As both SyScan360 and INFILTRATE are just around the corner, it’s about time we release the long-awaited t2’17 keynote by Dave Aitel. Whether you’re into policy, tactics, offense, defense, or meta in general, the keynote covers a whole gamut of cyber. For the younger generation, understanding the references and why they are relevant is a good starting point in a path of never-ending learning. Instead of dropping spoilers, here’s the actual presentation itself:
Friends of inconvenient truths, hard questions, analysis of cyber meta (or if you want to see Dave Aitel press volume control button during a presentation), this is the video to watch!
The keynote should be deemed mandatory for anybody working with cyber policy or lawyers.
Those who actually read the CFP announcement might have noticed the fine print in the footnote section where we announced this year’s keynote. Like having an IRC gateway from a BBS group chat, we’re trying to stay modern and understand that since time is money and everybody wants a TL;DR which fits a tweet, we need to provide one:
Breaking: Dave Aitel giving the headline keynote at t2’17! #t2infosec #cyber #leftoflaunch #dailydave #voiceofreason #buffythevampireslayer
In other words, we’re continuing the tradition of inviting former @stake / NSA employees / DailyDave posters to speak at t2. If you’ve been reading mailing lists and not just clicking on random links from Twitter, you will probably agree that people who have been long enough in the game often have the kind of insight you can only get by having been there and done that. It is our pleasure to welcome Dave Aitel to deliver the keynote this year.
In case you were born after Miami Vice originally aired, do some googling and figure out a way to mention GOBBLES and our keynote speaker in the same sentence.
How does one go about creating new tools and toolchains?
In “Sweet Tools O’ Mine” from t2’16Hugo Teso shares his approach for creating an offensive toolkit, which contains both hardware and software parts. Learning by doing, when to leverage the power of existing solutions, and when to create your own are all discussed throughout the video.
If you are serious about offense, this is a presentation for you.
Iaitō, a GUI for radare2 reverse engineering framework is available on GitHub.
We’re continuing with the theme of securing international travel by releasing Andrea Barisani‘s Forging the USB Armory talk from t2’15.
Those enjoying international travel and/or operational situations, the dual-use capabilities of the platform might be something of interest. From safe USB charger, encrypted file storage and automated self-destruct, password manager, TOR access point to portable offensive toolkit, the opportunities are endless. Even if open source hardware design is outside your comfort zone, the video gives you a good glimpse into solving hard problems and the capabilities of USB Armory.
Again, as with all our curated releases, this is a must see – enjoy!
If you want to learn how to apply defensive measures to protect offensive operations and your capabilities, Jacob Torrey’s “Nano-Scale Red Teaming: Making REs Cry With Device-Specific Opaque Execution” from t2’16 is the presentation to watch.