.::DEFCON 201 Meet Up — June 2019 — PEBKAC::.

====================================================== Date: June 21st, Friday

Time: 7:00 PM — 10:00 PM

Location: Sub Culture (260 Newark Ave, Jersey City, NJ)

Meet-Up: https://www.meetup.com/DEFCON201/events/262409039/

Facebook [TOR]: https://www.facebookcorewwwi.onion/events/2429540473771618/

Hackaday: TBA

======================================================

Welcome to the June 2019 DEFCON 201 Meet Up!

Defy the rain (why are we Washington State this week?) and come down to get your hack on! After a fabulous PRIDE event, we return to the reoccurring meeting which will have announcements on DEFCON 201 Membership, cool talks, free booze, huge sandwiches, video games, making fun of crypto bros, mainframe password cracking and much more!

.::AGENDA & SCHEDULE::. 7:00pm — 8:00pm Meet & Greet 8:00pm — 8:10pm Configuring Privoxy & JonDo — n0ctilucient 8:10pm — 8:20pm Joy Con-ning The Nintendo Switch Hardware & Accessories— sirocyl 8:20pm — 8:40pm Learning About Libra and Why Facebook’s Cryptocurrency is Pure High Octane Nightmare Fuel — Sidepocket 8:40pm — 9:55pm Open Workshops Projects & Black Hat Webinar 9:55pm — 10:00pm END OF OFFICIAL MEET UP

.::OPEN PROJECTS::.

Practice Lockpicking & Locksport — Sidepocket & GI Jack

.::LIGHTNING TALKS::.

Configuring Privoxy & JonDo :..>TBA

:.> Bio: n0ctilucient (TBA)

Joy-Con-ning The Nintendo Switch Hardware & Accessories :..>Bio: sirocyl — Member of SwitchRoot and Founder of the famitracker.org

Learning About Libra and Why Facebook’s Cryptocurrency is Pure High Octane Nightmare Fuel :..>A few days ago, Facebook announced Libra, a new worldwide cryptocurrency platform that the company hopes to become the new de facto in global eCommerce. In this talk, DEFCON 201 Co-Founder Sidepocket will go over the Libra platform, what makes it tick and why this whole initiative by Facebook is a horrible idea including privacy concerns and evil open source hacks.

:.>Bio: A Co-Founder of DEFCON 201, an open group for hacker workshop projects in North East New Jersey, Sidepocket is constantly wanting to help people to get better at whatever they want to do and learn. He also has a history with NYC 2600, Radio Statler at Hackers on Planet Earth, Phone Losers of America, Museum of Urban Reclaim Spaces and The Yes Men. Find out more about DEFCON 201 at: http://www.defcon201.org

BLACK HAT WEBINAR REPLAY — Don’t Let Your Mainframe Passwords be the Weakest Link in Your Enterprise :..>Most massive financial institutions rely on the IBM Mainframe platform for their day-to-day business. Without this critical platform, those businesses would cease to function. At the heart of securing any system, no less the venerable IBM mainframe, are the authentication methods used to verify users. We will examine the various password storage options for IBM’s RACF (Resource Access Control Facility) as implemented in z/OS.

Could a breach of your mainframe lead to a breach of the rest of your network? If you synchronize passwords and use one of the legacy algorithms for RACF, the answer may be: yes!

Depending on how your z/OS system is configured, the passwords may be stored using algorithms ranging from what basically amounts to cleartext, all the way up to world-class password encryption. Did you know the mainframe supports long passphrases, Multi-Factor Authentication and can also generate passtickets? If your enterprise uses RACF to secure its mainframe, you should register.

This talk is geared for technical decision makers, mainframe security personnel that want to learn more, or anyone with an interest in how z/OS stores its passwords / passtickets. You will learn how RACF stores its password information; the different types of password storage algorithms — with weaknesses / strengths in each — and also how to implement passtickets properly to avoid compromise.

:..>Bio: Chad Rikansrud is the Director of North American Operations for RSM Partners — a world leader in IBM mainframe security consulting services. Most of Chad’s 20-year career has been in technology leadership for the financial services industry.

.::OPEN PROJECTS::.

Practicing Lockpicking & Locksport :..>DEFCON 201 will have padlocks and professional practice tumblers provided by TOOOL to practice on. Fun and easy to learn for all ages and backgrounds with two expert instructors!

DEFCON 201 VIDEO FILMING :..>DEFCON 201 will expand into video media in late September. We will be launching various videos including an Introduction, Member Spotlights, Archived Lightning Talks, Tutorials, Directions and more on the DTube, Vimeo and YouTube Mirror platforms. We will also have downloadable copies on the DEFCON 201 NextCloud of select media for DEFCON 201 Members who want hard copies of videos. If you want to be in the Introduction, Member Spotlights or Archive Lighting Talks you can inquire into us about signing our DEFCON 201 Consent Forums and we will walk you through the process. Those who have not signed our DEFCON 201 Consent Forums during meetings will NOT be recorded in Video or Audio as per our policy. Furthermore, any instances of media recording photo/video/audio via DEFCON 201 Staff will be alerted to all president attendees beforehand prior to recording.

::END OF LINE::