DEF CON® Hacking Conference - DEF CON 18 Media Archives

Speakers

Adam
Chema Alonso (1, 2)
Md Sohail Ahmad
Francisco Amato
Colin Ames
Iftach Ian Amit
Michael Anderson
Jake Appelbaum
James Arlen(1, 2, 3)
aSmig
Itzhak "Zuk" Avraham

Mike "mckt" Bailey
Kevin Bankston(1, 2, 3)
Sean Barnum
Rod Beckstrom
Jared Bird
Bitemytaco
Tobias Bluzmanis
Dan Boneh
Marco Bonetti
Sam Bowne
Frank Breedijk
Michael Brooks
Dennis Brown (1, 2)
Francis Brown
Jeremy Brown
David "Videoman" Bryan (1, 2)
Jeff Bryner
Jesse Burns
Daniel Burroughs
Elie Bursztein(1, 2)

Furkan Cayci
Jeffrey Carr
Chris Conley
Cesar Cerrudo
Anton Chuvakin
Jim Christy
John A. Colley
Greg Conti
Mike Convertino
Joshua Corman
James Costello
CP
John Curran
Adrian Crenshaw

Joe Damato
Jack Daniel
datagram
Dong-Joo Ha
Decius
A.P. Delchi
Deviant Ollam
Jerry Dixon
JP Dunning(1, 2)

Peter Eckersley(1, 2)
Luiz "effffn" Eduardo
Monta Elkins
Erratta
EvilAdamSmith

Marisa Fagan
Esteban Martínez Fayó
Matt Fiddler
Jimi Fiekert
David Fifield
Tony Flick
Joe "Crazy" Foley
Follower
frank^2 (1, 2)
Andy Fried
Fyodor

Eva Galperin
John Garris
Kenneth Geers
Goldy
Baptiste Gourdin
Rob Graham
Joe "Kingpin" Grand
Jennifer Granick(1, 2, 3)
Barry Grundy

Paul Haas
Nathan Hamiel
G. Mark Hardy
Craig Heffner
John Hering
Sho Ho
Chris Hoff
Marcia Hofmann(1, 2, 3)
HONEY
Leigh Honeywell(1, 2)
Bob Hopper
Chad Houck
Wayne Huang(1, 2, 3)
Alex Hutton

Jon Iadonisi
Jibran Ilyas
Oren Isacson

Barnaby Jack
Stephen 'afterburn' Janansky
Jeffball
j03b34r
Paul Judge

Samy Kamkar
Dan Kaminsky (1,2)
Gerald Kane
Kanen
Josh Kelley (Winfang)
David Kennedy (ReL1K)
Nathan Keltner
Mike Kershaw
Max Kelly
Fouad Kiamilev
Josh Kelley (Winfang)
Ki-Chan Ahn
Dave King
Federico Kirschabum
Robert Knake
Andrew Kongs
Tim Krabec
Tyler Krpata
Righter Kunkel

Jocelyn Lagarenne
Anthony Lai (1, 2)
Corey 'c0re' Lange
Jason Lee
Jonathan Lee
Felix "FX" Lindner
Anthony Lineberry
Ryan Linn
Logan Lodge

Matias Madou
Kevin Mahaffey
Paul Malkewicz
Kevin Manson
Moxie Marlinspike
Joshua Marpet
Rich Marshall
Dave Maynor(1, 2)
Jon McCoy
Joseph McCray
mc.fly
Martin McKeay
Chris McKenney
John McNabb
Joseph Menn
Shawn Merdinger
Merlin
metr0
Mike Metzger
Charlie Miller
Paul Mockapetris
Doug Mohney
Rich Mogull
Justin Morehouse
David Mortman
Shawn Moyer
Patrick Mullen

Brandon Nesbit
Lang Nguyen
J. Novak

Jon Oberheide(1, 2)
Jeongwook Oh
Kurt Opsahl(1, 2)
Alfredo Ortega
Timothy "mage2" Otto
Nicole Ozer

