ToorCamp 2016 Talks

ToorCamp 2016 has not posted a lineup yet. The CFP is open though, so please go and submit a talk!

ToorCamp 2014 Talk Schedule

These talks took place Thursday, Friday, and Saturday, July 9-12th, 2014.


On Wednesday night we’ll be playing a couple of movies in the prime dome.

Time Movies
20:00 Movie: Hackers
22:00 Movie: Real Genius


The Thursday talks will happen inside the prime dome.

Time 20-minute Track
10:30 ToorCamp Introduction
11:00 dyn – Intergalactic Plantary: Internetz!
11:30 Ian Foster / Jon Larson – A Study of SMTP [in]Security
12:00 Pierce Nichols – TrashCam — tracking the Great Pacific Garbage Patch
12:30 Lunch Break
13:30 Mykle Hansen – HOW TO MAKE LOVE TO A ROBOT
14:00 hydronics – Honey Bee Technology
14:30 Xiaoning Li – Virtual Machine Detection Using OS Status Changes
15:00 Carl Sue – Offensive Vendor Reviews
15:30 Jeffery Wilkins – From (Telnet) Honeypot to Botnet
16:00 m33p – Finding Network Anomalies with Advanced Statistics
16:30 Salt – Keepassing your credentials synced and under control
17:00 Vincent Zimmer – secure boot, network boot, verified boot, oh my
17:30 miles – Mesh networking: an answer in search of a problem, and a couple of projects that might just have found them.
18:00 Robert Rowley – Detecting and Defending against State Actor Surveillance
18:30 Noah Swartz – What I Learned by Running Socially Responsible Hackathons
19:00 Dinner
20:00 Movie Showing and Q&A: Aaron Swartz Documentary – The Internet’s Own Boy
22:00 Beach Lounge Party!



The Friday talks will happen in the prime dome.

Time 50-minute Track
11:00 KEYNOTE: Quinn Norton
13:00 VideoMan & Barrett Weisshaar – Dr. Microsoft, How I learned to stop worrying and love NTLM.
14:00 Ken Westin – How the Stolen Credit Card Black Market Works
15:00 Joe Rozner & Stephen Weinberg – Trials and Tribulations in Applying Lang Sec
16:00 Cooper Quintin – Privacy Badger: stop online trackers in their tracks
17:00 Ignite: ToorCamp Edition!
Jason Biggin – Raspberry Pi vs Port Forwarding
Tony DiCola – Beaglebone Black: A Maker’s Best Friend
Charles Vaughn / Hackcasual – Time Capsule: Hiding Data From the World
18:00 Dinner
22:00 Friday Night Party!



The Saturday talks will happen in the prime dome.

Time 50-minute Track
11:00 KEYNOTE: Jon Callas
12:00 dominictarr – designing a “web2.0″ p2p network with gossip protocols
13:00 Michael Ossmann & Dean Pierce – The NSA Playset
14:00 Matt Joyce – Hackerspace Beercology
15:00 marshallh – Extreme Soldering: You Can Do BGA
16:00 Bart Kus – HamWAN: Running Secure Networks on Amateur Radio
17:00 Franklin Hu – Hacking the universe – is everything we know about physics wrong?
18:00 Mick Ayzenberg – There Will Be Coins: A Security Analysis of the Bitcoin Network
19:00 Dinner
22:00 Saturday Night Party!



Time Around Camp
11:00 Closing Remarks


Intergalactic Plantary: Internetz!

In this talk, Aaron will cover the basics of spacecraft communication, challenges for that communication, and future systems such as the galactic internet. A discussion on what an interplaentary internet (outernet?) is currently planned to look like and could look like will be covered, with a lens of security for these proposed systems. Come learn about what protocols are in use, how to secure the future of space pr0n, how Vint Cerf is still rockin it, and why lasers are shooting out from the moon.

