Think you have to go to Washington or Vegas for an awesome computer security conference?  Think again!  Pittsburgh is getting its own Security Bsides this summer, featuring awesome talks and the chance to meet other local Infosec people as well as nationally recognized experts.  There are a lot of people in Pittsburgh doing awesome things in the field; let's get them all together!  Oh, did we mention it's all free - even the food and beer??

 

When: June 10, 2011

Where: Left Field Meeting Space, 116 Federal St., Pittsburgh, PA 15212 (www.leftfieldmeetings.com)

Cost: Free (as always!)

Contact: bsidespgh@gmail.com

 

Needed: Volunteers, Speakers (CFP is closed!), Sponsors, Ideas!

 

 

About

BsidesPittsburgh is a free, volunteer-run computer security conference to be held in Pittsburgh on Friday, June 10, 2011.  Security Bsides is part of a global series of community-driven conferences presenting a wide range of information security topics from technical topics, such as dissecting network protocols, to policy issues such as managing information leakage via social networks.  In keeping with the community-driven theme and to help minimize event costs, the conference format, talks, and activities are agreed upon by all attendees.  We’re currently looking for presenters, ideas and topics.  Please post your ideas at the BsidesPittsburgh website. 

 

Pittsburgh has a flourishing information security community; this is a great chance to meet each other, share ideas and work together.  Many of those professionals in Pittsburgh as well as nationally recognized experts are doing awesome things in the field; let's get together to learn,  collaborate, and protect.  Please see our web page for more information, to RSVP, or to submit a talk or suggestion.  The event is free – even the food and drinks – and held in full view of the City of Pittsburgh and PNC Park at the Left Field Meeting Space on the north shore.

 

 

Suggestions For Tagline:

"BsidesPGH - Take the red pill!" - @dklinedinst 

 

 

Invite your friends by posting this on Twitter: "#BSidesPGH June 10,2011: Feel the love!"

 

 

Sponsors

 

Sponsorship Level

 

 

Call For Presenters (CFP)

 

Important Dates:

Cutoff: May 10

Speakers Announced: May 17

 

List your proposed talk here.  After May 17, we will vote on which ones will be presented.  Don't limit yourselves to a one hour talk with Power Point (although that's fine) - we'll gladly entertain creative new ways to present information!

 

Please list your: name, contact information (email, twitter, website), presentation title, and short description.  E.g.,  We will also accept CFP submissions via an e-mail to bsidespgh@gmail.com.

 

Dan Klinedinst (@dklinedinst)   

3D Modeling and Visualization of Real Time Security Events

 

This talk will introduce Gibson, a tool for modeling real time security events and information in 3D. This tool will allow users to watch a visual representation of threats, defenses and compromises on their systems as they occur, or record them for later analysis and forensics. In addition to continuous monitoring for operational network security, it can be used by strategic and tactical decision makers, or to display the progress and results of cybersecurity training exercises or penetration tests.

 

 

Johnny Cocaine (@johnnycocaine)

"Behind The Mirror Shades: The Making of Johnny Cocaine"

 

“Johnny Cocaine” could be (and has been!) described as many things – an attempt to gather covert intel on the black hat community; performance art; an experiment in social networking; a technology sandbox; an agent provocateur for the infosec community; even an exploration of identity, memes and, well, truthiness online.  Join "him" for this first ever in-depth look at creating a fictional online persona that can stand up to investigation by nation-state actors and the most tech savvy criminals in the world.  Techniques and technical details for data mining, counterintelligence, attacking anonymity, social engineering, and more. 

 

 

Chris Teodorski (@Can0beans)

Fun with SSH Honeypotting

 

Kippo is a medium interaction SSH honeypot. I've been running Kippo for awhile now and I've discovered some interesting and unusual things. For my talk, I will present a brief intro to Kippo, an explanation of how it works, and why I think running a honeypot is a worthwhile exercise. I'll also present the results of my experience and hopefully provide the audience with a little insight into the mind of an SSH hacker.

 

 

David C. Brown 

Business Performance Improvement, Compliance, Security, and eDiscovery—How to Get It Right.

 

Describes why  the traditional stovepipe approach to solving them does not work and what to do about it.

 

 

Kizz MyAnthia (Nicholas Donarski) @kizz_my_anthia 

"Weaponizing The Smartphone: Deploying The Perfect WMD"

 

The acceptance and integration of mobile phones, specifically smartphones, into our everyday life has allowed for these devices to penetrate deep into secure areas. The ability to have your phone along with you at any moment of the day feeds our needs for social media, email, business, and pleasure. This ability and access has allowed the use of smartphones to be bred into devices that rival other penetration testing hardware/software combinations.