Neil Pahl
José Palazón "Palako" (1, 2)
Chris Paget(1, 2)
Christian Papathanasiou
Garry Pejski
Ryan Pentney
Nicholas J. Percoco (1, 2)
Larry Pesce
Pierce
Samuel Petreski
Garret Picchioni
Christopher E. Pogue
Wade Polk
Bruce Potter
Adam Pridgen
Ken Privette
Josh Pyorre

Nguyen Anh Quynh

Eric Rachner
Rob Ragan
Rain
Tiffany Rad
Paul F. Renda (1, 2)
Renderman
Jim Rennie
Riley Repko
David Richardson, Sr.
Rsnake
Matt Ryanczak
ryd
Gustav Rydstedt

Marcus Sachs
Ed Schaller
Michael "theprez98" Schearer
Eric "Unlocked" Schmiedl
Ferdinand Schober
Jason Scott(1, 2)
Blake Self(1, 2)
James Shewmaker
Sumit "sid" Siddharth
Ken Silva
Brad Smith
David C. Smith
Rich Smith
Christopher Soghoian
Roberta Stempfley
strace
Jayson E. Street
The Suggmeister

Tom Talleur
Trent Teyema
Richard Thieme
Patrick Thomas
Marc Weber Tobias
Tottenkoph
Schuyler Towne
Joey Tyson

Valsmith
Robert Vamosi
Mathy Vanhoef
Randy Vickers
Paul Vixie
vyrus(1, 2)

Nick Waite
Mark Weatherford
Michael Weigand
Barrett Weisshaar
Lin Wells
Jacob West
Dondi "SpookDoctor06" West
Marcin Wielgoszewski
Joshua Wise
Scott Wolchok
Matthew Wollenweber
Tim Wyatt

Amit Yoran(1, 2)
Jack Yu

Dolores Zage
Wayne Zage
Matt Zimmerman
Zoz(1, 2)

Of Bytes and Bullets

DNS Systemic Vulnerabilities and Risk Management: A Discussion with the Experts

Hacking the Future

Internet Wars

Meet the EFF

Meet the Feds - CSI: TCP/IP

Meet the Feds - Policy, Privacy, Deterrence and Cyber War

oCTF: 5 years in 50 minutes

PCI, Compromising Controls and Compromising Security

Highlights

DEF CON 18 Program

Lost your program? Didn't pick one up? Couldn't make it to the con? Here it is!
PDF (11.2MB)

Contest Results

May be found on the DEF CON 18 Contest Results page

Audio/Video RSS Feeds

Music
Slides (video)
Video (Speaker and Slides)
Audio

DEF CON 18 Website

DEF CON 18 Site

Press Coverage

WPA2

Other

Adobe to fix Reader hole unveiled at Black Hat - CNet News
Got an iPhone? There's an App for Hacking That - Technology Review
Hack attack hits ATM jackpots - Google News
Hackers to flock to Black Hat, Defcon this week - ZDNet
A Simple, But Effective, Way to Beat Internet Censorship - MIT Technology Review
How to Locate a Web User with a Few Clicks - MIT Technology Review
Warning Issued on Web Programming Interfaces - MIT Technology Review
Facebook's former top security officer says military and commercial cyber defense should be united - Social Beat
Software released for attacking Android phones - Reuters
Biometric and Other Locks Fail to Foil Hackers at DefCon - Wired - Threat Level
Researcher Reads RFID Tag From Hundreds Of Feet Away - Dark Reading
DEFCON 18 Quals: writeups collection - VN Security
DEFCON 18: LOCKS, LIES, AND VIDEOTAPE - The Sidebar
Black Hat USA 2010 and DEF CON 18 Wrap Up - It's Tactical
See you at the Rio in 2011 - WiFi WLAN Media Blog
[Defcon] You Spent All That Money And You Still Got Owned… - Catch 22 InSecurity
[Defcon] SHODAN for Penetration Testers - Catch 22 InSecurity
[Defcon] Hacking Oracle From Web Apps - Catch 22 InSecurity
[Defcon] Exploiting WebSphere Application Server's JSP Engine - Catch 22 InSecurity

