After crossing 4 states by car we arrived Thursday in Las Vegas for Defcon 17. We obtained our temporary badges, purchased some shwag, and headed off to finally get some good sleep.
Friday:
Moxie Marlinspike gave an excellent talk on defeating SSL. Using specially crafted certificate requests and flawed SSL implementations (currently most of them), one can MITM attack with no degradation in authenticity of an SSL site. Interesting and scary at the same time. Firefox 3.5 is patched with more to follow. OCSP is also a joke and easily defeated.
Next up Jason Ostrom and Arjun Sambamoorthy gave a presentation on hacking video. They have created a tool that ARP poisons RTP video streams and is able to reconstruct the streams into media files. You can also take an existing avi file and loop over an existing stream. It was interesting to see new sniffer software attacking a new type of data stream. In the attack against the Cisco phone, they had an cool hack for causing the phone to reboot and push a new config over TFTP in order to disable anti-spoofing settings.
After my video fix I hung around for Robert Clark's update on the state of Computer and Internet Law. This high ranking DHS employee had a surprisingly good sense of humor and also provided some tips for handling police, and border searches. Remember folks, if cops show up to your house to "talk", they're trying to get you to consent to a search because they don't have enough cause to get a warrant. :)
Tor was the next talk I attended. The topic was why Tor has been slow and what design changes are being considered. Tor relays wrap all individual data channels into one tcp stream. If one channel trips a tcp window adjustment, all the data channels suffer. Bit torrent was also picked on as a culprit of slowing tor. It also reminded me that I need to get some of my own tor relays up again. This talk was given by Roger Dingledine.
The last session I checked into was Dan Kaminsky's unnamed talk which ended up being on PKI and SSL. A lot of it was a rehash of the Moxie SSL presentation and how they can be exploited. It provided more back story, and a bit more detail, but the Moxie presentation was better (and first, which gets your more l33t points).