Some thought experiments will be had, some appreciation of the vastness of space revisited. Lets hack on and secure the future internet today, we don’t want ARP spoofing on Mars, NSA mass monitoring for “astroterrorists”, a lack of strict transport security, or finally, risk aliens sniffing our space packets. “Go ahead put my rhymes on trial. You stick around I’ll make it worth your while.”

Aaron Grattafiori / dyn
Aaron “dyn” Grattafiori is a principal consultant and research wrangler at a leading information security firm based in San Francisco. He has been a keyboard cowboy, hacking one thing or another for about 8 years now and enjoys learning about wireless communication, disruptive technologies, secure and anonymous messaging, and useability in security. He has spoken at several major security conferences on a range of topics. Aaron was also a founding member of Neg9, is a recently retired member of the Neg9 CTF team and is a current member of the Neg9 Core. Aaron has no “real” background in space, radio or optical communication systems but likes to dream of a world where space, hacking and robotics collide in some fantasitic way. Sometimes he tweets about stuff via @dyn___.

A Study of SMTP [in]Security

The Simple Mail Transfer Protocol (SMTP) and related Extended SMTP (ESMTP) are the primary means of delivering email messages between servers over the internet today. Internet traffic can easily be collected by third-parties, yet encryption of SMTP messages is not universal, and in fact cannot be required by a Mail Exchange (MX) server. This means that it is possible for an inter-domain email to be transferred and/or stored as plain-text at at least one point on its path across the internet. This paper provides an analysis of current email providers and their support for TLS encryption over SMTP. We show that while a majority of SMTP servers do provide support for TLS, almost half of all email users use a provider that does not support TLS encryption according to the standard ESMTP protocol. We further show that of those email providers that ostensibly support TLS, a number of them are configured such that their true security is suspect (e.g. invalid certificates, weak ciphers). Our aim is to raise awareness of the vulnerabilities present in the current SMTP environment on the internet.

Ian Foster
Ian is currently pursuing a Masters in Computer Science and security researcher at the University of California, San Diego. He is currently working on identifying problems with online communications in an effort to fix them.
Ian has also been helping with ToorCon/ToorCamp since 2010.

Jon Larson
Jon recently graduated from University of California, San Diego with a degree in Computer Science. His primary interests include computer networking, network security, and distributed systems. He will soon begin working at Amazon on the AWS Network Infrastructure group.

The Hobbyists Guide to Making Organic Light Emitting Diodes

In 2009 I started my own venture to create an OLED for fun. In this talk I’ll explain my motivation to learn about this area, how OLEDs function, the journey I took in getting the required knowledge, equipment, and materials, the functional devices I was able to make, and where I plan to go from here.

Ian Hanschen / furan
Hacker/Self-Taught Programmer

On the hacking side I’ve always been into software and hardware reverse engineering – either extending software to do what I want or repurposing existing hardware. Most of my hardware work these days is with FPGAs. Over the last 5 years I’ve taken up an interest in organic semiconductors, and have created my own somewhat ghetto organic semiconductor wetlab where I have successfully made organic light emitting diodes.

Professionally I’ve been working on the graphics, input, and window management stacks in the Windows OS for the last decade. Previously Chief Technologist at Stardock Corporation where I worked on a lot of products to change the look and feel of Windows, as well as a few games.

TrashCam — tracking the Great Pacific Garbage Patch

In the middle of the northern Pacific, massive amounts of plastic garbage from the surrounding nations collect. They are driven there by the circulating current around the north Pacific. This trash collection represents a serious but poorly understood environmental threat. In this talk, I will talk about my work with Project Kaisei to map the macroscopic trash particles through the use of digital cameras mounted on ships traversing the garbage patch.

Pierce Nichols
Founder of Logos Electromechanical LLC, engineer of ever-expanding portfolio, occasional rocket scientist, general troublemaker. May contain the absurd.


Mr. Hansen explains a newly standardized protocol stack for interfacing romantically with a wide variety of smart appliances on TIOST (The Internet Of Sexy Things).

