Old-School Pocket Schedule for Black Hat USA 2013

www.khanfu.com

Black Hat USA 2013 - Wednesday, July 31

09:00	Alexander	KEYNOTE - DAY ONE
10:15	Young	MAINFRAMES: THE PAST WILL COME BACK TO HAUNT YOU
	Weinmann	BLACKBERRYOS 10 FROM A SECURITY PERSPECTIVE
	Bolshev, Chastuhin	WITH BIGDATA COMES BIG RESPONSIBILITY: PRACTICAL EXPLOITING OF MDX INJECTIONS
	Wang, Xu	NEW TRENDS IN FASTFLUX NETWORKS
	Prince	LESSONS FROM SURVIVING A 300GBPS DENIAL OF SERVICE ATTACK
	Reidy	COMBATING THE INSIDER THREAT AT THE FBI: REAL WORLD LESSONS LEARNED
	Dudley	BEYOND THE APPLICATION: CELLULAR PRIVACY REGULATION SPACE
	Gorenc, Spelman	JAVA EVERY-DAYS: EXPLOITING SOFTWARE RUNNING ON 3 BILLION DEVICES
	McNamee	HOW TO BUILD A SPYPHONE
	Bathurst, Carey	METHODOLOGIES FOR HACKING EMBEDDED SECURITY APPLIANCES
10:45	Saxe	CROWDSOURCE: AN OPEN SOURCE, CROWD TRAINED MACHINE LEARNING MODEL FOR MALWARE CAPABILITY DETECTION
	Hofmann, Opsahl	LEGAL CONSIDERATIONS FOR CELLULAR RESEARCH
11:45	Abad, Acevedo, Soeder	BLACK-BOX ASSESSMENT OF PSEUDORANDOM ALGORITHMS
	Blanchou	SHATTERING ILLUSIONS IN LOCK-FREE WORLDS: COMPILER/HARDWARE BEHAVIORS IN OSES AND VMS
	O'Flynn	POWER ANALYSIS ATTACKS FOR CHEAPSKATES
	Nixon	DENYING SERVICE TO DDOS PROTECTION SERVICES
	Hofmann	WHAT SECURITY RESEARCHERS NEED TO KNOW ABOUT ANTI-HACKING LAW
	Davi, Snow	JUST-IN-TIME CODE REUSE: THE MORE THINGS CHANGE, THE MORE THEY STAY THE SAME
	Bazhaniuk, Bulygin, Furtak	A TALE OF ONE SOFTWARE BYPASS OF WINDOWS 8 SECURE BOOT
	Daigniere	TLS 'SECRETS'
	Grossman, Johansen	MILLION BROWSER BOTNET
12:15	Aumasson	PASSWORD HASHING: THE FUTURE IS NOW
	Masse	DENIAL OF SERVICE AS A SERVICE - ASYMMETRICAL WARFARE AT ITS FINEST
14:15	Geffner	END-TO-END ANALYSIS OF A DOMAIN GENERATING ALGORITHM MALWARE FAMILY
	Jungles, Simos	PASS THE HASH AND OTHER CREDENTIAL THEFT AND REUSE: MITIGATING THE RISK OF LATERAL MOVEMENT AND PRIVILEGE ESCALATION
	Radcliffe	FACT AND FICTION: DEFENDING YOUR MEDICAL DEVICES
	Hui, Lee, Miu	UNIVERSAL DDOS MITIGATION BYPASS