Video Coverage

Behind the Firewall – episode 010: Defcon 18 - Hacker News Network
TDSSKiller: Stop Google Malware, iPad Charging Help, New Kindle, Defcon 18, Lapt - Tekzilla
DEFCON 18 - Hak5
DEFCON 18 registration line at Black Hat USA - Kingpin's YouTube
DC18 Badge Hack: DEFCON Super Rocker 18 Guitar - Kingpin's YouTube
DC18 Badge Hack: DEFCON + Ninja Badge Combo - Kingpin's YouTube
DC18 Badge Hack: Virus Propagation - Kingpin's YouTube
DC18 Badge Hack: Web-of-Trust - Kingpin's YouTube
DC18 Badge Hack: GoatBar UPC Barcode Writer/Emulator - Kingpin's YouTube
DC18 Badge Hack: Slot Machine - Kingpin's YouTube
DC18 Badge Hack: "You're Busted" Police Lights - Kingpin's YouTube
DC18 Badge Hack: Personal Oscilloscope - Kingpin's YouTube
DC18 Badge Hack: TV-B-Gone - Kingpin's YouTube
DC18 Badge Hack: Coffee/Drink Mixer - Kingpin's YouTube
DC18 Badge Hack: Paper Badge Display - Kingpin's YouTube
DC18 Badge Hack: XXX Interactive - Kingpin's YouTube
DC18 Badge Hack: Porn Theater - Kingpin's YouTube
DC18 Badge Hack: Boob-Ma-Tron - Kingpin's YouTube
DC18 Badge Hack: Flava Flav Badge - Kingpin's YouTube
Tom and Andrew talk about Defcon 18 - GFQ Network
Defcon 18 - Goon Pirates storm the Toool presentation - Kallahar's YouTube
Defcon 18 - Siviak gets a goon hug - Kallahar's YouTube
Defcon 18 - Police firearms trainer - Humphrey Cheung's Vimeo
Defcon 18 - Las Vegas Gringo Warrior Lockpick - Routergods' YouTube
w00tb0t-Gringo-Warrior-Defcon-18 w00tb0t's YouTube
More Retro Computing at Defcon 18 Tekarien's YouTube
Defcon18 encrypted wifi effffn's YouTube
Dan Kaminski... I don't care - idontcare296's YouTube

Was July 30 - August 1, 2010 at the Riviera Hotel & Casino

Speakers & Presentations

Chema Alonso, José Palazón "Palako"

FOCA2: The FOCA Strikes Back

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Chema Alonso, José Palazón "Palako"

Connection String Parameter Attacks

Read It! (Slides | White Paper)
See it! (Slide Video | Speaker and Slide Video )
Hear it! (m4b Audio)

return to top

Md Sohail Ahmad

WPA Too!

Read It! (Slides | White Paper)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Francisco Amato, Federico Kirschbaum

Evilgrade, "You Still Have
Pending Upgrades?"

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Iftach Ian Amit

Cyber[Crime | War] Charting Dangerous Waters

Read It! (Slides | White Paper)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

James Arlen UPDATED

SCADA and ICS for Security Experts: How to avoid Cyberdouchery

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Itzhak "Zuk" Avraham UPDATED

Exploitation on ARM - Technique and Bypassing Defense Mechanisms

Read It! (Slides | White Paper)
See it! (Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Mike "mckt" Bailey

Web Services We Just Don't Need

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Marco Bonetti

Mobile Privacy: Tor on the iPhone and Other Unusual Devices

Read It! (Slides | White Paper)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Sam Bowne

Who Cares About IPv6?

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Frank Breedijk UPDATED

Seccubus – Analyzing vulnerability assessment data the easy way...

Read It! (Slides | White Paper)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Michael Brooks UPDATED

masSEXploitation

Read It! (Slides | Extras)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Dennis Brown

Resilient Botnet Command and Control with Tor

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Dennis Brown

How Hackers Won the Zombie Apocalypse

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Jeremy Brown UPDATED

Exploiting SCADA Systems

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

David "VideoMan" M. N. Bryan, Michael Anderson

Cloud Computing, a Weapon of Mass Destruction?

