2014 ShmooCon Proceedings
  • Introduction
  • Foreword
  • ShmooCon
  • The Shmoo Group
  • Editor's Note
  • Schedule
  • ONE TRACK MIND
    • Attacker Ghost Stories
    • CCTV - Setup, Attack Vectors and Laws
    • Security Analytics
  • BUILD IT
    • ADD: Complicating Memory Forensics Through Memory Disarray
    • USBProxy
    • AV-Evasion With the Veil Framework
    • Malicious Threats, Vulnerabilities and Defenses in WhatsApp and Mobile Instant Messaging Platforms
  • BELAY IT
    • A Critical Review of Spatial Analysis
    • “How I Met Your Mother” or The Brief and Secret History of Bletchley Park and How They Invented Cryp
    • Raising Costs for Your Attackers Instead of Your CFO
    • The “Science of Cyber” and the Next Generation of Security Tools
    • Unambiguous Encapsulation
  • BRING IT ON
    • Arms Race: The Story of (In)-Secure Bootloaders
    • How to Train your Snapdragon: Exploring Power Frameworks on Android
    • Syncing Mentorship Between Winners And Beginners
    • Technology Law Issues for Security Professionals
Powered by GitBook
On this page

Foreword

The information security field is a strange place. We have many passionate individuals who have dedicated their lives to learning and pushing the state of the art. Many in this field are not formally trained in information security; rather we are made up of computer scientists, mathematicians, historians, philosophers, and even a few journalists. We are often self-taught, and learn from on the job experience as well as attendance at numerous conferences around the world.

While the ad-hoc nature of our profession lends itself to creativity and entrepreneurial acts, we often are terrible at learning from the past. Research is performed and presented at a conference only to gather dust for years until someone else performs the same research completely unaware of the prior art. While YouTube videos and archived PowerPoint presentations are useful, these artifacts can be difficult to learn from and hard to cite. To that end, we’re trying a little experiment called ShmooCon Proceedings. Text prior to footnote reference.

ShmooCon Proceedings is an attempt to document the knowledge shared at the conference each year by ShmooCon speakers. As part of the Call for Papers process we asked potential presenters if they would be interesting in submitting a 1,000 word article for the proceedings based on their presentation. The overwhelming response was “yes”. So with the support from the speakers and the interest from the community, we present to you the first (of what we hope are many) ShmooCon Proceedings. Projects like this often have a few hiccups and learning curves. To that end, we are releasing two editions at once: ShmooCon 2014 and ShmooCon 2015.

We’d like to thank everyone who made this work possible. First and foremost, we recognize the ShmooCon speakers for writing all these great articles. Also, we’d like to thank James Arlen and Rob Fuller for their efforts in editing, organizing, and assembling the Proceedings document itself. And finally we’d like to thank all the ShmooCon volunteers who support the conference each year and make the event possible… without whom these articles you’re about to read wouldn’t be possible.

Thanks and enjoy!

Heidi Potter

PreviousIntroductionNextShmooCon

Last updated 6 years ago