DEFCON 201

North East New Jersey DEFCON Group Chapter. We meet at Sub Culture once a month to hack on technology projects! https://www.defcon201.org

.::DCG 201 Hybrid Meet Up — May 2022 — System Restore::.

====================================================== Date: May 30th, Monday

Time (IN PERSON): 6:00 PM EST — 10:00 PM EST

Time (ONLINE): 7:30 PM EST — 9:00 PM EST

Location: Helen’s Pizza(183 Newark Ave, Jersey City, NJ 07302)

Meet-Up: https://www.meetup.com/DEFCON201/events/286195718/

Facebook [TOR]: https://www.facebookcorewwwi.onion/events/536996314638919/

Hackaday: TBA

=====================================================

Welcome to the May 2021 DCG 201 Meet Up!

Hiya Fellas.

It’s been a long time. We miss you.

We know it’s been frustrating seeing meetings change at the last minute and delay after delay. We are even more frustrated as we love meeting up with all of you fine hacker folks but adulting comes to bite us in the ass than rolling our own crypto built in jSON during the log4j crisis.

That ends now!

Join us for an unusual meet-up at unusual hours during Memorial Day!

Be the first to test us out experimenting meeting at a venue we have loved (and who have loved us) for years but never had the time to put something like this together! (We still love and are working with Sub Culture just want to explore more of Jersey City, we will be back soon.)

Smaller, more direct, intimate.

Lots to talk about like our upcoming DCG 201 Meet Ups, HushCon, SummerC0n, A New Hope, DEF CON 30…

This will be a meet-up you don’t want to miss for those who attend will be part of and help shape a new chapter in DCG 201!

NOTE ABOUT LIVE STREAMS: Since we are testing out a new venue, if we are unable to stream that day we will instead stream the same content Tuesday at 9pm EST.

====================================================== Live Streams: ====================================================== Twitch: https://www.twitch.tv/defcon201live

dLive: https://dlive.tv/defcon201

YouTube: https://www.youtube.com/c/defcon201

Invidious [TOR]: http://grwp24hodrefzvjjuccrkw3mjq4tzhaaq32amf33dzpmuxe7ilepcmad.onion/channel/UCYDQaOHbK5trRU2CDgb0qSg

Facebook [TOR]: https://www.facebookcorewwwi.onion/groups/defcon201/

PeerTube: https://diode.zone/accounts/dc201/video-channels ======================================================

.::AGENDA & SCHEDULE::.

ALL TIMES ARE EASTERN STANDARD (EST)

— IN PERSON @ HELEN'S PIZZA SCHEDULE — 6:00pm — 7:50pm Meet & Greet + Open Workshops Projects 7:50pm — 8:00pm DCG 201 Vote: What IRC Instance Should We Move To? 8:00pm — 8:05pm DCG 201 Announcements 8:05pm — 8:25pm ZAP Those Bugs! The OWASP Zed Attack Proxy — Simon Bennetts 8:25pm — 8:40pm When (Fire)Fox Gets Angy! A Web Browser For Red Teamers — Sidepocket 8:40pm — 9:00pm Talk — TBA 9:00pm -10:00pm Hacks & Hangout + Open Workshop Projects 10:00pm — ??? Drinks & Games +21 @ Barcade Jersey City (163 Newark Ave, Jersey City, NJ 07302)

— ONLINE LIVE STREAM SCHEDULE — 7:00pm — 8:00pm PRE SHOW :: Black Hat Webinar: Inside the Cyber Safety Review Board — Jeff Moss, Chair Rob Silvers, Heather Adkins 8:00pm — 8:05pm DCG 201 Announcements 8:05pm — 8:25pm ZAP Those Bugs! The OWASP Zed Attack Proxy — Simon Bennetts 8:25pm — 8:40pm When (Fire)Fox Gets Angy! A Web Browser For Red Teamers — Sidepocket 8:40pm — 9:00pm Talk — TBA 9:00pm — 9:10pm END OF LIVE STREAM + Twitch Channel Raid

.::OPEN PROJECTS::. Hacker Show & Tell — Everyone RiffTrax The Game & Nintendo Switch Video Games — Everyone Practicing Lockpicking & Locksport — Sidepocket DCG 201 Vote: What IRC Instance Should We Move To? #BadgeLife for DEF CON 30 Hackathon DCG201 Session Exclusive In-Person Invite

.::BONUS AFTER PARTY::. DCG 201 After Dark @ Barcade Jersey City

====================================================== .::LIGHTNING TALKS::.

ZAP Those Bugs! The OWASP Zed Attack Proxy :..> The OWASP Zed Attack Proxy (ZAP) is one of the world's most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Join us with an interview with the ZAP Project Lead about this toolset and the future landscape of security in a COVID-Cold War internet!

:.>Bio: Simon Bennetts is the OWASP Zed Attack Proxy (ZAP) Project Leader and a Distinguished Engineer at StackHawk, a company that uses ZAP to help users fix application security bugs before they hit production. He has talked about and demonstrated ZAP at conferences all over the world, including Blackhat, JavaOne, FOSDEM and OWASP AppSec EU, USA & AsiaPac. Prior to making the move into security he was a developer for 25 years and strongly believes that you cannot build secure web applications without knowing how to attack them.

When (Fire)Fox Gets Angy! A Web Browser For Red Teamers :..>When most users, hackers and cybersecurity folks think of web browsers we think of the need for only privacy and defensive security. However, after playing countless CTF Tournaments where a major category is web security, I started to wonder, what would a web browser look like if it was built for offensive capabilities over defensive. In this short presentation I show off a modified version of Firefox with a curated list of extensions and tools that allow everything from script injections, man in the middle attacks, in-depth forensics, vlun scanning and even launching into a command line shell directly in the browser. After the presentation, attendees will be able to try out the modified browser in person and the download for it’s Firefox Profile will be posted on the DCG 201 blog!

:.>Bio: A Co-Founder of DCG 201, an open group for hacker workshop projects in North East New Jersey, Sidepocket is constantly wanting to help people to get better at whatever they want to do and learn. He also has a history with NYC 2600, Radio Statler at Hackers on Planet Earth, Phone Losers of America, Museum of Urban Reclaim Spaces and The Yes Men. Find out more about DCG 201 at: http://www.defcon201.org

Talk TBA :..> TBA :.>Bio: TBA

Black Hat Webinar: Inside the Cyber Safety Review Board :..>Ahead of the inaugural meeting of the new Cyber Safety Review Board (CSRB), join the Board's Chair and Deputy Chair, Rob Silvers (DHS Undersecretary for Policy) and Heather Adkins (head of Security, Google), for an exclusive conversation with Jeff Moss. Rob and Heather will preview how the Board will approach its first review, which will focus on the vulnerabilities in the Log4j software library, and drive actionable recommendations to better protect the nation's networks and infrastructure.

Established through President Biden's Executive Order on Improving the Nation's Cybersecurity, the CSRB is an unprecedented public-private initiative that will bring together government and industry leaders. Members will take a deep dive into the most significant cybersecurity incidents, conduct after action analysis, and identify lessons learned. The CSRB does not have regulatory powers and is not an enforcement authority. Its purpose is to identify and share lessons learned to enable advances in national cybersecurity.

:.>Bio: Jeff Moss, also known as Dark Tangent, is an American hacker, computer and internet security expert who founded the Black Hat and DEF CON computer security conferences. In April 2011 Mr. Moss was appointed as the Chief Security Officer for the Internet Corporation for Assigned Names and Numbers (ICANN), a non-profit whose responsibilities include coordinating and ensuring the security, stability and resiliency of the Internet's unique global identifiers as well as maintaining the root zone of the Internet.

Mr. Robert Silvers serves as the Under Secretary for Policy at the Department of Homeland Security, and will serve as the inaugural Chair of the Cyber Safety Review Board. He is responsible for driving policy and implementation plans across all of DHS's missions, including counterterrorism; cybersecurity, infrastructure security, and resilience; border security and immigration; international affairs; and trade and economic security.

Heather Adkins will serve as Deputy Chair of the Cyber Safety Review Board. She is a 19-year Google veteran and founding member of the Google Security Team. As Sr Director of Information Security, she has built a global team responsible for maintaining the safety and security of Google's networks, systems and applications. She has an extensive background in practical security and has worked to build and secure some of the world's largest infrastructure. ======================================================

.::OPEN PROJECTS::.

DCG 201 Hacker Show & Tell :..>Before our lightning talks and during the After Dark Party, DCG 201 members will be given an opportunity to show off the various projects that they have been working on. You can join in any time as we chat and some things we might be showing off for the first time!

Five Year Anniversary Hacker Raffle :..> Every hacker who shows up in person will get one raffle ticket. After our Lightning Talks we will draw a ticket for someone to win various cool hacker prizes! One prize per winner, no double winners so everyone has a fair chance of getting some cool sh!t.

DCG 201 Vote: What IRC Instance Should We Move To? :..> If you have been living under a rock lately, we regret to inform you that Freenode imploded under it's own arrogance and stupidity leading to a mass exodus of IRC Channels. Since we use to host under Freenode, we plan on moving the #DEFCON201 IRC Channel to another IRC Server. We your help in us voting in a new one. The options are: >LiberaChat >HackInt >OFTC

We want to hear your opinions in person and you can help online by voting on our active poll on our Twitch Channel! Practicing Lockpicking & Locksport

:..>DEFCON 201 will have padlocks and professional practice tumblers provided by TOOOL to practice on. Fun and easy to learn for all ages and backgrounds with two expert instructors! We will also have sanitation and social distancing rules in place due to the ongoing COVID-19 Pandemic. :..>What To Bring: All lockpicking tools and practice locks will be provided. You are free to bring any lock you own that you DON'T RELY ON or any lockpicking tools and bypasses to the space. If you decide to bring something, we have a mandatory sanitation on site of the tool/lock you bring before it's allowed to be interacted with.

RiffTrax The Game & Nintendo Switch Video Games :..>In addition to various classic retro games running on Raspberry Pi, we will try to play a couple of rounds of our new favorite community game What The Dub? What The Dub?! is a multiplayer party game where each player overdubs missing dialogue from hilariously awful B-movies, woefully outdated PSAs, and bizarre industrial films, with their own witty (or just plain stupid) dubs. Players watch the dubs and vote on the best one. The player with the highest score at the end of the game wins! :..>What To Bring: Any Smartphone, Laptop or device with a modern browser, preferably Firefox or Chrome.

#BadgeLife for DEF CON 30 Hackathon :..>DEF CON 30 will take place August 11th through August 14th at Caesars Fourm and other various hotels in Las Vegas, Nevada. This year will be the year where we are going to attempt to create our own badges for our members can rep DCG 201 at the convention! Join us In-Person only to talk some ideas and set up future meet ups to work on our first ever entry for #BadgeLife!

DCG201 Session Exclusive In-Person Invite :..>Those who attend in person will be among the first to sign up for our in-person attendee only Session Group Chat (moving on from our Keybase platform). Session is a decentralized messenger with a focus on private, secure, and anonymous communications. Session offers support for direct messages, group chats, and voice calls. It utilizes the decentralized Oxen Service Node Network to store and route messages. Every encrypted message is routed through three nodes in the Oxen Service Node Network, making it virtually impossible for the nodes to compile meaningful information on those using the network. It is available for Android, iOS, Windows, macOS, and Linux. You can also find the APK package on its official website and GitHub repository. More info at: https://getsession.org/

:..>What To Bring: Any Smartphone with Android or iOS and any computer that can run Windows, MacOS or Linux. ======================================================

.::BONUS PARTY::. After our Official Meet Up at Helen’s Pizza, walk with us a block or three to the Barcade Jersey City (163 Newark Ave, Jersey City, NJ 07302) for drinks & arcade games until we are so drunk we are using eMacs as a viable text editor! 21+ ID with Vaccination Card.

Come to our main meet up to get FREE Barcade Tokens while supplies last!

::END OF LINE::

.::DCG 201 Hybrid Meet Up — March 2022 — Five F%#king Years!::.

====================================================== Date: December 18th, Friday

Time (IN PERSON): 5:00 PM EST — 8:00 PM EST

Time (ONLINE): 6:00 PM EST — 7:30 PM EST

Location: Sub Culture (260 Newark Ave, Jersey City, NJ)

Meet-Up: https://www.meetup.com/DEFCON201/events/284669668/

Facebook [TOR]: https://www.facebookcorewwwi.onion/events/1138932333575674

Hackaday: TBA

=====================================================

Welcome to the March 2021 DCG 201 Meet Up…and our FIVE YEAR ANNIVERSARY!

