North East New Jersey DEFCON Group Chapter. We meet at Sub Culture once a month to hack on technology projects! https://www.defcon201.org

.::DEFCON 201 Meet Up — July 2020 — Scratch Space::.

======================================================
Date: July 17th, Friday

Time: 5:00 PM EST — 8:00 PM EST

IRL RSVP: https://www.eventbrite.com/e/defcon-201-online-meet-up-july-2020-scratch-space-tickets-113430760458

Meet-Up: https://www.meetup.com/DEFCON201/events/271914333/

Facebook [TOR]: TBA

Hackaday: TBA

=====================================================

Welcome to the July 2020 DEFCON 201 Meet Up!

So bad news…it’s still 2020.

The good news: because New Jersey for once in it’s history is NOT a dumpster fire we will be meeting at our home venue Sub Culture (which we miss dearly) since March!

Now, there will be some ground rules here. To meet in person, we will have a hard MAX limit of 20 people, thus you MUST RSVP on EventBrite to be counted.

You MUST purchase a food or beverage item. Meeting will be outside in the outdoor pen. You MUST have a mask on at ALL TIMES when not eating. You must be 6 feet apart unless you came together in a group. We will provide sanitation measures. Anyone who is a knucklehead will be thrown into the Hudson River with the rest of Florida.

If you can’t make it or too afraid, RELAX! All activities, chats, talks, workshops and DC 201 insanity will be broadcasted online via our LIVE STREAMS per the new normal! We are so excited to finally do some actual mask-to-mask social distancing AFK and we can’t wait to see you all because we have quite the line up with something for everyone!

We have more updates to this event as we get closer to July 17th so watch this space!

======================================================
Live Streams:
======================================================
Twitch: https://www.twitch.tv/defcon201live

dLive: https://dlive.tv/defcon201

YouTube: https://www.youtube.com/channel/UCYDQaOHbK5trRU2CDgb0qSg

Invidious [TOR]: http://axqzx4s6s54s32yentfqojs3x5i7faxza6xo3ehd4bzzsg2ii4fv2iid.onion/channel/UCYDQaOHbK5trRU2CDgb0qSg
======================================================

.::AGENDA & SCHEDULE::.
[ALL TIMES ARE EASTERN STANDARD (EST)]
5:00pm — 6:25pm
AFK: Meet & Greet+ Open Workshop Projects + Games
ONLINE: 4 IoT Systems, 4 Threat Modeling Failures — Andrew Tierney
6:25pm — 6:30pm
DEFCON 201 Annoucements & Code of Conduct — GI Jack, Sidepocket
6:30pm — 6:50pm
Intro to Beginners Python Workshop (SEE OPEN WORKSHOP) — vvvalentina
6:50pm — 7:10pm
Building YOUR Security Career — Zoe Braiterman
7:10pm — 7:20pm
Broadcasting Digital Graffiti For Social Justice — proJECT TRUTH
7:20pm — 7:50pm
Oragono and the Past, Present, and Future of IRC — Shivaram Lingamneni
8:50pm — 8:00pm
Open Workshops Projects + Drinking + Games

.::OPEN PROJECTS::.
DC201 Show & Tell — Everyone
Beginners Python — vvvalentina
csictf 2020 CTF — Everyone
Folding@Home VS Coronavirus (Team: 241960) — GI Jack, Everyone
JackBox Party Pack 3 Online Games — Everyone

.::LIGHTNING TALKS::.

ONLINE: 4 IoT Systems, 4 Threat Modeling Failures
:..> The IoT is hugely diverse: home assistants, fitness trackers, medical devices, home security, kid trackers, smart TVs, industrial equipment, crypto wallets, car alarms and even sex toys. We’ve seen security and privacy failures in nearly all these systems, some trivial, some serious. In today’s IoT, security failures in these systems might seem trivial, but in 10 years, these systems will be ruling our lives.

We suspect that the developers of the products failed to predict which threats they needed to protect against. Unless security is considered during the design of these systems, they will never be truly secure.
We’ll look at 4 practical examples where lessons can be learned:
Crypto-wallets that didn’t take into account physical access

A telematics unit in a car that allowed us to take control of the corporate network

An EV car charger that relied on the security of a Raspberry Pi
Police body cameras that place confidentiality above authenticity of data.

:..>Bio: Andrew Tierney leads the hardware team at Pen Test Partners. He covers all systems that aren’t general purpose computers: IoT, phones, cars, ships, planes and industrial control. On the offensive side, he has spent many years reverse engineering, researching and findingvulnerabilities in these systems.
On the defensive side, he takes the knowledge gained from research and advises companies on how to build secure products. This ranges from the nitty-gritty of securing devices against physical attack, through to developing complete connected platforms that make use of defence-in-depth so that they can stay secure through the entire lifecycle of the product.

DEFCON 201 Announcements & Code of Conduct
:..>DEFCON 201 will start with various updates about our activities in early 2020, our post Corona Virus Pandemic measures and an overview of the Code of Conduct linked on our website.

Building YOUR Security Career
:..>This will be an interactive session introducing corporate security, information security careers. The talk will draw upon topics, such as diversity, friendly white hat community and mentors.