Mykle Hansen
I am the famous author of six books of Bizarro fiction, including HELP! A BEAR IS EATING ME! and I, SLUTBOT! I am also a software developer and former systems administrator, with 25 years of experience split between those two disciplines. At the Center for Humorism and Amusement Dynamics ( I hold the dual titles of Chief Scientist and Special Fellow.

Honey Bee Technology

I’m really into using embedded hardware to make and share projects. I couple of years ago I started playing around with counting honey bees.

When dorkbotpdx was exhibiting at the Bay Area Maker Faire I met the largest cherry farmer in the world (from the Yakima Valley area)… We started developing more bee counting and mite killing technology collaborating with Oregon State University and University of Minnesota. It is a super fun topic that is a crowd pleaser…. full of technology and super organisms.

Hi, I’m Tom,

I’m an engineer in Portland Oregon that plays bike polo and invents electronics gadgets while collaborating with other makers around the world. I also teach electronic tinkering at OMSI (Oregon Museum of Science and Industry), Portland Community College and, and dorkbotpdx.

Virtual Machine Detection Using OS Status Changes

Our talk is about how to detect virtual machine with OS status changes, which happens in virtual machine environment. The purpose of the detection is to evade those defense methods that are based on virtual machines.

Virtual machines and virtualization technology play a critical role in virtual appliances to enable dynamic and parallel sample analysis. Methods for detecting virtual machines and sandboxes have been previously discussed but mostly from obvious virtual machine features including specific files, processes, VM communication protocol etc. The talk focuses on OS status changes happened in virtual machines with application level code.

The talk will cover the techniques that detect different virtual machines such as VirtualBox, VMware, and XEN.

Xiaoning Li
Xiaoning Li is a security researcher for a Fortune 50 company. For the past 10 years, his work has been focusing on vulnerability research, new exploit development, malware analysis, and reverse engineering.

Offensive Vendor Reviews

How do you choose who your company trusts? It is said that the best defense is a good offense, so why are so many organizations not offensive in their defense? Offensive Vendor Reviews looks at how companies deal with risk from outside companies. I look at some examples of where vendor reviews fail, and give some ideas of how to perform a vendor review. An Offensive Vendor Review is the practice of gathering real information on the companies your business uses the services of. Do you know who is on your network using your resources? Do you know how good their security is? Most importantly how do you sell this to management? Learn how to answer these questions and more in Offensive Vendor Reviews. While most content in this talk are related to research and practices developed at my employer they do not necessarily represent the views of said company.

Carl Sue
Carl Sue is an experienced security professional with primary focuses in Application Security and Penetration Testing. With experience in the finance industry, Carl currently works as internal Application security for an accounting SAAS application. Security interests include Application security, Penetration Testing, Rounded Security Methodology, and Red Team. I’m always interested in talking about technology especially in the areas of bio augmentation, life extension, human computer interfaces, and cryptography. Carl has been active in the security community for over 6 years and has spoken at events in the past including toorcon, and toorcamp.

From (Telnet) Honeypot To Botnet

How I went from setting up a telnet/ssh honeypot to reversing some malware using the simple tool strings which is included on lots of Linux distro to finding a bot net command and control center

Jeffery Wilkins
I have been working with Linux and Linux servers for over ten years so I have taught myself about networking, firewalls and port forwarding

Finding Network Anomalies with Advanced Statistics

Have you ever tried analyzing your network data using mean & standard deviation? Have you ever noticed how much it sucks? Or how inaccurate it can be? Or how hard it can be to use?

This presentation explores the idea of statistical anomaly detection and brings it to the next level. Multiple statistical methods of analyzing network traffic will be presented, showing how they perform in a realistic environment. The goal of this talk is to get people thinking about new ways of analyzing network data, and get us out of the stone age of standard deviation.

m33p is a recent graduate from Seattle Pacific University with a degree in applied mathematics, and a veteran in Infosec. Her goal is to apply the concepts of advanced applied mathematics to usher in a new era of security monitoring.

Keepassing your credentials synced and under control

Do you use the same few passwords over and over? Is there a piece of paper with hard-to-remember ones somewhere? How about a file that lives on five different devices and is never up-to-date?