Five. F%#king. Years.

WOW!

We can't believe we have made it this far. From our humble beginnings of our two Co-Founders winging it despite having three New Jersey groups fail before us, through three venue changes, multple website revisions, conventions, meet ups, hackathons and through a global pandemic.

It's only through the amazing hacker community in New Jersey and our fans across the nation and around the world that keeps us going. That and too much Jolt! Cola, the Official Drink Of The Elite Hacker!

In celebration for you all, join us for our first ever HYBRID meet up of 2022 at our meet-up location in Jersey City that we miss dearly.

Hacking! Video Games! Raffles! Lockpicking! Soldering! Presentations! Voting! McDonalds!? Barcade!

And a glimpes into the future of DCG 201 through 2022 and the NEXT five years!

====================================================== Live Streams: ====================================================== Twitch: https://www.twitch.tv/defcon201live

dLive: https://dlive.tv/defcon201

YouTube: https://www.youtube.com/c/defcon201

Invidious [TOR]: http://grwp24hodrefzvjjuccrkw3mjq4tzhaaq32amf33dzpmuxe7ilepcmad.onion/channel/UCYDQaOHbK5trRU2CDgb0qSg

Facebook [TOR]: https://www.facebookcorewwwi.onion/groups/defcon201/

PeerTube: https://diode.zone/accounts/dc201/video-channels ======================================================

.::AGENDA & SCHEDULE::.

ALL TIMES ARE EASTERN STANDARD (EST)

  • IN PERSON @ SUBCULTURE SCHEDULE -  5:00pm - 6:30pm Meet & Greet + Open Workshops Projects + Raffle Tickets Handouts 6:30pm - 6:35pm DCG 201 Vote: What IRC Instance Should We Move To? 6:35pm - 6:40pm DCG 201 Announcements 6:40pm - 7:00pm ZAP Those Bugs! The OWASP Zed Attack Proxy - Simon Bennetts 7:00pm - 7:30pm McDoxxalds: Hacking The Worlds Largest Fast Food Chain - Sidepocket 7:30pm - 7:55pm DCG 201 Five Year Anniversary Raffle Drawing & Winners Until Closing 8:00pm - ??? (11:00pm Officially) Hacks & Hangout @ Barcade Jersey City (163 Newark Ave, Jersey City, NJ 07302)

  • ONLINE LIVE STREAM SCHEDULE -  6:00pm - 6:35pm PRE SHOW :: TBA - Sidepocket 6:35pm - 6:40pm DCG 201 Announcements 6:40pm - 7:00pm ZAP Those Bugs! The OWASP Zed Attack Proxy - Simon Bennetts 7:00pm - 7:30pm Black Hat Webinar: Inside the Cyber Safety Review Board - Jeff Moss, Chair Rob Silvers, Heather Adkins 7:30pm - 7:35pm END OF LIVE STREAM + Twitch Channel Raid

.::OPEN PROJECTS::. DCG 201 Hacker Show & Tell - Everyone Five Year Anniversary Hacker Raffle - Everyone Raspberry Pi Arcade Games & What The Dub?!– Everyone Practicing Lockpicking & Locksport - Sidepocket DCG 201 Vote: What IRC Instance Should We Move To? #BadgeLife for DEF CON 30 Hackathon

.::BONUS AFTER PARTY::. DCG 201 Five Year Anniversary After Dark @ Barcade Jersey City

====================================================== .::LIGHTNING TALKS::.

ZAP Those Bugs! The OWASP Zed Attack Proxy :..> The OWASP Zed Attack Proxy (ZAP) is one of the world's most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Join us with an interview with the ZAP Project Lead about this toolset and the future landscape of security in a COVID-Cold War internet!

:.>Bio: Simon Bennetts is the OWASP Zed Attack Proxy (ZAP) Project Leader and a Distinguished Engineer at StackHawk, a company that uses ZAP to help users fix application security bugs before they hit production. He has talked about and demonstrated ZAP at conferences all over the world, including Blackhat, JavaOne, FOSDEM and OWASP AppSec EU, USA & AsiaPac. Prior to making the move into security he was a developer for 25 years and strongly believes that you cannot build secure web applications without knowing how to attack them.

McDoxxalds: Hacking The Worlds Largest Fast Food Chain :..> McDonald's is the world's largest restaurant chain by revenue, serving over 69 million customers daily in over 100 countries across 37,855 outlets, is the world's second-largest private employer with 1.7 million employees and the ninth-highest global brand valuation as of 2018. And like with many large targets, it's ripe to be hacked! Join our Co-Founder in this In-Person EXCLUSIVE talk as we take a deep dive into the McDonald's tech ice burg as we find out why certain items are on the menu, why the ice cream machines are always broken (and how to fix them), how they trained employees using video games, how to become a Ronald McDonald clown and more!

Exclusive to this presentation is a look at a McDonald's we have nicknamed “McDoxxalds” with pictures taken inside said restaurant that gives an hilarious glimpse into McDonald's security operations; proving their recent ad campaign slogan: WE KEEP GETTING HACKED!

:.>Bio: A Co-Founder of DCG 201, an open group for hacker workshop projects in North East New Jersey, Sidepocket is constantly wanting to help people to get better at whatever they want to do and learn. He also has a history with NYC 2600, Radio Statler at Hackers on Planet Earth, Phone Losers of America, Museum of Urban Reclaim Spaces and The Yes Men. Find out more about DCG 201 at: http://www.defcon201.org

Black Hat Webinar: Inside the Cyber Safety Review Board :..>Ahead of the inaugural meeting of the new Cyber Safety Review Board (CSRB), join the Board's Chair and Deputy Chair, Rob Silvers (DHS Undersecretary for Policy) and Heather Adkins (head of Security, Google), for an exclusive conversation with Jeff Moss. Rob and Heather will preview how the Board will approach its first review, which will focus on the vulnerabilities in the Log4j software library, and drive actionable recommendations to better protect the nation's networks and infrastructure.

Established through President Biden's Executive Order on Improving the Nation's Cybersecurity, the CSRB is an unprecedented public-private initiative that will bring together government and industry leaders. Members will take a deep dive into the most significant cybersecurity incidents, conduct after action analysis, and identify lessons learned. The CSRB does not have regulatory powers and is not an enforcement authority. Its purpose is to identify and share lessons learned to enable advances in national cybersecurity.

:.>Bio: Jeff Moss, also known as Dark Tangent, is an American hacker, computer and internet security expert who founded the Black Hat and DEF CON computer security conferences. In April 2011 Mr. Moss was appointed as the Chief Security Officer for the Internet Corporation for Assigned Names and Numbers (ICANN), a non-profit whose responsibilities include coordinating and ensuring the security, stability and resiliency of the Internet's unique global identifiers as well as maintaining the root zone of the Internet.

Mr. Robert Silvers serves as the Under Secretary for Policy at the Department of Homeland Security, and will serve as the inaugural Chair of the Cyber Safety Review Board. He is responsible for driving policy and implementation plans across all of DHS's missions, including counterterrorism; cybersecurity, infrastructure security, and resilience; border security and immigration; international affairs; and trade and economic security.

Heather Adkins will serve as Deputy Chair of the Cyber Safety Review Board. She is a 19-year Google veteran and founding member of the Google Security Team. As Sr Director of Information Security, she has built a global team responsible for maintaining the safety and security of Google's networks, systems and applications. She has an extensive background in practical security and has worked to build and secure some of the world's largest infrastructure. ======================================================

.::OPEN PROJECTS::.

DCG 201 Hacker Show & Tell :..>Before our lightning talks and during the After Dark Party, DCG 201 members will be given an opportunity to show off the various projects that they have been working on. You can join in any time as we chat and some things we might be showing off for the first time!

Five Year Anniversary Hacker Raffle :..> Every hacker who shows up in person will get one raffle ticket. After our Lightning Talks we will draw a ticket for someone to win various cool hacker prizes! One prize per winner, no double winners so everyone has a fair chance of getting some cool sh!t.

DCG 201 Vote: What IRC Instance Should We Move To? :..> If you have been living under a rock lately, we regret to inform you that Freenode imploded under it's own arrogance and stupidity leading to a mass exodus of IRC Channels. Since we use to host under Freenode, we plan on moving the #DEFCON201 IRC Channel to another IRC Server. We your help in us voting in a new one. The options are: >LiberaChat >HackInt >OFTC

We want to hear your opinions in person and you can help online by voting on our active poll on our Twitch Channel! Practicing Lockpicking & Locksport

:..>DEFCON 201 will have padlocks and professional practice tumblers provided by TOOOL to practice on. Fun and easy to learn for all ages and backgrounds with two expert instructors! We will also have sanitation and social distancing rules in place due to the ongoing COVID-19 Pandemic. :..>What To Bring: All lockpicking tools and practice locks will be provided. You are free to bring any lock you own that you DON'T RELY ON or any lockpicking tools and bypasses to the space. If you decide to bring something, we have a mandatory sanitation on site of the tool/lock you bring before it's allowed to be interacted with.

Raspberry Pi Arcade Games & What The Dub?! :..>In addition to various classic retro games running on Raspberry Pi, we will try to play a couple of rounds of our new favorite community game What The Dub? What The Dub?! is a multiplayer party game where each player overdubs missing dialogue from hilariously awful B-movies, woefully outdated PSAs, and bizarre industrial films, with their own witty (or just plain stupid) dubs. Players watch the dubs and vote on the best one. The player with the highest score at the end of the game wins! :..>What To Bring: Any Smartphone, Laptop or device with a modern browser, preferably Firefox or Chrome.

#BadgeLife for DEF CON 30 Hackathon :..>DEF CON 30 will take place August 11th through August 14th at Caesars Fourm and other various hotels in Las Vegas, Nevada. This year will be the year where we are going to attempt to create our own badges for our members can rep DCG 201 at the convention! Join us In-Person only to talk some ideas and set up future meet ups to work on our first ever entry for #BadgeLife! ======================================================

.::BONUS PARTY::. After our Official Meet Up at Sub Culture, walk with us a block or three to the Barcade Jersey City (163 Newark Ave, Jersey City, NJ 07302) for drinks & arcade games until we are so drunk we are using eMacs as a viable text editor!

https://barcadejerseycity.com/

(Officially until 11pm EST) 21+ ID with Vaccination Card.

Come to our main meet up to find out how to earn FREE Barcade Tokens!

::END OF LINE::

.::How Hackers Can Help During The Ukraine Crisis::.

TOR Version: http://writeasw4b635r4o3vec6mu45s47ohfyro5vayzx2zjwod4pjswyovyd.onion/defcon201/how-hackers-can-help-during-the-ukraine-crisis

====================================================== ::WHAT IS GOING ON?::

On February 24th 2022, Russia launched a large-scale military invasion of Ukraine, one of its neighbors to the southwest, marking an escalation to a conflict that began in 2014. Following Ukraine’s Revolution of Dignity in 2014, Russia had annexed Crimea and Russian-backed separatist forces had seized part of the Donbas in eastern Ukraine, leading to an eight-year war in the region.

The invasion received widespread international condemnation, including new sanctions imposed on Russia, triggering a financial crisis. Global protests took place against the invasion, while protests in Russia were met with mass arrests. Many reports called the invasion the largest conventional warfare attack in Europe since World War II.

Wikipedia: https://en.wikipedia.org/wiki/2022_Russian_invasion_of_Ukraine

To Long, Didn't Read Instagram Post: https://www.instagram.com/p/CaYYfdCPB2r/

Ukraine – The Country That Defied Vladimir Putin YouTube: http://www.youtube.com/watch?v=obMTYs30E9A Tor Invidious: https://invidious.privacy.gd/watch?v=obMTYs30E9A

Lost Empire – Why Rissia Wants To Restore The Soviet Boarders YouTube: https://www.youtube.com/watch?v=zwzliJF0-SI Tor Invidious: https://invidious.privacy.gd/watch?v=zwzliJF0-SI

Anti-War In Russia Perspective YouTube: https://www.youtube.com/watch?v=4oULSBdQb-U Tor Invidious: https://www.youtube.com/watch?v=4oULSBdQb-U

====================================================== ::DCG 201 STANCE ON THE INVASION OF UKRAINE::

We at DCG 201 (formally DEFCON 201 & DC 201) continue to follow our stances on previous conflicts & crisis. We denounce what Russia’s imperialistic invasion has done, which is unacceptable and is against the hacker ethics/way of life.

