Back from Defcon 32 with knowledge swag but no voice

Defcon32 - Big Sign

I had a great time this year.  i went deep into the sticker game and spent WAY too much time playing with the badge.  Playing with the badge allowed me to meet and work with some incredible people with whom we learned, laughed, and lamented the badge’s terrible supplied SD cards. This year i brought flyers to promote my phone adventure game and joined in #StickerLife with a supply of stickers of my own.  unfortunately the printers gave me too many flyers, but not enough stickers.

Defcon32 - be3n stickers and flyers

My game did get some traction this year for the first time.  Still no winners, but i did get this incredible voicemail from one of the players.  I appreciated more ridiculous phone stuff.  great job whoever you are!

Defcon32 - badges

Defcon32 - be3n badge zelda

The Badge had a lot of problems.  only some of which were patched with updates.  I excitedly made changes, but then the SD card would fail and be unable change back.  currently mine is stuck as a Mario Game, which is not so terrible.   i can finish the Defcon GameBoy game on an emulator.

Defcon32 - Badge Dev Mode Defcon32 - Badge Game 1 Defcon32 - Badge Game 2 Defcon32 - Badge Game 3Defcon32 - Sticker Haul

Return visit to Hart Attack to talk about hacking!

This was even more of a meandering discussion then last time.  We started with the election hacking scandal and branched out to cover all manner of terrifying technology.   Episode 123 airs on Christmas evening 8pm PST.  Downloads available sometime after here or podcast.  Here is a link:

Hart Attack Home

Hart and I have worked together for some time.  He is a mogul of all things horrific.  Now he takes on the horror of the modern day with a political/news podcast.  He is also struggling under the enormous weight of the medical care for his wife.  I encourage anyone with extra funds this holiday season to contribute here.

Just participated in my first podcast for Hart Attack!

It was fun, we talked about technology, hacking, and corporate oppression.  Unfortunately, there wasn’t time for hope.  I’ll have to come back on to explain that it’s not all doom and gloom.   Episode 117 airs on Saturday evening.  Downloads available sometime after here.  Here is a link to more shows:

Hart Attack Home

Hart and I have worked together for some time.  He is a mogul of all things horrific.  Now he takes on the horror of the modern day with a political/news podcast.

Defcon 2016 photos and videos

Close ups of my much coveted badge.  Some hardware and base stations of the wifi village.  Both Information Society and Berlin played on Saturday night!  Shot a video of an amazing demo from the Car Hacking Village.  A car modified to play games instead of driving.  Also, the best of my flight home.  Some great pictures of Hoover dam and some of the solar farms and mesas as we few home.

defcon 2016 badge closedefcon 2016 badge chipdefcon 2016 wifi villagedefcon 2016 wifi village 2 
Continue reading “Defcon 2016 photos and videos”

iOS 5.1.1 Jailbreak released at Hack in The Box Conference! Untethered with iPad 3 Support!

The Dream Team did it again! With Absinthe 2.0.1 2.0.4, Chronic Dev & iPhone Dev Team have piled amazing exploits into a very easy tool. Official Press Release. Get your download here. Wish i was in Amsterdam with all of you having a blast. Thanks for all your work. I missed you Cydia, VLC, SBSettings, now if only i had Safari downloader!

More Certificate Authority Problems!

In the mist of  #antisec and on the heels of the Vegas Hacker/Security conferences, another CA (DigiNotar) was hacked.  This time the hackers got Google’s security certificates.   With that criminals could use a technique known as a Man in the Middle attack to impersonate google and nothing can stop them.  Personally i have heard @ioerror rant about the fundamental flaws of our present SSL system.  Perhaps this will help bring about a change more quickly but for now we can blacklist the offending certificates.  here is how (on a mac)

To protect Safari, the solution is, apparently, to run Applications/Utilities/Keychain Access, click on “System Root” on the upper-left, and “All items” on the lower-left, then type “DigiNotar” into the upper-right searchbox, then doubleclick on all the certs that show up (you may only have one), open the “Trust” detail area, and change “When using this certificate” to “Never Trust”, then close the dialog box.

For Firefox users, go to Firefox’s Preferences, click on Advanced, then the Encryption tab, then click on “View Certificates”, click on the “Authorities” tab, scroll down to DigiNotar, click on “DigiNotar Root or CA”, then click on “Delete…” or “Delete or Distrust…” below (depends on your version).

Read more here:
http://www.computerworld.com/s/article/9219606/Hackers_stole_Google_SSL_certificate_Dutch_firm_admits?taxonomyId=85