05.09.18

announce: May DC206 Meeting

Posted in Uncategorized at 10:37 by Lee Fisher

What: May DC206 Meeting, Locksport, and BBQ
When: May 20th (3rd Sundays), 11:00am-~4:00pm
Where: Black Lodge Research
Who: (Hoc Genu, 0xFED, Dune, Hattz, and DC206 community)

Locksport begins at 11a, speaker(s) at 1p, BBQ after presentation is over.

** LOCKSPORT EVENT:

Dune will be running a Locksport event, starting at 11:00 until 1:00.

** DC206 MEETING PRESENTATION:

The Official Black Lodge Research Capture the Flag Announcement

by Hoc Genu and 0xFED

Announcing the official Black Lodge Research capture the flag! Revealing the plans for the future. We’ll talk about how it started, what has been accomplished so far, and our vision for the future.

Hoc Genu is an IT professional at the beginning of his career. He is currently the Meetup.com maintainer for BLR. He has presented on bash scripting at BLR and continues to learn about all aspects of technology.

0xFED is a security researcher who enjoys the art of pwning. He assembled his first computer at the age of 5, and hasn’t stopped messing with them since. He also has a few years of experience working in a Cyber Defense Operations Center, and also has a Microsoft Security Researcher Acknowledgment (which almost included a complimentary visit from the FBI). His personal and professional interests include: Pen testing, Vulnerability Analysis, CTF, Forensics, Incident response, and Exploit development.

This presentation will NOT be videotaped.

In case the speaker has some last-minute issue and cannot attend, the backup presentation will be Blibbet, with a draft version of a new talk with a checklist of guidance for UEFI firmware DFIR defenders, and demos of FWAudit (Firmware Audit), a new open source firmware security tool.

** POST-EVENT BBQ:

This month the chef will be Hattz.

We’re planning hamburgers and brats, some salad. Please feel free to bring a side-dish, or some additional meat. The fridge has some beer and hard cider, it always needs restocking. This month somone has donated a larger BBQ to the lodge, so the chef will have more grilling bandwith capacity.

** MORE INFO:

Black Lodge Research:
17725 NE 65th St, A-155; Evans Business Park, Bldg A; Redmond, WA 98052
Building A, mid-building, between the coffee roaster and the security company.
Park facing the street, not in front of other businesses, or you may get towed.
https://www.facebook.com/BlackLodgeResearch/
https://blacklodgeresearch.org/
http://www.openstreetmap.org/node/2184616237#map=19/47.66334/-122.10399
https://map.what3words.com/warm.rapid.epic
https://dc206.org/
http://lists.dc206.org/listinfo.cgi/list-dc206.org

Black Lodge Research

Redmond, WA
104 Members

Anyone interested in Information Security should checkout Black Lodge Research. Members can attend talks each month on a variety of topics and skill levels. Every Thursday BLR…

Next Meetup

Open Hack Night

Thursday, May 10, 2018, 7:00 PM
2 Attending

Check out this Meetup Group →

04.09.18

Announce: April DC206 Meeting/BBQ/locksport: Securing the 2020 Election Process

Posted in Uncategorized at 13:15 by Lee Fisher

When: Apr 15 (3rd Sundays), 11:00am-~4:00pm
What: April DC206 Meeting, Locksport, and BBQ
Where: Black Lodge Research
Who: (Dave Dittrich, Dune, Colby, Hattz, and DC206 community)

Locksport begins at 11a, speaker at 1p, BBQ after presentation is over.

—–

LOCKSPORT EVENT:

Dune will be running a Locksport event, starting at 11:00 until 1:00.

—–

DC206 MEETING PRESENTATION:

Securing the 2020 Election Process
by Dave Dittrich

The 2016 election showed that common phishing techniques work well against political campaign staff, allowing access to sensitive information and communications that are dumped, then pumped by sock puppets and individuals manipulated using advanced marketing techniques. The targeting of individuals for manipulation may have been driven by stolen voter registration roles, unethically obtained Facebook user data, and some votes may have been suppressed by alteration of voter roles and disruption of voter sign-in systems. A pair of Medium articles break this all down and identifies a gap in efforts to prevent a recurrence in the 2018 or 2020 election cycles:

https://medium.com/@dave.dittrich/securing-the-2020-election-process-part-1-96bab810cb8e
https://medium.com/@dave.dittrich/securing-the-2020-election-process-part-2-962ed2aff69e

This talk with focus on the principle gap — operational security of political campaign staff and candidates — and examine an open source platform that can address this gap. After this overview, interested audience members prepared with their own laptops will be taken through a “hands-on” exercise to stand up a subset of the proposed platform (the Trident portal component).

The hacker mindset takes knowledge of how a system works and applies it so as to make the system do things that most people (including those who originally developed the system) hadn’t imagined. The security mindset takes knowledge of how malicious actors compromise people and systems and applies it to incrementally improve the system so it is easier for users to “do the right things” (i.e., improve their daily OPSEC!) DC206 members can help prepare this system for use in securing the 2018 and 2020 elections by finding and fixing bugs, locking down components, helping complete or add new features, and hacking it to do even more things (like serving as a pop-up AlgoVPN server for securing yourself when traveling), or to use as a secure open source software development system with continuous integration/continuous delivery capabilities!

If you wish to participate in the hands-on portion, come prepared with at least the following:

* A Mac or Linux (Debian or Ubuntu) laptop.
* A DigitalOcean account.
* A DNS domain to use for your D2 system, pointing to the DigitalOcean NS servers. (This takes several hours to propagate, so definitely do this by Saturday night.)

These steps are detailed here:

https://davedittrich.readthedocs.io/projects/ansible-dims-playbooks/en/latest/clouddevelopment.html#getting-started

Dave Dittrich (@davedittrich) is a Cyber Security Researcher at the Center for Data Science, University of Washington Tacoma.
https://staff.washington.edu/dittrichhttps://github.com/davedittrich

This presentation will be videotaped, thanks to Colby.

In case the speaker has some last-minute issue and cannot attend, the backup presentation will be Blibbet, with a draft version of a new talk with a checklist of guidance for UEFI firmware DFIR defenders, and demos of FWAudit (Firmware Audit), a new open source firmware security tool.

—–

POST-EVENT BBQ:

This month the chef will be Hattz.

We’re planning hamburgers and brats, some salad. Please feel free to bring a side-dish, or some additional meat. The fridge has some beer and hard cider, it always needs restocking.

—–

Black Lodge Research:
17725 NE 65th St, A-155
Evans Business Park, Bldg A
Redmond, WA 98052
Building A, mid-building, between the coffee roaster and the security company.
Park facing the street, not in front of other businesses, or you may get towed.

Black Lodge Research

Redmond, WA
95 Members

Anyone interested in Information Security should checkout Black Lodge Research. Members can attend talks each month on a variety of topics and skill levels. Every Thursday BLR…

Next Meetup

Open Hack Night

Thursday, Apr 12, 2018, 7:00 PM
2 Attending

Check out this Meetup Group →

https://www.facebook.com/BlackLodgeResearch/

https://blacklodgeresearch.org/
http://www.openstreetmap.org/node/2184616237#map=19/47.66334/-122.10399
https://map.what3words.com/warm.rapid.epic
https://dc206.org/
http://lists.dc206.org/listinfo.cgi/list-dc206.org

03.18.18

UPDATE: March DC206 Meeting!

Posted in Uncategorized at 06:41 by Lee Fisher

Ignore the last post, the speaker is unable to attend.

Instead, Spooney will be doing badge-making, see this Tweet:

and this Facebag post:

https://www.facebook.com/events/207757623306025/

Unclear if the locksport port of the event will happen, since it was earlier cancelled, by previous speaker.

