[ art / civ / cult / cyb / diy / drg / feels / layer / lit / λ / q / r / sci / sec / tech / w / zzz ] archive provided by lainchan.jp

lainchan archive - /cyb/ - 32964



File: 1468410136674.png (178.07 KB, 300x265, dc24.jpg)

No.32964

Defcon is coming up early next month... Are there any other lainons going?

Do you think security conferences are interesting places to expand your knowledge and meet like-minded people or just lame and overhyped used by vendors to market cyberjunk?

  No.32965

Some conferences are good places to find like-minded but defcon is mostly money-making venture, considering how many participants easily blow several thousands on it.

  No.32969

I've never been at DEF CON before, but hopefully next year I''ll be able to afford a trip to Vegas and tickets for DEF CON 25.

I don't know much things about the culture at DEF CON. Many people in the euro hacker community say that american hacker conferences are too much co-opted by the infosec industry. Frankly, I don't have much against that.

  No.32987

>>32969
don't go myself but i listen to conferences in the background while i do something idle, apparently ettiquette is to not bring any electronics unless you want them to be fucked with

  No.32991

i'm going. Darkengine is going. yuuko is going. icanfly might be going. a bunch of #/g/punk is going.

  No.33008

CCC is the only one that's remotely real. DEFCON is literally for feds now.

  No.33012

>>33008
whats wrong with that? working with the fed or would you rather them be evil forever?

  No.33013

>>33012
Do you think DEFCON is about moderating state surveillance in any way? No, it's a recruiting/networking event for military/intelligence-industrial contractors.

Spoiler alert, engineers don't make policy decisions. They're just weapons.

  No.33017

>>33013
how many times have you been to defcon?

  No.33038

I remember when I was still doing CTFs that the DEFCON ones were pretty neat tho despite the conference being total money oriented.

  No.33041

my problem with defcon specifically is that 90% of the talks appear to be about social engineering or tinfoil hat wearing stone in shoe walking paranoid schizophrenics, which is boring as fuck to me. However I've never been so maybe that's just what bubbles up on youtube

  No.33044

>>33038
HUh?

The only two places I remember having to flash cash for anything was for the badge and for merch. Other than that everything else is provided at the Villages or Workshops, or parties....

  No.33045

>>33041
Huh?

Did you watch like 3 talks then stop? There's a plethora of technical talks on YT, and much more technically minded talks that never make it to YT. Not to mention demonstrations that can only be seen at defcon itself.

  No.33047

>>33044
Never went there but I got told so by an acquaintance. Should have mentioned in the first post, my bad.

  No.33049

>>33047
Then how is it "money oriented"? According to your friend that is. I'm curious. Does he mean that it was too pricey for his liking? (He should check out Blackhat its ridiculously expensive and pretty meant solely for vendors to show case products.)

  No.33052

>>33049
i dont think these are people who have ever been. lotsa people make assumptions based on the 240$ cash only entry and location.

vc has a talk about cock.li this year!

  No.33064

>>33052

That's what I'm thinking. I mean I've been a few times and yeah the entry fee is "steep" but its by no means unreasonable. Considering the size and scope of defcon to begin with.

And as they always say in defcon, "The experience is what you make of it". So if there are some attendees with gripe. I'd assume that they didn't take the opportunity to talk to people or really experience the process. For any new comer I suggest the scavhunt. A great way to meet (through the list of items they ask you to find or generate {think CTF style items}). It'll put you into contact with some of the veterans. l

Really, just talk to people get involved and just socialize. I know it might be scary for some but deep down these are YOUR PEOPLE. They hold similarish views and ideals and passions and most of them would love to be asked about what ever they might no in reference to that.

This year the badge will be an electronic one so you might get a worthwhile badge for the $240 you pay for.

FYI winning scavhunt gets you tons of prizes, my team took second place last year and I personally received:

- PWNIE express (v2)
- Rubber Ducky
- RTL-SDR dongle
- Wifi Amp
- and a Baofeng (which a side character gave me).

If anything, play your cards right and you end up in the black, not the red.

  No.33067

File: 1468455011727.png (59.25 KB, 151x200, Unabomber-sketch.png)

lainchan meetup plans?

