The Pwnies have come back East after an intense — and amazing — week in Sin City. Seeing the community out in full force is a rare and beautiful thing, and Black Hat and DEF CON are the greatest time to do so. Though a little healthy paranoia goes far in this industry, Pwnie Express is always happy to be in the thick of it!
Black Hat kicked off with a single keynote: Dan Geer of In-Q-Tel spoke about “Cybersecurity as Realpolitik,” an assessment of the future of cybersecurity within the framework of political realism. A recording of the talk as well as the full transcript is available online. Geer spoke about how the explosion of technology means that we no longer have people who fully understand the general state of security while being able to properly harness all of the tools the industry uses. He also reminded the audience that “all cyber security technology is dual use,” something that most people find disturbing, though to InfoSec professionals this is common knowledge.
Continuing the rich con tradition of potentially controversial talks being cancelled at the last minute, two Carnegie Mellon researchers saw their Tor talk called off. According to Reuters, Tor is working with CERT to “coordinate the disclosure of details on the researchers’ attack on the network;” the Washington Post reported that the disclosure could happen “possibly as soon as this week.”
DEF CON was enjoying its last year at the Rio with some big names, as well. A record number of attendees were present when John McAfee swung by to decry smart phones (“the most promising privacy thing is stupid phones”) and Phil Zimmerman compared surveillance to slavery, saying that the industry is responsible to provide the products to protect privacy. Movie Night with Dark Tangent was hacker-centered Sci-Fi “The Signal”, professors analyzed the economics of stolen data, and multiple talks discussed the rise of bug bounties. As usual, the Wall of Sheep exposed those foolish enough to connect to Wi-Fi and a series of technical talks and demonstrations on everything from cryptography and DDoS defense. And the badges? Wired just ran a full feature on the masterpieces and their creator.
The cons were amazing, and we’ll be posting more detailed discussions of some of the talks in the coming days.