03.17.18

March DC206 Meeting: Terry on ICS security

Posted in Uncategorized at 14:03 by Lee Fisher

When: Mar 18 (3rd Sundays), 11:00am-~4:00pm
What: March DC206 Meeting
Where: Black Lodge Research
Who: (Dune, Terry, Colby, Hattz and/or Spooney)

Locksport begins at 11a, speaker at 1p, BBQ after presentation is over.

—–

LOCKSPORT EVENT:

Dune will be running a Locksport event, starting at 11:00 until 1:00.

—–

DC206 MEETING PRESENTATION:

ICS Time Warp: Rolling back the clock 10 years
by Terry

Industrial Control Systems (ICS) are a poorly understood technology by many in security, yet are common to most corporations. The power management systems that run your favorite sports arena, the badging systems that unlocks many, many doors and the HVAC systems that cool critical data and control centers are all forms of control systems. With terms like smart buildings, smart cities and smart factories all falling under the Internet of Things (IoT) umbrella how do we defend, or my personal favorite attack, these systems. Come join us as we explore the different flavors of control systems and learn how to incorporate them into assessments, defense strategies and research projects. Too many systems, so little time…

This presentation will be videotaped, thanks to Colby.

—–

POST-EVENT BBQ:

This month the chef will be Hattz. Or Spooney.

We’re planning hamburgers, brats, a few chicken breasts, some vegetarian salad. The fridge has some beer and hard cider.

Please feel free to bring some new beverages to help restock the BLR fridge. And/or a side-dish for the BBQ.

Veg[eteri]ans, there will be salad. Beyond that, please bring something you can eat; sorry.

—–

Black Lodge Research:
Park facing the street, not in front of other businesses, or you may get towed.
https://www.facebook.com/BlackLodgeResearch/
https://blacklodgeresearch.org/
17725 NE 65th St, A-155; Evans Business Park, Bldg A; Redmond, WA 98052
http://www.openstreetmap.org/node/2184616237#map=19/47.66334/-122.10399
https://map.what3words.com/warm.rapid.epic
https://dc206.org/
http://lists.dc206.org/listinfo.cgi/list-dc206.org

Black Lodge Research

Redmond, WA
90 Members

Anyone interested in Information Security should checkout Black Lodge Research. Members can attend talks each month on a variety of topics and skill levels. Every Thursday BLR…

Next Meetup

March DC206 Meeting: ICS Time Warp: Rolling back the clock 1…

Sunday, Mar 18, 2018, 11:00 AM
7 Attending

Check out this Meetup Group →

02.06.18

February DC206 Meeting: ICS Time Warp: Rolling back the clock 10 years (plus locksport and BBQ)

Posted in Uncategorized at 11:17 by Lee Fisher

When: Feb 18 (3rd Sundays), 11:00am-~4:00pm
What: February DC206 Meeting
Where: Black Lodge Research
Who: (Terry, Colby, Hattz)

Summary: Dune runs locksport starting at 11a, Terry speaks at 1p, Hattz runs BBQ starting after Terry finishes speaking.

—–

LOCKSPORT EVENT:

Dune will be running a Locksport event, starting at 11:00 until 1:00.

—–

DC206 MEETING PRESENTATION:

ICS Time Warp: Rolling back the clock 10 years
by Terry

Industrial Control Systems (ICS) are a poorly understood technology by many in security, yet are common to most corporations. The power management systems that run your favorite sports arena, the badging systems that unlocks many, many doors and the HVAC systems that cool critical data and control centers are all forms of control systems. With terms like smart buildings, smart cities and smart factories all falling under the Internet of Things (IoT) umbrella how do we defend, or my personal favorite attack, these systems. Come join us as we explore the different flavors of control systems and learn how to incorporate them into assessments, defense strategies and research projects. Too many systems, so little time…

This presentation will be videotaped, thanks to Colby.

—–

POST-EVENT BBQ:

This month the chef will be Hattz.