Our hearts go out to the untold of Ukrainians of all types who have been murdered in the conflict including Russians that were sent out to die for the oligarchy’s fascism and the arrest of untold amounts of Russian citizens who protested their tyrannical leadership’s inept decision.

====================================================== ::WHERE TO DONATE TO HUMANITARIAN AID::

https://unitedhelpukraine.org/

https://crisisrelief.un.org/t/ukraine

https://my.care.org/site/Donation2?df_id=31067&mfc_pref=T&31067.donation=form1&s_src=172220UCF000

https://wck.org/en-us/news/chefs-for-ukraine

====================================================== :Charities that help the War Effort:

Save Life: https://savelife.in.ua/donate/

Donbas SOS: https://www.donbasssos.org/en/

Crimea SOS: https://krymsos.com/

Hospitallers: https://facebook.com/hospitallers/

Sunflower of Peace:⁠ https://www.facebook.com/donate/507886070680475/2099553790222204/

====================================================== :Charities that help Children:

Tabletochki: https://tabletochki.org/

Children We Will Make It: https://vstygnemo.org.ua/

Ruka ob Ruku: https://ruka-ob-ruku.com.ua/en/index.html

Voices Of Children: https://voices.org.ua/en

====================================================== :Chairties for the Elderly:

Happy Old: https://happyold.com.ua/

Let's Help: https://letshelp.com.ua/

Starenki: https://starenki.com.ua/

====================================================== :Charities that help the Disabled:

Fight For Right: https://eng.ffr.org.ua/projects

Everybody Can: https://everybodycan.com.ua/

====================================================== :Charities that help Women:

Ukranian Woman's Guard: https://uavarta.org/ IBAN: ⁠ UA 29 300528 0000026002000008262⁠ Beneficiary: ⁠ UWG⁠

Women's Perspectives: http://women.lviv.ua/

Women's Mach (Marsh Zhinok): https://marsh-zhinok.com.ua/

Project Kesher's Woman & Girls: https://connect.clickandpledge.com/w/Form/c8f502e9-b5c6-402f-9643-27891faae4f3

====================================================== :Safety for African Diaspora Refugees:

https://www.instagram.com/nigeriansleavingukraine/

https://mobile.twitter.com/korrinesky/status/1497589436904660992

The Ukraine govt has set up an emergency hotline to help Black & Asian students fleeing Russian attacks, its foreign minister Dmytro Kuleba announced. The # is: +380934185684

====================================================== :Charities that help LGBTQ+:

MONOBANK 4441 1144 5311 1369 SOFIIA LAPINA IBAN-UA123220010000026205315732562

PRIVATBANK 4149 4993 8349 2111 SOFIA LAPINA IBAN — UA023052990000026201731031894

PAYPAL basikannndruh@icloud.com +14152799995

Telegram: https://t.me/ukrainepride/

Instagram: https://www.instagram.com/ukraine.Pride/

====================================================== :Charities for the Jewish Diaspora:

Project Kesher: https://www.projectkesher.org/

HIAS: https://www.hias.org/hias-responds-crisis-ukraine

ORT: https://secure2.convio.net/waort/site/Donation2;jsessionid=00000000.app20109b?5951.donation=form1&df_id=5951&mfc_pref=T&NONCE_TOKEN=7BC908C12D12B1662C7A51CC526E5E07

American Jewish Joint Distribution Committee: https://www.jdc.org/disasters/ukraine-response/

World Union for Progressive Judaism: https://wupj.org/news/2022/02/51971/world-union-launchs-ukraine-crisis-fund/

Survivor Mitzvah Project: https://www.survivormitzvah.org/donate-holocaust-survivors/

====================================================== :Charities for the Romani People:

https://chuffed.org/project/ukraine-help-roma-access-humanitarian-aid

====================================================== :Safety for South East Asian Diaspora Refugees:

https://twitter.com/TheWarden04/status/1497037222847336448 https://twitter.com/opganga https://twitter.com/eoiromania https://twitter.com/hashtag/indianstudentsinukraine

The Ukraine govt has set up an emergency hotline to help Black & Asian students fleeing Russian attacks, its foreign minister Dmytro Kuleba announced. The # is: +380934185684

====================================================== :Charities for Blood Donation:

Blood Agents: https://t.co/YeSSktWhJK

Donar UA: https://www.donor.ua/

====================================================== :Charities for Animals:

Sirius: https://dogcat.com.ua/

Happy Paw: https://happypaw.ua/ua

UAnimals: https://www.facebook.com/UAnimals.official/

====================================================== :Charities for the Environment:

Ukraine Without Waste: https://nowaste.com.ua/

Laska: https://laskastore.com/

====================================================== :Charities for the Homeless:

Help The Homeless: https://m.facebook.com/pomogi.bezdomnomu/?__nodl&ref=external%3At.co&_rdr

Suka Zhizn: https://t.co/oBWjKmjs0a

====================================================== :Charities for Investigative Journalism:

Slidstvo: https://t.co/nbG0czw6Nk

UKRPravda News: https://t.co/UYGHkmShOo

Zaborona Median: https://zaborona.com/

====================================================== :Charities that Preserve Ukrainian Cultural Heritage:

Parkhomivka Museum: http://museumparhomovka.com.ua/

Save Kyiv Modernism: https://t.co/QHfs9rYB3T

FrankivskToCareAbout: https://www.facebook.com/groups/342879319403810/?ref=share

====================================================== :Charities helping with COVID-19:

Svoyi: http://svoyi.com.ua/

Monsters, Inc: http://monstrov.org/

====================================================== :Charities helping via Cryptocurrency:

Official Ukraine Government Aid Addresses:

BTC – 357a3So9CbsNfBBgFYACGvxxS6tMaDoa1P

ETH and USDT (ERC-20) – 0x165CD37b4C644C2921454429E7F9358d18A45e14

$DOT – 1x8aa2N2Ar9SQweJv9vsuZn3WYDHu7gMQu1RePjZuBe33Hv

The Giving Block: https://thegivingblock.com/campaigns/ukraine-emergency-response-fund/

Unichain Ukraine: https://unchain.fund/

Unisawp: https://donate.uniswap.org/#/swap

Binance Charity: https://www.binance.charity/Ukraine-Emergency-Relief-Fund

Ukraine Pride:

BTC – bc1qst3w3adx2hls7xu6ztkuugyphqhec56yl9sn87

ETH – 0x451Cfd3Fd63CE31b3b97fF7Bcc7f34ff03Cb47DC

====================================================== ::PRESERVING DIGTAL INFORMATION ON THE UKRAINIAN CONFLICT::

Wikimedia Foundation: https://wikimediafoundation.org/news/2022/03/01/wikimedia-foundation-calls-for-continued-access-to-free-and-open-knowledge-as-ukraine-crisis-continues/

Internet Archive: https://archive.org/donate

Internet Socity Ukraine: https://isoc-ua.org/

Access Now: https://www.accessnow.org/cyberattacks-ukraine-human-rights/

Freedom Of The Press Foundation: https://freedom.press/news/protect-the-brave-journalists-covering-russias-invasion-of-ukraine/

====================================================== ::OSINT & RECON FOR HACKERS ABOUT THE INVASION::

NOTE: DCG 201 DOES NOT SUPPORT ANY HACKING FOR/AGAINST NATION STATES. THIS IS FOR RESEARCH & INFORMATION SHARING ONLY AND ACCEPT AT YOUR OWN RISK!

IT Army of Ukraine: https://t.me/itarmyofurraine

Techlore Privacy Ukraine Overview: https://www.youtube.com/watch?v=YkfLm7qOtHs (https://invidious.privacy.gd/watch?v=YkfLm7qOtHs)

Curated Intelligence Ukraine-Cyber-Operations: https://github.com/curated-intel/Ukraine-Cyber-Operations

Orange Cyberdefense Russia-Ukraine 2022 Conflict Related IOCs: https://github.com/Orange-Cyberdefense/russia-ukraine_IOCs

Ukraine Interactive Map: https://liveuamap.com/

Russian Military Buildup: https://www.google.com/maps/d/viewer?mid=1J7cOnp4pHofSnagRkk4P6tClgZiTGFvH&hl=en_US&usp=sharing

Ukranian Bomb Shelters: https://www.google.com/maps/d/viewer?mid=1nv3QreO1QS5_AmRRNLHXu7u99sKJ6JRR&hl=en_US&usp=sharing

Media Manipulation: https://mediamanipulation.org/research/tracking-social-media-takedowns-and-content-moderation-during-2022-russian-invasion

Ukranian RF: https://web.archive.org/web/20220222023148/https://k0lwc.com/monitoring-the-airwaves-during-ukrainian-conflict/

Anonymous: https://twitter.com/YourAnonNews

OSINT Technial: https://twitter.com/Osinttechnical

NB65: https://twitter.com/xxNB65

====================================================== ::END OF LINE::

.::Watch FOSDEM 2022 With DCG 201 Charity LIVE Stream :: Feb 5th — Feb 6th::.

====================================================== Date: February 5th, Saturday — February 6th, Sunday

Time: 4:00 AM EST — 12NOON (12:00 PM EST)

Meet-Up: https://www.meetup.com/DEFCON201/events/275096175/

Facebook [TOR]: TBA

Hackaday: TBA

=====================================================

On Saturday, February 5th & Sunday, February 6th starting each day at 4:00 AM EST, join the staff of DCG201 for a special LIVE Stream watching, interacting and reacting to the largest Free & Open Source Software convention, FOSDEM!

During our LIVE Stream, this will be our final fundraiser push to for our Charity Drive to the Children’s Miracle Network Hospitals to help out pediatric centers & ill children across the US & Canada!

Donate: https://donate.tiltify.com/@defcon201live/dcg-201-childrens-miracle-network-hospitals-fundraiser

==================================================== Twitch: https://www.twitch.tv/defcon201live

dLive: https://dlive.tv/defcon201

YouTube: https://www.youtube.com/channel/UCYDQaOHbK5trRU2CDgb0qSg

Invidious [TOR]: http://axqzx4s6s54s32yentfqojs3x5i7faxza6xo3ehd4bzzsg2ii4fv2iid.onion/channel/UCYDQaOHbK5trRU2CDgb0qSg

Facebook: https://www.facebook.com/groups/defcon201/ ====================================================

.::AGENDA & SCHEDULE::. —ALL TIMES ARE EASTERN STANDARD (EST)—

SATURDAY 4:00 AM SGX Enclave Exploit Analysis and Considerations for Defensive SGX Programming Cross-platform/cross-hypervisor virtio vsock use in go 5:00 AM Don’t trust us, trust the math behind immudb Made by Woz: how Apple-1 operating system works? 6:00 AM Designing a new Language for Safety: Fuzion Taking a desktop OS to mobile phones 7:00 AM Back to DirectFB! Java Security: Log4J, The SecurityManager & Funding 8:00 AM Hack for the Planet Llsoftsecbook: an open source book on software security for compiler developers 9:00 AM Crowdsecurity 10:00 AM BONUS :: Lecture: Tracking Ransomware End-to-end 10:30 AM Status of camera support on mobile FOSS devices

SUNDAY 4:00 AM Seamless Kernel Update Āhau: Māori Identity & Data Sovereignty 5:00 AM secPaver: Security Policy Development Tool Securing and Hardening a container host 6:00 AM Why safe programming matters and why Rust Live coding session with Tokodon 7:00 AM PlayStation 3 Emulation 8:00 AM Trousseau — the Kubernetes Key Management Service provider 9:00 AM What I wish I knew about security when I started programming 10:00 AM Secure Communication with Tls 11:00 AM Sudo: Watch and control your blind spots 12:00 NOON Closing FOSDEM 2022

About Children’s Miracle Network Hospitals

Children’s Miracle Network Hospitals (French: Réseau Enfants-Santé (RES)) is a nonprofit organization founded in 1983 by Marie Osmond, John Schneider, Mick Shannon, and Joe Lake, and is headquartered in Salt Lake City, Utah. CMNH raises funds for children’s hospitals in the U.S. and Canada that support the health of 10 million children each year across the U.S. and Canada. Donations go to local hospitals to fund critical life-saving treatments and healthcare services, along with innovative research, vital pediatric medical equipment, child life services that focus on kids’ emotional health during difficult hospital stays and financial assistance for families who could not otherwise afford these health services. To date, Children’s Miracle Network Hospitals has raised more than US $7 billion, which is distributed directly to a network of 158 hospitals.

