BSidesROC is this Saturday at 8am. Holy crap. I wanted to give a final post before the con so you can figure out what to expect the day of the event. If you haven’t signed up, you should get a ticket right now. Do so on the website. http://www.bsidesroc.com Capture All The Flags We will have a capture the flag style competition. The open competition will involve you and your team being rewarded for cracking security challenges. It’s going to be run by RIT’s student security organization SPARSA. The skill level is from into to 1337 so if you just wanted to take a crack at it, you can.

There’s only a few days left for this years BSidesROC on 5/12/12. “Rochester’s first and only hacker con”. « Do you know why we say that? Not because we’re the only computer security conference, and not because we think other security conferences suck (well some do), but it’s because an info sec event is not the same as a hacker con. I’m talking about Rochester Security Summit for example. It’s been going on for years run by the local ISSA chapter and they do a good job. It is a corporate crowd. You expect that when you pay a certain amount of money that there’s a certain level of professionalism. And the people that attend are info sec professionals. A hacker con on the other hand…

The first official meeting of the Rochester TOOOL chapter happened this last Thursday. Jason Ross, the organizer of the group, you may have met at 2600 meetings, BSidesROC, seen present at BlackHat, or whatever infosec you’ve been to in the area. He’s been working with TOOOL.us to get a chapter started locally which makes Rochester a part of a small group of TOOOL chapters in the US.

 It’s been 6 months since I started running a Tor bridge node on an Amazon EC2 instance. Back then, Tor had just announced an initiative to get people setting up cloud images to run as bridge nodes. This was during the then recent upheaval in the Middle East where connections to the Internet were either disabled completely, or they were extremely restricted as to what sites they were allowed to see. Tor couldn’t directly help with re-establishing network connectivity, but those that blocked Twitter and other social networking sites, could be evaded by Tor and their bridge nodes.

Here is a brain dump of what happened this weekend at ISTS 9, SPARSA’s Information Security and Talent Search. A bunch of the people from 2600, Raphael Mudge, Punkrokk, Joe, Gerry, and others were part of the Red Team. Define:ISTS The event worked like so: There were 13 Blue Teams, groups competing in the event. Their job was to take the 5 servers that they were given, run specific services in order to get points, and, something a little different than other competitions, hack into other groups for points. If you do this, you will receive points that are tracked throughout the weekend. Finally, challenges were to be performed that were worth more points.

I think it was less than a week after I announced my little Android Manifest auditor tool, Manitree, that Anthony Desnos, the developer of Androguard, sent me a message in the tone of “hey, why didn’t you use Androguard for that?” If nothing else, why didn’t I use Andoguard’s native AXML converter? Andoguard is this immense Android app analysis project. If you take a look at the first page, you may get overwhelmed pretty quickly. I hope Anthony doesn’t take this the wrong way because it’s an impressive tool when I’ve seen it working, and it’s great for all kinds of things besides malware analysis. For instance it can analyze apks, diff binary apps, visualize the flow of an app between classes — fun stuff. But for my dinky project, most of the work was focused on the AndroidManifest.xml file. But the simplest feature was most impressive to me: a native python Android XML file format converter. As of writing this, I’ve not seen someone publicly do this.

Every month we do the 2600 meetings. Lately I send out this ridiculous email to my circles and social networks explaining a theme of the meeting. It looks something like the one I did for January: Only 12 months away from the end of days where the Earth’s polarity will completely flip causing server faults to erupt with hot Java and spew volcanic bash. Sudonomies will destroy cities and cause packet storms. 2012 will mark the return of the Carriage causing lines to break all over the world.

This is just an update that will 1) fill the home page with something and 2) to mark down some of this years plans. At the annual Interlock meeting, I presented a list of things that I’d like to work on at the space this year, along with a list of things that I hilariously failed at the year before. The failures are for Interlock member entertainment only, sorry. But the other list just about covers my plans for this year. I’m dumping them here to see how far my interests change over time.