I have developed and created an OS platform package that allows penetration testers and security professionals the ability to test both physical security and technical security without being constrained by computers, cords, or the image of suspicious behavior. The WMD platform package is based on Windows Mobile 6.5 Smartphones and is executed similar to a virtual machine. The WMD package is preloaded with many of the same applications and testing tools that are included with Backtrack 4, www.backtrack-linux.org, there is no affiliation between the two projects, only the similar desire to create a single source of the latest tools, applications, and techniques used by today's security professionals integrating today's latest technologies.

 

Eric Irvin (@SecRunner) 

Nice Guys Finish Last: Why Doing the Right Thing Sucks

Regardless of if you believe there are two sides of security (black/white) or if you feel it's just a world of in-between (Gray), there are some lines in security that we have to cross. These lines may not feel very comfortable, but it comes with the territory. It doesn't matter if you are crawling over a hard drive in a forensic investigation, firesheeping your roommates wifi, or simply eye-balling someone entering a password. We are nosey, by nature, and we like to explore. Yet, some cross in to fairly dark territory with breaking in to sites, developing malware with intent, and other acts to profit, disrupt, or explore beyond legal, ethical, and even moral boundaries.  In this talk, we will discuss some of the situations that we come across every day and the decisions we make as we chose what we believe is the right thing to do.

 

 

Dave Kennedy / ReL1K (@dave_rel1k, www.secmaniac.com)

Strategic Pentesting - The Penetration Testing Execution Standard (PTES)

 

Penetration testing has grown into a full-fledged industry and a critical component to our information security program. We'll be covering where we've gone, where we're going, and what needs to happen to fix the issues we see currently in the penetration testing industry. The penetration testing execution standard is a new standard developed by the information security community to fix the problems we face as an industry. This presentation will cover the evolution of penetration testing, it's place in the industry, and where PTES is positioned and where it's going.

 

 

James Paulick Esq. (http://jkplawfirm.com)

Cybercrime law - electronic search and seizure.

 

Search and seizure law is as old as the U.S. constitution.  No issue in the criminal law of evidence is more contested than the legality of evidence seized by law enforcement officers.  Over time, the law has been molded and crafted by judges and legislators to effect the intent and mandates of the Fourth Amendment protections from "unreasonable search and seizure".  Technology and cybercrime have introduced new constitutional boundaries and litigation battle lines within search and seizure law because of the distinct natures between physical and electronic evidence. We will explore  some recent examples of how prosecutors, defense attorneys and the judiciary are dealing with this techno-legal conundrum

 

 

Tim Hollebeek

Payment Security Standards: How they’re made, and why they have bugs too

 

This talk will provide a quick overview of payment security standards (X9, PCI), then move on to a description of how these standards actually get made, including case studies of actual “bugs” in security standards and requirements.  Some editorial commentary about the difficulty (and importance!) of getting security requirements right will be inevitable.

 

 

Spencer McIntyre

APeak and EAPScan, Wireless Foot Printing for 802.1x

 

The presentation will be a demonstration of our new open source tool EAPeak and EAPScan.  Attendees will understand how EAP types are used to authenticate clients and how to determine useful information when performing a security assessment.  Finally a demonstration of the new EAPScan tool will be given, which bridges the gap of passive reconnaissance to active enumeration of EAP enabled wireless networks.

 

 

Alex Volynkin

Full Disk Encryption: Defending against cold boot attacks on encryption keys

Full disk encryption has become an essential element of organization data protection. It has been demonstrated that full disk encryption is prone to cold boot attacks that exploit data remanence properties of RAM. We can prevent Cold Boot attacks. I will present an overview of the full disk encryption technology, an actual cold boot attack, and a set of software-driven techniques for protecting its cryptographic keys. These software techniques do not involve the use of any specialized hardware or encryption chips. Instead, the techniques utilize specialized cryptographic transformations, memory system and operating system operations, and certain architectural features of general-purpose processors. The methods can defend against Cold Boot attacks on machines that have been shut off, on machines in hibernate and sleep modes, and even on machines in screen lock mode.

 

Deral Heiland

From Printer to Owned:  Leveraging Multifunction Printers During Penetration Testing

In this presentation we go beyond the common printer issues and focus on configuration data available on multifunction printers (MFP) that can be leveraged to gain access to other core network systems. During this presentation I will be discussing how poor printer security, and discovered vulnerabilities can be leveraged to harvest a wealth of information from MFP devices including usernames, email addresses, and authentication information including SMB, Email, LDAP passwords. I will also be discussing the real world penetration testing scenarios and how MFP data was gathered and used to successful gain administrative access into core systems, including email servers, file servers and Active directory domains on multiple occasions. We will also explore MFP device vulnerabilities including authentication bypass, and information leakage flaws. Tying this altogether we will discuss the development of an automated process for harvesting the information from MFP devices with the beta release of the tool ‘PRAEDA’.