	Clark	LEGAL ASPECTS OF FULL SPECTRUM COMPUTER NETWORK (ACTIVE) DEFENSE
	Butterworth, Kallenberg, Kovah	BIOS SECURITY
	DePerry, Rahimi, Ritter	I CAN HEAR YOU NOW: TRAFFIC INTERCEPTION AND REMOTE MOBILE PHONE CLONING WITH A COMPROMISED CDMA FEMTOCELL
	Blaze, Davidson, Kahle, Valentino-DeVries	LAWFUL ACCESS PANEL
	Levomäki, Niemi	EVADING DEEP INSPECTION FOR FUN AND SHELL
	Esparza	PDF ATTACK: A JOURNEY FROM THE EXPLOIT KIT TO THE SHELLCODE
15:30	Patnaik, Sahoo	JAVASCRIPT STATIC SECURITY ANALYSIS MADE EASY WITH JSPRIME
	Just, Li, Li, Nguyen	HOW TO GROW A TREE (TAINT-ENABLED REVERSE ENGINEERING ENVIRONMENT) FROM CBASS (CROSS-PLATFORM BINARY AUTOMATED SYMBOLIC-EXECUTION SYSTEM)
	MacPherson, Temmingh	MALTEGO TUNGSTEN AS A COLLABORATIVE ATTACK PLATFORM
	Chittenden, Gomes	UNTWINING TWINE
	Brodie, Shaulov	A PRACTICAL ATTACK AGAINST MDM SOLUTIONS
	Geffner	TOR... ALL-THE-THINGS!
	Christey, Martin	BUYING INTO THE BIAS: WHY VULNERABILITY STATISTICS SUCK
	Akhawe	CLICKJACKING REVISITED: A PERCEPTUAL VIEW OF UI SECURITY
	Porter, Smith	LET'S GET PHYSICAL: BREAKING HOME SECURITY SYSTEMS AND BYPASSING BUILDINGS CONTROLS
16:00	Gupta	LTE BOOMS WITH VULNERABILITIES
	Pironti, Smyth	TRUNCATING TLS CONNECTIONS TO VIOLATE BELIEFS IN WEB APPLICATIONS
	Cole	OPSEC FAILURES OF SPIES
17:00	Barnett, Wroblewski	THE WEB IS VULNERABLE: XSS DEFENSE ON THE BATTLEFRONT
	Sumner, Wald	PREDICTING SUSCEPTIBILITY TO SOCIAL BOTS ON TWITTER
	Calhoun, Hanif, Trost	BINARYPIG - SCALABLE MALWARE ANALYTICS IN HADOOP
	Lee, Yee	SMASHING THE FONT SCALER ENGINE IN WINDOWS KERNEL
	Stone	PIXEL PERFECT TIMING ATTACKS WITH HTML5
	Nohl	ROOTING SIM CARDS
	Allodi, Massacci	HOW CVSS IS DOSSING YOUR PATCHING POLICY (AND WASTING YOUR MONEY)
	Thomas	HIDING @ DEPTH - EXPLORING, SUBVERTING AND BREAKING NAND FLASH MEMORY
	Jang, Lau, Song	MACTANS: INJECTING MALWARE INTO IOS DEVICES VIA MALICIOUS CHARGERS
	Opsahl	TOWN HALL MEETING: CFAA REFORM STRATEGY
17:30	Haruyama, Suzuki	MALICIOUS FILE FOR EXPLOITING FORENSIC SOFTWARE