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

David "VideoMan" M. N. Bryan, Jared Bird

The keys to running a successful Def con Group by DC612

See it! (Slide Video)
Hear it! (m4b Audio)

return to top

Jeff Bryner

Google Toolbar: The NARC Within

Read It! (Slides | Extras)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Daniel Burroughs

Open Public Sensors and Trend Monitoring

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Elie Bursztein, Baptiste Gourdin, Gustav Rydstedt

Bad Memories

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Elie Bursztein, Jocelyn Lagarenne, Dan Boneh UPDATED

Kartograph : Finding a Needle in a Haystack or How to Apply Reverse Engineering Techniques to Cheat at
Video Games

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video )
Hear it! (m4b Audio)

return to top

Cesar Cerrudo

Token Kidnapping's Revenge

Read It! (Slides | White Paper | Extras)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

John A. Colley

WRT54-TM, Media Center and
Network Sniffer

return to top

Chris Conley

Hacking Facebook Privacy

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Greg Conti UPDATED

Our Instrumented Lives: Sensors, Sensors, Everywhere...

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Adrian Crenshaw

Programmable HID USB Keystroke Dongle: Using the Teensy as a pen testing device

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

John Curran UPDATED

IPv6: No Longer Optional

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Joe Damato UPDATED

Function Hooking for Mac OSX and Linux

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Decius

Exploiting Internet Surveillance Systems

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

A.P. Delchi

Physical Security : You're Doing It Wrong!

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

TOOOL

The Search for Perfect Handcuffs...
and the Perfect Handcuff Key

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

JP Dunning

Katana: Portable Multi-Boot Security Suite

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

JP Dunning

Breaking Bluetooth By Being Bored

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Peter Eckersley, Jesse Burns

An Observatory for the SSLiverse

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Peter Eckersley

How Unique Is Your Browser?

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Luiz "effffn" Eduardo

Your Boss is a Douchebag... How About You?

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Monta Elkins

Hacking with Hardware: Introducing the Universal RF USB Keyboard Emulation Device - URFUKED

Read It! (Slides | Extras)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Marisa Fagan

Be A Mentor!

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Esteban Martínez Fayó

Hacking and Protecting
Oracle Database Vault

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

frank^2

Trolling Reverse-Engineers with Math: Ness... It hurts...

Read It! (Slides | Extras)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Jimi Fiekert

The Anatomy of Drug Testing

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Joe "Crazy" Foley, Eric "Unlocked" Schmiedl, Zoz

Exploitable Assumptions Workshop

Read It! (Slides)

return to top

Fyodor, David Fifield

Mastering the Nmap Scripting Engine

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Kenneth Geers UPDATED

Live Fire Exercise: Baltic Cyber Shield 2010

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Joe "Kingpin" Grand

Making the DEF CON 18 Badge

Read It! (Slides | Extras)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Jennifer Granick, Matt Zimmerman

Legal Developments in Hardware Hacking

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Jennifer Granick, Kevin Bankston, Marcia Hofmann, Kurt Opsahl

The Law of Laptop Search and Seizure

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Paul Haas

Advanced Format String Attacks

Read It! (Slides | Extras)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

G. Mark Hardy

Tales from the Crypto

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Nathan Hamiel, Marcin Wielgoszewski

Constricting the Web: Offensive Python for Web Hackers

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Craig Heffner

How to Hack Millions of Routers

Read It! (Slides | White Paper | Extras)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Sho Ho

FOE‚ The Release of Feed Over Email, a Solution to Feed Controversial News to Censored Countries

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Marcia Hofmann

How To Get Your FBI File (and Other Information You Want From the Federal Government)

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

HONEY UPDATED

Ripping Media Off Of the Wire

Read It! (Slides | Extras)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Leigh Honeywell, Follower

Physical Computing, Virtual Security: Adding the Arduino Microcontroller Development Environment to Your Security Toolbox

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Chad Houck, Jason Lee

Decoding reCAPTCHA

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Wayne Huang, Kuon

NoSQL == No SQL injections?