About Children’s Specialized Hospital

Children’s Specialized Hospital, an RWJBarnabas Health facility, is the nation’s leading provider of inpatient and outpatient care for children from birth to 21 years of age facing special health challenges — from chronic illnesses and complex physical disabilities like brain and spinal cord injuries, to a full scope of developmental, behavioral, and mental health outcomes. At 14 different New Jersey locations, our pediatric specialists partner with families to make our many innovative therapies and medical treatments more personalized and effective so each child can reach their full potential.

About Child’s Play

Since 2003, Child’s Play is a game industry charity dedicated to improving the lives of children with toys and games in our network of over 220 facilities worldwide, including hospitals and domestic abuse shelters. Over the years, you as a community have answered the call and come together to raise millions of dollars.

Child’s Play works in two ways. With the help of hospital staff, they set up gift wish lists full of video games, toys, books, and other fun stuff for kids. By clicking on a hospital location on our map, you can view that hospital’s wish list and send a gift.

Child’s Play also receives cash donations throughout the year. With those cash donations, they’ve purchase new consoles, peripherals, games, and more for hospitals and therapy facilities. These donations allow for children to enjoy age-appropriate entertainment, interact with their peers, friends, and family, and can provide vital distraction from an otherwise generally unpleasant experience.

ABOUT FOSDEM

FOSDEM is a two-day event organized by volunteers to promote the widespread use of free and open source software.

In 2000, Raphael Bauduin, a fan of the Linux movement in Belgium, decided to organise a small meeting for developers of Open Source software. He called it ‘Open Source Developers’ European Meeting’ (OSDEM).

For the second year, OSDEM was renamed FOSDEM. And now, many years later, it has grown into the event it is today. FOSDEM tries to cover a wide spectrum of free and open source software projects, and offer a platform for people to collaborate. Every year, they host more than 5000 developers at the ULB Solbosch campus.

FOSDEM is a free and non-commercial event organised by the community for the community. The goal is to provide free and open source software developers and communities a place to meet to:

:..>get in touch with other developers and projects; :..>be informed about the latest developments in the free software world; :..>be informed about the latest developments in the open source world; :..>attend interesting talks and presentations on various topics by project leaders and committers; :..>to promote the development and benefits of free software and open source solutions.

::END OF LINE::

.::DCG 201 Hybrid Meet Up — December 2021 — Bring Fourth HoHoCon!::.

====================================================== Date: December 17th, Friday

Time (IN PERSON): CANCELED (SEE BELOW)

Time (ONLINE): 6:00 PM EST — 7:30 PM EST

Location: Sub Culture (260 Newark Ave, Jersey City, NJ)

Meet-Up: https://www.meetup.com/DEFCON201/events/282372291/

Facebook [TOR]: https://www.facebookcorewwwi.onion/events/449699199929382/

Hackaday: https://hackaday.io/page/11605-dcg-201-hybrid-meet-up-december-2021-bring-fourth-hohocon

=====================================================

Welcome to the December 2021 DCG 201 Meet Up!

UPDATE: Due to the spike on Omnicron, we are unfortunately canceling our In-Person part of the meet up. We apologize for the inconvenience. We will be LIVE Streaming at 7pm EST!

It’s here. We FINALLY did it! We are at the final stretch of what was 2021. To who ever thought everything was going to return to normal (what ever the heck that means)…sorry? Man it’s been a wild ride, but we like to think we are ending this year a little better than we did last year.

So after some frustrations for the past couple of months of getting a hybrid style of meet-up off the ground, join us for some cozy shenanigans at our old haunt!

Get some awesome food at SubCulture, play games with us, build us a cardboard VR contraption, learn lockpicking, hack some Retro computers and who knows? Maybe you will even find Jesus in your code.

But we only have one question…

Can you make it dance?

====================================================== Live Streams: ====================================================== Twitch: https://www.twitch.tv/defcon201live

dLive: https://dlive.tv/defcon201

YouTube: https://www.youtube.com/c/defcon201

Invidious [TOR]: http://grwp24hodrefzvjjuccrkw3mjq4tzhaaq32amf33dzpmuxe7ilepcmad.onion/channel/UCYDQaOHbK5trRU2CDgb0qSg

Facebook [TOR]: https://www.facebookcorewwwi.onion/groups/defcon201/

PeerTube: https://diode.zone/accounts/dc201/video-channels ======================================================

.::AGENDA & SCHEDULE::.

ALL TIMES ARE EASTERN STANDARD (EST)

— IN PERSON @ SUBCULTURE SCHEDULE —

— IN PERSON @ SUBCULTURE SCHEDULE — 5:00pm — 6:30pm Meet & Greet + Open Workshops Projects + Yule log4j Burning 6:30pm — 6:35pm DCG 201 Vote: What IRC Instance Should We Move To? 6:35pm — 6:40pm DCG 201 Announcements 6:40pm — 6:45pm An Intro To The Sirocyl Mini-Vintage Computer Festival — sirocyl 6:45pm — 7:00pm TBA — TBA 7:00pm — 7:10pm Log4Jesus: How The Power Of Christ Compels Computers — Sidepocket 7:10pm — 8:00pm Hacks & Hangout Until Closing (Possible Post-Meet Snack & Bar Hopping?)

— ONLINE LIVE STREAM SCHEDULE — 6:00pm — 6:30pm PRE SHOW :: Nintendo Labo VR Blaster Build — Sidepocket 6:35pm — 6:40pm DCG 201 Announcements 6:40pm — 6:45pm An Intro To The Sirocyl Mini-Vintage Computer Festival — sirocyl 6:45pm — 7:00pm TBA — TBA 7:00pm — 7:10pm Log4Jesus: How The Power Of Christ Compels Computers — Sidepocket 7:10pm — ??? Yule log4j Burning + END OF LIVE STREAM

.::OPEN PROJECTS::. Yule log4j Burning — Everyone Sirocyl Mini-Vintage Computer Festival — sirocyl hxp CTF 2021 — Everyone (First Come First Serve) TryHackMe Advent Of Summer — Everyone DCG 201 Vote: What IRC Instance Should We Move To? Nintendo Labo VR Blaster Build — Sidepocket Practicing Lockpicking & Locksport — Sidepocket

====================================================== .::LIGHTNING TALKS::.

Log4Jesus: How The Power Of Christ Compels Computers :..> Christiantiy is one the major three branches of what’s known as the Abrahamic religions and is one of if not one of the most popular religions world wide. So naturally, as tech has evolved, Christian hackers have left their cross-shaped footprint on the tapestry of computing. Join us as we look at things from the original Printing Press, to Christian Video Games, a holy database programming language, Bibles on Blockchain and yes…the infamous Temple OS.

:.>Bio: A Co-Founder of DCG 201, an open group for hacker workshop projects in North East New Jersey, Sidepocket is constantly wanting to help people to get better at whatever they want to do and learn. He also has a history with NYC 2600, Radio Statler at Hackers on Planet Earth, Phone Losers of America, Museum of Urban Reclaim Spaces and The Yes Men. Find out more about DCG 201 at: http://www.defcon201.org ======================================================

.::OPEN PROJECTS::.

Yule log4j Burning :..>No one can be…told what the Yule log4j Burning is…you have to see it for yourself…

Sirocyl’s Mini-Vintage Computer Festival :..> After an impromptu vintage computer meetup left sirocyl stuck with a trunkful of x86mas cheer, we’ll be bringing over some small items to demo and screw around with.

TryHackMe Advent Of Cyber :..>Advent of Cyber is an event that gets people started in cyber security, by releasing beginner friendly security exercises every day leading up to Christmas. For 25 days they release tasks breaking down common security topics into byte-sized walk-throughs and challenges. Each task is self contained and includes the basic information required to start working on a security challenge including supporting material and a video tutorial. At the end of the competition, we’ll enter every participant who completed a question into a raffle to win the prizes. Every question a user completes, gives a higher chance of winning!

:..>What To Bring: Any laptop will do. We do not think you need anymore than that but if you are looking for OS/VM’s with preloaded tools; look at Kali Linux, Parrot OS, Pentoo or Black Arch for ideas! You need to sign up with TryHackMe (with more details) at the link below:

https://tryhackme.com/christmas/

DCG 201 Vote: What IRC Instance Should We Move To? :..> If you have been living under a rock lately, we regret to inform you that Freenode imploded under it’s own arrogance and stupidity leading to a mass exodus of IRC Channels. Since we use to host under Freenode, we plan on moving the #DEFCON201 IRC Channel to another IRC Server. We your help in us voting in a new one. The options are:

LiberaChat HackInt OFTC

We want to hear your opinions in person and you can help online by voting on our active poll on our Twitch Channel!

hxp CTF 2021 :..>This Friday, starting on December 17th at 10:00 AM EST, we invite all DCG 201 Members, Attendees and Fans to help us hack the hxp CTF 2021! If you are new to Online CTF, we will help you get set up and walk you through some of the challenges. Then you can log in anytime after until December 19th 10:00 AM EST to continue our CTF conquest! To learn more about the CTF, please follow this link: https://www.meetup.com/DEFCON201/events/282372083/

:..>What To Bring: Any laptop will do. Ideally you want to load it full of Information Security Red Team and Blue Team tools, look at Kali Linux, Parrot OS, Pentoo or Black Arch for ideas. To participate online, you will need a Discord Account and to join our Discord at this link: https://discord.gg/PGgPNEF

Nintendo VR Blaster Build & Play :..>We have a new cardboard engineering construction for anyone of any skill level to try out. Combine DIY fun with simple, shareable VR, plus a new programming tool you can use to make your own quick play VR games and experiences! When finished, we will take turns blasting through an alien invasion, test your skills at competitive hippo feeding, and go wherever else our imagination takes us! NOTE: Guests will be required to follow social distancing measures including the wearing on non-latex gloves and wearing masks.

:..>What To Bring: The ability to follow instructions and fold paper. The play portion needs two working eyes with depth perception and a resistance to motion sickness.

Practicing Lockpicking & Locksport :..>DEFCON 201 will have padlocks and professional practice tumblers provided by TOOOL to practice on. Fun and easy to learn for all ages and backgrounds with two expert instructors! We will also have sanitation and social distancing rules in place due to the ongoing COVID-19 Pandemic.

:..>What To Bring: All lockpicking tools and practice locks will be provided. You are free to bring any lock you own that you DON’T RELY ON or any lockpicking tools and bypasses to the space. If you decide to bring something, we have a manditory sanitation on site of the tool/lock you bring before it’s allowed to be interacted with. ======================================================

.::BONUS PARTY::. S T I M U L A T E – “MatriXXXmas” Cyber Punk Dance Party

stimulate-me.com

“MatriXXXmas” : the 13th Annual STIMULATE XMas Bash!

9:00pm — 4:00am EST

21+ w/ Vaccination Card PERFORMANCES BY: LYDIA WILTS • LOLA STRANGE plus Music by Birthday DJs Johanna Constantine, Stalagmike (Defcon) Amazin’ A (DJs From HELL) plus Xris SMack! + DasKreestof ERIS — 167 Graham Ave. Brooklyn, NY 11206 RSVP: https://facebook.com/events/1981113275399702 ======================================================

Hackers make machines dance.

Beautiful.

::END OF LINE::

.::DCG 201 Hybrid Meet Up — October 2021 — Bride Of Hacktoberfest::.

====================================================== Date: October 15th, Friday

Time (IN PERSON): 5:00 PM EST — 8:00 PM EST

Time (ONLINE): 5:20 PM EST — ???

Location: Sub Culture (260 Newark Ave, Jersey City, NJ)

Meet-Up: https://www.meetup.com/DEFCON201/events/280999676/

Facebook [TOR]: https://www.facebookcorewwwi.onion/events/547235103242510/

Hackaday: TBA

=====================================================

Welcome to the October 2021 DCG 201 Meet Up!

Getting back on our feet was difficult, like, ask the world on how hard it is right now with Delta and other insanity going on. But we did it. And we are back for the spookiest season in a BIG way:

Starting with this meet up, DCG 201 will be a Hybrid event!

This means we are welcome back to our old haunt SubCulture (we miss them so much) in Jersey City in addition to LIVE Streaming parts of our meet up online.

Each will cross over but have a slightly different experience with exclusives for both.

This will be a jam-packed event that has various talks and workshops, including hosting our fourth ever Hacktoberfest event, a new CTF for us to crack, building VR out of cardboard, an in-person exclusive talk, Hacker AF movies, lockpicking & more!

Welcome back!

Oh and the next day at 8pm EST, we going to stream BOTH events and we will be streaming Metroid Dread for the Children’s Miracle Network Hospitals such as Children’s Specialized Hospital under Child’s Play!