Veg[eteri]ans, please bring something you can eat, we’re planning on hamburgers.

—–

Black Lodge Research/DC206:
https://blacklodgeresearch.org/
17725 NE 65th St, A-155; Evans Business Park, Bldg A; Redmond, WA 98052
http://www.openstreetmap.org/node/2184616237#map=19/47.66334/-122.10399
https://map.what3words.com/warm.rapid.epic
Park facing the street, not in front of other businesses, or you’ll get towed.
https://dc206.org/
http://lists.dc206.org/listinfo.cgi/list-dc206.org
https://www.facebook.com/BlackLodgeResearch/

Black Lodge Research

Redmond, WA
80 Members

Anyone interested in Information Security should checkout Black Lodge Research. Members can attend talks each month on a variety of topics and skill levels. Every Thursday BLR…

Next Meetup

Open Hack Night

Thursday, Feb 8, 2018, 7:00 PM
5 Attending

Check out this Meetup Group →

01.06.18

January DC206 Meeting: Bringing an idea into the physical world with a CNC mill

Posted in Uncategorized at 10:24 by Lee Fisher

UPDATE: Videos are online, thanks to Colby:

 

[In case you’ve not been to BLR shop recently, there’s a fancy new CNC machine there.. Phil is going to talk about his new machine at this month’s DC206 Meeting. And Dune will be doing locksport. And there’ll be a post-event BBQ run by Hattz.]

When: Jan 21st (3rd Sundays), 11:00am-~4:00pm
What: January DC206 Meeting
Where: Black Lodge Research
Who: (Phil, Dune, Colby, and Hattz)

—–

LOCKSPORT EVENT:

Dune will be running a Locksport event, starting at 11:00 until 1:00.

—–

DC206 MEETING PRESENTATION:

Bringing an idea into the physical world with a CNC mill

by Phil

Design is complicated, and manufacturing is complicated. Integrating the two to play well with one another adds to this complexity. With this demo, I would like to give the audience a crash course in product and industrial design. It is my hope that you will learn to:

– discover a need for a physical product
– develop a scope of design criteria
– use the design criteria to develop a 3 dimensional model
– utilize Computer Aided Manufacturing (CAM) software to direct a manufacturing process (in this case, CNC ‘Computer Numerical Control” 3 axis milling)

Once we’re done with these, we’ll be utilizing our on-prem CNC mill to cut our part out of aluminum in a live demo!

—–

POST-EVENT BBQ:

This month the chef will be Hattz.

Veg[eteri]ans, please bring something you can eat, we’re planning on hamburgers.

DC206:
https://dc206.org/
http://lists.dc206.org/listinfo.cgi/list-dc206.org

Black Lodge Research:
https://www.facebook.com/BlackLodgeResearch/

https://blacklodgeresearch.org/
17725 NE 65th St, A-155; Evans Business Park, Bldg A; Redmond, WA 98052
http://www.openstreetmap.org/node/2184616237#map=19/47.66334/-122.10399
https://map.what3words.com/warm.rapid.epic
Park facing the street, not in front of other businesses, or you’ll get towed.

PS: BLR has a new Meetup.com site. Please join!

Black Lodge Research

Redmond, WA
80 Members

Anyone interested in Information Security should checkout Black Lodge Research. Members can attend talks each month on a variety of topics and skill levels. Every Thursday BLR…

Next Meetup

Open Hack Night

Thursday, Feb 8, 2018, 7:00 PM
4 Attending

Check out this Meetup Group →

11.23.17

announce: NO December DC206 Meeting/BBQ

Posted in Uncategorized at 09:41 by Lee Fisher

We’re taking December off for the DC206 Meeting. We’ll be back in January. Happy Holidays.

