Cатсн²² (in)sесuяitу / ChrisJohnRiley

Well, after the rush of 26C3 in Berlin, I’m back traveling again. This time it’s Shmoocon over the pond in Washington DC. It’s my first time attending this particular conference, but I’ve heard nothing but good things about it for a long while now. I like the fact that it’s more of a small intimate conference, and compared with the chaos that was 26C3, that will be a nice change. After all, you know a conference is too big if you can walk around for 4 days and only see your work colleague twice. Still, I digress. That happens a lot it seems….

Along with the usual conference stuff, I’ll also be taking part in the Podcasters meetup on Saturday night and taking part in the Core Security technical panel. If I can make some last-minute arrangements, I’ll have some Eurotrash Security stickers with me to give away. I will also be trying to do some quick on-site interviews for the podcast, but will have to do some sound checks to see if it’s possible.

I’ve been working on a list of new people to meet when at the conference, it’s by no means complete, but it’s a start. If you’re not on the list, don’t take offense, shoot me a message here or on Twitter and we’ll see what can be done.

• Mubix (Rob Fuller)
• Tkrabec (Tim Krabec)
• Andrewsmhay (Andrew Hay)
• WikidSystems (Nick Owen)
• Bug_Bear
• BIOSShadow (Jacob Kuehndorf)
• Geekgrrl (Melissa)
• grecs
• Masontech (Andrew Mason)
• Nathanhamiel (Nathan Hamiel)
• Gdead (Bruce Potter)
• Vincentkadmon (Georgia Weidman)
• HAK5 Crew
• ….

It’s always hard to pick what talks are must-see, but I’ve picked a couple out that I’ll be trying to attend.

Information disclosure via P2P networks: Why stealing an identity via Gnutella is like clubbing baby seals (Larry Pesce, Mick Douglas)

I saw Larry talk a little about this at Defcon, but I’m looking forward to the whole thing. I don’t think organisations think enough about this kind of data exposure, and people should be building this into the “data exposure” testing regime for their company  (if they’re doing it at all).

The New World of Smartphone Security – What Your iPhone Disclosed About You (Trevor Hawthorn)

I’ve been getting more and more interested in iPhone (in)security recently. So hopefully this talk will give me some motivation to finish my own research into iPhone profile security.

Social Zombies II: Your Friends Need More Brains (Tom Eston, Kevin Johnson, Robin Wood)

After the first version of the talk (at Defcon last year) this update should be fun. Plus Tom was the one who came to the rescue and got me a ticket, Kevin has to autograph my GWAPT certificate and Robin is just a great guy….

GSM: SRSLY? (Chris Paget, Karsten Nohl)

I missed this presentation at 26C3 as the room was full, so I hope that the rerun will be just as interesting. Plus, more information was forthcoming about A5/3 cipher… Oh, and Karten promised to come on Eurotrash, so I need to remind him 😉

Exposed | More: Attacking the Extended Web (Nathan Hamiel)

Gotta love Web Application penetration testing !!!

The Friendly Traitor: Our Software Wants to Kill Us (Kevin Johnson, Mike Poor)

I haven’t seen Mike since a SANS conference in 2008 (Amsterdam) so it’ll be nice to say hi again…. Plus, anytime you can see Mike talk, it’s a WIN.

Anyway, I hope to see you there….