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Wayne Huang

Drivesploit: Circumventing Both Automated AND Manual Drive-By-Download Detection

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Wayne Huang, Jeremy Chiu

0box Analyzer: AfterDark Runtime Forensics for Automated Malware Analysis and Clustering

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Oren Isacson, Alfredo Ortega UPDATED

Exploiting Digital Cameras

Read It! (Slides | White Paper)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Barnaby Jack

Jackpotting Automated Teller Machines Redux

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Dan Kaminsky

Black Ops Of Fundamental Defense: Web Edition

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Samy Kamkar

How I Met Your Girlfriend

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

David Kennedy (ReL1K), Josh Kelley (Winfang)

Powershell...omfg

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Max Kelly

Perspectives on Cyber Security and Cyber Warfare

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Dr. Fouad Kiamilev, Corey 'c0re' Lange, Stephen 'afterburn' Janansky

Hardware Black Magic: Designing Printed Circuit Boards

Read It! (Slides)

return to top

Ki-Chan Ahn, Dong-Joo Ha UPDATED

Malware Migrating to Gaming Consoles: Embedded Devices, an AntiVirus-free Safe Hideout for Malware

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Dave King

Hardware Hacking for Software Guys

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Andrew Kongs, Dr. Gerald Kane

Training the Next Generation of Hardware Hackers -- Teaching Computer Organization and Assembly Language Hands-on with Embedded Systems

Read It! (Slides | Extras)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Matt "DCFluX" Krick

DCFluX in: Moon-bouncer

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Tyler Krpata

Like a Boss: Attacking JBoss

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Righter Kunkel

Air Traffic Control Insecurity 2.0

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Anthony Lai, Jake Appelbaum, Jon Oberheide

The Power of Chinese Security

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Jonathan Lee, Neil Pahl

Bypassing Smart-card Authentication
and Blocking Debiting: Vulnerabilities
in Atmel Cryptomemory-based
Stored-value Systems

Read It! (Extras)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Felix "FX" Lindner

Blitzableiter - the Release

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Anthony Lineberry, David Richardson, Sr., Tim Wyatt UPDATED

These Aren't the Permissions
You're Looking For

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Ryan Linn

Multiplayer Metasploit: Tag-Team Penetration and Information Gathering

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Matias Madou, Jacob West

Repelling the Wily Insider

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Kevin Mahaffey, John Hering

App Attack: Surviving the Mobile Application Explosion

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Moxie Marlinspike

Changing Threats To Privacy: From TIA To Google

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Joshua Marpet

Facial Recognition: Facts, Fiction, and Fsck-ups

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Dave Maynor, Dr. Paul Judge

Searching for Malware: A Review of Attackers' Use of Search Engines to Lure Victims

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Jon McCoy

Hacking .NET Applications at Runtime: A Dynamic Attack

Read It! (Slides | White Paper | Extras)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Joseph McCray UPDATED

You Spent All That Money And You Still Got Owned...

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

mc.fly, ryd, no_maam, vyrus

A ChaosVPN for Playing Capture The Flag

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

John McNabb UPDATED

Cyberterrorism and the Security of the National Drinking Water Infrastructure

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Shawn Merdinger

We Don't Need No Stinkin' Badges: Hacking Electronic Door Access Controllers

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

metr0

Securing MMOs: A Security Professional's View From the Inside

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Mike Metzger

Letting the Air Out of Tire Pressure Monitoring Systems

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Charlie Miller UPDATED

Kim Jong-il and Me: How to Build a Cyber Army to Defeat the U.S.

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Doug Mohney

HD Voice - The Overdue Revolution

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Justin Morehouse, Tony Flick

Getting Social with the Smart Grid

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

David Mortman, Rich Mogull, Chris Hoff, Rob Graham, Erratta, Dave Maynor, Larry Pesce

Defcon Security Jam III: Now in 3-D?