Black Hat USA 2013 - Thursday, August 1

09:00	Muirhead	KEYNOTE - TAKE RISK, DON’T FAIL
10:15	Kennedy, Muttik	CMX: IEEE CLEAN FILE METADATA EXCHANGE
	Campbell, Duckwall	PASS-THE-HASH 2: THE ADMIN'S REVENGE
	Peck	ABUSING WEB APIS THROUGH SCRIPTED ANDROID APPLICATIONS
	Wilhoit	THE SCADA THAT DIDN'T CRY WOLF- WHO'S REALLY ATTACKING YOUR ICS DEVICES- PART DEUX!
	Roth	MOBILE ROOTKITS: EXPLOITING AND ROOTKITTING ARM TRUSTZONE
	Barisani, Bianco	FULLY ARBITRARY 802.3 PACKET INJECTION: MAXIMIZING THE ETHERNET ATTACK SURFACE
	Ryan	BLUETOOTH SMART: THE GOOD, THE BAD, THE UGLY, AND THE FIX!
	Fouladi, Ghanoun	HONEY, I’M HOME!! - HACKING Z-WAVE HOME AUTOMATION SYSTEMS
	Ptacek, Ritter, Samuel, Stamos	THE FACTORING DEAD: PREPARING FOR THE CRYPTOPOCALYPSE
10:45	Jakobsson, Stewart	MOBILE MALWARE: WHY THE TRADITIONAL AV PARADIGM IS DOOMED AND HOW TO USE PHYSICS TO DETECT UNDESIRABLE ROUTINES
	Arpaia, Barry	BIG DATA FOR WEB APPLICATION SECURITY
11:45	Coldwind, Jurczyk	BOCHSPWN: IDENTIFYING 0-DAYS VIA SYSTEM-WIDE MEMORY ACCESS PATTERN ANALYSIS
	Brunschwiler	ENERGY FRAUD AND ORCHESTRATED BLACKOUTS: ISSUES WITH WIRELESS METERING PROTOCOLS (WM-BUS)
	Shekyan, Shema, Toukharian	DISSECTING CSRF ATTACKS & COUNTERMEASURES
	Chiu, Kan, Wu, Yarochkin	HUNTING THE SHADOWS: IN DEPTH ANALYSIS OF ESCALATED APT ATTACKS
	Grattafiori, Yavor	THE OUTER LIMITS: HACKING THE SAMSUNG SMART TV
	Davis	REVEALING EMBEDDED FINGERPRINTS: DERIVING INTELLIGENCE FROM USB STACK INTERACTIONS
	Kohlenberg, Shkatov	UART THOU MAD?
	Forristal	ANDROID: ONE ROOT TO OWN THEM ALL
	Costello, Cui, Stolfo	STEPPING P3WNS: ADVENTURES IN FULL-SPECTRUM EMBEDDED EXPLOITATION (AND DEFENSE!)
14:15	Albuquerque, Espinhara	USING ONLINE ACTIVITY AS DIGITAL FINGERPRINTS TO CREATE A BETTER SPEAR PHISHER
	Bu, Singh	HOT KNIVES THROUGH BUTTER: BYPASSING AUTOMATED ANALYSIS SYSTEMS
	Healey	ABOVE MY PAY GRADE: CYBER RESPONSE AT THE NATIONAL LEVEL
	Salgado	') UNION SELECT `THIS_TALK` AS ('NEW OPTIMIZATION AND OBFUSCATION TECHNIQUES’)%00
	Forner, Meixell	OUT OF CONTROL: DEMONSTRATING SCADA DEVICE EXPLOITATION
	Sevinsky	FUNDERBOLT: ADVENTURES IN THUNDERBOLT DMA ATTACKS
	Pericin, Vuksan	PRESS ROOT TO CONTINUE: DETECTING OSX AND WINDOWS BOOTKITS WITH RDFU
	Kershaw, Ossmann, Spill	WHAT'S ON THE WIRE? PHYSICAL LAYER TAPPING WITH PROJECT DAISHO
	Jack	IMPLANTABLE MEDICAL DEVICES: HACKING HUMANS
	Grand	JTAGULATOR: ASSISTED DISCOVERY OF ON-CHIP DEBUG INTERFACES
15:30	O'Connor	CREEPYDOL: CHEAP, DISTRIBUTED STALKING
	Williams	POST EXPLOITATION OPERATIONS WITH CLOUD SYNCHRONIZATION SERVICES
	Raber	VIRTUAL DEOBFUSCATOR - A DARPA CYBER FAST TRACK FUNDED EFFORT
	Fiterman	IS THAT A GOVERNMENT IN YOUR NETWORK OR ARE YOU JUST HAPPY TO SEE ME?
	Apa, Penagos	COMPROMISING INDUSTRIAL FACILITIES FROM 40 MILES AWAY
	Brown	RFID HACKING: LIVE FREE OR RFID HARD
	Gluck, Harris, Prado	SSL, GONE IN 30 SECONDS - A BREACH BEYOND CRIME
	Heffner	EXPLOITING NETWORK SURVEILLANCE CAMERAS LIKE A HOLLYWOOD HACKER
	Lee	HACKING, SURVEILLING, AND DECEIVING VICTIMS ON SMART TV
17:00	Quynh	OPTIROP: HUNTING FOR ROP GADGETS IN STYLE
	Pinto	DEFENDING NETWORKS WITH INCOMPLETE INFORMATION: A MACHINE LEARNING APPROACH
	Keltner, Thomas	TERIDIAN SOC EXPLOITATION: EXPLORATION OF HARVARD ARCHITECTURE SMART GRID SYSTEMS
	Cesare	BUGALYZE.COM - DETECTING BUGS USING DECOMPILATION AND DATA FLOW ANALYSIS
	Radocea, Wicherski	HACKING LIKE IN THE MOVIES: VISUALIZING PAGE TABLES FOR LOCAL EXPLOITATION
	Bryan, Crowley, Savage	HOME INVASION V2.0 - ATTACKING NETWORK-CONTROLLED HARDWARE
	Osborn, Ossmann	MULTIPLEXED WIRED ATTACK SURFACES
	Nakibly	OWNING THE ROUTING TABLE - PART II
	James, Krebs	SPY-JACKING THE BOOTERS

Instructions

This "Old School" schedule is an automatically-generated evolution of a manually-generated hack Darth Null has been using at ShmooCon since 2007. It won't work too well for a large conference, like DEFCON, but for smaller events like ShmooCon or BlackHat DC, it might be useful.

Simply print this out at whatever scale is most helpful to you. For example, for ShmooCon: print at 65%, fold Friday and Sunday back behind Saturday, and laminate, for a two-sided 3" x 4" card that you can keep in your shirt pocket.