Even the most secure passwords can be broken with a $5 wrench. Long forgotten websites are frequently compromised. Files can be stored in The Cloud, but is that really where such sensative data should be?

I ‎will demonstrate how keepassx and git-annex can be combined to maintain and syncronize all of your secure credentials.

Salt is the lead organizer for GSLUG, a former board member of Black Lodge Research, regularly attends Defcon and has been using Linux since 1996.

secure boot, network boot, verified boot, oh my

This talk will provide a brief overview of recent trends in platform attacks on ecosystems like UEFI ( &, emergent defensive features, and a comparison with other firmware ecosystems like coreboot ( Tools like chipsec

Vincent Zimmer
I am a firmware engineer working at Intel Corporation. I focus on networking, security, trusted computing, and low level interfaces.

Mesh networking: an answer in search of a problem, and a couple of projects that might just have found them.

Mesh networking has great curb appeal – it’s such an elegant solution. But real world meshes tend to suck for a variety of predictable reasons. This talk will cover 3-4 projects that have defined problems where mesh really is the answer. This talk will also introduce the commotion+serval mesh we’ll be running at Toorcamp.

20 years in security, 15 years stretching the bounds of legality and common sense with wifi, successfull off-grid community networks in two countries…
And it’s all come to this.

Detecting and Defending against State Actor Surveillance

This talk is based on recent leaks that show how state-actors could be engaging in surveillance against people they deem as ‘threats’. I will cover the basics on what was leaked, and cover a pragmatic approach on how to detect hardware bugs, implanted radio transceivers, firmware injections and cellular network monitoring.

No need to bring your tin-foil hats though, the discussion here is a pragmatical approach to how to detect such threats and identify if you have been targetted. No blind faith approaches, or attempts to sell any privacy snake oil will be found here.

Robert Rowley
Robert works as a security researcher for Trustwave SpiderLabs and has been an active member of the southern california hacking scene for over the last 10 years. He helped found Irvine Underground and recently has presented on many topics including Juice Jacking, Web Application Security and more… At TooCamp I will present on a personal passion this time, Privacy.

What I Learned by Running Socially Responsible Hackathons

Since Aaron’s death in January 2013 I and a number of Aaron’s friends have run two iterations of memorial hackathons in Aaron’s name, in an effort to channel some of the anger at the prosecution that he dealt with and anger at the government for any number of issues discovered via leaks over the last few years. We had a large number of events across many countries, and a large number of projects started in the name of tech activism. I’d like to share what I learned from organizing these events, in the form of a brief primer on how to get engaged participants who want to do social good. I’d also like to share some of the work that was done at these events, and give updates on projects that are still ongoing, in the hopes that people will join in on them, or bring their own projects to the upcoming events that we plan to hold at the end of the year.

Noah Swartz
Brother of Aaron Swartz, mild hacker, and apprentice prolific conference hopper

Privacy Badger: stop online trackers in their tracks

In this talk Cooper will introduce the design and implementation of Privacy Badger, EFF’s new browser extension that automatically blocks both invisible trackers and spying ads. It is intended to be a minimal or zero-configuration option that most Internet users can use to prevent non-consensual third party collection of their reading habits from their everyday browser.

Cooper Quintin
Cooper is an experienced software engineer and security researcher. He has trained activsits and journalists around the world on how to use security and cryptography software. He has worked to build web applications that protect a users privacy and security. Cooper is currently a technologist at the Electronic Frontier Foundation.

Dr. Microsoft, How I learned to stop worrying and love NTLM.

In 2012 Microsoft published an 82 page paper, “Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft Techniques”, that includes policies and procedures around protecting from and mitigating Pass-the-Hash attacks. These procedures place the responsibility on the system administrators, and users. They also say little about the underlying issue of the flawed authentication.

Adopting policies and procedures is a good way to mitigate these attacks, however we believe the focus should be on moving forward and making NTLM obsolete in the enterprise environment. NTLM authentication has been the cornerstone of Windows authentication for over a decade, with NTLMv2 and client/server challenges being the pinnacle of development. A strong and complex password can make cracking harder, but it’s not fool proof.