====================================================== Live Streams: ====================================================== Twitch: https://www.twitch.tv/defcon201live

dLive: https://dlive.tv/defcon201

YouTube: https://www.youtube.com/c/defcon201

Invidious [TOR]: http://grwp24hodrefzvjjuccrkw3mjq4tzhaaq32amf33dzpmuxe7ilepcmad.onion/channel/UCYDQaOHbK5trRU2CDgb0qSg

Facebook [TOR]: https://www.facebookcorewwwi.onion/groups/defcon201/

PeerTube: https://diode.zone/accounts/dc201/video-channels ======================================================

.::AGENDA & SCHEDULE::.

ALL TIMES ARE EASTERN STANDARD (EST)

— IN PERSON @ SUBCULTURE SCHEDULE — 5:00pm — 6:15pm Meet & Greet + Open Workshops Projects + Hacker Science Theater 3000 6:15pm — 6:20pm DCG 201 Vote: What IRC Instance Should We Move To? 6:20pm — 6:25pm DCG 201 Announcements 6:25pm — 6:40pm All The World’s API — zverok 6:40pm — 7:00pm IN-PERSON EXCLUSIVE TBA — TBA 7:00pm — 7:10pm Intro to Hacktoberfest 2021 — TBA 7:10pm — 8:00pm Hacks & Hangout Until Closing (Possible Post-Meet Snack & Bar Hopping?)

— ONLINE LIVE STREAM SCHEDULE — 5:20pm — 6:20pm PRE SHOW :: Black Hat Webinar: Anti-Analysis Logic of Arm Malware on macOS — Patrick Wardle 6:20pm — 6:25pm DCG 201 Announcements 6:25pm — 6:40pm All The World’s API — zverok 6:40pm — 7:00pm INTERMISSION :: Nintendo Labo VR Blaster Build — Sidepocket & Friends 7:00pm — 7:10pm Intro to Hacktoberfest 2021 — TBA 7:10pm — ??? DCG 201 ONLINE Hacker Hangout

.::OPEN PROJECTS::. Hacktoberfest 2021 — Everyone Hacker Science Theater 3000 Presents: Johnny Mnemonic DCG 201 Vote: What IRC Instance Should We Move To? DEADFACE CTF — Everyone (First Come First Serve) Nintendo Labo VR Blaster Build — Sidepocket & Friends Practicing Lockpicking & Locksport — Sidepocket & Friends

.::LIGHTNING TALKS::.

PRE SHOW :: Black Hat Webinar: Anti-Analysis Logic of Arm Malware on macOS

:..>Apple’s new M1 systems (aka Apple Silicon) offer a myriad of benefits …for both macOS users, and well, to malware authors as well. However, before analyzing malware targeting this platform, one must master various foundational topics such as understanding and reversing arm64 code.

In this talk, we’ll cover such topics and then apply them in order to analyze the anti-analysis logic of the first malicious program compiled to natively target Apple Silicon.

Armed (ha!) with the information and analysis techniques presented in this talk, you’ll leave well on the way to becoming a proficient macOS M1 malware analyst!

:..>Bio: Patrick Wardle is the founder of Objective-See. Having worked at NASA and the NSA, as well as presenting at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware, and writing free open-source security tools to protect Mac users. All The World’s API

:..>In this talk, we’ll investigate what it takes to make common sense knowledge available as hackable APIs, and why it matters. The trivia like “how many people live in Paris” or “what novels did Kurt Vonnegut write” or “what’s the synopsis of Game of Thrones S04E05” is easily reachable for a human, but frequently surprisingly hard to gather in a machine-readable way. While many particular and specialized APIs do exist, we are studying the generic approach: how humanity’s open knowledge hubs like Wikipedia and OpenStreetMap can be used to access structured knowledge from programming languages. A few practical libraries (of various maturity) presented, and potential future approaches discussed.

:..>Bio: Victor Shepelev aka zverok is a developer and writer from Ukraine. He works mainly in Ruby (and is involved in language documentation and evolution) but recently switched to Python to reach a broader audience with various passion projects of his, mostly related to open data and text processing. IN-PERSON EXCLUSIVE TBA

:..> TBA

:.>Bio: TBA

.::OPEN PROJECTS::.

Hacktoberfest 2021

:..>Hacktoberfest — brought to you by DigitalOcean in partnership with Intel, AppWrite & Deep Source — is a month-long celebration of open source software. Maintainers are invited to guide would-be contributors towards issues that will help move the project forward, and contributors get the opportunity to give back to both projects they like and others they’ve just discovered. No contribution is too small — bug fixes and documentation updates are valid ways of participating.

Hacktoberfest is open to everyone in our global community. Whether you’re a seasoned contributor or looking for projects to contribute to for the first time, you’re welcome to participate.

Pull requests can be made in any participating GitHub or GitLab hosted repository/project. Look for the ‘hacktoberfest’ topic to know if a repository/project is participating in Hacktoberfest. Pull requests must be approved by a maintainer of the repository/project to count.

You can sign up anytime between October 1 and October 31. Just be sure to sign up on the official Hacktoberfest website for your pull requests to count.

::How To Participate::

Sign Up At This Link:https://hacktoberfest.digitalocean.com/register

To Join Us On The DEFCON 201 LIVE Stream: Join us on the Discord under our #Hacking Sub-Channel.

DEFCON 201 Discord Link: https://discord.gg/PGgPNEF

CLIENT INTERFACES

Clear Net: https://discordapp.com/channels/@me

Windows: https://discordapp.com/api/download?platform=win

macOS: https://discordapp.com/api/download?platform=osx

Linux: https://snapcraft.io/discord

iOS: https://itunes.apple.com/us/app/discord-chat-for-games/id985746746

Android: https://play.google.com/store/apps/details?id=com.discord (We recommend using Auroa Store)

::Intro to Hacktoberfest 2021 (TALK)::

:..>In this talk, we will go over online & in-person the Do’s & Don’ts of Hacktoberfest 2021! We will go over how to sign up on GitHub & GitLab, how to do a Pull-Request on either platform and go over a list of various open-source projects with the #Hacktoberfest label we think need more attention than usual!

::Choose Trees or Tees::

Rather than receive t-shirts as swag, you can choose to have a tree planted in your name and help make Hacktoberfest 2021 more carbon neutral: https://tree-nation.com/profile/digitalocean

::Rules & Resources::

Tasks For Beginners

The following resources share repositories that curate tasks for beginners:

https://github.com/mungell/awesome-for-beginners

https://up-for-grabs.net/#/

https://www.firsttimersonly.com/

Share your Hacktoberfest journey by writing about your contributions on the DEV Hacktoberfest tag. DEV is a community visited by millions of programmers who are sharing their work to make others better: https://dev.to/t/hacktoberfest

Improve code quality of open-source projects you love. DeepSource Discover lists thousands of open-source projects that have code quality issues up for grabs.

RULES

  • Pull requests can be submitted to any opted-in repository on GitHub or GitLab.
  • The pull request must contain commits you made yourself.
  • If a maintainer reports your pull request as spam, it will not be counted toward your participation in Hacktoberfest.
  • If a maintainer reports behavior that’s not in line with the project’s code of conduct, you will be ineligible to participate.
  • To get a shirt, you must make four approved pull requests (PRs) on opted-in projects between October 1–31 in any time zone.
  • This year, the first 50,000 participants can earn a T-shirt.

A repository/project is considered to be participating in Hacktoberfest if the ‘hacktoberfest’ topic is present and is accepting public contributions via pull requests. An individual pull request can also be opted-in directly by adding the ‘hacktoberfest-accepted’ label.

A pull request is considered approved once it has an overall approving review from maintainers, or has been merged by maintainers, or has been given the ‘hacktoberfest-accepted’ label. A pull request with any label containing the word ‘spam’ or ‘invalid’ will be considered ineligible for Hacktoberfest.

Quality Standards

In line with Hacktoberfest value #2 (Quantity is fun, quality is key), we have provided examples of the pull requests that we consider to be low quality contributions (which we discourage and may be marked as spam by maintainers).

  • Pull requests that are automated e.g. scripted opening pull requests to remove whitespace / fix typos / optimize images.
  • Pull requests that are disruptive e.g. taking someone else’s branch/commits and making a pull request.
  • Pull requests that are regarded by a project maintainer as a hindrance vs. helping.
  • Something that’s clearly an attempt to simply +1 your pull request count for October.
  • Last but not least, one pull request to fix a typo is fine, but 5 pull requests to remove a stray whitespace is not.

Spammy pull requests can be labeled as “spam” or “invalid.”

Maintainers are faced with the majority of spam that occurs during Hacktoberfest, and we dislike spam just as much as you.

If you’re a maintainer, please label any spammy pull requests submitted to the repositories you maintain as ‘spam’ or ‘invalid’, and close them.

Pull requests with a label containing either of these words won’t count toward Hacktoberfest.

Pull requests must be approved by a maintainer.

Once a participant has submitted a pull request that is ready-to-review to a participating project, it must be approved by a maintainer of that project before it will count toward Hacktoberfest.

PRs can be accepted either by being merged, having an overall approving review, or having the ‘hacktoberfest-accepted’ label.

After a PR is approved it enters a fourteen-day review window where our team can take action against any participants we believe to be contributing in bad faith, and maintainers can revoke their approval if they decide that a PR isn’t actually a legitimate contribution.

After the fourteen-day window has passed, the PR becomes eligible for Hacktoberfest and this cannot be reversed. Bad repositories will be excluded.

We’ve seen many repositories that encourage participants to make simple pull requests — to quickly gain a pull request towards winning. While these projects may be a valuable learning tool for new contributors, they often aren’t valuable and high quality contributions to open source projects, and go against one of our core values for Hacktoberfest.

Some examples of projects that don’t follow the values of Hacktoberfest include:

Projects asking contributors to add their name or profile information to a list

Projects asking contributors to submit assorted data structures and algorithms (DSA)

Projects asking contributors to curate arbitrary lists of quotes, interview questions, etc.

The quality of pull requests is paramount; quantity comes second.

They’ve implemented a system to block these repositories, and any pull requests submitted to such repositories will not be counted.

::Event Privacy Policy:: Hacktoberfest '21 FAQ https://hacktoberfest.digitalocean.com/faq

Legal – Privacy Policy https://www.digitalocean.com/legal/privacy-policy/

======================================================

Hacker Science Theater 3000 Presents: Johnny Mnemonic :..>Exclusively in person join us meetings for various hacker film and documentary screenings. First up is a classic that has aged beautifully and horribly at the same time:

Johnny Mnemonic is a 1995 Canadian-American cyberpunk action thriller film directed by Robert Longo in his directorial debut. The film stars Keanu Reeves and Dolph Lundgren. The film is based on the story of the same name by William Gibson. Keanu Reeves plays the title character, a man with a cybernetic brain implant designed to store information. The film portrays Gibson’s dystopian view of the future with the world dominated by megacorporations and with strong East Asian influences.

DCG 201 Vote: What IRC Instance Should We Move To? :..> If you have been living under a rock lately, we regret to inform you that Freenode imploded under it’s own arrogance and stupidity leading to a mass exodus of IRC Channels. Since we use to host under Freenode, we plan on moving the #DEFCON201 IRC Channel to another IRC Server. We your help in us voting in a new one. The options are:

  • LiberaChat
  • HackInt
  • OFTC

We want to hear your opinions in person and you can help online by voting on our active poll on our Twitch Channel!

DEADFACE CTF :..>This Friday, starting on October 15th at 10:00 AM EST, we invite all DCG 201 Members, Attendees and Fans to help us hack the DEADFACE CTF 2021! If you are new to Online CTF, we will help you get set up and walk you through some of the challenges. Then you can log in anytime after until July 18th 8:00 PM EST to continue our CTF conquest! To learn more about the CTF, please follow this link: https://defcon201.medium.com/dcg-201-online-ctf-deadface-ctf-2021-october-15th-16th-c9c529e68927

:..>What To Bring: Any laptop will do. Ideally you want to load it full of Information Security Red Team and Blue Team tools, look at Kali Linux, Parrot OS, Pentoo or Black Arch for ideas. To participate online, you will need a Discord Account and to join our Discord at this link: https://discord.gg/PGgPNEF

Nintendo VR Blaster Build & Play :..>We have a new cardboard engineering construction for anyone of any skill level to try out. Combine DIY fun with simple, shareable VR, plus a new programming tool you can use to make your own quick play VR games and experiences! When finished, we will take turns blasting through an alien invasion, test your skills at competitive hippo feeding, and go wherever else our imagination takes us! NOTE: Guests will be required to follow social distancing measures including the wearing on non-latex gloves and wearing masks.

