Duncan's Security Blog An enthusiasts musings


First post, ZaCon III report back

I have finally decided to get my act together and begin posting on my blog. Albeit still in need of a great deal of design work, I will make this post and make good on design promises soon.

So to kick off the blog, I will report back on the ZaCon III InfoSec conference (www.zacon.org.za) which I attended about a week ago. Almost straight after beginning my attendance at ISG Durban(Information Security Group), I heard about ZaCon, and as fate would have it, I would be in Johannesburg on the scheduled weekend.

With great excitement, off I went to attend presentations on both days. The first evening started a little slow, but after some drinks and socialising with the attendees, the first presentation began. Footprinting has always been the source of fun for me, and over the years I have developed a few methods of manually gathering information about certain targets. So it came as great surprise that the first presentation was about Maltego; footprinting software that I was unfamiliar with. I was enthralled by the presentation, which demonstrated exactly those skills I have developed. The second (and last) presentation of the evening was about pickle exploitation in the python programming language. Due to not being familiar with python, the presentation was mostly lost to me.

The next day was the main attraction, and more "conners" were in attendance. After some coffee, the conners filtered into the lecture theatre for the first presentation of the day: Real world SoC. Being a student, it was good to hear about how the industry enforces security related issues. Next up was a presentation on hash cracking, a subject I know a great deal about. While the theory behind it all was mostly already known to me, I was interested in the statistics and specific applications which the presenter included in his presentation. The presenter himself was a pleasure to listen to, given his accomplishments in the field. Following this was a presentation on NNTP cache enumeration and poisoning. At first I just glossed over the name of the presentation, but after it began, I realised it was something very close to home. Needless to say the presenter had my undivided attention as soon as I realised the implications to my use of usenet.

After a short tea break, presentations resumed with a presentation by a phD student from Rhodes, who was presenting on functional programming. I have heard a bit about functional programming through my years of studying computer science, but have never actively practised it. Due in large to its unproven status as a programming paradigm I suppose. The presenter proceeded to demonstrate just how effective functional programming is, from a security point of view, as well as a programming point of view in general. Following this, were presentations on OSX sandboxing, and systems application proxies.

After lunch, the first presentation was interesting to all those in attendance, entitled: "Can I go to jail if...". The presenters selected computing practices(particularly to do with hacking), and reasoned the laws surrounding them. The next presentation was done by a masters student (I think it was masters anyway) from UJ. He presented on his research into rootkits. His methods were interesting, despite being somewhat disturbing. Especially since my netbook began showing signs he mentioned were side affects of being infected with his rootkit (mainly BSODs). However, later I discovered that my netbook troubles were nothing to do with a rootkit, but rather a hard drive which was about to fail.

Next up was a relaxing presentation on a different side of hacking: lockpicking. Another topic which I have dabbled in over the years, so the theory was known to me. But that didnt stop me from remaining captivated (it was nice to know I am not the only one who is interested by such things). Following another tea break, were the last three presentations, and the keynote via skype.

"The protocol trench" was the next presentation, which was mainly about access restrictions to clients on the network (for their own safety of course), after which was a presentation (or more a plea) for security enthusiasts such as the audience, to be "builders", and not "breakers" of security measures. The last of the in house presentations was about enterprise security.

Lastly, was the keynote speech delivered via skype by Richard Thieme. His speech was very interesting, and posed many questions regarding the current state of affairs, but more importantly what is possibly going to arise in the future. I was particularly pleased that he mentioned threats on which I have had lectures on by researchers from MIT (who are actively involved in the development of), namely the usage of cellular devices as a means of tracking and recording data(and the associated AI systems).

So here ends my first post, I hope that I shall not be as lazy for the posts which are to follow.

Tagged as: , No Comments