Misc story time:
tldr: I've been collecting security conference stickers for 20+ years and just now got around to using them ¯\_(ツ)_/¯

I'm not the kind of person to put stickers on my laptop. This means that for 23 years (apparently), when I got stickers from a conference, I kept them, put them in a bag, moved them from house-to-house, but never actually did anything with them. Until now.

I finally found a usage; which is decorating the otherwise-sketchy-looking metal ammo case which @VeronicaKovah & I are now using to carry phones with us to trainings. We watched some videos on youtube that make it seem like those LiPo fire-protection bags would do a whole lot of not-much in the event that a fire broke out on one of the batteries. But a simple metal box seemed to do a lot better in terms of containing the flames.

So we of course expect that airport security will always stop us when traveling with them (though at least this time our TSA pre-check status seemed to give us a pass on the way out). But the expectation is that contrary to what you might thing, adding hacking conference stickers will actually be disarming, rather than alarming, with security personnel - at least when compared to the alternative of seeing a raw ammo canister ;)

The oldest sticker seems to be from DEF CON 10 (X), circa 2002 (my first DEF CON was 8 FWIW). In general I don't seek out stickers, but I do think the BadBIOS and "I want to believe" ones are things I probably got from Joe Fitz as they were of-the-moment and relevant to my interests. (If you're not familiar with the latter, it's from a very FUDish cover article [1]). I could have completely filled them, but I left a little bit of space for the future. Check out the larger pics for a potential stroll down memory lane. (RIP Shmoocon, Hackademic.info, NoSuchCon. Memento mori conference organizers ;))

#DEFCON, #BlackHat, #ShmooCon, #BlueHat, #RingZer0, #HackLU, #HardwearIO, #DistrictCon, #HackFest, #NoSuchCon, #DeepSec, #HITB, #HackersOnTheHill

[1] https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

Another highly sought after item! A badge from the last year of #ShmooCon

https://www.ebay.com/itm/357387363700

#charityauction #defcon33 #blackhat #bsideslv

Finally getting around to something I’ve always wanted to do. Fix the @ShmooCon videos for 2008, 2009, and 2010. Each talk is a series of many small video files.

Because I’m in the process of transcoding to AV1 and adding captions to #ShmooCon, I’m finally going to manually join all the individual pieces to create a single video file per talk.

I usually don’t do this kind of work for conferences that can’t do it themselves, but I like ShmooCon and they had their final year last year. I want to pay them homage by creating a complete collection of their talks in time to include it on the #infocon.org data duplication village hard drive at #DEFCON this year.

Tune in Monday when I'll be reminiscing on #ShmooCon and #hacker culture with the wonderfully entertaining founders Heidi and Bruce Potter! So glad I was able to attend the 20th and final con!

@ShmooCon

Subscribe here:
https://firewallsdontstopdragons.com/podcast/

My gargantuan presentation about Cold War attacks and intrusions into our intelligence apparatus has now been published. If you didn't catch it at #ShmooCon or #CackalackyCon now you can view it here...

https://youtu.be/-Z_Jv7vuiqg

Enjoy! 👍😁👍

Video of my #shmoocon 2025 talk is up!

Building and Hacking USB with FPGAs

https://archive.org/details/shmoocon2025/ShmooCon2025-Michael+Ossmann-Building+and+Hacking+USB+with+FPGAs.mp4

The video from my #ShmooCon talk, The Cost of an Incident, is now live!

https://archive.org/details/shmoocon2025/ShmooCon2025-Amanda+Draeger-The+Cost+of+an+Incident.mp4

It covers some of the lessons we've learned at from cyber insurance claims about why some incidents are more expensive than others, and what organizations can do about it.

(my apologies that I keep disappearing, the A/V crew isn't used to keeping up with someone wandering around the stage)

OK, this is one of the most fun pieces I've written in a long time, partially because of the boffo #shmoocon talk that Russ Hanford gave, which inspired me to write it.

Thanks not only to @Dntlookbehindu, but also @ThomLangford of @rapid7 and Deepen Desai of @threatlabz for their insights.

Tricking the bad guys: realism and robustness are crucial to deception operations
https://www.csoonline.com/article/3808813/tricking-the-bad-guys-realism-and-robustness-are-crucial-to-deception-operations.html