  No.33068


  No.33078

>>33064
Yeah if you play your cards right you might get a nice tote from the NSA booth

  No.33083

>>33078

"HURR DEY HAB FEDS"

And?

  No.33084

>>33083
Not him, but an NSA bag would be hilarious.

  No.33086

>Do you think security conferences are interesting places to expand your knowledge and meet like-minded people or just lame and overhyped used by vendors to market cyberjunk?
Extending knowledge: no. You can just watch the talks online and will be able to process the information you're given way more efficiently.
Meet like-minded people: yeah. Unfortunately I don't like to do that.

  No.33087

>>33067

I'm down for that, heading over on my own

  No.33088

>>33086
most of the talks are not broadcast online though.

  No.33089

>>32991
Darkengine was awkward as fuck last year lmao.

Also jump on the cock.li defcon meetup mailing list, we should just join the lainchan and cock.li meetups like last year

  No.33090

>>33064
The Scavenger Hunt is kinda autismo if you actually wanna enjoy the con though, because it sucks up 110% of your time

  No.33100

>>33090
kalyx is going this year. and hes a cool guy.

totally not kalyx

  No.33103

>>33084
THIS
where can i get one? i mean, it would be really fun to walk around in public and find like-minded people because they start to explain to you why you should feel bad about using that bag

  No.33106

File: 1468495821886.png (575.94 KB, 200x112, بو بكر البغدادي.png)

So, is there a possibility someone who's attending could transscribe vc's cockmail talk? It is not recorded.

I did this several times for smaller conferences, once on explicit request from a speaker. Easiest way is to use some Etherpad, with two people.

This would be nice for people in Europe who can't go afford to attend.

  No.33109

>>33090
This is true. Well sort of 110% if you want to win, otherwise a great way to jus tpass the time in between talks.

Thank god I got duald to add a ctf portion to scavhunt this year.

  No.33111

>>33086

Not all con talks are broadcast or even recorded. I've been to small cons where none of the talks are recorded that operate under Chatham house rules, it results in the speakers being a lot more open.

  No.33118

>>33083
I think it speaks to the commercialization and cooption of the hacker culture and I don't want to support that.

The irony is defcon used to have spot-the-fed and were appropriately hostile to them. The fact feds now give talks at defcon is just so absurdly characteristic of this takeover that it's disgusting.

I just want a real hacker culture again; fuck me, right? I'd go to defcon if antisec or el8 was there but they're not. So what's the point?

  No.33120

File: 1468521413514.png (1.17 MB, 200x150, 195YM.gif)

>las vegas in the dead of summer.
>$240 at the door.
>SPOF for targeted nation-state surveillance against avowed "hackers"

no thanks. Ill do as every sane /cyb does. buy a 6 of craft beer, fire up wget, and "attend" from a TLS connection

>pic related: YFW defcon cant TOR, or i2p site..

  No.33133

>>33120
This tbh
Only arogant cybergoth hipsters actually go to defcon

  No.33139

>>33133
nice dubs + palindrome number

I've heard a lot that defcon is this skiddy pool and also lots of blue collar whitehats
is that true? If so why would anyone want to go there?

  No.33140

File: 1468538414466.png (144.31 KB, 143x200, wwii-spy-poster.png)

>>33111
>none of the talks are recorded
...or are they?

  No.33144

>>33118
Is HOPE any better?

  No.33145

>>33139

>I've heard


Any population of people has a spectrum of people. Yes there are skids, yes there are professional pen-testers. But so what?

One talk was about Ford Car Media Center hacking and it was given by a Department of Defense employee. But what does that say about the quality of information? Nothing really. Any great talk can emanate from any source and assuming that labels are going to safely guide you in this respect is a shitty world view. Such a filter must color someone's world so badly that they dismiss wonderful information outright because someone might be a "cybergoth skid fed plant".

Instead of "I've heard"'s and "It was told to me that", how about you vet the information yourself? If you can go, take the totality of talks available on the net and determine how useful that is.

>>33133
>Arogant [sic]
Well... what's arrogant about them? Wanting to be part of a community?

>cybergoth

Honestly most of the people there just wore a t-shirt and jeans or khaki shorts with a t-shirt. So I'm not sure where you'd group a majority or the entirety of defcon to this particularly small aesthetic subculture.