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Shawn Moyer, Nathan Keltner

Wardriving the Smart Grid: Practical Approaches to Attacking Utility Packet Radios

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Patrick Mullen, Ryan Pentney UPDATED

Open Source Framework for Advanced Intrusion Detection Solutions

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Brandon Nesbit

The Games We Play

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Lang Nguyen

FPGA Bitstream Reverse Engineering

return to top

Jon Oberheide

Antique Exploitation (aka Terminator 3: Point One One for Workgroups)

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Jeongwook Oh

ExploitSpotting: Locating Vulnerabilities Out Of Vendor Patches Automatically

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

TW "Mage2" Otto UPDATED

Electronic Weaponry or How to Rule
the World While Shopping at Radio Shack

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Nicole Ozer, Kevin Bankston

Big Brother on the Big Screen: Fact/Fiction?

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Chris Paget

Practical Cellphone Spying

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Chris Paget

Extreme-range RFID Tracking

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Garry Pejski

My Life As A Spyware Developer

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Nicholas J. Percoco, Christian Papathanasiou UPDATED

"This is not the droid you're looking for..."

Read It! (Slides | White Paper)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Nicholas J. Percoco, Jibran - UPDATED

Malware Freak Show 2: The Client-Side Boogaloo

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Pierce, Goldy, aSmig

WiMAX Hacking 2010

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Christopher E. Pogue A.K.A "Big Poppa ReverShell"

Sniper Forensics - One Shot, One Kill

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Wade Polk, Paul Malkewicz, J.Novak

Industrial Cyber Security

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Bruce Potter, Logan Lodge

"This Needs to be Fixed" and Other Jokes in Commit Statements

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Adam Pridgen, Matthew Wollenweber

Toolsmithing an IDA Bridge, Case Study For Building A Reverse Engineering Tool

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Josh Pyorre, Chris McKenney

Build Your Own Security Operations Center for Little or No Money

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Nguyen Anh Quynh

Operating System Fingerprinting for Virtual Machines

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Rob Ragan, Francis Brown

Lord of the Bing: Taking Back Search Engine Hacking from Google and Bing

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Rain, j03b34r

Build a Lie Detector/Beat a Lie Detector

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Jim Rennie, Eric Rachner

Search & Seizure & Golfballs s

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Riley Repko

Enough Cyber Talk Already! Help get this Collaboration Engine Running!

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Matt Ryanczak UPDATED

Implementing IPv6 at ARIN

Read It! (Slides | Extras)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Ed Schaller

Exploiting WebSphere Application Server's JSP Engine

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Michael "theprez98" Schearer

SHODAN for Penetration Testers

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Ferdinand Schober UPDATED

Gaming in the Glass Safe - Games
DRM & Privacy

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Jason Scott

You're Stealing It Wrong! 30 Years of
Inter-Pirate Battles

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Jason Scott

DC 18 Movie Night
GET LAMP

return to top

Blake Self, Wayne Zage, Dolores Zage

SMART Project: Applying Reliability Metrics to Security Vulnerabilities

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Blake Self, Bitemytaco

Hacking DOCSIS For Fun and Profit

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

James Shewmaker

Rip Your Browser for x06 days

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Sumit "sid" Siddharth

Hacking Oracle From Web Apps

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Brad Smith

Weaponizing Lady GaGa, Psychosonic Attacks

Read It! (Slides | Extras)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

David C. Smith, Samuel Petreski

A New Approach to Forensic Methodology - !!BUSTED!! case studies

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Rich Smith UPDATED

pyREtic - In memory reverse engineering for obfuscated Python bytecode

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Christopher Soghoian

Your ISP and the Government: Best Friends Forever.

