Videos uploaded by user “Keith Simonsen”
Hardware Reverse Engineering 101 - Layerone 2013
This talk will provide a beginner's guide to taking apart, understanding and modifying electronic devices. It will focus on the specifics of basic reverse-engineering, with emphasis on safety, hands-on take apart, functional block identification, component ID, and evaluation for hacking potential. This talk is best suited to someone with a basic understanding of AC/DC electronics and soldering experience. Hardware and software approaches will be explored, and we will also go over the tools of the trade. With any luck, you will come away with a general understanding of where to start when you wish to tear down and attack a new piece of equipment. About the speaker: John Norman is a founding member of the 23b Shop in Fullerton, CA. He's been involved in IT Security, resilient systems design and most recently, embedded security electronics. He currently ACCX Products Inc., a company that started from the hacker space community's need for a modular, open-source access control system. Other projects include industrial controls, 3D Printer hacking, alarm and automation systems, and high-altitude balloon trackers.
Views: 3060 Keith Simonsen
Differential Cryptanalysis for Dummies - Layerone 2013
This talk is an introduction to finding and exploiting vulnerabilities in block ciphers using FEAL-4 as a case study. Attendees will learn how cryptanalysis can be used to break ciphers by finding the key with less computational effort than exhaustive search. After an introduction to block cipher components and structure, we will study the incredibly broken FEAL-4 algorithm. By exploiting statistical biases in the cipher, attendees will learn how to build a differential attack and ultimately recover the key. Attendees should have a basic understanding of binary operations like XOR and a general familiarity with bits and bytes. Jon will guide attendees through the fundamentals of modern cryptanalysis while keeping the math to a minimum. That said, this talk is focused on the nitty gritty details of cipher vulnerabilities and how differential cryptanalysis can be applied to them. Jon is also able to provide overviews of other cryptanalytic attacks (linear, boomerang, impossible differential, slide, etc..) if time permits and there is interest. About the speaker: Jon King is an active-duty member of the US Navy that enjoys breaking security as a hobby. He primarily focuses on finding vulnerabilities in high-security locks and tamper-evident devices. Additionally, Jon studies cryptanalysis with a focus on implementing realistic attacks against modern block ciphers. Despite having very little math background, he has digested the writings of the academic cryptography world and is available to translate their esoteric math-talk.
Views: 3216 Keith Simonsen
The Dark Arts of OSINT - Layerone 2013
The proliferation and availability of public information has increased with the evolution of its dissemination—from print, radio, and TV, to networked communications of the Internet Age. With the constant creation of digital document archives and the migration towards a paperless society, vast databases of information are continuously being generated. Collectively, these publicly available databases contain enough specific information to pose certain vulnerabilities. The actionable intelligence ascertained from these data sources is known as Open Source Intelligence (OSINT). Numerous search techniques and applications exist to harvest data for OSINT purposes. Advanced operator use, social network searches, geospatial data aggregation, network traffic graphs, image specific searches, metadata extractors, and government databases, provide a wealth of useful data. Furthermore, applications such as FOCA, Maltego, and SearchDiggity, in addition to custom site API integration, yield powerful search queries with organized results. Fluency in OSINT methodologies is essential for effective online reconnaissance, although a true mastery requires further mathematical investigation. The use of statistical correlation can often reveal hidden data relationships. Linkage attacks, inferential analysis, and deductive disclosure can exploit improperly sanitized data sets. These techniques can ultimately lead to data re-identification and de-anonymization, thus exposing personal information for exploitation. About the speakers: An IT industry veteran, with 20+ years of experience, Dr. Noah Schiffman is a former black-hat hacker turned security consultant. He spent almost a decade as a career computer hacker, performing penetration testing, social engineering, corporate espionage, digital surveillance, and other ethically questionable projects. Subsequently, he worked as a security consultant, teaching network defense, giving talks, and writing about information security. His past clients have consisted of Fortune 500 companies and various government agencies. For the past several years, his R&D efforts in the commercial and defense sectors have covered areas of data analysis and pattern recognition for security applications. With 20+ years of experience in network security and computer science, Trevor possesses a unique skillset of technological diversity and depth. His accomplishments range from the design and support of enterprise level system architectures, to developing custom security products and solutions. As an industry leader in the hacker community, his expertise in vulnerability assessment and exploitation, provide him with valuable insight for developing security strategies. He is responsible for establishing and running several Information Security conferences, including Outerz0ne and SkyDogCon. Working for Vanderbilt University, he spends his time researching security, performing data recovery services, and managing 100+ terabytes of storage.
Views: 10502 Keith Simonsen
Cognitive Enhancement: Drugs, Electricity and Bullsh*t - Layerone 2013
Nootropics, brain training, meditation, direct electrical and magnetic brain stimulation: all are being touted as methods to turn average you into a supergenius. This talk will discuss what actually works, what doesn't and what is pure neurobullshit.
