TactiFail

Trevor McDonald

Thursday, February 13th 2020 – 6:12PM @ Wilde Cafe

Written by  on February 6, 2020

Hello Hackers!

It’s almost Valentine’s Day and that means looooove is in the air.

And packets.

As it turns out, those packets that we trust with our more intimate privacy might not be as safe as we’d hope. That’s why this month, we are pleased to have DefCon legend Renderman visit and tell us all about his research into the Internet of Dongs:

Everything is becoming ‘Smart’ nowadays and researchers have looked at many of them and found terrible things. There is one branch however that no one has wanted to touch. Internet connected sex toys in all shapes, sizes and capabilities are available on the market with many more being developed. Like many IoT devices, IoD (Internet of Dongs) devices suffer a great many security and privacy vulnerabilities. These issues are all the more important when you consider the private and intimate nature of these devices. To research this, the Internet of Dongs project was founded (https://internetofdon.gs). This talk will explore this under researched branch of IoT and the security and privacy threats that exist. It will also cover the IoD projects efforts to bring information security best practices to the adult toy industry.

Now I know this topic might elicit some chuckles from certain audiences, but I’d like to specifically request that the tone be kept professional as much as possible. This is legitimate research with real-world consequences.

— TactiFail

Where: Wilde Cafe – 65 Main St SE, Mpls.
When: Thursday, February 13th, 2020 @ 6:12PM

Thursday, January 9th 2020 – 6:12PM @ Wilde Cafe

Written by  on January 5, 2020

Hello Hackers!

Kicking off the new decade, our very own Kat Traxler (@NightmareJS) will be sharing a talk titled “The Cloud Attack Surface – Laughing at the OSI Model” which she gave at BSidesMSP:

Security Professionals are comfortable reasoning about the security posture of systems within the framework of the OSI model. We classify attacks as network based or application based each with their own set of understood preconditions or rules. Enter ‘The Cloud’ or I as like to think about it, platforms in other people’s datacenters. The Cloud API Platforms are used by a new breed of operations teams to define network or application systems in code. It’s on the Cloud API Platform that a new attack surface has opened and it plays by none of the old rules.

— TactiFail

Where: Wilde Cafe – 65 Main St SE, Mpls.
When: Thursday, January 9th, 2020 @ 6:12PM

Operation: Relocation

Written by  on December 17, 2019

Hello Hackers!

As some of you may know, we are reaching (and at times exceeding) the capacity of our current venue. As it stands, we can currently seat 22 comfortably around the outside of the tables, possibly a few more if we start putting people in the center but that causes issues with room for plates and the wait staff. Aside from that we can only have a handful of people standing against the walls before the wait staff also have trouble with that.

To combat this, we are putting out a call to all of you to help source a new venue. We have a few requirements, and some nice-to-haves, to take into consideration:

  • Requirements:
    • Cannot have a room fee of any sort
      • We have no budget, at all. Everything paid for (website, room fees, speaker dinners, stickers, etc.) comes from our own pockets, and occasionally attendees will chip in / repay but we don’t expect this.
    • Must be located in Minneapolis
      • Preferably near a bus route, and with decent parking. Paid is fine, but free is better.
    • Must have food onsite
      • We used to order pizza at the Hack Factory but that was a logistical nightmare with all the various food preferences and sensitivities. Food should have a range of dietary options (vegetarian, gluten-free, etc.) and be reasonably affordable. A venue with food nearby (food court style) could work depending on the proximity and variety.
    • Must be able to seat 30+ with tables
      • Currently we are consistently seeing around 20 attendees but we want to plan for future growth. Table seating for 30 is the minimum, but consideration can be given for non-table seating as well.
    • A/V options
      • Very worst case we can bring a projector and try to get a blank wall, but ideally there would be a large-screen TV or projector setup available. Audio is a plus but not required. Some speakers have expressed interest in recording their talk, or possibly streaming, and this is something we may look into in the future.
  • Nice to have:
    • Free parking
      • Currently we have paid options which aren’t terrible, but free is always a plus. If the venue can validate or discount, all the better.
    • Alcohol
      • This one almost made it to the Requirements section, but push comes to shove if an otherwise perfect venue had everything except booze we’d have to really consider it. Drinking is of course optional at all meetings, but historically speaking many of our attendees have enjoyed the drink.

Only the requirements are (go figure) required, but we want to check as many boxes as possible. By way of comparison, our old venue Elsie’s was ideal and checked every box, but then some things happened and long story short we ended up being asked to pay $125 per meeting which is not sustainable. If someone is amazing at SE and persuading people, getting back to Elsie’s would be fantastic 😉 But please don’t SE them without checking with us first. The last thing we need is a dozen hackers all trying to get us into the same place for free.

If you would like to help, please see this Google Docs spreadsheet here.

Identify a venue, call or otherwise research what features they support, and fill out the sheet, putting your contact info (email/Twitter/Slack) by whichever venues you enter (if desired) so we can reach out with any questions. If something doesn’t check every box, please save the info anyway. Always good to have and it will come in handy if nothing else is perfect.

ALSO: At our December meeting it was suggested that we look into sponsorships. This would probably involve a larger company paying for our space, food, and hopefully allowing drinks, in exchange for a short pitch at each meeting. We haven’t discussed this internally, and there are some things to consider, but it’s worth mentioning here. If anyone works at or knows somewhere that might be willing to sponsor, please contact @TactiFail (admin at tacti dawt fail) directly.

Thanks for listening, and extra thanks to those who volunteer!

— TactiFail

Thursday, December 12th 2019 – 6:12PM @ Wilde Cafe

Written by  on December 9, 2019

Hello Hackers!

For our last talk of the year, “Strongthany” will be presenting the story of his journey into OSINT and the world of retail ice cream machines:

This talk will go over my first experience with OSINT and what it taught me.

Short and to the point, I like it. And in true Minnesota fashion, we talk about cold things while it is cold out 🙂

— TactiFail

Where:  Wilde Cafe – 65 Main St SE, Mpls.
When: Thursday, December 12th 6:12PM

Thursday, November 14th 2019 – 6:12PM @ Wilde Cafe

Written by  on November 9, 2019

Hello Hackers!

Fresh off an elections system risk assessment for the City of Minneapolis, Joe Klein (@UrbanMongoose) will share what he’s learned about the state of election security in Minnesota. We’ll talk about how election security works in Minnesota – Who’s in charge, what role each government agency plays (City, County, State), why it’s so dang complicated and some ways you can get involved.

— TactiFail

Where:  Wilde Cafe – 65 Main St SE, Mpls.
When: Thursday, November 14th 6:12PM