{"id":4853,"date":"2025-01-11T12:55:54","date_gmt":"2025-01-11T17:55:54","guid":{"rendered":"https:\/\/control-h.org\/?p=4853"},"modified":"2025-01-11T12:55:54","modified_gmt":"2025-01-11T17:55:54","slug":"shmoocon-day-2-morning-belay-it","status":"publish","type":"post","link":"https:\/\/control-h.org\/index.php\/2025\/01\/11\/shmoocon-day-2-morning-belay-it\/","title":{"rendered":"ShmooCon Day 2 Morning Belay It"},"content":{"rendered":"\n<p>Really not feeling great this morning, but I was able to get back up to the room to watch.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.shmoocon.org\/speakers\/#kube\" target=\"_blank\" rel=\"noreferrer noopener\">First one<\/a> was about tracking Kubernetes.  I&#8217;ve not done anything, really, with Kubernetes, so this is kind new for me.<\/p>\n\n\n\n<p>Lots of discussion about thing with \/dev\/bpf in Linux.  I didn&#8217;t realize that it was still there?<\/p>\n\n\n\n<p>Transitioned in to discussion of risk analysis and prioritization.  Too much effort is being spent  <\/p>\n\n\n\n<p>This is very applicable to some of what I&#8217;m doing for work, but it&#8217;s something a lot of the sekurity mastars don&#8217;t understand.  I&#8217;m thinking of one IAC I was working.  Yes, it&#8217;s a Medium vulnerability.  Yes, that finding negatively-affects the overall system score.  <\/p>\n\n\n\n<p>But I&#8217;m pretty sure the number of users with privileges to exploit it can be counted on <em>one hand<\/em>, and implementing the system change would take <em>weeks<\/em>, and, <em>use all system resources during <\/em>the implementation.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><a href=\"https:\/\/www.shmoocon.org\/speakers\/#ecosystem\" target=\"_blank\" rel=\"noreferrer noopener\">Next talk<\/a> was about how exploitation works.  Some interesting information about how to exploit things like Totes-Didn&#8217;t-Used-To-Do-Evil KDE Browser extensions.<\/p>\n\n\n\n<p>&#8220;John The Ripper&#8221; can crack things like the Apple Passwords utility, which is actually pretty good unless you get the Apple account password.<\/p>\n\n\n\n<p>PowerShell script available for testing Windows hosts for common accounts.<\/p>\n\n\n\n<p>Recommendation of auditing accounts that might cause a problem if they&#8217;re compromised.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>Went into <a href=\"https:\/\/www.shmoocon.org\/speakers\/#elections\" target=\"_blank\" rel=\"noreferrer noopener\">this one<\/a> with great skepticism.<\/p>\n\n\n\n<p>There was a talk, and it probably would have been like 2018, that really focused on Russian influence in the 2016 election.<\/p>\n\n\n\n<p>This isn&#8217;t taking that tack.  The speaker didn&#8217;t do a good job disguising his political bias, unfortunately.<\/p>\n\n\n\n<p>Nothing with the sort of things that I think might repair the Presidential system, at least.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Expand the House.  Take a state&#8217;s population, divide by the smallest state&#8217;s population, and round <strong><em>UP<\/em><\/strong> to the next whole number.  The 435 limit in the House isn&#8217;t set anywhere other than by legislation from the Wilson administration.<\/li>\n\n\n\n<li>Do electoral vote allocation the way Maine and Nebraska does.  Winner-take-all goes away, unless a candidate actually gets a majority of the vote in a state.<\/li>\n\n\n\n<li>Repeal the Seventeenth Amendment<\/li>\n<\/ul>\n\n\n\n<p>Bits on foreign interference.  No evidence of it actually provided, just as it wasn&#8217;t with the 2016 election.  When a Republican wins, it&#8217;s foreign interference.  When a Democrat wins, you can&#8217;t even question it.<\/p>\n\n\n\n<p>In the Presidential elections where I&#8217;ve been old enough to vote, I&#8217;ve mostly voted for the Libertarian candidate.<\/p>\n\n\n\n<p>Not impressed with that one.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>Time to rest a bit, see if my body will allow me to go back downstairs to watch more in person. Ugh.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Really not feeling great this morning, but I was able to get back up to the room to watch. First one was about tracking Kubernetes. I&#8217;ve not done anything, really, with Kubernetes, so this is kind new for me. Lots of discussion about thing with \/dev\/bpf in Linux. I didn&#8217;t realize that it was still [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[],"class_list":["post-4853","post","type-post","status-publish","format-standard","hentry","category-shmoocon"],"_links":{"self":[{"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/posts\/4853","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/comments?post=4853"}],"version-history":[{"count":0,"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/posts\/4853\/revisions"}],"wp:attachment":[{"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/media?parent=4853"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/categories?post=4853"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/tags?post=4853"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}