Despite that, the existence of relay and Pass the Hash techniques/tools undermines nearly all of the mechanisms of NTLMv2. We will demonstrate some of the vectors that we have found to be the most useful in the course of every day security testing. Once domain access is obtained, it’s only a matter of time before it’s game over.

VideoMan Aka David Bryan
David M N Bryan has over 10 years of experience in the computer security industry. As an active participant he volunteers at DEFCON to support the NOC, and many other security conferences. In his spare time he runs the local DEFCON group, DC612, and helps run Thotcon as a board member and OPER. David’s day job mostly consists of breaking the computer security around networks and operating systems at Trustwave’s SpiderLabs.

Barrett Weisshaar
Barrett Weisshaar is a Managing Consultant at Trustwave. He is a member of Trustwave’s SpiderLabs East network penetration test practice – the advanced security team focused on penetration testing, incident response, and application security. He has been in the information technology field for nearly a decade and has specialized in information security for over 8 years. In this time, Barrett has given numerous presentations on multiple facets of security, from smart metering technologies to password strength and recovery techniques.
Prior to joining Trustwave, Barrett worked as a security consultant for Deloitte & Touche, focusing on retail security, penetration testing, and security architecture. Barrett holds a Bachelor’s from the University of Notre Dame and an M.S. in Information Security from Carnegie Mellon University.

How the Stolen Credit Card Black Market Works

With the Target data breach, many are wondering how criminals can profit from the use of the stolen credit cards. The card holders themselves will not be responsible for any of the charges, so how is it that criminals are able to make money from stolen credit cards?

I have been involved with several cases where organized crime rings have been unveiled, many of these have had connections to Russian and Eastern European groups. These groups generate a significant profit through stolen property acquired through burglaries, shoplifting, identity theft, credit card skimming and carding. Many underestimate the complexity of some of these networks and the revenue they generate.

In this talk I will discuss the stolen credit card market, how it fuels the exploit black market, online retail fraud and other nefarious activities.

Ken Westin
Ken is a security researcher with 14 years experience building and breaking things through the use/misuse of technology. His technology exploits and endeavors have been featured in Forbes, Good Morning America, Dateline, New York Times, The Economist and has won awards from MIT, CTIA, Oregon Technology Awards, SXSW, Entrepreneur and named in Portland Business Journal’s 2013 “40 Under 40″. He has worked with law enforcement and journalists utilizing various technologies to unveil organized crime rings, recover stolen cars, even a car jacking amongst other crimes.

Trials and Tribulations in Applying Lang Sec

The goal of Language-Theoretic Security, or Lang Sec, is to identify and stop security flaws that exist because of accepting invalid input and/or valid input that causes unexpected behavior in the host application. The former is nothing new and something we’ve seen for decades. The latter however is something more interesting and more difficult to detect completely. These occurrences have been dubbed weird machines by the language security community.

One common attack we’ve identified, that directly represent these two cases, is SQL injection. This attack can take advantage of host applications accepting invalid user data and applications accepting valid input that can be used to control the execution of the application in ways unexpected such as modifying a query to return a malicious result set or using boolean logic to extract data or information about the database. Through the use of syntactic and semantic analysis it is possible to ensure that all input adheres to a ruleset that the developer can define, fixing these problems.

The last segment will explore directly the implementation of our solution to this attack mentioned above and share some of the success and failures we’ve had along the way. We’ll look at common tooling that exists and our experiences with it; explaining what we’ve found that works and what doesn’t.

Joe Rozner
An experienced software engineer and security researcher Joe has focused his career on rapid prototyping and exploring what the HTML5 additions have in store for browser based security. He’s developed custom system call level sandboxes, rich web applications, and applications at all levels between. A strong interest in computer languages and implementation of them has led to a solid foundation and further cultivation in the area of language implementation and language security.