:..>What To Bring: The ability to follow instructions and fold paper. The play portion needs two working eyes with depth perception and a resistance to motion sickness.

Practicing Lockpicking & Locksport :..>DEFCON 201 will have padlocks and professional practice tumblers provided by TOOOL to practice on. Fun and easy to learn for all ages and backgrounds with two expert instructors! We will also have sanitation and social distancing rules in place due to the ongoing COVID-19 Pandemic.

:..>What To Bring: All lockpicking tools and practice locks will be provided. You are free to bring any lock you own that you DON’T RELY ON or any lockpicking tools and bypasses to the space. If you decide to bring something, we have a manditory sanitation on site of the tool/lock you bring before it’s allowed to be interacted with.

::END OF LINE::

.::DCG 201 Hybrid Meet Up — August 2021 — Hybrid Circuit::.

====================================================== Date: August 20st, Friday

Time (IN PERSON): 5:00 PM EST — 8:00 PM EST

Time (ONLINE): 6:00 PM EST — ???

Location: Sub Culture (260 Newark Ave, Jersey City, NJ)

Meet-Up: https://www.meetup.com/DEFCON201/events/279664279/

Facebook [TOR]: https://www.facebookcorewwwi.onion/events/571249114047877/

Hackaday: TBA

=====================================================

Welcome to the August 2021 DCG 201 Meet Up!

We at DCG 201 and DEFCON Groups are at an odd crossroad. On one hand, restrictions have currently lessen so we can actually physically meet up again in some form. On the other hand, the DELTA Variant is on the rise across the world and even the dreaded LAMBDA Variant is on the horizon.

So our thought was, why not both?

Starting with this meet up, DCG 201 will be a Hybrid event.

This means we are welcome back to our old haunt SubCulture (we miss them so much) in Jersey City in addition to LIVE Streaming parts of our meet up online.

Each will cross over but have a slightly different experience with exclusives for both.

No matter if you want to show up for some social distancing hacking at our venue or stay safe at home and check us out online, we welcome you back to the insanity that is DCG 201.

Welcome home!

====================================================== Live Streams: ====================================================== Twitch: https://www.twitch.tv/defcon201live

dLive: https://dlive.tv/defcon201

YouTube: https://www.youtube.com/c/defcon201

Invidious [TOR]: http://grwp24hodrefzvjjuccrkw3mjq4tzhaaq32amf33dzpmuxe7ilepcmad.onion/channel/UCYDQaOHbK5trRU2CDgb0qSg

Facebook [TOR]: https://www.facebookcorewwwi.onion/groups/defcon201/

PeerTube: https://diode.zone/accounts/dc201/video-channels ======================================================

.::AGENDA & SCHEDULE::.

ALL TIMES ARE EASTERN STANDARD (EST)

— IN PERSON @ SUBCULTURE SCHEDULE — 5:00pm — 6:15pm Meet & Greet + Open Workshops Projects + Hacker Science Theater 3000 6:15pm — 6:27pm DCG 201 Vote: What IRC Instance Should We Move To? 6:27pm — 6:30pm DCG 201 Announcements 6:30pm — 7:10pm Hypercore:// A World Of Distributed Data Structures — Paul Frazee 7:10pm — 7:30pm TBA — TBA 7:30pm — 8:00pm Wrap Up To Closing + SNACK & BAR HOPPING!

— ONLINE LIVE STREAM SCHEDULE — 6:00pm — 6:27pm PRE SHOW :: Making the DEF CON 29 Badge — Michael Whiteley Katie Whiteley 6:27pm — 6:30pm DEFCON 201 Announcements 6:30pm — 7:10pm Hypercore:// A World Of Distributed Data Structures — Paul Frazee 7:10pm — 7:30pm INTERMISSION :: After The Lifting Of The Block: Case Study Of Turkey — Khutuck, Basak 7:30pm — ??? DCG 201 ONLINE Hacker Hangout

.::OPEN PROJECTS::. Hacker Science Theater 3000 Presents: Johnny Mnemonic DCG 201 Vote: What IRC Instance Should We Move To? Subculture Raspberry Pi Arcade — Everyone DCG 201 Online Hacker Hangout — Everyone

.::LIGHTNING TALKS::.

PRE SHOW :: Making the DEF CON 29 Badge :..>Come meet the new badge makers and hear the story of how this year’s badge was created amidst a global pandemic. We’ll share tales of chip shortages, delayed parts, and late nights, as well as discuss how the badge works and what you can do with it. Maybe even some hints about the challenges within…

:..>Bio: Michael Whiteley is a husband, father, and electronics geek. He doesn’t like long walks on the beach, but prefers to be indoors with a fast internet connection.

Katie Whiteley is a wife, mother, and graphic designer. She likes long walks on the beach because there’s no internet connection.

Combined they are MK Factor, a husband/wife badgemaker team. They’ve created badges for many conferences and groups like OpenWest, Saintcon, DC801, Car Hacking Village, and many unofficial DEF CON badges. Together they earned a black badge for Car Hacking at DEF CON 24.

Hypercore:// A World Of Distributed Data Structures :..>Originally known as the DAT Protocol with the Beaker Browser, Hypercore Protocol is a peer-to-peer data network built on the Hypercore logs that are like lightweight blockchains without the consensus algorithm. In this talk, I will details how I built the Hyper Protocol, how it works and a first look into my new project; a self-hosted cloud, similar to sandstorm, that uses Hypercore to integrate the servers into a network.

:..>Bio: Paul Frazee got his start in the Web working at development agencies which specialized in e-commerce and marketing. His interest in open source and distributed systems led him to the Secure Scuttlebutt (SSB) community where he helped develop a peer-to-peer social networking app called Patchwork. After a few years working on SSB, Paul started the Beaker Browser project in order to experiment with applying p2p concepts to the Web platform.

TALK TBA :..> TBA

:.>Bio: TBA

INTERMISSION :: After The Lifting Of The Block: Case Study Of Turkey (ONLINE ONLY) :..>Wikipedia was blocked throughout Turkey for almost 2,5 years until 2020. Wikimania 2021 will be the first Wikimania held after the lifting of the block. During the years of the block in Turkey, many fellow wikimedians were concerned about the situation; but most did not have a chance to learn what was happening from Turkish wiki community members. At Wikimania 2021, it will be 20 months since the access was restored; Turkish community have gained ground in “reintroducing” Wikipedia to the country.

In this presentation, we tell the story of the Wikipedia block from TR community view and introduce the work of WMTR for overcoming the negative outcomes and coming out of this situation as a more powerful, better established group.

:.>Bio:

User:Khutuck User:Basak

.::OPEN PROJECTS::.

Hacker Science Theater 3000 Presents: Johnny Mnemonic :..>Exclusively in person join us meetings for various hacker film and documentary screenings. First up is a classic that has aged beautifully and horribly at the same time:

Johnny Mnemonic is a 1995 Canadian-American cyberpunk action thriller film directed by Robert Longo in his directorial debut. The film stars Keanu Reeves and Dolph Lundgren. The film is based on the story of the same name by William Gibson. Keanu Reeves plays the title character, a man with a cybernetic brain implant designed to store information. The film portrays Gibson’s dystopian view of the future with the world dominated by megacorporations and with strong East Asian influences.

DCG 201 Vote: What IRC Instance Should We Move To? :..> If you have been living under a rock lately, we regret to inform you that Freenode imploded under it’s own arrogance and stupidity leading to a mass exodus of IRC Channels. Since we use to host under Freenode, we plan on moving the #DEFCON201 IRC Channel to another IRC Server. We your help in us voting in a new one. The options are:

LiberaChat HackInt OFTC

We want to hear your opinions in person and you can help online by voting on our active poll on our Twitch Channel!

DCG 201 Online Hacker Hangout :..>After our lightning talks DCG 201 members will be given an opportunity to show off the various projects that they have been working on. You can join in any time as we chat and some things we might be showing off for the first time so you don’t want to miss this on the LIVE Stream!

To get the URL and Password for the group hang out, come back to this space the day of the meet up (AUGUST 20TH) at 4:00 PM EST & pay attention to our Twitter or sign up on Meet Up!

:..>What You’ll Need: If you want to get in on the action, just bring any hardware or software program you are working on. For hardware, make sure you have a camera with decent resolution. For software, make sure your screen sharing function is working. For interaction, make sure you have your microphone on your computer or headset in working order.

Subculture Raspberry Pi Arcade :..>This meet up, we are leaving our video games at home and instead relying on the Raspberry Pi Arcade machines for entertainment! Play all the video game classics from NES, Genesis, Super Nintendo & More!

::END OF LINE::

.::DCG 201 Online Meet Up — July 2021 — The Calm Before The Cyber Storm::.

====================================================== Date: July 16st, Friday

Time: 6:30 PM EST — 10:00 PM EST

Meet-Up: https://www.meetup.com/DEFCON201/events/279514157/

Facebook [TOR]: TBA

Hackaday: TBA

=====================================================

Welcome to the July 2021 DCG 201 Meet Up!

Welp…better late that never?

Yes, we know there was no June meet up and we are announcing this one SUPER late. Sadly hacking does not exist in a vaccum and the calamity outside of computers in a post-vaxx world has impacted us over the past weeks.

But we have not been shut down by the FBI or abducted by ClownSec, we at DCG 201 have been plotting out how the rest of the year and into 2022 will go! New logo! New live stream shows! New in person meet ups outside of meetings! New conventions and yes, DEF CON 29 is coming!

Plus, big suprises you don’t want to miss LIVE!

So saddle up as we use July to take a small but patriotic look into the goving on of ‘guberment biz as we open DCG 201 to a whole new world!

See you at our last purely online show!

====================================================== Live Streams: ====================================================== Twitch: https://www.twitch.tv/defcon201live

dLive: https://dlive.tv/defcon201

YouTube: https://www.youtube.com/c/defcon201

Invidious [TOR]: http://grwp24hodrefzvjjuccrkw3mjq4tzhaaq32amf33dzpmuxe7ilepcmad.onion/channel/UCYDQaOHbK5trRU2CDgb0qSg

Facebook [TOR]: https://www.facebookcorewwwi.onion/groups/defcon201/

PeerTube: https://diode.zone/accounts/dc201/video-channels ======================================================

.::AGENDA & SCHEDULE::. 6:30pm — 7:00pm PRE SHOW :: All-Army Cyberstakes :: XXE Injection — John Hammond 7:00pm — 7:05pm DEFCON 201 Announcements 7:05pm — 8:00pm SkyPirate Interview 8:00pm — 8:30pm Counting To TENS aka When The US Department Of Defence Tries To Make Tails OS — Sidepocket 8:30pm — ??? DCG 201 Hacker Hangout + Games & MORE!

.::OPEN PROJECTS::. DCG 201 Hacker Hangout — Everyone Google CTF - Everyone Folding@Home VS Coronavirus (Team: 241960) — GI Jack, Everyone Among Us — Everyone

.::LIGHTNING TALKS::.

PRE SHOW :: All-Army Cyberstakes :: XXE Injection :..>All-Army CyberStakes is the premier Department of Defense individual, computer security, skills competition. The competition tests a diverse array of skills including forensics, cryptography, binary exploitation, reverse engineering, and web-based exploitation. In this video, world renown cybersecurity expert John Hammond (no not related to the Jurassic Park guy) will show off one of last year’s challenges solving it using a XML external entity (XXE) injection attack.

:..>Bio: Hi! My name is John. I’m just a guy that likes computers, and loves to show off cool things. So if you are into programming, computer security, or any tech on a keyboard, check out some of my YouTube videos and feel free to get engaged. I am super thankful for all of your support and helping the channel keep growing!

SkyPirate Interview :..>Bio: Marcus Singletary aka SkyPirateActual (https://instagram.com/SkyPirateActual) is currently a 11B (Infantry Squad Leader) stationed out of Ft. Bragg, NC. He has been deployed to Iraq twice in the last 6 years. His interest in physical security stemmed from lockpicking, bypassing as a hobby and breaching on the job; the correlation between the two sparked the interest and the subsequent dive into the world of physical security

Counting To TENS aka When The US Department of Defence Tries To Make Tails OS :..>Trusted End Node Security (TENS), previously called Lightweight Portable Security (LPS), is a Linux-based live CD produced by the United States of America’s Department of Defence with a goal of allowing users to work on a computer without the risk of exposing their credentials and private data to malware, key loggers and other Internet-era ills. It includes a minimal set of applications and utilities, such as the Firefox web browser or an encryption wizard for encrypting and decrypting personal files. Our Co-Founder will attempt to run this discontinued operating system in a virtual machine and explore its weird quirks.

