Re: RockyCon '05 - a report

[J B <kybrdcowboy () gmail com>]

Are there any sites or places I can find out more about this
conference? Also is there any more info available about the new
nachOS? Would love to know more.

Thanks

J

On 7/5/05, antoheri () hushmail com <antoheri () hushmail com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> RockyCon '05
> ============
>
> What follows is an eyewitness account of a con that has set new
> standards for every other con out there. The largest underground
> party ever thrown on the face of this planet. RockyCon 2005.
>
> On July 1st a massive contingent of blackhats, sellouts and
> ex-cons landed in an undisclosed location in the deep woodlands
> of Michigan. Meaning, American flags, Jesus is Lord t-shirts, and
> promises of hell on bumperstickers for various activities ranging
> from coathanger gymnastics to sodomy. Friday's pre-con activities
> included stealing microwaves from renowned martial arts experts,
> the unveiling of nachOS..an injectable mini-OS that looks like it'll
> raise the bar on backdooring standards, and a handson sigint
> workshop
> involving a rather impressive display of boys-will-be-boys
> mentality within the global intelligence community.
>
> Allthough the specifics of the main event are still somewhat clouded
> in a haze of pigfat and alcohol, I'll try my best to recapture
> the essentials. After being transported from the pick up point
> to said undisclosed location, we were introduced to Marty the Pig.
> Marty the pig was originally intended to alert the con organisation
> of any intrusion attempts. But due to it's high rate of false
> positives we got sick of Marty fairly quickly, so we
> decided Marty'd serve better as the main focus for the con's 'deep
> auditing' track, at the end of which we were left with 150 pounds
> of pig, stuffed with chicken and brattwurst, and plenty of bugs.
> Also,
> vegans suck.
>
> It took about 7 hours for Marty to cook, during which everyone
> chipped in to set the stage for the main event. Tent
> pitching techniques were pioneered and implemented, tables set up
> , and presentations prepared. Then we peeled garlic for 4 hours.
> Which,
> I have to say, was very zen. As dusk set in, the firepit was lit
> and it
> was time for RockyCon to go into full swing.
>
> One of the main tracks focused on 'secure by default cap settings in
> trusted computing environments', and
> introduced something that was described as the 'bottle lever'
> technique.
> After everyone had a go, the true potential of these advances in cap
> abuse became quite apparent and it didn't take long before a bunch
> of
> people applied it in the wild with an overwhelming successrate. The
> presenter of this track was later credited with advancing the art of
> default anti-bush tirades, egged on by a Kevin Smith look and act-
> alike
> dubbed 'Silent Rob'. He also got shot down by the chick with the
> nipple
> bling, even after hooking her up with a personal demo of blever.c.
> Poor
> guy.
>
> There were several sidetracks, presented on a massive projection
> screen
> which provided a nice contrast with the surrounding woodland.
> Highlights
> here involved a variety of zombie-flicks and listening to Eric Hines
> explain how he had a patch and that it wasn't the crypto over a
> trance
> soundtrack. Followed by the chick with the nipple bling busting
> into a
> "USA, USA.." chant combined with a slow-clap. Advances right there.
>
> Then of course there was the axe-throwing track (aimed at showing
> how
> robust the firedoor implementation was in preparation for Sunday's
> demonstration). The getting-abso-fucking-shitfaced track was the
> most
> popular track of the evening, which resulted in a lot of drunken
> gorging
> involving smores and pigmeat. Someone even got pregnant apparently.
>
> After mixing it up with the local research community the firepit was
> fired up some more, and there was a massive cumbayah-vibe felt by
> all.
> Even by the emo-kid with the checkered shoes. Hours of massive
> drunkeness, ethics roundtables, various interesting phonecalls to
> pillars of the hacker community, toad appreciation, and lugging a
> 5000 pound cooler back to the hotel for no apparent reason, later,
> it was time to turn in and put out.
>
> The mornings at RockyCon consistently featured a massive display of
> farting, swearing, and cognac bottle holding by AcidReflux. His
> strong
> teeth and jaws were also impressive.
>
> Thus came the 3rd day of RockyCon. Sunday. This day was more
> focused on
> demos and got kicked off by sitting around severly hungover for a
> few
> hours wishing death would come quickly. But as our brains slowly
> re-hydrated it was time for a panel discussion involving an attack
> dog
> and Marty the Pig's head. It was concluded that attack dogs and
> pigheads
> go well together.
>
> As dusk set in, the last set of talks and demos got underway.
> Highlight
> of the evening was the FireDoor demo, which was presented with an
> utter
> disregard for the law. From the slides: 'the firedoor is a privately
> developed technique credited to GOBBLES Security, aimed at reaching
> high
> hanging fruit.' Very fruitful indeed. Followed by a demonstration
> by the
> con's organiser in log maintenance and corn-shell techniques. Then
> there
> was more drinking rounded out with an aluminium smelting class.
>
> Also demonstrated was the reliable exploitation of a new bugclass
> dubbed
> 'malloting'. Many bugs were squashed in the process and penetration
> was
> tested succesfully. Then followed the extreme sports demo where
> again it
> seemed as the guy was lacking any reverence for the law, and burned
> it
> up on a skateboard.
>
> RockyCon was officially closed by a ritual burning and the looping
> of an
> inhouse musical production leaked from a large security company.
> There
> was dancing and firewalking. Ultimately resulting in a fire that
> only got more pissed off when you threw water on it. Luckily we had
> a pitmaster who wielded a pitchfork with complete disregard for the
> law to keep the inferno at bay.
>
> Many thanks to Rocky for throwing one fuck of a party.
>
> Here's some quotes:
> ===================
>
> "(-after throwing up violently-) Anyone wanna kiss me? :D"
>
> "String is like..loads of fun" ... "*ouch* Strings are dangerous!"
>
> "It's too bad your dog is a souless killer, otherwise we might be
> able
> to touch it"
>
> "Down Cujo, down"
>
> "Damn, this smells like aluminium hydroxide mixed with magnesium
> hydroxide and some simethicone."
>
> "(-2 attendees who shared a room-) Did you ever play spoons?" ...
> "Yeah,
> just last night, ya fuck."
>
> "o m g"
>
> "w t f"
>
> "(-to chick with nipple bling-) Dude you're totally wearing that to
> draw attention to your tits" ... "am not."
>
> "Yeah I founded that bonfire."
>
> "(-to local inhabitant of Dawson's creek like Town-) You do realise
> you're the Pacey to her Dawson, right?" .. "What did you call me!?"
>
> "If it's burning blue it means it's over 1500 degrees" ... "Hehe,
> look,
> it's blue :)"
>
> "You just called me gay didn't you?" ... "and retarded :D :D"
>
> "Oh no this isn't *****'s Microwave, I stole it from the martial
> arts
> place next door... :D"
>
> "(-between two people discussing how to drain blood from Marty-) I
> guess
> we could siphon the blood out." ... "or! if we elevated the pig I
> think we can use a tube and suck on it until the blood starts to
> come
> out, on like..an elevation" ... "dude..."
>
> Lessons learnt:
> ===============
>
> Throwing an axe at a firewall implementation is harder than it
> looks.
>
> Trying to make hippies in tie-dye shirts become aware of their
> surroundings is harder than it looks.
>
> Breaking a pig's backbone is harder than it looks.
>
> Shoving garlic into a pig's eyeball is harder than it looks.
>
> Trying to get rid of the enormous birds of prey attracted by burning
> pigfat on a +1500 degrees fire, is harder than it looks.
>
> Lifting 150 pounds of dead pig is harder than it looks.
>
> Trying to entice an attack dog to furiously attack a pig's head is
> harder than it looks.
>
> Writing demos that don't bluescreen Windows XP is harder than it
> looks.
>
> Trying to keep a drunk whitehat from cuddling up to you in the
> shared
> hotelroom is harder than it looks.
>
> Tricking the chick with the nipple bling to take you home is harder
> than
> it looks.
>
> Trying to piss off the local police force is harder than it looks.
>
> Trying to build fire with nothing but some chocolate and a soda can
> is
> harder than it looks.
> -----BEGIN PGP SIGNATURE-----
> Note: This signature can be verified at https://www.hushtools.com/verify
> Version: Hush 2.4
>
> wkYEARECAAYFAkLLP3UACgkQeHRnt5iEABzWcACff5ZIC4X2Xl6z9CqmfFly8tDxSJIA
> n2Zjs8HbDbZNRk0PJCsdscv10DuP
> =K+ha
> -----END PGP SIGNATURE-----
>
>
>
>
> Concerned about your privacy? Follow this link to get
> secure FREE email: http://www.hushmail.com/?l=2
>
> Free, ultra-private instant messaging with Hush Messenger
> http://www.hushmail.com/services-messenger?l=434
>
> Promote security and make money with the Hushmail Affiliate Program:
> http://www.hushmail.com/about-affiliate?l=427
>
> _______________________________________________
> Dailydave mailing list
> Dailydave () lists immunitysec com
> https://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave