Friday, January 31, 2020
Time One Track Mind
1200 Registration Opens

Opening Remarks, Rumblings, Ruminations, and Rants

Moose v. Woodchuck

Samantha Livingston

Reverse Engineering Apple’s BLE Continuity Protocol for Tracking, OS Fingerprinting, and Behavioral Profiling

Sam Teplov

Think of the Kitten: The Truth About Section 230, the Law All the Cute Online Cat Pictures (And a Lot of Other Good Stuff) Depends On

Cathy Gellis

Zoom 0-Day: How Not to Handle a Vulnerability Report

Jonathan Leitschuh

What if We Had TLS for Phone Numbers? An Introduction to SHAKEN/STIR

Kelley Robinson

Robots and Privacy

Brittany Postnikoff

1845 Registration Closes


Saturday, February 01, 2020
Time Build It! Belay It! Bring it On! BoF It!
0930 Registration Opens
Extracting an ELF From an ESP32

Chris Lyne and Nick Miles

Battling Supermutants in the Phishing Wasteland

Ashlee Benge and Zack Allen

5G Protocol Vulnerabilities and Exploits

Roger Piqueras Jover

1030: LABS: Networking / Core Services

1045: LABS: Vulnerability Management
Adventures in Hardware Hacking or Building Expensive Tools on a Budget

Zac Franken

Command and KubeCTL: Real-World Kubernetes Security for Pentesters

Mark Manning

The Hacker’s Guide to Cybersecurity Policy in 2020

Jen Ellis, Nick Leiserson, Leonard Bailey, and Kurt Opsahl

1130: LABS: Network Security

1145: LABS: Infrastructure / Visualization
Whitelisting LD_PRELOAD for Fun and No Profit

Tony Lambert

Airplane Mode: Cybersecurity @ 30,000+ Feet

Olivia Stella

The Cyberlous Mrs. Maisel: A Comedic (And Slightly Terrifying) Introduction to Information Warfare

J. Zhanna Malekos Smith, J.D.

1300 Break Amateur Radio Exams
Privacy Scores for iOS Apps

Noelle Garrett

Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Review Process From the Ground Up

Wendy Knox Everette

Choose Your Own Adventure: Ransomware Response!

Heather Smith

Chip Decapping on a Budget

Zach Pahle

Teen Hacks for Obfuscating Identity on Social Media

Russell Mosley and Samantha Mosely

Cisco SMB Products — Critical Vulnerablities / 0-day Release

Ken Pyle

Banjo: An Android Disassembler for Binary Ninja

Austin Ralls

Software Mitigations for Hardware Vulnerabilities

Antonio Gomez

Resistance Isn’t Futile: A Practical Approach to Prioritizing Defenses with Threat Modeling

Katie Nickels

1530: LABS: Log Collection / Aggregation

1545: LABS: Security Operations Center
Voight-Kampff for Email Addresses: Quantifying Email Address Reputation to Identify Spear-Phishing and Fraud

Josh Kamdjou

SBOM: Screw it, We’ll Do it Live!

Audie and Josh Corman

Face/Off: Action Plan for Perils & Privileges of Facial Recognition

Elizabeth Wharton and Suchi Pahi

Security Researcher OPSEC

Krassimir Tzvetanov

Using OSINT for Human Rights and Victim Support

Rae Baker

1630: LABS: Threat Hunting / Log Correlation

1645: LABS: Wireless Network
0wn the Con

The Shmoo Group

Anti-Forensics for Fun and Privacy

Alissa Gilbert

Hacking Democracy: On Securing an Election

Casey Ellis, Tod Beardsley, Kimber Dowsett, Jack Cable, and Amelie Koran (moderator)

1815 Registration Closes
2100 Saturday Night Party

Sunday, February 02, 2020
Time Build It! Belay It! Bring it On!
0930 Registration Opens
A Wireless Journeyman’s Experience in Practical SIGINT

Russell Handorf

Adversary Detection Pipelines: Finally Making Your Threat Intel Useful

Xena Olsen

Crossing the Border With Your Electronic Devices

Kurt Opsahl and Bill Budington

Knowing the UnFuzzed and Finding Bugs with Coverage Analysis

Mark Griffin

Real World Zero Trust Implementation

Mark Loveless

Playing the Short Game: The Effects of Data Breaches on Share Prices

Chaim Sanders

The Verilog to Verilog Decompiler

Katie Liszewski

Project Everest: Fast, Correct, and Secure Software for Deployment Now!

Jonathan Protzenko and Nikhil Swamy

Hack the Stars

Yacko, Wacko, and Dot

Between Two Moose

Kiersten Todt, Matt Blaze, Beetle, and Bruce Potter (interviewer)


Closing Remarks

1500 End of Con – See You Next Year!