:.>Bio: A Co-Founder of DCG 201, an open group for hacker workshop projects in North East New Jersey, Sidepocket is constantly wanting to help people to get better at whatever they want to do and learn. He also has a history with NYC 2600, Radio Statler at Hackers on Planet Earth, Phone Losers of America, Museum of Urban Reclaim Spaces and The Yes Men. Find out more about DCG 201 at: http://www.defcon201.org

.::OPEN PROJECTS::.

DCG 201 Hacker Show & Tell :..>After our lightning talks DCG 201 members will be given an opportunity to show off the various projects that they have been working on. You can join in any time as we chat and some things we might be showing off for the first time so you don’t want to miss this on the LIVE Stream!

To get the URL and Password for the group hang out, pay attention to our Twitter or sign up on Meet Up!

:..>What You’ll Need: If you want to get in on the action, just bring any hardware or software program you are working on. For hardware, make sure you have a camera with decent resolution. For software, make sure your screen sharing function is working. For interaction, make sure you have your microphone on your computer or headset in working order.

Google CTF 2021 :..>This Friday, starting on July 16th at 8:00 PM EST, we invite all DCG 201 Members, Attendees and Fans to help us hack the Google CTF 2021! If you are new to Online CTF, we will help you get set up and walk you through some of the challenges. Then you can log in anytime after until July 18th 8:00 PM EST to continue our CTF conquest! To learn more about the CTF, please follow this link: https://defcon201.medium.com/dcg-201-online-ctf-google-ctf-2021-july-16th-18th-1c51aa812048

:..>What To Bring: Any laptop will do. Ideally you want to load it full of Information Security Red Team and Blue Team tools, look at Kali Linux, Parrot OS, Pentoo or Black Arch for ideas. To participate online, you will need a Discord Account and to join our Discord at this link: https://discord.gg/PGgPNEF

Folding@Home VS Coronavirus :..>Folding@home (FAH or F@h) is a distributed computing project for simulating protein dynamics, including the process of protein folding and the movements of proteins implicated in a variety of diseases. Currently F@h is simulating the dynamics of COVID-19 proteins to hunt for new therapeutic opportunities. We want to contribute and you can help! Join the DEFCON 201 Folding@Home Team: 241960

:..>What You’ll Need: Download and run Folding@home for Windows/Mac/Linux/FreeBSD, ideally on your highest performance system with a GPU and join our F@h Team 241960: https://foldingathome.org/start-folding/

AMONG US During our stream, we will be playing the hit game Among Us with the DEF CON audience! Watch the stream to find out how to join.

Steam: https://store.steampowered.com/app/945360/Among_Us/ iOS: https://apps.apple.com/us/app/among-us/id1351168404 Android: https://play.google.com/store/apps/details?id=com.innersloth.spacemafia&hl=en_US&gl=US

The game takes place in a space-themed setting, in which players each take on one of two roles, most being Crewmates, and a predetermined number being Impostors. The goal of the Crewmates is to identify the Impostors, eliminate them, and complete tasks around the map; the Impostors’ goal is to covertly sabotage and kill the Crewmates before they complete all of their tasks. Players suspected to be Impostors may be eliminated via a plurality vote, which any player may initiate by calling an emergency meeting (except during a crisis) or reporting a dead body. Crewmates win if all Impostors are eliminated or all tasks are completed whereas Impostors win if there is an equal number of Impostors and Crewmates, or if a critical sabotage goes unresolved.

::END OF LINE::

.::DCG 201 Online Meet Up — May 2021 — Virtual Light::.

====================================================== Date: May 21st, Friday

Time: 5:30 PM EST — 11:00 PM EST

Meet-Up: https://www.meetup.com/DEFCON201/events/277539462/

Facebook [TOR]: https://www.facebookcorewwwi.onion/events/219521683035008/

Hackaday: TBA

=====================================================

Welcome to the May 2021 DCG 201 Meet Up!

Since March of last year, the entire world had to become familiar with being more involved in the virtual world than it normally has. Zoom Meet Ups, Twitch LIVE Streams, Fortnite Concerts and the revival of the classic Virtual Reality headset. Now cheaper and more advance than ever, this has opened up pathways to a real life versions of The Lawnmower Man and The Matrix except somehow more weird, boring and horrifying because…you know, it’s this timeline.

Join us for a special entirely Virtual Reality online meet up broadcasted out of the DCG 201 LIVE Streams where we look at VR’s past mistakes, security, privacy, development and how it can be used for both good and evil.

Also: Virtual reality hang out party with music DJ’ed by a digital furry. Because Internet.

We are also excited because in addition to this online meet up, all of our LIVE Stream shows for May will be entirely themed around VR! We also have some exciting DCG 201 announcements to share about our future 2021 plans so get excite!

====================================================== Live Streams: ====================================================== Twitch: https://www.twitch.tv/defcon201live

dLive: https://dlive.tv/defcon201

YouTube: https://www.youtube.com/c/defcon201

Invidious [TOR]: http://grwp24hodrefzvjjuccrkw3mjq4tzhaaq32amf33dzpmuxe7ilepcmad.onion/channel/UCYDQaOHbK5trRU2CDgb0qSg

Facebook [TOR]: https://www.facebookcorewwwi.onion/groups/defcon201/

PeerTube: https://diode.zone/accounts/dc201/video-channels ======================================================

.::AGENDA & SCHEDULE::. 5:30pm — 5:55pm PRE SHOW :: Beyond the Looking Glass (1993) 5:55pm — 6:00pm DEFCON 201 Announcements 6:00pm — 7:00pm XRSI: The Reality Of Securing Virtual Worlds — Kavya Pearlman 7:00pm — 7:30pm LÖVR: What’s happening in the world of one Open Source VR Library — Andi McClure 7:30pm — 8:00pm Alloverse: Free & Open Source Virtual Reality — Nevyn Bengtsson 8:00pm — 8:20pm Spot the Surveillance: A VR Experience for Keeping an Eye on Big Brother — EFF 8:20pm — 9:00pm Surfing The 90’s Virtual Reality Internet With VRML — Sidepocket 9:00pm — ??? Virtual Reality Concert by DJ Vulp + Nowhere DCG 201 Virtual Reality Hacker Hangout

.::OPEN PROJECTS::.

DCG 201 Virtual Reality Hacker Hangout — Everyone Virtual Reality Concert by DJ Vulp — Everyone Folding@Home VS Coronavirus (Team: 241960) — GI Jack, Everyone

.::LIGHTNING TALKS::.

PRE SHOW :: Beyond the Looking Glass (1993) :..>Our PRE-SHOW will air a blast from the past documentary that is a great time capsule on what VR technology was like in the early 1990’s and what their hopes were for the future of the technology. Featuring professional dreadlock weirdo Jaron Lanier who was recently a Keynote Speaker at the HOPE 2020 Online Virtual Conference.

:..>Bio: Jaron Lanier is an American computer philosophy writer, computer scientist, visual artist, and composer of classical music. Considered a founding father of the field of virtual reality, he left Atari in 1985 to co-found VPL Research, Inc., the first company to sell VR goggles and gloves. In the late 1990s, Jaron worked on applications for Internet2, and in the 2000s, he was a visiting scholar at Silicon Graphics and various universities. In 2006 he began to work at Microsoft, and from 2009 has worked at Microsoft Research as an interdisciplinary scientist. His most recent book is Ten Arguments for Deleting Your Social Media Accounts Right Now.

XRSI: The Reality Of Securing Virtual Worlds :..>New technologies inevitably bring along new risks. Virtual Reality (VR) is one of those technologies that is slowly creeping into our daily digital lives, however, not much attention has been paid to the risks it brings along. As the industry looks towards mass adoption of Virtual Reality with an expected $40 billion market size and over 200 million active users by the year 2020, these new cyber attacks have already begun making headlines. Kavya Pearlman, founder of XR Safety Initiative is busy building processes, standards and finding novel cyberattacks to stay ahead of the bad guys that are coming for this rising new domain of Virtual Reality.

:..>Bio: Well known as the “Cyber Guardian”, founder & CEO of the XR Safety Initiative (XRSI), Kavya Pearlman is an award-winning cybersecurity professional with a deep interest in immersive and emerging technologies. She recently launched a novel XRSI Privacy & Safety Framework for the XR and Spatial Computing domain. Kavya is constantly exploring new technologies to solve cybersecurity challenges. She has been named one of the Top Cybersecurity influencers for three consecutive years, 2018–2019–2020 by IFSEC Global. Kavya has previously advised Facebook on third party security risks during the 2016 US presidential elections and worked as the head of security for the oldest virtual world, “Second Life” by Linden Lab. Kavya is the co-host of the immersive podcast “Singularity Watch” and one of the Top 50 speakers in the cybersecurity industry. Kavya has founded The CyberXR Coalition that now focuses on diversity and inclusion and the cross section of Cybersecurity and XR, helped launch a trustworthy XR news platform, ReadyHackerOne and establish a Medical XR Advisory Council.

LÖVR: What’s happening in the world of one Open Source VR Library :..>LÖVR is a cross-platform, open-source VR engine created by Bjorn Swenson, an alternative to Unreal or Unity that lets you create a VR game or app in just a few lines of Lua. We’ll have Andi McClure by to talk about VR development in general, give a demo of LÖVR, and show off her LÖVR-based commercial game “SKATEGIRL DESTROYS THE UNIVERSE”.

:.>Bio: Andi McClure has been since 2008 making free video games, or at least, things that start arguments about whether they are video games. Her work experiments with glitch aesthetics, psychadelic visuals and the intersection of games and art software. She also one time made a programming language as a joke. See links to her work at https://runhello.com

Alloverse: Free & Open Source Virtual Reality :..>Continuing from the LÖVR talk, we will air a video presentation by Nevyn Bengtsson showing off his project Alloverse, a LÖVR-based metaverse. Come watch if you’re curious about LÖVR or just want to see one nonstandard approach to VR dev.

:..>Bio: Nevyn Bengtsson has been fascinated by the frontiers of HCI since he was a teenager. He was absolutely entranced by Jeff Han’s multi-touch experiments at the start of the millennium, and jumped on the iOS bandwagon early to explore the new medium. He built Spotify’s iOS app for a few years, then built the UX platform Lookback. Alloverse is his latest project, combining all of his passions: HCI, UX, VR and game engine programming.

Spot the Surveillance: A VR Experience for Keeping an Eye on Big Brother :..>Spot the Surveillance is an open-source educational Virtual Reality (VR) tool to helppeople recognize and understand the types of surveillance technology that policedeploy in their communities. The user is placed into a 360-degree street scene in San Francisco, where a policeencounter is frozen in time. The user looks around for surveillance equipment, such asa body-worn camera or automated license plate readers. As each device is located, theuser is informed on how the technology is used via text and narration. The experience is intended to expose users to street-level surveillance, and to sparkquestions around the types of surveillance from law enforcement they might notice in their communities. This talk will be how it was built and what is the future of this edu-virtual tech.

:..>Bio: Rory is a Grassroots Advocacy Organizer primarily working on the Electronic Frontier Alliance. They are also a doctoral student of psychology at the City University of New York Graduate Center studying activist pedagogy. Before coming to the EFF they were active in several New York City groups including the Cypurr Collective, a member of the EFA engaging in community education on matters of cybersecurity. A long time advocate for open education and open science, they want to break down any barriers folks face to free expression, creativity, or knowledge.

Artemis Schatzkin is a front-end web developer who has worked on many of EFF’s websites, such as Who Has Your Face?, Cover Your Tracks, this very site you’re on, and many more. She also developed EFF’s virtual reality site, Spot the Surveillance.

She has a parallel life as a visual artist.

Surfing The 90’s Virtual Reality Internet With VRML :..>After digging up the corpse of the last cursed online protocol, our DCG 201 Co-Founder has once again used his digital archeology skills to unearth another piece of virtual technology that the internet has forgotten about. VRML (Virtual Reality Modeling Language) is an ISO standard file format for representing 3-dimensional (3D) interactive vector graphics, designed particularly with the World Wide Web in mind. Coined by Dave Raggett for the First World Wide Web Conference, it is a text file format where vertices and edges for a 3D polygon can be specified along with the surface color, UV-mapped textures, shininess, transparency, ect. We will go over the language, try to create a .wrl WORLD from scratch and trace its lineage to a shocking conclusion!

