Dave's Blog

Cyphercon 2016

Wisconsin's first annual Cyphercon was this weekend, and it was amazing. Many thanks to Michael Goetzman and the other organizers for putting this conference together. My talk is embedded here.

Most of the talks were recorded; you can find them on irongeek.com.

I followed the talks for most of the conference, but there was a lot (A LOT) of other stuff going on. Lockpicking tutorials, wireless capture the flag, a massive puzzle contest, and hardware hacking were only a few of the activities. The venue itself, the Safehouse, has plenty to explore. The best part of any conference, of course, is meeting people with similar interests, and the little details you learn from serendipidous conversations.

While there, I gained a new perspective on how vulnerable a lot of systems are, and I don't just mean electronic systems. At the lockpicking table, there was a key taped to a piece of paper with the challenge "Be the first to crack this key." Huh. I thought cracking only applied to electronic encryption keys. I asked the presenter, and he explained that there are phone apps that allow you to take a picture of a key, then drag and drop elements of the key outline until you know the pinning (the bumps or teeth) of that particular key. Once you have the pinning, you can order an exact duplicate of that key online. If someone's wearing their keychain on their belt, you can snap a photo as they walk by and clone their key without them ever knowing.

My top two favorite talks on the vulnerabilities of electronic systems are Bypassing Encryption by Attacking the Cryptosystem Perimeter by Trenton Ivey and All your Wheaties belong to us. Removing the basics that humans need for survival by Chris Roberts. Trenton's talk makes attacks such as searching system memory for passwords or tricking a process into using a malicious .dll look effortless. Chris' talk is equal parts lighthearted, profanity-infused, and terrifying as he gives example after example of farm equipment insecurely connected to the internet and the implications that has on the safety of our food supply.

On a lighter note, the conference after-party was held at the Lake Front Brewery. This was my second time touring their facility, and this time was by far the best. Not only was the tour guide excellent, but the con attendees played off his jokes and even had him doubled over laughing at one point. While discussing a cask, the guide pointed out the bung hole and held up a circle of wood about three inches across (the bung). "What's this?" he asked. "A medium!" someone shouted back. I laughed till I cried. You had to be there.

Truly an excellent conference and an excellent community. I sincerely hope I can return next year.