2015 AppSecUSA 2015 - Wait wait... dont pwn me!

Post on 22-Jan-2018

421 views 3 download

Transcript of 2015 AppSecUSA 2015 - Wait wait... dont pwn me!


Wait wait…Don’t pwn me!





The Rules for Wait Wait… don’t pwn me!

Each correct answer to the initial question is worth 3 points

A wrong answer subtracts 2 points

A pass on a question loses 1 point

A correct answer from an audience member gets allocated 2 points

to the panelist of their choice



The Rules for Wait Wait… don’t pwn me!

The moderator may arbitrarily give or take away points at any time


Online News Resources



Brian Krebs

Hacker News


John McAfee

Ars Technica


Swift on Security



Kim Zetter


The Verge


Round One


Swift on Security


According to Taylor Swift…

How does OS X connect to the internet?


According to Taylor Swift…

“Cyber war doesn’t determine who is right…”What does it determine?


According to Taylor Swift…

“If Linux is about choice, how come it never let’s me run… <what> ”


Speaking of McAfee…


According to McAfee…

“During my first 100 days in office, I will ask congress to replace the phrase "In God We Trust" with… <what>”


According to McAfee…

Support for my "Hack the planet" platform has been so strong, I'm proposing we change the pledge from "under God" to with… <what>”


According to McAfee…

What makes McAfee giggle like a 12 year old?

Hint: It’s a type of security test


According to McAfee…

Who has John McAfee asked to be his running mate?


Strange but true…

We’ve already done the John McAfee section, so I don’t know where else to go from there.


What’s Wired with Kim Zetter


What’s Wired with Kim Zetter

A vulnerability discovered in a popular remote management system used by thousands of businesses to manage employee mobile phones would allow an attacker to <what>?


How much is estimated to be extorted from ransomware victims each year?

$1 million$5 million$10 million


What’s Wired with Kim Zetter

How can you find out if the NSA or GCHQ spied on you?


What’s Wired with Kim Zetter

In what year did a Russian spy gang start hijacking satellite links?


What’s Wired with Kim Zetter

From the date the data from the Ashley Madison hack was posted, how many days was it before the CEO resigned?


Bluff the Audience

Two 10 year old girls in Stratford, WA did what as part of a science project?

• Built a homemade clock and took it to school• Used a weather balloon to launch R2D2 Lego into space• Hacked into local TicketMaster computer


R2D2 at 78,000 Feet


Bluff the Audience…

The kid that was arrested for bringing a homemade clock to school in Texas was wearing what kind of t-shirt when he was busted?• Hack the Planet• Eat More Bacon• Maker Faire 2015


Bluff the Audience

The Kardasians released a new app last month. What does the app do?

• Allow subscribers to track the sisters in real time• Auto shoots selfie every 15 minutes• Inserts a unique smilie face when you email


I don’t know.

Who the f*ck cares?


Krebs on Security

What is the name of the team who claims they hacked Ashley Madison?


What does the LizardSquad attack tool do?


What internal security technique was used to stop attackers from gaining access to all Target cash registers?


Audience Limerick Challenge


Audience Limerick Challenge

“When I think of something so thrillingAs a concept that’s well worth it's drilling,I talk to my minions, who have strong opinions On infosec, so un****…”

Taylor Swift


Audience Limerick Challenge

“There once was a general who scared usGiving his mistress info she shared up.The case is now done, and he's basically won.With a 40,000 dollar fine for …”


Final Round…

How much more?


How much money was stolen and in what currency?


How did they do it?


What’s the final score?


Thank You to the The Panel


Get a copy of the slides for this

show immediately…