Views: 537 Keith Simonsen
Violent Python & the Antivirus Scam - LayerOne 2014
By Sam Bowne I've been writing attack software in python, inspired by the book "Violent Python". It's very easy to write custom scanners, brute forcers, keyloggers, and Remote Access Trojans in python. The big surprise for me was that even the very simplest malware written in Python is undetectable by antivirus software, even when compiled into a Windows EXE file. Antivirus software is FAR less effective than the vendors claim--a complete novice can make undetectable malware in 30 minutes. I'll demonstrate how. Sam Bowne has been teaching computer networking and security classes at CCSF since 2000. He has given talks at DEFCON, BayThreat, LayerOne, and Toorcon, and lightning talks at HOPE. He has a CISSP and many other certs, and a PhD.
Views: 806 Keith Simonsen
Improving Social Engineering Campaigns with Narrative Construction - Layerone 2013
Building narratives can provide one with a deeper understanding of your target and character, making social engineering campaigns more effective. Stories have been passed from one generation to the next for as long as we've recorded history. Some are factual accounts of real events. Others are fiction meant to entertain or convey a message. In any case we, as social creatures, naturally tend to remember, understand, and connect with stories quite well. We can use our natural tendencies to improve our social engineering skills. By properly focusing our research before any social engineering activities, and building that research into narratives about our targets and our cover characters, we can better understand both. This enables us to intuitively respond to unexpected developments during the course of our campaigns while still remaining highly effective. About the speaker: CHRIS is an IT consultant in the Los Angeles area. In his spare time he enjoys eating an assortment of delicious pies.
Views: 82 Keith Simonsen
Lockpicking In Popular Media - LayerOne 2014
By Schuyler Towne Rather than just show a bunch of clips of terrible lockpicking, it'll be much more fun to show a scene, deconstruct what they got right and what they got wrong, and then go a step further and re-imagine the scene done correctly. The variety of mediums and situations will also allow us to explore entry techniques from basic picking to percussive attacks and even wax-pad impressioning. Schuyler Towne is a Research Scholar at the Ronin Institute studying the history of mechanical security. Presently he is working on a guide for media professionals who want to do a better job portraying realistic lockpicking in print and on screen. He has advised best-selling authors and television shows airing on the History Channel and NatGeo.
Views: 88 Keith Simonsen
Layerone 2013 - Introduction and welcome
datagram introduces Los Angeles' premiere security conference, Layer One.
Views: 51 Keith Simonsen
Discovering Dark Matter - Towards Better Android Malware Heuristics - Layerone 2013
There are nearly 1,000,000 free and paid Android apps available. A very small percentage of these mean to do you harm. Figuring out which apps are the bad ones is difficult enough for the average user, but it's not much easier for malware analysts. Analysis tools and automation can help to filter this flood of apps. Towards the end of discovering new unknown malware in a timely manner, we are developing new heuristics. We will cover: * Existing analysis tools: manual and automated * Development of new heuristics for malicious Android apps * Comparing the results of running the heuristics vs. manual analysis. About the speakers: Jimmy Shah is a Mobile Security Researcher specializing in analysis of mobile/embedded threats on existing platforms (Windows Phone 8, iOS, Android) and potential mobile malware and spyware. If it's lighter than a car, has a microprocessor, and is likely to be a target it's probably his problem. He has presented on mobile threat research at a number of computer security conferences. David Shaw has extensive experience in many aspects of information security. After working in the trenches of perimeter analysis, David joined an External Threat Assessment Team as a Security Researcher, working closely with large financial institutions to mitigate external risk and combat phishing attacks. David is currently the Senior Director of Engineering at Redspin, specializing in External and Application security assessments and managing a team of highly skilled engineers. Matthew McDevitt is a security and malware researcher. After 8 years’ experience in systems administration, Matt began professionally pursuing information security, his hobby since young adulthood. Matt is currently a Mobile Malware Researcher and specializes in x86 and embedded system malware analysis.
Views: 122 Keith Simonsen
You're HIPAA certified and Bob just killed someone from the parking lot - LayerOne 2014
Boris Sverdlik - My friend Bob is undergoing Chemo and his wife asked him to get a copy of his medical records for a second opinion. Bob being an obedient husband had to jump through hoops to get copies of HIS records thanks to the monotony that we know as HIPAA. So one day while Bob is waiting for his treatment he notices that the facility has several blatant physical security issues which could allow someone of a more shady nature to obtain his health records without jumping through hoops. Follow Bob in his adventures!
