This is SecTor 2012 – Canada’s Premiere Security Conference

SecTor: Illuminating the Black Art of Security.

Above is the vendor area, and below is the lunch keynote, the talk I was most looking forward to.

Meet Charlie Miller, one of the world’s best hackers, and, leading expert in a personal favourite topic, NFC.

NFCNear Field Communication. You likely haven’t heard much about NFC yet, but you will.

Think of those ads on TV, where you put your phone next to your buddy’s, and photo gets beamed over wirelessly. That’s NFC. Charlie has figured out how to use NFC to hack your phone; here he is in action (green shirt).

He brushes close to the victim’s phone, and tada – Charlie can now access and download all the photos, contacts, files, make it call and text… and nothing AT ALL appears on the victim’s phone that would alert him this is happening.

Andorid users: you are, as always, the most susceptible to this attack. Best defense – check ‘yes I want to approve each NFC connection before it happens’.

He also said this, which is so true:

 This is what hacking looks like.

And this.

Not all all like that famous Swordfish movie scene, eh.

Above is a contest called, ‘Capture the Flag’; there’s one at most conferences.

I saw a basketball playing robots.

And a lockpick village.

I’ll show you what using those tools looks like on video sometime. Like hacking, it is not at all like in the movies.

Went upstairs for a sunlight break.

SecTor is happening again today, click here for detials.

If you’re intersted in getting into information security, this is your opportunity. It’s a friendly, and resource-rich environment, in an fast-growing industry that has an almost 100% employment rate.

Thanks for a great time, SecTor, and congratulations on your 6th and largest year  to date!

 

 

I'm at SecTor Today

SecTor – Canada’s premiere information security conference

For a sense of what my day will be like, read my posts, This is BlackHat Security Conference 2012 and Apple’s First Ever Talk at Black Hat,

Hi SecTor, nice to meet you.  I blog about security for the end-user, 

think of the housewives of Idaho.

You might enjoy my ‘DefCon 19 Interview Series‘, and click here for all security blog stuff in one place.

See you at the conference!

Keri

 

 

It's Not a Wet Paint Sign, It's a Breach

That sign… no details, no company name, that’s probably Microsoft Paint and a clipart janitor.

What a fast, cheap, and effective way to keep open an electronically-secured door, for as long as needed.  This door stayed open for 36 hours.

(also: never feel bad about stopping people from tail-gating you into a secure building)