TactiFail

Thursday, October 12th – 6:12pm @ Virtual

Written by  on October 10, 2023

Hello Hackers!

This month, we will be joined by Brian Halbach who will be presenting his talk “Security Flaw Safari: Reading Between the Lines and Hunting Security Risks”:

This talk covers the methodology used for hunting previously unknown security risks and how to go on an adventure to read between the lines and uncover the juicy secrets the documentation won’t directly tell you. This talk will also help show a way to estimate if a research project will take 50 hours or 50 years as well as strategies on how to effectively learn a new technology and peel back the layers of complexity until you can find out what is really going on under the hood. There will also be examples and discussion from real world case studies. Audience members should be ready to participate and are welcome to share their own stories and thoughts (assuming they are legally allowed).

Brian is a Senior Security Consultant at InGuardians with past experience in help-desk and network engineering roles. Recognizing organizational security gaps in those previous roles, he transitioned to red teaming and penetration testing. He enjoys tackling complex security issues and consulting with clients to find non-obvious solutions.

As usual, we will be meeting online at https://cafe.cyberia.club/dc612.

Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.

— TactiFail

2023 Toxic BBQ September 23rd!

Written by  on September 8, 2023

Hello hackers!

We have exciting news: The 2023 DC612 Toxic BBQ is on!

  • When: Saturday, September 23rd from 4PM to 10PM Central
  • Where: Minnehaha Falls Regional Park, Wabun Picnic Shelter G (map here)
  • What:
    • Food! Bring food and we will grill it, or just show up and eat.
    • Hackers! We have been told there may be hackers in attendance.
    • Music? Games? Prizes? Stickers? Whatever you bring!
  • Cost: Zero dollars!

This is a group-led event, so it is only as good as we make it. We have a sign-up sheet here to track what everyone is bringing, please fill it out if you plan on bringing stuff. Please note that canned beer is allowed, but no other alcohol per permit rules. We always need food, but paper plates, plastic utensils, and napkins never go out of style. If someone wants to bring musical entertainment, or games, or a vulnerable WiFi spot, all the better!

Nobody is required to bring anything or pay anything to attend and eat, but keep in mind that our official budget is also zero dollars, so we will only have what we all bring.

See you all there!

Thursday, September 14th – 6:12pm @ Virtual

Written by  on September 5, 2023

Hello Hackers!

This month, we will be joined by Alex Groyz who will be sharing with us about automating containment of AWS services during incident response:

Any organization with sensitive data can be the target of a cyberattack, regardless of size or industry sector. As more and more enterprises move to the cloud, the threat landscape is evolving at an accelerated rate in which adversaries deploy advanced tactics to reach their end goal. Incident response is critical in securing your data and preventing an attack from wreaking havoc on your organization.

After detecting an event in the detection phase of an incident response and analyzing it in the analysis phase — I will present a solution that you can use to automate the containment of the four supported AWS services: IAM User, IAM Roles, Lambda Functions, and EC2 instances.

Alex Groyz is a cloud security architect at Vectra AI specializing in AWS. He has broad knowledge across the technology spectrum. Alex helps customers create a hybrid cloud migration strategy and build their presence on the cloud. He has over a decade of experience in various engineering roles and enjoys working with diverse stakeholders with a focus on the cloud

As usual, we will be meeting online at https://cafe.cyberia.club/dc612.

Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.

— TactiFail

“Is DC612 Back In-Person?”

Written by  on August 27, 2023

TL;DR: No. There are logistical and safety issues which need to be resolved before we can consistently meet in-person again. The logistical issues are the bigger of the two and basically come down to venue (cost, location, amenities) and hybrid in-person and online streaming of presentations. The safety issues basically come down to Covid (it’s still here, but slowly getting better) and people not wanting purely in-person options (hence the need for hybrid presenting).


The First Online Meeting

There’s no doubt that in-person meetings were a cherished part of DC612. Nothing can beat the feeling of 30 hackers in a room, eating together, laughing together, picking locks, showing off blinky lights. Even without a presentation, that sounds like a good time to me.

And then Covid came along and flipped that upside down.

We fumbled for a bit trying to get hybrid meetings to work, as seen here. I recall quite a bit of testing and troubleshooting in that last in-person meeting, but it paid off. We got a free Jitsi server from our friends at Cyberia for our first online meeting, and we’ve been using that ever since.

The Before Times

But even before then, it was hard to find a venue that could check all the boxes. In fact, back in December of 2019 (just before Covid) we realized we were reaching and at times exceeding the capacity of our room at the Wilde Roast (which has since closed). I made a post about that here: Operation Relocation

I recommend you give it a read, because 90% of what is true in this post now was true back then. But the gist is that we have a lot of needs in a space:

  • Needs
    • No room fee
    • Minneapolis area
    • Onsite or nearby food
    • 30+ seating
    • A/V options
  • Wants
    • Onsite or nearby parking
    • Alcohol

A lot of thought went into this list back then. A lot of debate went into it as well. Does alcohol need to be available? Does food need to be onsite or can it be near a food court? Should free parking be a requirement or just nice to have? How close should it be to public transport?

The list we came up with ultimately felt “right” if not “perfect” so we posted and made a spreadsheet for people to submit ideas. I figured with an average 20 people showing up, at least one or two would have some good ideas.