:..>Bio: A Co-Founder of DEFCON 201, an open group for hacker workshop projects in North East New Jersey, Sidepocket is constantly wanting to help people to get better at whatever they want to do and learn. He also has a history with NYC 2600, Radio Statler at Hackers on Planet Earth, Phone Losers of America, Museum of Urban Reclaim Spaces and The Yes Men. Find out more about DEFCON 201 at: http://www.defcon201.org

.::OPEN PROJECTS::.

DCG 201 Virtual Reality Hacker Hangout :..>Come meet us in the Virtual World of NOWHERE, a new social and events platform that revolutionizes online gathering by offering face-to-face interaction in beautifully designed three-dimensional spaces! Hang out, talk on your mic, turn on video to show off your hacker shit and watch the LIVE Stream through the virtual world followed by an after party featuring amazing music! (SEE BELOW)

:::::NOTE: LINK WILL BE POSTED ON BLOG AND SOCIAL MEDIA ON MAY 21ST AT 5:00 PM EST!

:..>What You’ll Need: The best experience is by using any browser based on Blink Engine, ideally the default Google Chrome or Chromium browser. Please have it only only one tab and also disable any security Add-Ons and mods for said tab to avoid lag and interuptions.

Virtual Reality Concert by DJ Vulp :..>Starting at 9:00 PM EST we will be having an awesome DJ set by a virtual DJ while we party the night away and talk about 1337 haxxs! This will both be on our LIVE Streams as well as in our NOWHERE virtual world!

:..>Bio: DJ Vulp has been mixing tracks together since 2016 and has always stuck with it as a side job through college and a continued hobby for fun today. Come dance while he brings you good vibes.

Folding@Home VS Coronavirus

:..>Folding@home (FAH or F@h) is a distributed computing project for simulating protein dynamics, including the process of protein folding and the movements of proteins implicated in a variety of diseases. Currently F@h is simulating the dynamics of COVID-19 proteins to hunt for new therapeutic opportunities. We want to contribute and you can help! Join the DEFCON 201 Folding@Home Team: 241960

:..>What You’ll Need: Download and run Folding@home for Windows/Mac/Linux/FreeBSD, ideally on your highest performance system with a GPU and join our F@h Team 241960: https://foldingathome.org/start-folding/

::END OF LINE::

.::DCG 201 Online Meet Up — April 2021 — Application Is Meditating::.

====================================================== Date: April 16th, Friday

Time: 7:00 PM EST — 11:00 PM EST

Meet-Up: https://www.meetup.com/DEFCON201/events/277538431/

Facebook [TOR]: https://www.facebookcorewwwi.onion/events/554252495545299/

Hackaday: TBA

=====================================================

Welcome to the April 2021 DEFCON 201 Meet Up!

Spring is in the air…as well as the infamous April Showers. And when it rains, it POURS! Millions of vaccination rolling out globally, more civil unrest unfolding, FOSS orgs imploding, canals getting blocked and TONS of exploits and data leaks flooding the intertubes.

Join us for this month's meet up as we deep dive into more traditional hacker AF topics from hardware maniuplation, exploits, digital archiving and more as you get to interact with us via our Big Blue Button posted on our social media the day of the event! All online as we wait for more people to get their Bio-Blue Team Hardened for more traditional in-person meet ups later this summer!

====================================================== Live Streams: ====================================================== Twitch: https://www.twitch.tv/defcon201live

dLive: https://dlive.tv/defcon201

YouTube: https://www.youtube.com/c/defcon201

Invidious [TOR]: http://grwp24hodrefzvjjuccrkw3mjq4tzhaaq32amf33dzpmuxe7ilepcmad.onion/channel/UCYDQaOHbK5trRU2CDgb0qSg

Facebook [TOR]: https://www.facebookcorewwwi.onion/groups/defcon201/

PeerTube: https://diode.zone/accounts/dc201/video-channels ======================================================

.::AGENDA & SCHEDULE::. 7:00pm — 7:55pm PRE SHOW :: Black Hat Webcast Series – It's not FINished: The Evolving Maturity in Ransomware Operations 7:55pm — 8:00pm DEFCON 201 Announcements 8:00pm — 8:30pm Detecting At-Risk Software — Kaylea Champion 8:30pm — 9:00pm The Joycon Symphonic Orchestra — sirocyl 9:00pm — 10:00pm npm's Gone Wild: The undefined Edition (CVE-2021-28918) — SickCodes, John Hacking, Kaoudis, Koroeskohr, Tensor_Bodega 10:00pm — ??? Open Workshops: DEFCON 201 Show & Tell + Games + Hangout

.::OPEN PROJECTS::.

DC201 Hacker Show & Tell — Everyone PlaidCTF 2021 — Everyone Folding@Home VS Coronavirus (Team: 241960) — GI Jack, Everyone Among Us — Everyone

.::LIGHTNING TALKS::.

PRE SHOW :: Black Hat Webcast Series - It's not FINished: The Evolving Maturity in Ransomware Operations :..>Our PRE-SHOW will a relevant talk from the Black Hat Webinar series! Ransom demands are becoming larger, attackers smarter, and intrusions longer. Ransomware threat actors are hitting European companies hard with more effective ransomware deployment resulting in devastating impacts to victim organizations. When they strike, their ransomware deployments are more complete, more effective, and they are crippling many organizations to the point where there is often no clear path back to business.    We will be sharing tradecraft we've seen ransomware threat actors employ across Europe in 2020. We cover how we're seeing ransomware crews leverage high-profile critical vulnerabilities to gain footholds in as many victims networks as possible, only to come back weeks or even months later to leverage those footholds into full-scale ransomware deployments.    Not only are intrusion tactics improving, but attackers are also transitioning and developing sleek ransomware-as-a-service platforms. Threat actors are professionalising and streamlining their platforms. These platforms are being used by threat actors to generate malware, to communicate and negotiate with victims, and in some cases, for payment processing and decryption utility delivery.

:..>Bio: Mitchell Clarke is a Principal Incident Response Consultant for Mandiant United Kingdom and Ireland. He specializes in providing enterprise-scale response operations for clients facing sophisticated network intrusions by determined attackers. Mitchell is well practiced in leading both large and complex response operations for multinational organizations as well as tightly focused response operations for highly specialized organizations protecting critical intellectual property or sensitive information. Mitchell has led organizations across multiple industries in responding to breaches by adversaries ranging from well-resourced and stealthy nation-state sponsored espionage threat groups to highly motivated cybercriminals seeking to extort or ransom victim organizations.

:..>Bio: Tom Hall is a Principal Incident Response Consultant in Mandiant's UK team, and European Incident Response Function lead. As part of the Incident Response team, Tom provides services to clients when a breach occurs and has worked on Incident Response engagements globally with Mandiant since 2015. Tom has been responsible for leading and assisting organizations that involved advanced targeted threats and works closely with colleagues on new methods to proactively identify threats using new methodologies.

:..>Bio: Joe Slowik has over a decade of experience across multiple cyber disciplines. From work in the US Navy, to the US Department of Energy and Los Alamos National Laboratory, to industrial control security company Dragos, Joe has covered multiple facets of cyber intrusions and critical infrastructure defense. As a Senior Security Researcher at DomainTools, Joe continues his work tracking state-sponsored and criminal threats to enterprises with an emphasis on critical infrastructure and related targets.

Detecting At-Risk Software Infrastructure :..>Software serves as infrastructure and it can suffer from a lack of maintenance. Problems can be invisible and repairs may be difficult to prioritize. These factors lead to a type of risk we call “underproduction” — projects that are highly important but low quality. We want to understand how to detect this kind of risk in Free/Libre Open Source Software infrastructure before major failures occur. We'll be presenting results from our research into this question.

:..>Bio: Kaylea Champion is a PhD student in Communication at the University of Washington with a background in tech support and system administration. As a member of the Community Data Science Collective, she studies how people work together to build incredible public goods like GNU/Linux and Wikipedia, including not only how these projects succeed and thrive but also where they sometimes fall short. When not slinging python or chewing through data, she enjoys running in the woods, playing board games, and cooking for a crowd.

The Joy-Con Symphonic Orchestra :..>Did you know that the Nintendo Switch Joy-Con Controller “HD Rumble” system is so precise that you can vibrate the motors to play music? Many first party Nintendo games have used this function and now thanks to sarossilli (no relation to sirocyl) you can do so at home! In this talk DCG 201 Member sirocyl will look at a program that allows Nintendo Switch Joy-Cons to play .midi files through vibrations using C++ and the HID API hidraw library to interface with the controllers. This will be followed by a mini-jam session that might extend to the hang out portion of the meet up!

:.>Bio: sirocyl is a DCG 201 alumnus and founder of the famitracker.org FamiTracker and Famicom/NES music community. He is also part of MAGFEST video game convention volunteer staff.

npm's Gone Wild: The undefined Edition (CVE-2021–28918) :..>How we copped a decade old 0-day, while fixing another one. Randomly assembled global team of then strangers. The power of dropping research on a Sunday.

:..>Bio: Research by… Victor Viale: https://github.com/koroeskohr || https://twitter.com/koroeskohr Sick Codes: https://github.com/sickcodes || https://twitter.com/sickcodes Kelly Kaoudis: https://github.com/kaoudis || https://twitter.com/kaoudis John Jackson https://twitter.com/johnjhacking Nick Sahler: https://github.com/nicksahler || https://twitter.com/tensor_bodega Olivier Poitrey: https://github.com/rs || https://twitter.com/olivier_poitrey

.::OPEN PROJECTS::.

DEFCON 201 Hacker Show & Tell :..>After our lightning talks DEFCON 201 members will be given an opportunity to show off the various projects that they have been working on. You can join in any time as we chat and some things we might be showing off for the first time so you don’t want to miss this on the LIVE Stream!

Big Blue Button: LINK WILL BE POSTED ON April 16TH AT 6PM EST

To get the URL and Password for the group hang out, pay attention to our Twitter or sign up on Meet Up!

:..>What You’ll Need: If you want to get in on the action, just bring any hardware or software program you are working on. For hardware, make sure you have a camera with decent resolution. For software, make sure your screen sharing function is working. For interaction, make sure you have your microphone on your computer or headset in working order.

PlaidCTF 2021 :..>This Friday, starting on April 16th at 5:00 PM EST, we invite all DEFCON 201 Members, Attendees and Fans to help us hack the PlaidCTF 2021! If you are new to Online CTF, we will help you get set up and walk you through some of the challenges. Then you can log in anytime after until April 17th 5:00 PM EST to continue our CTF conquest! To learn more about the CTF, please follow this link: https://www.meetup.com/DEFCON201/events/277538780/

:..>What To Bring: Any laptop will do. Ideally you want to load it full of Information Security Red Team and Blue Team tools, look at Kali Linux, Parrot OS, Pentoo or Black Arch for ideas. To participate online, you will need a Discord Account and to join our Discord at this link: https://discord.gg/PGgPNEF

Folding@Home VS Coronavirus :..>Folding@home (FAH or F@h) is a distributed computing project for simulating protein dynamics, including the process of protein folding and the movements of proteins implicated in a variety of diseases. Currently F@h is simulating the dynamics of COVID-19 proteins to hunt for new therapeutic opportunities. We want to contribute and you can help! Join the DEFCON 201 Folding@Home Team: 241960

:..>What You’ll Need: Download and run Folding@home for Windows/Mac/Linux/FreeBSD, ideally on your highest performance system with a GPU and join our F@h Team 241960: https://foldingathome.org/start-folding/

AMONG US :..>During our stream, we will be playing the hit game Among Us with the DEF CON audience! Watch the stream to find out how to join.

Steam: https://store.steampowered.com/app/945360/Among_Us/ iOS: https://apps.apple.com/us/app/among-us/id1351168404 Android: https://play.google.com/store/apps/details?id=com.innersloth.spacemafia&hl=en_US&gl=US

The game takes place in a space-themed setting, in which players each take on one of two roles, most being Crewmates, and a predetermined number being Impostors. The goal of the Crewmates is to identify the Impostors, eliminate them, and complete tasks around the map; the Impostors’ goal is to covertly sabotage and kill the Crewmates before they complete all of their tasks. Players suspected to be Impostors may be eliminated via a plurality vote, which any player may initiate by calling an emergency meeting (except during a crisis) or reporting a dead body. Crewmates win if all Impostors are eliminated or all tasks are completed whereas Impostors win if there is an equal number of Impostors and Crewmates, or if a critical sabotage goes unresolved.

::END OF LINE::