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

strace, Sean Barnum, EvilAdamSmith, Kanen, Joey Tyson,

So Many Ways to Slap A Yo-Ho:: Xploiting Yoville and Facebook for Fun and Profit

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Jayson E. Street

Deceiving the Heavens to Cross the Sea: Using the the 36 stratagems for Social Engineering

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

The Suggmeister UPDATED

Social Networking Special Ops:
Extending Data Visualization Tools for Faster Pwnage

Read It! (Slides | White Paper)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Richard Thieme

Getting Root: Remote Viewing, Non-local Consciousness, Big Picture Hacking, and Knowing Who You Are

Read It! (Extras)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Patrick Thomas

Web Application Fingerprinting with Static Files

Read It! (Slides)
Hear it! (m4b Audio)

return to top

Tottenkoph

VirGraff101: An Introduction to
Virtual Graffiti

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Marc Weber Tobias, Tobias Bluzmanis, Matt Fiddler

INSECURITY ENGINEERING OF PHYSICAL SECURITY SYSTEMS: Locks, Lies, and Videotape

Read It! (Slides)
See it! (Slide Video
Hear it! (m4b Audio)

return to top

Schuyler Towne, datagram

Attack the Key, Own the Lock

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Valsmith, Colin Ames, Anthony Lai

Balancing the Pwn Trade Deficit

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Paul Vixie, Robert Edmonds UPDATED

SIE Passive DNS and the ISC DNS Database

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Nick Waite, Furkan Cayci

Go Go Gadget Python!
Introduction to Hardware Hacking

Read It! (Slides)

return to top

Michael Weigand, Renderman, Mike Kershaw

Build your own UAV 2.0 - Wireless Mayhem from the Heavens!

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Barrett Weisshaar, Garret Picchioni

The Night The Lights Went Out In Vegas: Demystifying Smartmeter Networks

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Dondi "SpookDoctor06" West UPDATED

An Examination of the Adequacy of the Laws Related to Cyber Warfare

Read It! (Slides | White paper)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Joshua Wise UPDATED

From "No Way" to 0-day: Weaponizing the Unweaponizable

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Scott Wolchok

Crawling BitTorrent DHTs for Fun and Profit

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Zoz

Pwned By The Owner: What Happens When You Steal A Hacker's Computer

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Jeffrey Carr, Robert Knake, Joseph Menn, Robert Vamosi

Panel: Of Bytes and Bullets

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Rod Beckstrom, Dan Kaminsky, Paul Mockapetris, Ken Silva, Mark Weatherford

Panel:DNS Systemic Vulnerabilities and Risk Management: A Discussion
with the Experts

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

James Arlen, James Costello, Leigh Honeywell, Tim Krabec, Tiffany Rad

Panel: Hacking The Future: Weaponizing the Next Generation

Read It! (Slides)

return to top

Marcus Sachs, Kenneth Geers, Dan Kaminsky, Andrew Fried, Paul Vixie, John Bumgarner, Daniel Uriah Clemens, John Ives

Panel: Internet Wars

return to top

Kevin Bankston, Eva Galperin, Jennifer Granick, Marcia Hofmann, Kurt Opsahl

Meet the EFF

See it! (Slide Video )
Hear it! (m4b Audio)

return to top

Adam, CP, Frank^2, Jeffball, Merlin, Vyrus

oCTF: 5 years in 50 minutes

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Jim Christy, Mike Convertino, Jerry Dixon, John Garris, Barry Grundy, Bob Hopper, Ken Privette, Tom Talleur, Trent Teyema

Meet the Feds - CSI:TCP/IP

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Mike Convertino, Jerry Dixon, Andy Fried, Jon Iadonisi, Kevin Manson, Rich Marshall, Marcus Sachs, Roberta Stempfley, Randy Vickers, Lin Wells, Amit Yoran

Meet the Feds - Policy, Privacy, Deterrence and Cyber War

See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

Jack Daniel, Joshua Corman, Dave Shackleford, Anton Chuvakin, Martin McKeay, Alex Hutton, James Arlen

PCI, Compromising Controls and Compromising Security

Read It! (Slides)
See it! (Slide Video | Speaker and Slide Video)
Hear it! (m4b Audio)

return to top

DEF CON 18 Archive

Speakers

Highlights

DEF CON 18 Program

Contest Results

Audio/Video RSS Feeds

DEF CON 18 Website

Press Coverage

General

GSM Base Station

Social Engineering

Badges

Google Malware

WPA2

Other

Video Coverage

Was July 30 - August 1, 2010 at the Riviera Hotel & Casino

Speakers & Presentations

FOCA2: The FOCA Strikes Back

Connection String Parameter Attacks

WPA Too!

