Security Sense

Personal ramblings of a security professional

My DEF CON 26 Talk

Here is the video of my DEF CON 26 talk Wagging the Tail - Covert Passive Surveillance and how to make their life difficult.

I would like to thank Peter Jenkins at ISS Training Ltd for the use of some of his images within the talk.

His book, and its excellent content, allowed me to cover some lesser known techniques in covert surveillance that I was unsure were in the public domain and whether I was therefore able to publicly disclose them.

As I point out in my talk, it is impossible to cover the subject in detail in a 45 minute talk and for those that may want to learn more about surveillance I would highly recommend Peter’s book to fill in some of the blanks.

This can be purchased directly from his website

My DEF CON 26 roller coaster ride

2018-08-25 Simon

This year I decided to do something different for DEF CON 26. Firstly I had volunteered to be SOC Goon and had been accepted as a first year Noon with the task of proving myself worthy of the position.

Secondly I was persuaded by @Agent__X__ (over much whiskey) to submit a talk with him on surveillance. Now I have never spoken at a conference before and was aware that hundreds of more intelligent people than me apply each year, the majority of which are rejected, so I thought our chances were slim to none.

The first thing was to come up with a title for the talk and settled for Wagging The Tail - Covert Passive Surveillance and how to make their life difficult.

Submitting to the Call for Papers (CFP) Board is a easy process as long as you follow the simple rules, my thanks go to @Niki7a for ensuring this went smoothly. This was the beginning of March so all we had to do was wait until June 1st!!

On the 26th of May I received an email with a number of clarification questions that the CFP Board wanted answers to. It was getting very close to when they would start announcing accepted talks so I didn’t know whether this was a good or bad sign?

With questions answered and returned I then started seeing people tweeting their talk had been accepted over the next few days and by the 5th of June I though that we were going to be one of the unlucky ones, but then I woke on the 6th to find this is my inbox:

DEF CON talk acceptance email

Feelings of elation, surprise and a certain amount of trepidation as we now had to deliver to the world’s premier hacking conference (sorry @BlackHatEvents).

Over the next few days I continued to work on the slides and then the Speaker lineup was announced on the DEF CON website (https://www.defcon.org/html/defcon-26/dc-26-speakers.html#Si)

DEF CON confirmed list of speakers

So now it was there for all to see. Better finish the slides then!

I also spotted a post by the DEFCON201 Chapter on Medium where they had selected our talk as one on their list of those that stood out for them. In their words “These are just the talks that for us had something stand out, either by being informative, unique or bizarre. (Sometimes, all three!)”. The link is here

Time went quite quickly from that point on and before I knew it I was in Las Vegas. Now myself and Agent X hadn’t even been in the same room let alone the same country to be able to do a run through of the talk. This was interesting as our first attempt ran for 55 minutes, for a 45 minute slot. The proposed solution “drink Red Bull and talk quickly”.

The morning of the we talk we made our way to Speaker Ops in the Flamingo to book in. I had been feeling quite calm up to that point until they suggested we sneak into the back of the room for a look. The room was huge and full. Now for Agent X, as the previous Head of Speaker Ops, this was normal but for me it was a new experience.

I must complement the Speaker Goons and DEF CON for their professionalism and organisation as the laptop connected without a hitch and before I knew it I was doing my whiskey shot on stage as a first time speaker.

I think that the talk went well and people did applaud at the end which I hope was not just out of politeness. After questions in the Chillout area it was then back to Caesar’s to put on my red shirt and straight onto shift as a SOC Goon.

That in itself was a interesting experience. Firstly I need to thank the SOC Goons for their flexibility in allowing me time off from my shifts to be able to give the talk and to attend the Speaker’s Party and for making me feel welcome.

I am not going to write much about it hear sufficed to say I had an awesome time although I never once had to shout “make a hole”. I would especially like to thank Raoul for showing me the ropes although most of the time he was patrolling the roof pool or connecting to people’s badges with the special Goon dongle that he had which solved the puzzle.

Talking of badges, here are the two that now mean the most to me, my first Goon badge and my first (and probably last) Speaker’s badge.

DEF CON 26 Goon and Speaker badges

To say I enjoyed myself at DEF CON is an understatement. The unfortunate thing is that I have to wait another 12 months to see my new family again.