Views: 100 Keith Simonsen
Data Evaporation on SSDs (plus DoS) - Layerone 2013
Files on magnetic hard drives remain on the drive even after they are deleted, so they can be recovered later with forensic tools. Sometimes SSDs work the same way, but under other conditions they erase this latent data in a "garbage collection" process. Understanding when and how this happens is important to forensic investigators and people who handle confidential data. I'll explain the purpose of garbage collection, and how it is affected by the operating system, SSD model, BIOS settings, TRIM, and drive format. I'll demonstrate SSD data evaporation on a MacBook Air and a Windows system, and I'll release the "evap" tool that makes it easy to test SSDs for evaporation. Finally, I'll demonstrate two unpatched DoS attacks: a layer 2 IPv6 attack that kills Windows 8 and the MacBook Air, and SockStress, a remote layer 4 attack from 2008 that still works, and can render servers unbootable. About the speaker: Sam Bowne has been teaching computer networking and security classes at CCSF since 2000. He has given talks at Defcon, BayThreat, LayerOne, Toorcon, and HOPE, and taught classes and seminars at many other schools and teaching conferences.
Views: 169 Keith Simonsen
Lockpicking Village - Intro to Lockpicking - Layerone 2013
scorche, head MFP, graces us mere mortals with his presence and explains the fundamentals of lock design and basic tools and techniques used for picking locks.
Views: 208 Keith Simonsen
3D Printing Our Way to Skynet - LayerOne 2014
By Machinist Nearly every day we hear in the news about a 3D printed trinket, but how many of us have actually used one? The technology is rapidly proliferating our lives, and it's not going away any time soon. Sooner rather than later, Star Trek replicators will be a reality. Today's technology is only the beginning. 3D printing technology is still limited... but not for long. The toolchain economics give cause for some thought. The largest barrier to entry for 3D printing has traditionally been 3D modeling. With the software industry shifting toward a SAAS model, we're going to start seeing wider acceptance of the typically exclusive 3D modeling industry. "But 3D printers are dangerous because they can print guns!". Has anyone even seen one in the wild? No, because they simply don't exist outside of amateur experimentation and wild dreams. I'll have a functioning, homebuilt machine on display for review, and to explain my experience with conjuring it out of thin air. Machinist is an aspiring machinery wizard, and one of 23b Shop's resident madmen. With a flare for metal objects and computers, it was only a matter of time until his path led him to 3D printers and Solidworks.
Views: 66 Keith Simonsen
Bug Bounty Extortion - LayerOne 2014
Kevin Dick, Matt Mosley
Views: 112 Keith Simonsen
You've been DDoSed- it's not a joke anymore! - LayerOne 2014
By Ghostwood In the age where DDoS is exceeding 400Gbps the status quo has changed. Even worse this is not the worse that can happen the next generation of attacks using SNMP is just around the corner. We are no longer looking at the same threat as 4-5 years ago, attacks rates have increased exponentially and we need to look at conceptually new methods of defense. This talk focuses on the specifics of NTP reflection and why it is so damaging. In addition to that it will cover what the presenter believes is going to be the next protocol being abuse (SNMP) and also elaborate on the potential damages there. A special focus will be placed on mitigation and what foundations we need to lay now so those attacks are not as damaging. As in previous talks it will cover what other parts of the infrastructure need to be in place and properly sized in order to survive the attack. It will also cover measures that need to be in place so effective traceback, attribution and statistics can be gathered so the source can be determined fast.
Views: 52 Keith Simonsen
Beyond the Perimeter: The reality of the new application security landscape - LayerOne 2014
By Kunal Anand Gartner estimates that 70% of all hacks happened at the application layer in 2013 - becoming the main attack surface for hackers, with the top threats being XSS, SQL injection and cross-site request forgery (CSRF). One of the main reasons for this is the significant change of what constitutes web-facing applications: they are dynamic, distributed, make use of web services, RSS feeds and other cloud-based services; they integrate with social and partner applications and Single Sign-On services; they often feature user generated content and are accessed from mobile and other untrusted devices.Yet IT security budgets have not kept up with this change in attack vectors, with less than 1% of the budget spent on application security. This talk will outline why a new approach to application security is required: one that can address the reality of today's threat landscape where securing the perimeter is simply not enough. Kunal Anand is the co-founder and CTO of Prevoty, a next-generation application security platform. Prior to that, he was the Director of Technology at the BBC Worldwide,overseeing engineering and operations across the company's global Digital Entertainment and Gaming initiatives. Kunal also has several years of experience leading security, data and engineering at Gravity, MySpace and NASA's Jet Propulsion Laboratory. His work has been featured in Wired Magazine and Fast Company. He continues to develop the patented security technologies that power Prevoty's core products. Kunal received a B.S. from Babson College.
