of Laptop Search and Seizure.
First, if you are crossing the international border, don’t have anything interesting/illegal on your laptop. For various reasons, which you probably don’t want to hear about, the standard for a search and/or seizure is way below probable cause, or even reasonable suspicion (i.e., a border search is considered an exception to the 4th amendment right against unreasonable search and seizures).
Second, if you do intend to have something interesting/illegal on your computer (I cannot condone this), encrypt it, password protect the file, isolated and password protect that section of the computer, don’t let anyone else use it, and leave the darn thing off when you are not using it. This is because another person who has access (or who the police reasonably think have access) can consent to the search and there is some case law that says forcing you to verbally provide a password (verbally) during custodial interrogation (legalese) is against the 5th amendment. . . (the “you have the right to remain silent anything you say may be used against you in a court of law” bit).
That is it in a nutshell (no legal pun intended for you lawyers out there). I guess the EFF would have more info on this since they did the presentation.
I went to two other talks, the one on ISPs being the best, if most bizzare, though the FOIA talk was interesting from the perspective of working in another area of administrative law.
btw, the above is NOT legal advice but rather a summary of someone else’s “not legal advice”
Thanks for the overview Mary.
If any one else wants to drop a write up of other Defcon 18 presentations in the comments here, they are welcome.