I gave another talk for this year’s CarolinaCon 12 called “Never Go Full Spectrum Cyber”. For this talk I focused on mistakes “hackers” and even some InfoSec professionals have made and then a short summary at the end of OpSec lessons that could have prevented the mistakes covered earlier in the talk.
My talk was initially just going to be funny stories of hackers getting busted for amazing feats of stupidity as kind of along the same theme as the defacement page talk I gave last year. I later thought about having OpSec lessons interspersed through the talk as well. Then while researching OpSec, I found the grugq had more or less done the same kind of talk but focused purely on lulzsec and how they were taken down and less humor (granted his talk is still pretty funny).
Video of my talk should up soon [Updated, see link above]. Just keep an eye on the CarolinaConVideos YouTube channel and look for talk by Randy.
Other than my own talk, some other members of FALE and friends of mine gave talks. Look for the talks by Jim Lahey on a Perimeter monitoring solution he’s working on, Jared Haight on PS>Attack, Solray on his OS INT tool and Chrome extension, and twinlol on iOS reverse engineering. Check those out as well as all the other talks.
As for CarolinaCon itself, this year had an epic (for CarolinaCon) turn out. We almost sold out of the official badge by Friday night (360 total), and they were soon gone Saturday morning. The official badge was a PCB board/shield for the Arduino Micro which could be modded/hacked or came with a kit to assemble which would have a blinking LED where the blink rate was controlled by light exposure to a photo resistor. I modded mine ahead of time with an Arduino 3.3v 5Mhz Mini Pro and an OLED screen that displayed that I was a speaker, the FALE logo, and a “sombrero”. I posted a picture on my twitter feed as well as a video of the best modded badge by a regular attendee.