Evilgrade, "You Still Have Pending Upgrades?"

Cyber[Crime | War] Charting Dangerous Waters

SCADA and ICS for Security Experts: How to avoid Cyberdouchery

Exploitation on ARM - Technique and Bypassing Defense Mechanisms

Web Services We Just Don't Need

Mobile Privacy: Tor on the iPhone and Other Unusual Devices

Who Cares About IPv6?

Seccubus – Analyzing vulnerability assessment data the easy way...

masSEXploitation

Resilient Botnet Command and Control with Tor

How Hackers Won the Zombie Apocalypse

Exploiting SCADA Systems

Cloud Computing, a Weapon of Mass Destruction?

The keys to running a successful Def con Group by DC612

Google Toolbar: The NARC Within

Open Public Sensors and Trend Monitoring

Bad Memories

Kartograph : Finding a Needle in a Haystack or How to Apply Reverse Engineering Techniques to Cheat at Video Games

Token Kidnapping's Revenge

WRT54-TM, Media Center and Network Sniffer

Hacking Facebook Privacy

Our Instrumented Lives: Sensors, Sensors, Everywhere...

Programmable HID USB Keystroke Dongle: Using the Teensy as a pen testing device

IPv6: No Longer Optional

Function Hooking for Mac OSX and Linux

Exploiting Internet Surveillance Systems

Physical Security : You're Doing It Wrong!

The Search for Perfect Handcuffs... and the Perfect Handcuff Key

Katana: Portable Multi-Boot Security Suite

Breaking Bluetooth By Being Bored

An Observatory for the SSLiverse

How Unique Is Your Browser?

Your Boss is a Douchebag... How About You?

Hacking with Hardware: Introducing the Universal RF USB Keyboard Emulation Device - URFUKED

Be A Mentor!

Hacking and Protecting Oracle Database Vault

Trolling Reverse-Engineers with Math: Ness... It hurts...

The Anatomy of Drug Testing

Exploitable Assumptions Workshop

Mastering the Nmap Scripting Engine

Live Fire Exercise: Baltic Cyber Shield 2010

Making the DEF CON 18 Badge

Legal Developments in Hardware Hacking

The Law of Laptop Search and Seizure

Advanced Format String Attacks

Tales from the Crypto

Constricting the Web: Offensive Python for Web Hackers

How to Hack Millions of Routers

FOE‚ The Release of Feed Over Email, a Solution to Feed Controversial News to Censored Countries

How To Get Your FBI File (and Other Information You Want From the Federal Government)

Ripping Media Off Of the Wire

Physical Computing, Virtual Security: Adding the Arduino Microcontroller Development Environment to Your Security Toolbox

Decoding reCAPTCHA

NoSQL == No SQL injections?

Drivesploit: Circumventing Both Automated AND Manual Drive-By-Download Detection

0box Analyzer: AfterDark Runtime Forensics for Automated Malware Analysis and Clustering

Exploiting Digital Cameras

Jackpotting Automated Teller Machines Redux

Black Ops Of Fundamental Defense: Web Edition

Evilgrade, "You Still Have
Pending Upgrades?"

Kartograph : Finding a Needle in a Haystack or How to Apply Reverse Engineering Techniques to Cheat at
Video Games

WRT54-TM, Media Center and
Network Sniffer

The Search for Perfect Handcuffs...
and the Perfect Handcuff Key

Hacking and Protecting
Oracle Database Vault

Bypassing Smart-card Authentication
and Blocking Debiting: Vulnerabilities
in Atmel Cryptomemory-based
Stored-value Systems

These Aren't the Permissions
You're Looking For

Electronic Weaponry or How to Rule
the World While Shopping at Radio Shack

Gaming in the Glass Safe - Games
DRM & Privacy

You're Stealing It Wrong! 30 Years of
Inter-Pirate Battles

DC 18 Movie Night
GET LAMP