Views: 80 Keith Simonsen
Detecting and Defending Against State Actor Surveillance - LayerOne 2014
By Robert Rowley Recently released secret documents are leaving a trail of details on how state actors with out of control budgets take on technological spying. This talk is the result of critically thinking on how these alleged bugs would work, and compiling the defences and detection methods.Don your tin-foil hats and join me in this discussion over what to do if you're targeted by state sponsored spy agencies. Robert is an active member of the Southern California hacking scene for over the last 10 years. Co-Founder of Irvine underground and recently presenting on many topics including Juice Jacking, Web Application Security and more.. This time, I am presenting on a personal passion, Privacy.
Views: 59 Keith Simonsen
Making of the 2014 L1 badge - LayerOne 2014
by KRS Krs, mmca, charliex and arko explain the process of developing the LayerOne 2014 PCB Badge. The badge is a modified Proxmark3 that includes a better processor, Spartan 3CS350 FPGA, 128x64 0.96" monochrome OLED display and SDCARD slot.
Views: 58 Keith Simonsen
You have been DDoSed so what? - Two years later - Layerone 2013
This talk focuses on how the threat landscape has changed and how some of the mitigation suggestions need to be modified to work better in present time. The maximum DDoS rate has gone past 300 GBps, about 3 times what it was two years ago, and in this particular case the reason is a large number of misconfigured devices that were abused to generate the attack. As a result it elaborates an important topic: can the network/system administrator and responsible Netizens to stop those attacks or at least decrease their effectiveness? Additionally, this talk focuses on something new in the last round of attacks that has been know as a weakness for long time but was only recently exploited. It discusses BCP38, DNS reflection, and other potential problems.
Views: 54 Keith Simonsen
Closing Remarks - LayerOne 2014
Datagram, mmca, charliex and others present close out another successful LayerOne conference.
Views: 12 Keith Simonsen
Are You A Janitor Or A Cleaner - LayerOne 2014
By Matthew Hoy & John Stauffacher Everyday corporations are faced with the increasing likelihood of attack. They spend millions in security software/tools/training/hardware only to neuter it at the behest of other business units. This talk aims to show what makes our attackers so nimble ( they don't have to play by the rules ), and begs the question: how are you handling your incident response? What are you doing with your attack data? Are you just mopping up the mess - or are you armed with the tools to thoroughly "clean" your enemy. This talk is a double shot of the real life experiences handling an active attack and cleaning up after a breach. A primer on new approaches to antiquated techniques and will ultimately shine some light on what makes the attacker so nimble and ways to up your incident response game. Are you a janitor? Or are you a cleaner? John Stauffacher is a Senior Security Consultant with the Accuvant Labs Technology Services team where he performs perimeter, network and application security defense projects for clients. As part of the Technology Services team, Johns core function is to provide expert level consultation to clients as well as deliver training and knowledge enrichment. John has held high level technical certifications with major security vendors and is considered an expert in the field of perimeter security. John has also been a lead contributor to open source security projects, as well as an active speaker at conferences and author of a number of titles on the topic of network and perimeter security. John has carried an active CISSP certification since 2004. Matthew Hoy is a Senior Security Consultant with Accuvant Labs Technology Services team. Matthew has worked in the Information Security world for over 15 years in various Information Security roles from Security Analyst, Architect, Incident Response, Consultant and Management. Matt currently holds CISSP and SANS GCIH Certifications. Matt has recently presented at Seattle Toorcon, B-Sides Los Angeles, Toorcon San Diego.
Views: 52 Keith Simonsen
Layerone 2013 - Closing remarks by datagram
datagram closes out the 2013 Layerone security conference.
Views: 20 Keith Simonsen
Long Lost Locks: The X-Patents - Layerone 2013
In 1836 there was a terrible fire at the US Patent Office that destroyed nearly 10,000 patents, drawings, models, everything. Only 1/4 of those patents have been restored. Unfortunately for me, not one of the 53 lock patents that were lost managed to get recovered. So? I'm doing it myself. It's entirely likely that I'll never fully recover even one of these patents, but I am on a mission to discover as much as I can about both the locks & the inventors. In this talk I'll tell some of the stories that I've uncovered so far.
Views: 73 Keith Simonsen
Teaching your WAF new tricks - Layerone 2013
This isn't your uncle's "what's a WAF" talk, I'll be covering as many cool tricks and advance topics related to deploying Web Application Firewalls. I will show you how to write custom scripts using lua and mod_security, and give first hand experiences of how I used scripting with a WAF to put the security team at my previous job ahead of the game when dealing with web app attacks. I will be including the source code for these example scripts which can be used to provide automatic incident response, counter-intelligence and more.
Views: 119 Keith Simonsen

Computer service technician cover letter
Chilis employment application form
Writing support service
Polizeiwissenschaft newsletter formats
Example of a great cover letter for resume