Presented at
DEF CON 32 (2024),
Aug. 10, 2024, 12:30 p.m.
(45 minutes).
An ex-employee's work laptop, a secret hardware prototype, the company backup server, and classified government computers. What do these things have in common? They should never end up on the public market. Ask any IT department and they'll tell you that "it happens", but how serious is the problem and what's really at stake? This talk explores the interesting journey of a research project to learn the surprising answers to these questions.
Along the way we'll scrape over 150 million images from online listings in Western and Eastern second hand markets, hack together an OCR cluster out of old iPhones, reverse engineer well-obfuscated Chinese apps, and converse with secretive underground groups of collectors.
Presenters:
-
Matthew "mandatory" Bryant
- Red Team Lead at Snapchat
mandatory (Mathew Bryant) is a passionate hacker currently leading the red team effort at Snapchat. In his personal time he’s published a variety of tools such as XSS Hunter, CursedChrome, and tarnish. His security research has been recognized in publications such as Forbes, The Washington Post, CBS News, Techcrunch, and The Huffington Post. He has previously presented at DEF CON, Blackhat, RSA, Kiwicon, Derbycon, and Grrcon. Previous gigs include Google, Uber, and Bishop Fox.