CarolinaCon is an annual conference in North Carolina that is dedicated to sharing knowledge about technology, security and information rights. CarolinaCon also serves to enhance the local and international awareness of current technology related issues and developments. CarolinaCon also strives to mix in enough entertainment and side contests/challenges to make for a truly fun event.
Part 1: The talk will cram as much as possible about practical Bluetooth hacking into 50 min. Starting with an overview of the technology and how to operate in a Linux environment. Then onto obfuscation and surveillance. Tricks like spoofing Device Name and MAC Address for Bluetooth and port scanning. Then some practical attacks: dumping phone books, getting user names, sniffing traffic, cracking PINs, uploading files. I will demonstrate several tools I have written and some new tools I have y...
Part 2: The talk will cram as much as possible about practical Bluetooth hacking into 50 min. Starting with an overview of the technology and how to operate in a Linux environment. Then onto obfuscation and surveillance. Tricks like spoofing Device Name and MAC Address for Bluetooth and port scanning. Then some practical attacks: dumping phone books, getting user names, sniffing traffic, cracking PINs, uploading files. I will demonstrate several tools I have written and some new tools I have y...
Part 2: Most admins will agree that users tend to be the weakest link in the maintenance of security in an environment. People are easily manipulated by their very nature. Social Engineering techniques are used on us every day, and I will demonstrate how you can turn the tables and use those same ideas to exploit human weakness and gain access. I will discuss and demonstrate some basic psychology, social engineering theory and actual implementation at several levels: Remote interaction, Indire...
Part 1: Most admins will agree that users tend to be the weakest link in the maintenance of security in an environment. People are easily manipulated by their very nature. Social Engineering techniques are used on us every day, and I will demonstrate how you can turn the tables and use those same ideas to exploit human weakness and gain access. I will discuss and demonstrate some basic psychology, social engineering theory and actual implementation at several levels: Remote interaction, Indire...
Part 1: Once the exclusive domain of super-smart techhies, hacking has gone "mainstream" as an element of national defense. At what point does hacking (read, "computer network attack") rise to the level of warfare? Could United Nations Article V be invoked to engage collective self-defense against an attacker? What role could we play as smarter-than-average cyber-citizens? We'll examine some of the skirmishes that have set the stage for all-out cyberwarfare, and explore reasons why we haven't ...
Part 2: Once the exclusive domain of super-smart techhies, hacking has gone "mainstream" as an element of national defense. At what point does hacking (read, "computer network attack") rise to the level of warfare? Could United Nations Article V be invoked to engage collective self-defense against an attacker? What role could we play as smarter-than-average cyber-citizens? We'll examine some of the skirmishes that have set the stage for all-out cyberwarfare, and explore reasons why we haven't ...
Part 1: There has been a substantial increase in reports of civilian attacks against all manner of government and private industry targets on and off-line. The globalization of the Internet and increasing civil unrest across the world indicates that individuals are beginning to recognize the value of cyberattacks as a response to governmental practices and regulations. In fact, the availability of malware and mass movements like Anonymous enable unskilled actors to engage in attacks against va...
Part 2: There has been a substantial increase in reports of civilian attacks against all manner of government and private industry targets on and off-line. The globalization of the Internet and increasing civil unrest across the world indicates that individuals are beginning to recognize the value of cyberattacks as a response to governmental practices and regulations. In fact, the availability of malware and mass movements like Anonymous enable unskilled actors to engage in attacks against va...
Part 1: This talk discusses the dirty world of insider data theft, touching on the areas of; - the psychology of those who attempt it and why they do it - how data theft is generally accomplished - quick review of a few real-world data breach incidents - percentage of organizations that have robust controls against information theft - strengths and weaknesses of leading-edge prevention technologies (how data thieves get caught and/or how they get away with it) - what major improvements must be...
Part 2: This talk discusses the dirty world of insider data theft, touching on the areas of; - the psychology of those who attempt it and why they do it - how data theft is generally accomplished - quick review of a few real-world data breach incidents - percentage of organizations that have robust controls against information theft - strengths and weaknesses of leading-edge prevention technologies (how data thieves get caught and/or how they get away with it) - what major improvements must be...
