shmoocon 2007

Some of the Shmoocon 2007 presentations have been posted. There’s a few, and maybe not all of them will be interesting, so I thought I would provide my feedback here (and ongoing) on the talks I checked out, plus a quick impression of what I thought about it.

I really wish I had attended Shmoocon, but I’m not really at a place right now where I could. I really wish I had heard about it back in its first year, 2005, as I was in DC at the time on business. Sadly, I didn’t learn about Shmoocon until after I had gotten back (and I was housed in a hotel very close to it as well!). At any rate, I’ll still whore up the presentations online and still get something out of it. Overall, I really dig the vibe from Shmoocon. It is serious about security but in a fun, friendly, personal kind of way that I think best resembles early Defcon or perhaps CCC. Smart, awesome, but not hoighty and “commercialized” or too anonymous.

Opening Remarks.mp4 – If you want to learn a little bit more about Shmoocon and what it’s all about, this is a useful talk from Bruce Potter of the Shmoo Group and runs a half hour.

Hacking the Airwaves with FPGAs – h1kari.mp4 – 20 minute presentation about cracking WEP and WPA (and FileVault and Bluetooth PINs) using different hardware pieces (FPGA) to speed things up. While that is interesting, the hardware itself is pretty spendy. If you’ve not seen his talk before or know anything about FPGA, watching a longer presentation may be more helpful, but his demos are quick and do work in this one. Tools: jc-wepcrack for WEP, coWPAtty for WPA, vfcrack for FileVault, btcrack for Bluetooth PINs.

No-Tech Hacking – Johnny Long – Johnny is a very cool presence and typically includes a lot of really awesome audience participation where he presents pictures and asks for feedback. This is no different and he presents a lot of pictures and asks, “What does a hacker see?” This is about observation skills, information gathering, opening your mind. I can just also say, “the driver has candy.”