:..>Bio: Zoe Braiterman is a researcher / consultant and dedicated mentor in the information security space. She’s an active OWASP volunteer and lover of hacker communities.

Broadcasting Digital Graffiti For Social Justice
:..>TBA
:.>Bio: proJECT Truth is an anonymous art collective spreading truth through public projection art installations. We illuminate what the government and police wish to keep in the darkness, with our current priority being the human rights crisis of police brutality. As our city reels from the loss of two of our beloved neighbors, Breonna Taylor and David McAtee, we feel it is necessary as artists to use our talents and platforms to demand change. By amplifying these issues onto highly visible buildings throughout Louisville, we send a powerful message to the powers that be. No justice, no peace. GoFundMe: https://www.gofundme.com/f/project-truth-louisville

Oragono and the Past, Present, and Future of IRC
:..>IRC (“Internet Relay Chat”), a seminal chat protocol and early social networking platform, will celebrate its 32nd birthday next month. IRCv3, a community aimed at modernizing IRC via open standards, is coming up on its 16th. I’ll talk about Oragono (an IRCv3 server written in Go) and where it fits into an complex landscape of chat platforms — — touching on issues like open standards, embrace-extend-extinguish, interoperability, (de)centralization, user freedoms, the “Cozyweb”, Darius Kazemi’s runyourown.social movement for boutique social networking, and the possibility of online spaces that are neither private nor public.

:..>Bio: Shivaram Lingamneni is a failed mathematician, a struggling philosopher, a FOSS zealot, and a guy who loves pushing buttons and watching the blinkenlights.

.::OPEN PROJECTS::.

DEFCON 201 Hacker Show & Tell
:..>DEFCON 201 members will be given in person during the Meet & Greet to show off the various projects that they have been working on. We have had heads up on some awesome stuff being worked on that will be showing up for the very first time so you don’t want to miss this on live-stream!

:..>What You’ll Need: If you want to get in on the action, just bring any hardware or software program you are working on. For hardware, make sure you have a camera with decent resolution. For software, make sure your screen sharing function is working. For interaction, make sure you have your microphone on your computer or headset in working order.

Beginners Python
:..> NOTE: The first 20 minutes of this workshop will be streamed online before the DC 201 Lightningt Talks. The full workshop will last until the end of the meeting. To continue to follow this workshop after we switched over to our speakers:

Join Zoom Meeting:
https://us04web.zoom.us/j/74485643948?pwd=a2FUSjgxOWtaT2hYdXRCQktwcXZVQT09
Meeting ID: 744 8564 3948
Passcode: Py

This workshop will be for anyone who is a programming n00b. In this Python programming workshop we will be going over:

What is Python programming?
What can you create / do with python?
Variables
Print Function
Input Function
Short Intro to Python Libraries
Turtle Library

After the workshop you will have completed a simple program using the Turtle Library that you can show off to friends and family.

:..>What You’ll Need:
Download // Python 3.8
https://www.python.org/downloads/

Set up a github account (only if you plan to save your code or work on more programs in the future.)

BONUS Download // Anaconda navigator (for future workshops/ alternate place to program)
https://www.anaconda.com/products/individual

csictf 2020 CTF
:..>This Friday, starting on July 17th at 2:30 PM EST, we invite all DEFCON 201 Members, Attendees and Fans to help us hack the csictf 2020 CTF! If you are new to Online CTF, we will help you get set up and walk you thorugh some of the challenges. Then you can log in anytime after until July 21st 2:30 PM EST to continue our CTF conquest! To learn more about the CTF, please follow this link: COMMING SOON

:..>What To Bring: Any laptop will do. Ideally you want to load it full of Information Security Red Team and Blue Team tools, look at Kali Linux, Parrot OS, Pentoo or Black Arch for ideas. To participate online, you will need a Discord Account and to join our Discord at this link: https://discord.gg/PGgPNEF

Folding@Home VS Coronavirus
:..>Folding@home (FAH or F@h) is a distributed computing project for simulating protein dynamics, including the process of protein folding and the movements of proteins implicated in a variety of diseases. Currently F@h is simulating the dynamics of COVID-19 proteins to hunt for new therapeutic opportunities. We want to contribute and you can help! Join the DEFCON 201 Folding@Home Team: 241960

:..>What You’ll Need: Download and run Folding@home for Windows/Mac/Linux, ideally on your highest performance system with a GPU and join our F@h Team 241960: https://foldingathome.org/start-folding/

Jackbox Party Pack 3 Online Games
:..>During our live-stream, we will be offering to join us in various online games in Jackbox Party Pack 3! The threequel to the party game phenomenon features the deadly quiz show Trivia Murder Party, the say-anything sequel Quiplash 2, the surprising survey game Guesspionage, the t-shirt slugfest Tee K.O., and the sneaky trickster game Fakin’ It. Use your phones or tablets as controllers, and play with up to 8 players, plus an audience of up to 10,000!

:..>What To Bring: To join in the gameplay, simply use the web browser on your desktop or smartphone — no app needed! Head to JackBox.TV and enter the Room Code that will be displayed on the live-stream and repeated in the chatroom. If you get in, follow the instructions on the live-stream and phone!

::END OF LINE::