Putting Faraday shielding fabric to the test.

Last year at Thotcon the presenters were given what were purported to be faraday shielded backpacks - backpacks manufactured with fabric woven out of very fine conductive wires that are said to reflect radio frequency signals inside and outside.  The idea is that if you have a cellphone and you put it inside the bag, you could be sure that the phone was not talking to any cell towers so it would be harder to track the person carrying the phone, as well as preventing any malware that may have been installed from phoning home.  So the reasoning goes, even if …

Read more...

DefCon 22 presentation notes

Behind the cut are the notes I took during DefCon 22, organized by name of presentation. Where appropriate I've linked to the precis of the talk. I make no guarantee that they make sense to anybody but me.

One Man Shop: Building an Effective Security Program All By Yourself - Medic

  • Integrate with environment
  • Continuous monitoring
  • People and Process -> Secure Network Architecture -> Secure Systems Design -> Continuous Monitoring -> External Validation -> Compliance
  • Compliance, per usual, means dick in the final analysis
  • Roughly five year plan w/ deliverables
  • Needs organizational supprt. Still answers to the Business.
  • Supports, !replaces Business
  • Security will not mature past …
Read more...

DefCon 22: The writeup.

The reason I've been quiet so much lately and letting my constructs handle posting things for me is because I was getting ready to attend DefCon 22, one of the largest hacker cons in the world. It's been quite a few years since I last attended DefCon (the last one was DefCon 9, back in 2001.ev) due to the fact that Vegas is, in point of fact, stupidly expensive and when you get right down to it I need to pay bills more than I need to fly to Las Vegas for most of a week. I'm also in …

Read more...