Some related December events to attend:
http://hushcon.com/

SeaSec East – End of Year party

Tuesday, Dec 5, 2017, 6:00 PM

Unity Technologies
110 110th Avenue Northeast Bellevue, WA

24 Members Attending

It’s December, and I thought we’d do something a little different.We will all be meeting at a place not a restaurant, and be enjoying ourselvesUnity Technologies in Bellevue has so graciously allowed us to bivouac in their meeting place on 5 December. So, we’ll order in, sit around, talk about infosec, maybe have a few prizes to raffle off, enjoy…

Check out this Meetup →

2017 ISSA Puget Sound Holiday Party


BLR Open Hack Nights in December.

11.03.17

announce: November DC206 Meeting (+ Locksport + BBQ)

Posted in Uncategorized at 11:04 by Lee Fisher

When: Nov 19th (3rd Sundays), 11:00am-~4:00pm
What: DC206 Meeting
Where: Black Lodge Research

[[
This month’s DC206 Meeting is different. It starts at 11:00am, instead of 1:00pm. Three things are planned:
1) Locksport activity, run by Dune, starting at 11:00am.
2) presentation by Taylor starting at 1:00pm.
3) BBQ, run by Spooney McAwesome, starting after the talk ends.
If things work out, this may become the normal schedule for future DC206 Meetings. We’ll see…
]]

—–

Locksport event:

This month, Dune will be running a Locksport event, starting at 11:00 until 1:00.

They will be showing Tim Jenkins talk at Lockcon 2017 about escaping from prison via lockpicking/impressioning. Tim Jenkins was a political prisoner in a South African jail and taught himself to pick and impression locks. He used these skills to escape. This is the only talk to be recorded and allowed to be distributed outside of Lockcon.

—–

DC206 Meeting Presentation:

[This month, Taylor is giving an introductory talk on the Bash shell. If you are new to Bash shell, this is a good starting point. If you are experienced, please attend and help answer some questions and point out some other tricks.]

Bash Scripting For Beginners
by Taylor

If you are new to scripting and to want learn about Bash this talk is for you. This is a beginners talk by a beginner. I share the knowledge I have learned so far with attendees. I will go over concepts that you will need to get started with Bash, things I feel were tricky to learn that might help you, and examples to see how things work.

Taylor is an Edmonds Community College Information Security and Digital Forensics graduate. He took a class on Bash scripting there. He hangs around BLR on Open Hack Night.

—–

BBQ:

This month the chef will be Spooney McAwesome.

For BBQ, veg[eteri]ans, please bring something you can eat, we’re planning on hamburgers.

—–

Black Lodge Research:
17725 NE 65th St, A-155; Evans Business Park, Bldg A; Redmond, WA 98052
https://blacklodgeresearch.org/ https://twitter.com/the_black_lodge/
https://www.facebook.com/BlackLodgeResearch/

http://www.openstreetmap.org/node/2184616237#map=19/47.66334/-122.10399
https://map.what3words.com/warm.rapid.epic

WARNING: Don’t trust the WiFi at the lodge, until KRAKEN issues are resolved.

 

09.25.17

announce: October DC206 Meeting: Firmware is the New Black

Posted in Uncategorized at 15:53 by Lee Fisher

What: Oct DC206 Meeting: Firmware is the New Black
When: October 15th (3rd Sundays), 1-3pm
Who: Vincent Zimmer
Where: Black Lodge Research

Firmware is the New Black – Analyzing Past Three Years of BIOS/UEFI Security Vulnerabilities

https://www.blackhat.com/us-17/briefings.html#firmware-is-the-new-black-analyzing-past-three-years-of-bios-uefi-security-vulnerabilities
http://vzimmer.blogspot.com/2017/08/black-hat-usa-2017-firmware-is-new-black.html
https://github.com/rrbranco/BlackHat2017/blob/master/BlackHat2017-BlackBIOS-v0.13-Published.pdf

