Content

Things We Learned at Shmoocon 07

Larry and I decided that we would do something constructive while waiting for our plane and recap the weekend for listeners/readers:

  • Simple Nomad in lingerie and crotch shots of Bruce Potter are NOT HOT
  • 802.11 packet injection could not be easier with the new release of LORCON
  • New Rule: Malt liquor should not be consumed after 2:00AM
  • Window Mobile is now officially called Windows PwnM3 due to a slew of flaws covered by Seth Fogie. We will be talking about this more on the show soon.
  • Renderman’s arms actually increased in length by a few feet during the duration of the con
  • Core USB light up hubs can get you pwn3d
  • Shmoo balls were orange “stress balls” and hurt when thrown at the “junk”
  • Twitchy is more twitchy at security cons
  • GPF (General Purpose Fuzzer) is great for fuzzing routing protocols as discussed by Raven
  • Dry humpiung is now officially an olympic sport and A.L. is the gold medal winner
  • If a trojan horse shows up at your house it is likely that Johnny Long is inside
  • If you are wearing a sticker that says, “Put Kevin Back In”, pay attention to who is sitting 2 rows in front of you
  • New Rule (Update!): Malt liquor should not be consumed period, only poured out for your “homies”
  • OLPC could either further society as a while or be used to create a 10 million node botnet. Commence debating….
  • Parental controls are not a replacement for parenting
  • Light sabers hurt when they are used to spank you repeatedly
  • Larry and MajorMaulfunction have a “special” connection as RFID cloing was demonstrated and proved to be very easy. Toolkit released.

Greetz to Hak.5, Cyberspeak, Sploitcast, Martin Mckeay, MajorMalfunction, Luiz, A.L., “Ducksauze”, RI Hackers, Josh, dragorn, render, Binary Pirates, and everyone else that I forgot to mention. Thanks to the Shmoo group for an awesome conference!
Paul & Larry

Paul Asadoorian

Paul Asadoorian is currently the Principal Security Evangelist for Eclypsium, focused on firmware and supply chain security awareness. Paul’s passion for firmware security extends back many years to the WRT54G hacking days and reverse engineering firmware on IoT devices for fun. Paul and his long-time podcast co-host Larry Pesce co-authored the book “WRTG54G Ultimate Hacking” in 2007, which fueled the firmware hacking fire even more. Paul has worked in technology and information security for over 20 years, holding various security and engineering roles in a lottery company, university, ISP, independent penetration tester, and security product companies such as Tenable. In 2005 Paul founded Security Weekly, a weekly podcast dedicated to hacking and information security. In 2020 Security Weekly was acquired by the Cyberrisk Alliance. Paul is still the host of one of the longest-running security podcasts, Paul’s Security Weekly, he enjoys coding in Python & telling everyone he uses Linux.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.