1. InfoconDB
  2. Wild West Hackin' Fest
  3. Wild West Hackin' Fest 2019
  4. The Nerdlist: The Totally Not 1337 Bad Idea's That Gives Infosec Noobs A Foot In The Door

The Nerdlist: The Totally Not 1337 Bad Idea's That Gives Infosec Noobs A Foot In The Door

Presented at Wild West Hackin' Fest 2019, Oct. 25, 2019, 3 p.m. (50 minutes)

Let’s face it: hacking things is boring as hell, and until Eliot Alderson, no one made command-line fu anything other than the setup for the first act while we waited for Mr. Anderson to become Neo. What do we do while staring at 1s and 0s? Watch movies, tv, YouTube, old memes, and rehash terrible jokes on IRC and then Slack and in Twitter memes. See—here’s the thing. That means that those of us who are like Razor and Blade (“they’re elite!”) can sometimes let our love of bad inside jokes get the better of us…and into our passwords. The Nerdlist is a collection of self-reported or accidentally discovered anecdotally in-use administrator and system passwords. Let HaveIBeenPwned collect statistics and give us the top 1000, and let RockYou.txt be the dancing broken washing machine in the background. The Nerdlist has become the place where at least fifteen people who have never publicly contributed to an infosec project have made their first commits, because it’s funny, and nonthreatening. We now have interesting geometric shapes and patterns…and one of those unlock gesture codes is in the shape of the Harry Potter spell “Alohomora!" Anecdotally, when asked to pick a number between 1-100, graduate students in computer science or engineering or complex systems will choose *42* approximately 18% of the time. That’s not a coincidence: it’s the answer to Life, The Universe, and Everything. That’s why the Nerdlist can help us find and fix bad leet passwords, and be a welcoming project for noobs at the same time. Listeners will get an update on the project, hear some startling insights, and see where the Nerdlist will go in future, as well as being welcomed to participate with specific instructions and the formation of collaborative partnerships. Give us your puns, your wit, your searing humor, your correct horse battery staple.

Presenters:

  • Tarah Wheeler / Pinup as Tarah Wheeler
    Tarah Wheeler is Chief Information Security Officer at Setec Astronomy. She holds a PhD in Horribleness from Pacific Tech, N.E.W.T.s in Herbology, Charms, and Defence Against The Dark Arts, and yes, she would like to play a game.

Links:

Similar Presentations: