2015 AppSecUSA 2015 - Wait wait... dont pwn me!
-
Upload
mark-miller -
Category
Technology
-
view
421 -
download
3
Transcript of 2015 AppSecUSA 2015 - Wait wait... dont pwn me!
![Page 3: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/3.jpg)
#DontPwnMe
The Rules for Wait Wait… don’t pwn me!
Each correct answer to the initial question is worth 3 points
A wrong answer subtracts 2 points
A pass on a question loses 1 point
A correct answer from an audience member gets allocated 2 points
to the panelist of their choice
3
![Page 4: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/4.jpg)
#DontPwnMe
The Rules for Wait Wait… don’t pwn me!
The moderator may arbitrarily give or take away points at any time
![Page 5: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/5.jpg)
#DontPwnMe
Online News Resources
Pandodaily
Forbes
Brian Krebs
Hacker News
Gizmodo
John McAfee
Ars Technica
Wired
Swift on Security
FBI/CIA/NSA
WSJ
Kim Zetter
TechCo
The Verge
![Page 7: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/7.jpg)
#DontPwnMe
Round One
7
Swift on Security
![Page 8: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/8.jpg)
#DontPwnMe
According to Taylor Swift…
How does OS X connect to the internet?
![Page 10: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/10.jpg)
#DontPwnMe
According to Taylor Swift…
“Cyber war doesn’t determine who is right…”What does it determine?
![Page 12: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/12.jpg)
#DontPwnMe
According to Taylor Swift…
“If Linux is about choice, how come it never let’s me run… <what> ”
![Page 16: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/16.jpg)
#DontPwnMe
According to McAfee…
“During my first 100 days in office, I will ask congress to replace the phrase "In God We Trust" with… <what>”
![Page 18: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/18.jpg)
#DontPwnMe
According to McAfee…
Support for my "Hack the planet" platform has been so strong, I'm proposing we change the pledge from "under God" to with… <what>”
![Page 20: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/20.jpg)
#DontPwnMe
According to McAfee…
What makes McAfee giggle like a 12 year old?
Hint: It’s a type of security test
![Page 22: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/22.jpg)
#DontPwnMe
According to McAfee…
Who has John McAfee asked to be his running mate?
![Page 25: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/25.jpg)
#DontPwnMe
Strange but true…
We’ve already done the John McAfee section, so I don’t know where else to go from there.
![Page 26: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/26.jpg)
#DontPwnMe
What’s Wired with Kim Zetter
![Page 27: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/27.jpg)
#DontPwnMe
What’s Wired with Kim Zetter
A vulnerability discovered in a popular remote management system used by thousands of businesses to manage employee mobile phones would allow an attacker to <what>?
![Page 29: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/29.jpg)
#DontPwnMe
How much is estimated to be extorted from ransomware victims each year?
$1 million$5 million$10 million
![Page 31: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/31.jpg)
#DontPwnMe
What’s Wired with Kim Zetter
How can you find out if the NSA or GCHQ spied on you?
![Page 33: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/33.jpg)
#DontPwnMe
What’s Wired with Kim Zetter
In what year did a Russian spy gang start hijacking satellite links?
![Page 35: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/35.jpg)
#DontPwnMe
What’s Wired with Kim Zetter
From the date the data from the Ashley Madison hack was posted, how many days was it before the CEO resigned?
![Page 38: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/38.jpg)
#DontPwnMe
Bluff the Audience
Two 10 year old girls in Stratford, WA did what as part of a science project?
• Built a homemade clock and took it to school• Used a weather balloon to launch R2D2 Lego into space• Hacked into local TicketMaster computer
![Page 40: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/40.jpg)
#DontPwnMe
Bluff the Audience…
The kid that was arrested for bringing a homemade clock to school in Texas was wearing what kind of t-shirt when he was busted?• Hack the Planet• Eat More Bacon• Maker Faire 2015
![Page 42: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/42.jpg)
#DontPwnMe
Bluff the Audience
The Kardasians released a new app last month. What does the app do?
• Allow subscribers to track the sisters in real time• Auto shoots selfie every 15 minutes• Inserts a unique smilie face when you email
![Page 43: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/43.jpg)
#DontPwnMe
I don’t know.
Who the f*ck cares?
![Page 45: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/45.jpg)
#DontPwnMe
Krebs on Security
What is the name of the team who claims they hacked Ashley Madison?
![Page 47: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/47.jpg)
#DontPwnMe
What does the LizardSquad attack tool do?
![Page 49: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/49.jpg)
#DontPwnMe
What internal security technique was used to stop attackers from gaining access to all Target cash registers?
![Page 51: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/51.jpg)
#DontPwnMe
Audience Limerick Challenge
![Page 52: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/52.jpg)
#DontPwnMe
Audience Limerick Challenge
“When I think of something so thrillingAs a concept that’s well worth it's drilling,I talk to my minions, who have strong opinions On infosec, so un****…”
Taylor Swift
![Page 54: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/54.jpg)
#DontPwnMe
Audience Limerick Challenge
“There once was a general who scared usGiving his mistress info she shared up.The case is now done, and he's basically won.With a 40,000 dollar fine for …”
![Page 57: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/57.jpg)
#DontPwnMe
Final Round…
How much more?
![Page 60: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/60.jpg)
#DontPwnMe
How much money was stolen and in what currency?
![Page 66: 2015 AppSecUSA 2015 - Wait wait... dont pwn me!](https://reader034.fdocuments.net/reader034/viewer/2022042619/58ab93781a28abe3188b5431/html5/thumbnails/66.jpg)
#DontPwnMe
Get a copy of the slides for this
show immediately…