I'm a bit disappointed with lainchan if this is representative of how a majority of this board thinks. Now /what/ you think, but how you arrive at concluding X is Y because Z said.

But I guess lainchan is no better or purer in any respect to the population which is to be statistically expected to some degree.

  No.33147

I'll be there.
I booked a room with 2 beds but my friend from meatspace might not go.
I'm looking for someone who wants to split the cost of the room.
Also:
>lainchan meet-up when???

  No.33149

>>33147
i might actually be interested in sharing a room

you could hit me up on ricochet, xmpp, or by email

poseur@cock.li
ricochet:xwt52enoo3plqbhx

  No.33150

>>33145
>One talk was about Ford Car Media Center hacking and it was given by a Department of Defense employee. But what does that say about the quality of information? Nothing really. Any great talk can emanate from any source and assuming that labels are going to safely guide you in this respect is a shitty world view. Such a filter must color someone's world so badly that they dismiss wonderful information outright because someone might be a "cybergoth skid fed plant".

I don't think you're wrong, I just think it's disgusting how defcon ``sold out'' and don't want to participate in the raped corpse of it.

I wish I could have gone to a real defcon. But I can't. I'm not going to go to the fake one, the Disney Defcon, just so I can say I went to some hacker tourist attraction.

>>33144
I don't have a good grasp of its culture but at a glance it seems like the same sort of neutered post-90s hacker psuedoculture, just liberal instead of fed.

CCC is still just straight up rm your boxen hackers, at least as much as any public event is.

  No.33157

>>33145
>Wanting to be part of a community?
>m-muh community (aka circlejerk)
No need for meatspace you arogant cybergoth douche

  No.33159

>>33145
>most of the people there just wore a t-shirt and jeans or khaki shorts with a t-shirt
You can smell a wannabe cybergoth haxxor by looking at the details. Does he have an old cpu as keychain? Does he have lines of code on his tshirt or as a tattoo? Stickers on his laptop proudly showing off his identity , as if his identity could have easily been bought by buying the sticker?
You got yourself a wannabe cybergoth

>you'd group a majority or the entirety of defcon to this particularly small aesthetic subculture.

Nah not entirety, but you're either a cybergoth tryhard or a guy in industry going around doing his companies bidding. Theres no other reason to be there tbh. Just faggots gaining street cred by claiming they were there. The same or similar shit that is often talked at those defcons could be easily learned online, without wasting so much money.

>I'm a bit disappointed with lainchan if this is representative of how a majority of this board thinks.

"We" really "care" about your disappointment.
But seriously, its just a stranger over the net talking to another stranger, calm your tittays with generalization.

>But I guess lainchan is no better or purer in any respect to the population which is to be statistically expected to some degree.

I guess that "arrogant" bit hit too close to home and you felt personally insulted eh?

  No.33163

File: 1468562634982.png (16.61 KB, 200x196, cybersecurity.jpg)

Any other lainons going to HOPE this year?

  No.33174

>>33159

In the sense that if I had that post held on a screen then I was associated with this board by those that know me personally, yes it did.

  No.33184

Defcon is a big PAARTY where you get to hang out with other cool people and PARTY. If you don't think that's cool then you must be boring or jealous that you cant go.

  No.33185

>>33184

inarguably yes, but do you really want to party with corporate lackeys, DoD thugs, and the hackers that became their lapdogs instead of going to prison or getting the fuck out?

  No.33199

>>33184
>party
>being introverted code monkey
Choose one

  No.33202

>>33185
found another guy who's never been

  No.33206

>>33205
Ignore bait posts. Do not engage shitposters. They are in search of a reaction, which you are providing. You will not succeed in convincing them you are in the right.

  No.33208

>>33206

Well said. Can do. Thanks for the reality check.

  No.33222

File: 1468628790995.png (157.11 KB, 200x134, carlio.jpg)

so lets stop criticizing defcuck for the obvious: its turned into a giant techno party in the desert for anyone whos caught up on the matrix trilogy.

whats on tap for presentations:

"So You Think You Want To Be a Penetration Tester"
>defcon is hacking 101.
we had to pad out the speakers because party kids still need to be seen attending conferences to be cool, and managers that got this trip approved would be frustrated if they didnt understand anything here. Park your skiddies and PHB's herre.

"SITCH - Inexpensive, Coordinated GSM Anomaly Detection"
has existed as a cellphone app on fdroid for 3 years now. interesting, but nothing stunning here.

"A Journey Through Exploit Mitigation Techniques in iOS"
TL;DR: buy more apple products and watch them ignore exploits. if this is the pivotal conference on information security then im really hard pressed to imagine anyone brought their macbook pro, cares seriously about closed OS mitigation tactics, or doesnt already know them. token fanboi presentation == accepted.

"Phishing without Failure and Frustration"
we're teaching...how to phish...wasnt that covered in the above "fisher price my first pen tester" talk?

"Examining the Internet's pollution"
also called "learning to love the null route." anyone who starts a talk with "network telescope" should be beaten to death with a real one. these garbage collector interfaces on the internet serve no purpose but to advance a grad students dissertation on how organic the internet is.

"Exploiting and Attacking Seismological Networks... Remotely"
seriously? the only nations with seismo monitors are wracked continuously by earthquakes that kill thousands every year. You get to have this talk because this conference isnt being held in the phillipines, and there arent enough farmers to beat you to death for even suggesting this.

"Bypassing Captive Portals and Limited Networks"
is a talk that shows up every, single, year...and the tactics and techniques are well known.

  No.33234

>>33202
I haven't, but am I so wrong? the people I know who go to defcon aren't the kind of person I want to be at defcon with. I'm from an area with a high DoD thug presence so it could be sample bias but really, what am I missing?

  No.33252

>>32964
If you think you would like seeing more of DefCon 23 and you feel you would gain something by being physically present, go nuts.

I liked these ones.

https://www.youtube.com/watch?v=5CzURm7OpAA

https://www.youtube.com/watch?v=RoOqznZUClI

  No.33298

File: 1468712645799.png (120.96 KB, 200x200, 549_350x350_Front_Color-Khaki.png)

>did someone say NSA bags?

  No.33305

File: 1468714381081.png (393.79 KB, 200x183, M11NRACEWHEN?!.gif)

>>33298

BACK TO THE MOON WITH YOUR FUNCTIONAL SWAG!

  No.33353

>>33251
Jokes aside, the quality of the defcon speeches has been going downhill. In defcon 23, there were only a couple of original and interesting speeches, and the rest were your normal:
>Webapp hacking
>Fuzzing
>How do we make crypto more approachable?
>SQL/XML injection
>Wifi hacking
>MMO hacking
>Quantum computing vs crypto
and such.

These subjects are nothing new and the speakers themselves bring nothing new on the table either. They are just rehashing old concepts that even script kiddies can understand and putting their name under it.

All while advertising their snake oil selling whitehat company, of course.

  No.33367

>>33089
Subscribe to the defcon mailing list here:
https://lists.cock.li/cgi-bin/mailman/listinfo/defcon-meetup

>>33106
>So, is there a possibility someone who's attending could transscribe vc's cockmail talk?
No.
>It is not recorded.
I asked vc if he would release a transcript, outline or recording and he said no. He doesn't want it recorded.
Maybe I'll post a tldr about it afterwards.

  No.33387

>>33280
You think feminism doesn't fight against male circumcision, suicide rates, homelessness, and divorce court issues? You are severely uninformed.

Go back to 4chan with your other misogynist brethren.

  No.33412

>>33118
i think you have the wrong idea.

  No.33415

>>33353
does that make it easier for a bunch of lains with something interesting to say to make a defcon presentation? :3

  No.33424

>>33415
That's the problem though. None of these talks are even remotely interesting. Sure, if you lower the level of entry you will get more speakers but that's a question of quality vs quantity. What's the point of giving a talk on things you have just copy pasted from the internet? Anyone can, you know, look them up on the internet themselves.

Sure, if you are a complete newbie to these topics, these talks may be useful. However, instead of buying a ticket just to hear these talks you could just research them for free with google.

  No.33441

>>33424
i'm basically a newbie

i'm going to socialize, do fun lockpicking shit with people and dick around in contests, also bbq and shoot

it's a convention, not a college program, ya dingus

  No.33443

>>33441
>it's a convention, not a college program
It's a convetion for newbies. That's what I don't like about it (and why I won't be going)

  No.33445

>>33443
*claps*

Do another one! Stay tuned folks we've haven't seen tippage this extreme since the fedora wars of '14.

>>33441

Don't listen to what I can only assume are these 'gentrified holier than thou' folks. Enjoy yourself, get the most out of the experience and don't let anyone disparage you.

Defcon is a great community of people. Alot of oldfags that have alot of things to tell and give to those who are willing to listen. DC123, CotDC (l0pht), and if Captain Crunch isn't sick this time around you might get to see him.

  No.33447

>>33445
You seem knowledgable, are there other major cons like this? I would go but I've already used my vacation time and I have to put in for them a month in advance. Plus I'd rather not go to France for my first major trip. I'd like to stay in the US.

  No.33449

>>33447

Hope, and shmoocon come to mind.

When you go to defcon go up to scavhunt table and ask for duald, send him a message for me, "the reptilians are here." Then wait for a surprise.

  No.33463

>>33449
>inb4 tens of lainons tell some random guy nonsense

  No.33471

>>33463

Inside joke but he might give you something for the reference.

  No.33481

>>33106
I might bring a small recording device to record the audio on, I'm not sure. Will see what I can do, lainon

  No.33485

>>33481
\
Be very careful. Any journo's are thrown out even if they're suspected. That's when they're tyrng to be recorded where they're not supposed to.

  No.33488

Yeah I am, though honestly I am hyped for the shoot before the con.

  No.33629

>>32964
I like how asspained people are ITT

>MUH GUBURNMUNT CRONIES AT THE SKID CON


>FUKN CYBERGOTH FAGGOR

Do you forget what fucking board you're on?

  No.33634

>>33629
Going to defcon ironically is still going to defcon.

  No.33635

>>33145
damn, while some of what you said is true, that fucking attitude of yours makes me not want to go.
If you're gonna get so uptight about a honest question and start making a shitload of assumptions about me just for asking then you're not doing a great deal of making the community look any good at all.

  No.33720

>>33635
Fuck that guy, go!
It's:

1. Vacation
2. Las Vegas
3. A huge con

I'm not trying to go there to be ub3r 31337, I want to go because I work in security, I love security/cyb, I want to take a vacation, and... I mean, it's Las Vegas man. Fuck it, it is what you make of it! There's plenty of things to do and if you don't like someone or a group of people just don't talk to them.

tl;dr fuck anyone else's opinion but your own

  No.33732

>>33720
If you actually wanted a vacation then just go have a vacation dude

  No.33739

>>33732
I am.

  No.34397

File: 1469939662220.png (145.82 KB, 200x129, YaeiMght.jpg)

Well the Cock.li meetup is confirmed, I believe lainchan is joining in.

Details:

Where: Outside Track 3, see image
When: Thursday, August 4 at 6:00PM

  No.34398

>>33739

kek. it's like >>33732 can't fathom anyone outside of his/her bubble of perception would go to defcon as a vacation.

  No.34399

I want to go really badly but I don't have the vacation time from my wageslave masters

  No.34401

>>33222
Thanks for the summary. That cock.li exclusive is pretty much the only reason I'd go at this point, but that's an expensive laugh.

  No.34416

FOUR DAYS

  No.34419

Tfw you want to go, but you also went to HOPE, and now you just wanna stay home and work on projects

  No.34444

File: 1470020478013.png (42.25 KB, 200x142, 1438300492161.png)

>>33064
it's hard to justify by size when other computer cons (pycon, gophercon, other big google sponsored language-cons) are much larger and basically inviting thousands of people from around the world to come on travel scholarships for absolutely free.

Also Vegas in the summer and feds making watch lists.

  No.34598

>>33441
>>33488

Any other lainons coming along for the shoot? I'm from a 'non-free' country so I won't be armed, but I'm looking forward to taking an active part in US gun culture.

  No.34763

>>34598
a little bit late but if you attended Wednesday we might have met

  No.34843

>>34763

I did go on Wednesday, did you bring guns? I was shooting next to the guy with the ak47 and scoped ar15

  No.34844

>>33481

VC specifically called you out in his talk and mentioned lainchain. Did you record it anyway?

  No.34846

>>34844
vc has informants *everywhere*.

  No.34864

>>34844
hey, anything to win the lain gang the name game, no?

  No.34865

>>34843
Nope I was unfree and on the left side of the range next to the guy with the can cannon.