Here are a few photos of the presentation by the NOC at Def Con 27 (2019). But first here is may favorite non-focused photo as it says a lot:
Please fell free to do what you want with these notes. I go to sessions so you don't have to.
I recently updated to a newer version (same form factor) -- the Acer C720-3605. I had originally ordered the Acer C720-3404 (which is the Canadian version), but ended up with the U.S. version: C720-3605. They appear at least on the specification pages on Acer to be exactly the same other than model number (PDF spec analysis). I might have missed something so if there is a difference then please let me know.
The main reasons for upgrading:
- Improved Performance (faster processor with dual-core)
- Additional RAM (4-GB vs. 2-GBs)
- Better HDMI output (for hooking up to a large monitor @ my home desk).
- More Local Storage (32-GBs vs. 16-GBs -- excellent for watching more digital content)
- Needed a another computer @home for my daughter to use
Here are some stats using Octane 2.0 test:
While I wasn't having any real performance issues with the 2802-series, I've found that I can experience the difference in browsing and streaming media with the 3605-series. The hardware updates are definitely an improvement in real world usage from my perspective.
All-in-all I have been very happy with Chrome OS and these two Chromebooks (the old one is now my daughter's main system). For me the key selling points: great battery (more than 8 hours); excellent small form factor; responsive & comfortable keyboard; integration with Google services; and the simple OS updates & patches.
I look forward to using it again as my main note taking system for DEFCON 23.
You can order your own via this Amazon Acer C720-3605 link or this Amazon Acer C720-3404 link. Prices seem to be all over the board so make sure you are comfortable with ordering the right model number at the right price.
Listen! (Size 2.12 MBs, Running Time 2m10s)
Today's podcast is inspired by the Dog Days Of Podcasting (#DDOP). It is a single focus recommendation on why I have NMAP in my security toolkit and why you should consider it.
We have a detailed report (PDF) from the sessions attended if you are interested. Just drop us an email to get the full report or a request via message on Twitter. A podcast summary is planned but not promised at this time.
Things that we are "worried about" from an Enterprise computing perspective:
- Social Engineering against users is like a hot knife cutting butter. Only defense seems to be training and awareness. Traditional information assurance (IA) protections: virus scanning, IDS, firewall, etc are not effective.
- You can't secure what you don't manage.
- Basic system administration tools and infrastructure services in the Microsoft Windows world can be used for evil: PowerShell, .NET, DNS, browsers, PKI, and SCOM.
- USB is not your friend.
- Mobile computing and Bring Your Own Device (BYOD) are really not your friend.
- Cloud computing could be your friend but probably won't.
- Developers writing code for an organization without a security focus is just asking for trouble.
- If you think your stuff is secure just because you have it behind a lock and a key you are in denial.
- In a year or less, penetration testing is going to include inexpensive mobile assault options via semi-autonomous very-small drones and robots.
DEFCON 19 was in Las Vegas, NV from August 4-5, 2011. This yearly computer network security and hacker conference is full of cutting-edge research, detailed demos, awesome presentations, and a lot of partying. The podcast coverage was pretty good also. Here are my recommendations:
- Network Security Podcast
- Southern Fried Security Podcast: #59 Defcon Review
- Social-Engineer.Org: Live at Defcon 19
- PaulDotCom Security Weekly - Episode 254 Part 2 (08-11-2011) [wiki]
- Exotic Liability: #78 Con-dom
- Eruo-Trash Information Security Podcast
If you are interested in hearing my thoughts about DEFCON 19 then check out the PaulDotCom.com podcast (08-11-2011). I am the boring "IT Guy" trying to avoid the topic of "hot" women visiting the PaulDotCom.com booth. If you'd like to see a copy of my notes (13+ pages) then drop me a personal email to: "s h o l d e n @pobox.com."
- MacCast 2011-07-26: Review of Apple Mac OS X Lion Release (News, Tips & Tricks)
- Author Debriefing (August 16, 2011) - The Triple Agent: The al-Qaeda Mole Who Infiltrated the CIA
- Southern Fried Security Podcast: Interview with Andy Ellis @CSOAndy [#58] & Interview with Rich Mogull [#57]
- IT Pro Show by Same3Guys: Detailed look at OpenStack
- KPBS Midday Edition: Social Media - Can It Keep You From Getting A Job?
- This Week In Google (TWIG) #108: Excellent coverage of the Google & Motorola News
TECH NEWS RADIO PODCAST #372 | 2011-08-20 | Browser Phishing, National Cyber Range & Microphone Hijack
Listen! (Size 2.9 MBs, Running Time 2m57s)
Today's podcast examines three stories about computer network security:
- New browser tab and window phishing attack threats.
- Barry Rosenber at Federal Computer Week examines DARPA's National Cyber Range plans.
- Tim Wilson at DarkReading.com has coverage of new microphone hijacking attack options.
The following is a summary of @technewsradio posts to Twitter:
- ASIS Bookstore (security pro organization) has announced over 26 new books via their online store
- SWFTools is a collection of open source utilities for working with Adobe Flash files (SWF files)
- Amazon online cloud services has a bunch of demos available - including Travel Log (Sample Java Web Application)
- Google has fixed a SketchUp 8 "dreaded shadow bug"
- Franklin Covey's PlanPlus for Outlook (version 7) is now on sale for $80 (vice $100)
- Looking for a open source mind mapping tool? Then check out Free Mind
- Microsoft Press has announced 3 more books in their Step By Step series: Microsoft Word 2010, Excel 2010 & Project 2010
- Wired.com has an interesting article "Wired—Geek Power: Steven Levy Revisits Tech Titans, Hackers, Idealists"
- Listening to "A Witness to a the Egyptian Revolution" by Doug Kaye (Executive Director, The Conversations Network) via http://bit.ly/i35GC7Delete
- Per Kevin Devin at FriendsInTech.com - A good tool for finding Creative Commons (CC) images on Flickr is here http://bit.ly/gOtgMPDelete
- the Microsoft & Nokia deal seems to leave HP WebOS, BlackBerry, and Intel out of the loop with Apple (#2) & Android (#1) being top dogsDelete
- red5 is an open source audio/video (FLV & MP3) server that also supports H.264
- Steven Levy's classic "Heroes of the Computer Revolution" has a new 25th Anniversary Edition
Listen! (Size 3.1 MBs, Running Time 3m04s)
Today's podcast is a couple of tech tidbits that examine recent news from Amazon S3 with regards to:
- Reduced Redundancy Storage (RRS);
- Amazon Cloudfront HTTP & HTTPS; and
- S3 Bucket Services (via ReadWriteWeb).