Def Con 25 - Las Vegas July 27-30, 2017

edited January 2017 in Community
Let's get the planning started!
Def Con 25 - Las Vegas 
July 27-30, 2017
Caesar's Palace, Las Vegas
Tickets: $250 estimated (only at the door, cash)

Talks: Start writing your proposal now and speak at the biohacking village https://www.defcon.org/html/links/get-involved.html

Rooms: July in Las Vegas is like been smothered by fiery hot fog. Very hot and humid. Try for the host hotel or as close as possible. There is no shame in taking a cab a block.

Who's going? Who needs help get speaking proposals in?


Tagged:

Comments

  • edited January 2017
    Going! :D Doubt I'll speak, but I'm keeping an eye out for volunteer options in the Biohacking Village this year (and/or general goon work).

    Did we compile a list last year of things we wish we brought / accounted for?

    Oh, and something that came to mind this last weekend. With implant projects and ideas getting more and more technically advanced, security is definitely something we all need to keep in mind. It might be neat to propose an implant hacking contest, where anyone who wants to get their stuff audited offers a reward for anyone able to breach the device in an undesirable way. Offering bug bounties and having an open discussion about the security of your device sounds like an excellent way to build a relationship with the infosec industry, who I'd personally rather have working with us as opposed to against us :)
  • edited February 2017
    Has anyone done talks on the use-case of NFC/RFID implants for penetration testing / Hacking?

    I've created a URL holding a malicious apk that automatically downloads to any phone that scans my chip, and calls back to an interpreter.

    Since there is no security on the smart device side of NFC (that I know of at this time), it's as simple as asking someone to use their phone to make a call, hit your chip, install, done. (certain phones have good enough security to pick it up, but if you're crafty they won't catch it.)

    now you can execute attacks remotely on the infected device.

    so far, I've only tested it on a galaxy S4 and a couple of friends phones.

    I think it would be a good topic for Def Con with some other use-cases appended.
  • @t3chn0ph1l3 It sounds like a topic that has the potential to make biohackers look bad, kinda like using a car key to key a car or worse, I would definitely at least clean up the wording, I dunno though.
  • It's not unheard of; I've talked with folks who have been looking into loading their NFC unit with a payload. The target device would need to have 'Non App Store' install permissions available, and there's a few steps to actually kick off the install (at least, last time I tossed an APK on a device I had a few more steps to go. My info could be outdated?). While it still requires super-close-range physical access to the device, it's far from improbable.

    Something I saw this weekend at BodyHackinCon that got my srcurity scheming going: NFC reactive nails. Essentially they were gel nails with an NFC-responsive light. Having a different frequency assigned to each nail would be a neat way to test the given frequency of an unknown reader, perhaps? Cyberise.me is also working on implantable NFC responsive lights as well, which if you could get a few that span across a range of frequencies, might make for some pretty AND useful body art :)
  • Hey so for those of you who are going to be at defcon, where's everyone staying?
  • the nfc attack vector was presented at 'hack miami' last year i believe.

    i will be working the biohack village with dmp, but i will be there on the 24th for bsides lv and hanging out before dc25, when are people getting in?   i will be at the tuscany were will others be at?
Sign In or Register to comment.