In recent years, we witnessed the rise of firmware-related vulnerabilities, likely a direct result of increasing adoption of exploit mitigations in major/widespread operating systems – including for mobile phones. Pairing that with the recent (and not so recent) leaks of government offensive capabilities abusing supply chains and using physical possession to persist on compromised systems, it is clear that firmware is the new black in security. This research looks into BIOS/UEFI platform firmware, trying to help making sense of the threat. We present a threat model, discuss new mitigations that could have prevented the issues and offer a categorization of bug classes that hopefully will help focusing investments in protecting systems (and finding new vulnerabilities). Our data set comprises of 90+ security vulnerabilities handled by Intel Product Security Incident Response Team (PSIRT) in the past 3 years and the analysis was manually performed, using white-box and counting with feedback from various BIOS developers within the company (and security researchers externally that reported some of the issues – most of the issues were found by internal teams, but PSIRT is involved since they were found to also affect released products).

Bio:

Vincent Zimmer was born in Houston, Texas, where he also grew up. Vincent attended Cornell University in Ithaca, New York, and achieved a Bachelor of Science in Electrical Engineering. Vincent has worked for various technology companies, including Intel Corporation, where he has been employed since 1997. While working at Intel, Vincent received his Master of Science degree in Computer Science from the University of Washington in Seattle, Washington. Vincent is presently a senior principal engineer in the Software and Services Group at Intel. During Vincent’s career working on embedded systems and firmware, he has received over 350 US patents https://en.wikipedia.org/wiki/List_of_prolific_inventors and presented at several industry conferences. In addition to the Beyond BIOS book, Vincent has published book chapters and articles. Along with writing firmware, Vincent has also contributed to and written specifications in the Unified Extensible Firmware Interface (UEFI) Forum, the Trusted Computing Group (TCG), and the Internet Engineering Task Force (IETF). Vincent presently lives in the Seattle area of Washington state with his wife and 2 daughters.

Black Lodge Research:
17725 NE 65th St, A-155; Evans Business Park, Bldg A; Redmond, WA 98052 https://blacklodgeresearch.org/ https://twitter.com/the_black_lodge/
https://www.facebook.com/BlackLodgeResearch/
http://www.openstreetmap.org/node/2184616237#map=19/47.66334/-122.10399
https://map.what3words.com/warm.rapid.epic

08.22.17

announce: September DC206 Meeting: Home Coffee Roasting with Josh Armour

Posted in Uncategorized at 10:20 by Lee Fisher

Update with slides from Josh and A/V from Colby:

[[
https://docs.google.com/presentation/d/1DuiruIQ3oE75106SXqtWDCmH5EDb8f2Saf_NAaHev_s/edit?usp=drivesdk

Here are the three videos of the three different roasting devices:
* Drum Roasting w/a Huky –

* Drum Roasting –

* Fluid Bed Roasting –

We also recorded the talk itself. The audio drops really low at around the 8:15 mark but if you try hard enough you can hear him still:

]]

What: September DC206 Meeting: Home Coffee Roasting

When: September 17th (3rd Sundays), 1-4pm

Who: Josh Armour

Where: Black Lodge Research
17725 NE 65th St, A-155; Evans Business Park, Bldg A; Redmond, WA 98052
https://blacklodgeresearch.org/
https://twitter.com/the_black_lodge/
https://www.facebook.com/BlackLodgeResearch/
http://www.openstreetmap.org/node/2184616237#map=19/47.66334/-122.10399

In this talk I demonstrate the use of two home roasters – a drum roaster and a fluid bed roaster. I’ll cover the stages of coffee development, roast a couple samples, and give attendees a chance to try roasting. Everyone will leave with some freshly roasted beans, an understanding of what the different roast levels mean, and a shopping list of how to get started themselves. I’ll wrap up with some discussion around DIY/modification roasters available online.

Josh Armour is a security/privacy engineer at a large global search/advertising company. But in his spare time he enjoys roasting coffee, taking digital photos, and spending time with wife+offspring 🙂

 

« Previous entries Next Page » Next Page »