Stephen Weinberg
As a software engineer at Prevoty, Stephen has been one of the driving forces in testing and creating parser technology for understanding and preventing SQL injections. Stephen developed the Go bindings for Hammer, a parsing library with a combinator interface, before implementing a native Go solution with a similar interface. Stephen has also evaluated and worked with many common parser generators including YACC and ANTLR.

Optimatization: Linear Programming

Hackers like to optimize, whether it involves building robots or writing shell scripts. Linear programming is just a fancy word for some mathematical tools to optimize cost given some constraints. This talk is designed to be an introduction to linear programming and some tools, and will hopefully convince some of you that not all math is scary and can actually be useful in your personal projects.

Brian Mann
I recently finished my PhD in Mathematics at the University of Utah, and I’m not working as a research scientist at Amazon.

Raspberry Pi vs Port Forwarding

Companies depend on clients to port forward in order to make solutions work. RPi affordability allows for dependable work around that requires no port forwarding.

Call home and present your ports.

Jason Biggin
IT Manager
Systems Generalist

Raytheon 7
Vancouver Airport Authority 6.5
VC Startup 4.5

Beaglebone Black: A Maker’s Best Friend

This 5 minute lightning/ignite style talk will introduce the Beaglebone Black small board embedded Linux computer, compare it to other popular boards like the Raspberry Pi, and highlight some of the interesting features of the board.

Tony DiCola
Tony is an engineer who works for Adafruit Industries and is passionate about making stuff with Arduino, Raspberry Pi, and Beaglebone Black.

Time Capsule: Hiding Data From the World

What if we wanted to keep something secret for awhile, with no key to unlock it, only the changing state of the world. I present an attempt to do just that, using a smart card and the bitcoin block chain as a global proof-of-work system.

Charles Vaughn / Hackcasual
Charles Vaughn in a Senior Software engineer, currently working in the field of data analytics. Previous work includes developing document image analysis for Amazon’s Search Inside the Book, lead engineer on the Kindle Fire home screen, and integration engineer for GSM system support software.

In his spare time, he plays around with JCOP smart cards, embedded ARM platforms, and mentors a FIRST Robotics Championship team in programming, electrical engineering, and flashy glowing things.

designing a “web2.0″ p2p network with gossip protocols

There have been many p2p networks, from filesharing (bittorrent), anonymization (tor), another network layer (cjdns), to crypto currencies.

But one style of application that is mostly unexplored in p2p-land is the “web2.0″ “social network”.

I’ll show how a the pattern of “feeds” and “follows” translates very naturally to a completely decentralized system that is efficient and scalable.

I’m a traveller and a hacker. growing up in the ends of the earth, I have always known the pain of latency, or network partitions (such as the state known as “offline”)

This has given me an keen interest in data replication, which I have been researching and experimenting with for several years now.

The NSA Playset

The leaked pages from the ANT catalog have given us unprecedented insight into the capabilities of the NSA. The gadgets in the catalog allow the NSA to monitor and locate mobile phones, tap USB and Ethernet connections, maintain persistent malware on PCs, communicate with malware across air gaps, mount Wi-Fi attacks from drones, and even monitor video displays, keystrokes, and ambient audio from a distance.

Did you know that nearly all of those capabilities can be implemented today with open source hardware and software? With a focus on the hardware devices found in the ANT catalog, I will show you how to build your own NSA Playset out of open source components so that you can play along with the NSA!

Michael Ossmann
Michael Ossmann is a wireless security researcher who makes hardware for hackers. Best known for the open source HackRF, Ubertooth, and Daisho projects, he founded Great Scott Gadgets in an effort to put exciting, new tools into the hands of innovative people.

Dean Pierce
Dean Pierce is a computer security researcher in Portland Oregon. As an infosec professional, he has worked primarily in the fields of network security and product security, and has in the past covered research topics ranging from wireless networks and cryptography, to the development of various networking tools.