But nobody did. Not one person filled out a row in the spreadsheet. And that was fine, for the time-being. We weren’t always packed in like sardines but we needed a solution within a year or so at the rate we were growing.

Covid Complications

Well, it wasn’t even a year later that the need for a bigger venue was put on the backest of burners.

For the most part, people just seemed happy to still have our meetings. It was slow going at first as the word spread, and as the Jitsi server had to be tuned to handle the load. But we held on and that was good.

That’s not to say we didn’t get some complaints. Within days of the announcement of our first online-only meeting, I would regularly see Slack posts, Twitter DMs, and emails consisting of:

  • “Covid isn’t real!”
  • “It’s just a cold!”
  • “This sucks, I’m leaving!”
  • “Don’t let fear control you!”
  • “Your [sic] a fucking idiot”

etc. etc. Nothing we haven’t heard countless times since.

But eventually, and understandably, those shouts mellowed out and were generally replaced with:

  • “Are we still online only?”
  • “When will we be in-person again?”
  • “I miss my people”

That last one hurts 100x more than all of the hate combined.

In Search of A New Home in a New World

So I started looking for a solution. By this time, the vaccines had been available long enough that anyone who wanted one could get one. Masks were no longer scarce (you could tell because they were everywhere on the ground). Treatment options had improved greatly. The downward curve had started to form. If it wasn’t fully safe, it might be safe enough.

But the world had changed. Places closed down, meeting rooms were not available, the room fees that would have been bearable before were now out of the question. Places that had no fees before were now requiring a minimum food order, something we did not know whether we could meet. I would send emails or leave voicemails and they would go unanswered.

The group had changed as well. A lot of the long-time members were not showing up online so we had no idea who would even show up in-person. Maybe they didn’t get the memo when we moved online, maybe they (again, understandably) preferred in-person. When splits happen in a group, they are hard to mend.

There was another split as well. The pandemic has sorted people into two broad buckets:

  • “I am going to continue living like before”
  • “I am going to mask up, avoid crowds”

Our group has been a mixed bag of both, judging by the countless conversations I have had over the years. The former group generally wants in-person meetings, and the latter generally wants online. There is some overlap, of course; you can wear a mask and still go to meetings. But there are definitely people who have stated they will only stick around for one or the other.

What’s The Fix?

So, we need a hybrid approach. Assuming we find a venue, we still need to have the equipment and setup to stream simultaneously online. This could just be as simple as OBS and a decent webcam and microphone, but even that is not without its own problems:

  • What if an in-person speaker doesn’t want to be recorded/streamed?
  • What if the person with the webcam and mic is gone?
  • Whose creds do we use to broadcast?
  • Can the broadcasting platform sync with Jitsi?
  • What if an organizer can’t make it that month to set things up?

and so on. There are problems that can occur in the opposite direction too, in cases where we have an online speaker we need to display in the room, but those are comparatively easier to handle assuming the room has AV and Internet.

This is not a simple problem to solve.

A Call for Help

I’m just one person. My co-organizer had to step down recently for personal reasons. The founder of DC612 is not really involved with the day-to-day operations. It’s hard enough finding monthly speakers, to say nothing of planning BBQs, wardrives, in-person meetups at DefCon proper, and looking for new venues, all with zero budget. It’s even harder solo.

When I first started running things my life was very different, but now I have a kid, a wife, a job with far more responsibilities, and aging parents (and an aging me). I don’t have the time for DC612 that I used to. I barely have time for myself.

I’ve always said that “DefCon is what you make it” and that’s just as true for the groups. If we as a group want to have in-person meetings and BBQs and cool speakers and stickers and badges… then we as a group need to make that happen.

I’ve had people ask how they can help, and my answer has always been “Find us speakers” but now I need to ask a little more:

If we want in-person meetings again, then I need suggestions for locations. Read the requirements in the Operation Relocation post. Make some phone calls. Fill out the spreadsheet.

If we want a BBQ, then I need suggestions. I don’t have a ton of time to scout out half a dozen locations. We need a large grill or a few smaller ones, a pavilion for shade, electricity and restrooms and running water would be nice. I’ll handle the reservation fees, but try to keep it under $300 please.

If we want exciting speakers, then I need suggestions. Reach out to your network or volunteer to speak yourself. You don’t need to be an expert in your field or an experienced speaker. Just be knowledgeable and passionate.

Closing

I want to meet in-person again. I want to do all the cool things we used to, and more. But I am one person, trying to keep afloat this awesome boat in a rough sea.

Grab an oar.

Thursday, July 13th – 6:12pm @ Virtual

Written by  on July 11, 2023

Hello Hackers!

This month, we will be joined by D0zer who will be sharing their journey to create the perfect custom keyboard:

Do you use a wireless keyboard? How much do you trust it? Probably a little less after this talk. Join me on my journey to create the perfect custom keyboard and how it lead down a rabbit hole of hacking proprietary protocols and unexpected vulnerability discoveries.

D0zer is a software engineer turned security professional, perpetual tinkerer, and keyboard enthusiast

As usual, we will be meeting online at https://cafe.cyberia.club/dc612.

Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.

— TactiFail