First Day at ToorCon 2008!

Well, today was the first day of ToorCon! It was good to be back in the scene and hanging out with some of the most dangerous people in America. Unfortunately Bauer-Power contributor, Sundance, was unable to attend as planned, so it was just me and my colleague Zack.

I traveled pretty light today. I didn't bring my laptop, and all I really had was a low-tech disposable camera. I took some random pictures of the conference, and will share them with everyone a little while later (I have to get the disposable camera developed).

Anyway, there were two really cool lectures at the Con that I personally thought were the best. The first one was the key note speech by Dan Kaminsky from IOActive who is THE main guy behind the recent DNS vulnerability scare worldwide. He basically, just went into his normal speech about DNS and how vulnerable it is, but it was rather riveting...and scary as all hell!

The second really cool lecture was on "Knowing and enjoying the Cold Boot Attack." This lecture was done by Jake Appelbaum. I wasn't too big a fan of Mr. Appelbaum's politics, but he was funny as hell with everything else. If you are not familiar with the Cold Boot attack, I wrote about it a few months ago, but I called it RAM Dumping to Hack Encrypted Hard Drives.

I still don't think it is a practical hack, but Mr. Appelbaum did make a good point that the FBI and DHS are using this very technique when seizing encrypted computers, and are successfully cracking them. He also mentioned that if you have a Mac running OSX with Safe Sleep is the most vulnerable. He had an audience member running OSX close the lid of the laptop to put the laptop into sleep mode, then he had the dude take out the battery, then he had the guy put the battery back in and power the laptop back on. The laptop booted up, and after the progress bar the guy was back where he left off and did not even have to enter a password! That is because Mac OSX caches the users password in memory indefinitely! Apparently, Apple says that is a feature.

Anyway, besides the lectures, the absolute coolest part so far was that I got to meet Darren Kitchen and Shannon Morse from one of my favorite IPTV shows Hak5. More on that encounter later.



So I am sure you are all salivating, and wishing you could have been there today, well here is the next best thing... A crappy video of Dan Kaminsky from Foo Camp 2008 talking about the DNS vulnerability (Hey I found it on Youtube...Why not?):

Posted in: 2008, toorcon