Hackerspace Beercology

NYC Resistor is housed at 87 3rd Ave in Brooklyn NY. The Warehouse it is in was once part of a sprawling complex that made up the Long Island Brewing Company and later the Federal Brewing Company. The brewery closed in 1907 after 50+ year operating span. Matt being an avid home brewer embarked on a quest to find out enough about the now 100+ year old brewery to brew a beer that would possibly have been brewed there in it’s hayday.

This talk will go into detail on some of the techniques used to identify information about the old brewing processes, the building, and the general archeological tools available to a hacker / homebrewer. It will also present some interesting and entertaining finds. And should all go well with current efforts, a recipe for a beer that is in line with what would have been made at NYC Resistor over 100 years ago.

Matt Joyce
Matt Joyce is a hacker at NYC Resistor, an Automation Engineer at Hewlett Packard, a contributor to the OpenStack project, and an all around pretty swell person.

Extreme Soldering: You Can Do BGA

Long ago, folks building circuit boards started out with UV lights, copper clad boards and resist pens. Now double sided PCBs are cheap and quick to order, with 4-layer boards very quickly approaching the same.
This opens up opportunities to use denser chip packages such as QFN and BGA (Ball grid array).

Dismissed by many as “too hard”, “scary” or just simply too involved, designing boards with BGAs on them isn’t as hard as you’d think. Various aspects of design, assembly, and rework will be covered. If you design boards but haven’t used BGA parts yet and don’t know what “dogbone” or “ballout” mean, you should gain something from this talk.

Marshall likes building hardware. Recently he designs and sells various products and tools mostly related to retro gaming hardware. An unapologetic Altera fanboy, he’s currently writing FPGA IP cores for Mike Ossmann’s latest projects.

HamWAN: Running Secure Networks on Amateur Radio

The FCC rules of using Amateur Radio spectrum are unique in that they explicitly forbid encryption. How then does one stand a chance of implementing a modern secure network with such a restriction? This talk outlines some of the unique solutions HamWAN had to devise to ensure compliance while providing a strict security model, which includes identity and integrity all without secrecy. We’ll also cover open problems which some of you may have solutions for! Amateur radio offers a lot of spectrum for free. It’s up to us to figure out how to make networks compatible with it so it’s useful in the digital age.

Bart Kus
Bart’s career has involved running Internet services in one form or another since 1996. He presently supports networks and routing at a major cloud provider. He is a founder of HamWAN, a non-profit designing and implementing amateur radio compatible microwave digital networks. Bart also designs and implements electronic circuitry of all kinds. If you stopped by the RF Palace camp last year, you may have already met!

Hacking the universe – is everything we know about physics is wrong?

Something stinks in the world of physics. We have dark matter and dark energy which is code for “we don’t have the faintest idea of what these things are”. Nobody really understands quantum physics or relativity and is string theory a religion or science? We still know nothing about how gravity, magnetism and charge actually work. Something seems terribly wrong. Could it be that science has made some serious wrong turns and is in need of a hacker overhaul? Come learn how to hack the universe – toss everything science holds sacred and invent entirely new ways of looking at how the universe works.

Franklin Hu
Franklin is a mild mannered software engineer by day, but a mad scientist by night battling the evils of mainstream dogma. Franklin has compiled his many works at

There Will Be Coins: A Security Analysis of the Bitcoin Network

The Bitcoin network processes upwards of $500,000,000 worth of digital transactions a day. As the popularity of this new form of currency grows, the security behind its software becomes increasingly important.

For individuals new to Bitcoin we will introduce the core concepts of this technology. From there we will discuss some past and present risks to the core network. Afterwords we will discuss our approach in assessing the protocols and describe the construction of our fuzzing environment. Finally we will reveal some newly discovered vulnerabilities in the mining software. We aim for you to leave this presentation with a deeper curiosity and understanding of modern crypto-currency security.

Mick Ayzenberg
Mick Ayzenberg is a Security Consultant at Déjà vu Security where he focuses on web and software application penetration testing. He specializes in fuzzing methodology and has co-instructed the Peach Fuzzer: Effective Fuzzing course at Black Hat USA. His current research involves crypto-currencies and the security of these payment networks.