 

Ashley Brown

How Social Media is used to drive Online Pharmacy Sales

Social media networks play a significant role in today’s society and in many cases consumers rely on social media for official answers. As the rising cost in prescription drugs skyrocket so does the increase in online pharmacy networks, leading to an array of counterfeit pharmaceutical products available for purchase.
·     Explore popular social media networks and the potential risks to consumers.
·     How social media networks use keywords to divert traffic to online pharmacies.
·     Explore trending among social media networks in conjunction with online pharmacies.
·     Discuss what kind of influence social media networks have on consumers.

 

 

Schedule

 

 

 

Day 1

 

 

 

 

 

Friday - June 10, 2011	BSidesPGH!
9:00 AM - 9:45 AM	Name: Eric Irvin Talk: Nice Guys Finish Last
9:50 AM- 10:35 AM	Name: David C. Brown Talk: Business Performance Improvement, Compliance, Security, and eDiscovery—How to Get It Right.
10:40 AM - 11:25 AM	Name: Jim Paulick Talk: Cybercrime Law - Electronic Search and Seizure
11:30 AM - 12:15 PM	Name: KizzMyAnthia (Nicholas Donarski) Talk: Weaponizing The Smartphone: Deploying The Perfect WMD
12:15 - 12:45 PM	Lunch
12:45 PM - 1:30 PM	Name: Spenser McIntyre Talk:  APeak and EAPScan, Wireless Foot Printing for 802.1x
1:35 PM - 2:25 PM	Name: David Kennedy Talk: Strategic Pentesting - The Penetration Testing Execution Standard
2:30 PM - 3:15 PM	Name: Ashley Brown Talk: How Social Media Is Used To Drive Online Pharmacy Sales
3:20 - 4:25 PM	Name: Deral Heiland Talk: From Printer to Owned:  Leveraging Multifunction Printers During Penetration Testing
4:30 - 5:15 PM	Name: Alex Volynkin  Talk: Full Disk Encryption: Defending against cold boot attacks on encryption keys
5:20 - 6:05 PM	Name: Tim Hollebeek  Talk: Payment Security Standards: How they’re made, and why they have bugs too
6:05 PM - 6:45	Name: Johnny Cocaine Title: Behind The Mirror Shades: The Making of Johnny Cocaine

 

 

 

 

Topics I would like to hear about

 

• I'd love to hear about the local info sec scene - Pittsburgh has CERT, NCTFA, FBI Cyber Crimes, RAND, IC3 nearby, a National Lab, several universities, etc.

 

Potential Sponsors

Over the past two years, a series of information security events called BSides has been organized across the U.S. and internationally (www.securitybsides.com).  These events vary in format, but share the common philosophies that they are free, open to anyone, and entirely organized and run by volunteers.  Another common trait they share is that they focus on the community where they are held, with mostly local speakers, local sponsors, and local vendors.

We are putting together a BSides event for Pittsburgh, scheduled for June 10.  Pittsburgh has a substantial presence in the information security world, with major universities, CERT, the NCFTA and an FBI Cyber Crime unit, and numerous software developers in a variety of industries.  Our goal is to bring many of them together to learn from each other, share information, and network.

In order to do this, and keep it free for all attendees, we are looking for both local and national organizations who are interested in sponsoring some portion of the event.  All BSides events are required to abide by a policy that there be no vendor booths or sales presentations; however, sponsors can be recognized at the event and in its materials.  Representatives from sponsor organizations are encouraged to participate in the event, as it's a great opportunity to meet other information security professionals in the area.  If you're interested in sponsoring Bsides Pittsburgh, please email bsidespgh@gmail.com.

 

Planners (bsidespgh@gmail.com)

 

• Dan Klinedinst (@dklinedinst)
• Chris Teodorski (@cteodorski)
• Joe Wynn (@wynnjoe)
• Scott Kriebel (@smkriebel)
• Alex Meyers (@amattress)

 

Volunteers

 

•  add yourself...

 

Task List

(please -cross out- when it's done)

 

Tech

 

Wifi

Projector, White Boards

Photo

Video

Audio

Streaming or Stickam or Skype or Ustream or Livestream

 

Non-tech

 

Breakfast

Lunch

Coffee/Tea

Tables and chairs

 

 

Tags for flickr, twitter, blog, etc.

Please use the tag #BsidesPGH for content related to this event