Presented at
DEF CON 19 (2011),
Aug. 7, 2011, 3 p.m.
(50 minutes).
There are many similarities between professional hackers and professional magicians. Magicians are experts in creating deception, and these skills can be applied when penetrating a network. The author, with 30 years experience in both security and magic, will explain the basic principles and theories magicians that use to create illusions. This includes definitions of magic terms such as gaff, gimmick, fake, stooge, feint, sleight, bluff, timing, and different types of misdirection. It will be shown that all of these techniques apply to hacking as well. A scenario is presented where normal hacking techniques would be detected and information theft is prevented. The only solution is to use deception and trickery.
Presenters:
-
Bruce Barnett / Grymoire
as Bruce "Grymoire" Barnett
Bruce "Grymoire" Barnett has been a scientist at a large Fortune 50 company for 25 years, with a focus on security and advanced algorithms. Some of the tools, developed for military contractors, dealt with attack trees and vulnerability chains (NOOSE – Networked Object-Oriented Security Examiner). Other projects include data provenance, steganography, key management algorithms for sensor networks, and advanced network analysis. He has also written several tutorials on Unix shell scripting, and Google ranks his Sed tutoral as #1. Bruce has been a part-time professional magician for 35 years, and belongs to societies such as the International Brotherhood of Magicians, and the Society of American Magicians. He currently runs several forums exclusively for magicians, such as the Electronic Grymoire, and the Shadow Network.
Twitter: @grymoire
Facebook: http://www.facebook.com/home.php#!/profile.php?id=1593769945&v=info
Links:
Similar Presentations: