💾 Archived View for clemat.is › saccophore › library › shorts › defcon › 27 › DefCon_First_and_Forem… captured on 2022-07-16 at 15:44:09.
⬅️ Previous capture (2021-12-03)
-=-=-=-=-=-=-
DefCon First and Foremost by base64xor (@Steve12238317)
My lifelong dream had been to attend DefCon, and I would
annually concoct schemes to get out to Vegas for the largest
hacker con of all, but had yet to succeed. I learned from
watching many hours of DefCon videos, DefCon is where the 31337
h4x0rs presented talks. All in large, lofty rooms, with
thousands of hackers present, it seemed so grand, if not
imposing. My annual DefCon submission, in response to the DefCon
Call for Papers (CFP), fell short of an invitation once again.
This was the second DefCon held since the inaugural announcement
by the Federal Trade Commission (FTC) of the Organized User
Cloud Hosting (OUCH) program. The stated goal of the OUCH
program was to provide the same quality of Cloud access across
all walks of life. The standard OUCH tablet and phone stored and
accessed everything Cyber in the user’s personal cloud drive.
Fewer people used a legacy desktop or laptop computer as the
OUCH devices were heavily subsidized. The few remaining
independent PC sellers had little inventory. With the storied
history of DefCon, it was one of the last bastions of hope for
those who risked using legacy computers instead of the OUCH
devices. My most recent idea for a DefCon presentation covered
the legacy disk forensics program Foremost. Even with the latest
DefCon rejection, I planned on gaining needed experience on the
uses of Foremost by helping others recover deleted files from
legacy devices--for a fee, of course. Since the inception of the
OUCH program, there were but a few places to look for file
recovery assistance involving legacy devices. So in those times,
people quickly became desperate when they were unable to recover
a most precious deleted file. These people were willing to
separate themselves from a few greenbacks for my services, which
I had hoped would finance my trip to Vegas. Unfortunately, I
had only managed to fund my transportation to Vegas, and still,
I had no bed to sleep on for a few hours each night. It seemed
that I may join the others sleeping in the chairs spread around
the convention hotels as seen in social media. DefCon was during
the hottest time of the year in Vegas, and ample social feeds
attested to the stench from the hallway chair crew by Day Two.
As observed in Youtube videos, the chair crew enjoyed the
respect of their personal space while they waited in the crowded
hallways until the DefCon Goons (aka staff) allowed entrance
into the best talks. As DefCon drew near, a friend of mine,
Cleo, texted that she needed help to recover an accidentally
deleted term paper that was due the next day. From the street
address provided, I knew this endeavor held the potential to pay
for a night at the best hotel in Vegas. I hopped on my ten speed
for the three-mile trek to Cleo’s side of town. Along the way, I
stopped to pick up my favorite snack, consisting of an extra
large caffeinated frozen slush drink and a chocolate bar. My new
cup holder on the handlebars held the drink snuggly. Cleo
opened the front door just as I reached for the door knocker, so
my hand hung mid-air in front of her for a few seconds before I
managed to return my arm to my side. From the anxious look on
her face, I envisioned a second hotel night is possible if I
played this right. I followed her into her room which was
decorated with a Unicorn theme. As I moved the one-horned mouse
across the screen to log onto her legacy desktop, I already had
possible passwords going through my mind. Next to the computer,
was a small pastel-colored note with Un1c0rns4ever written on it
in. I thought to myself, “A little on-the-nose, but an A for
eff0rt”. After Cleo logged in, I brought out the necessary
hardware from my patch-covered backpack. I located an electrical
wall outlet, and I plugged in the surge protector for my setup
which provided a number of electrical and USB outlets. I
remarked to Cleo that the room was decorated very tastefully,
and she replied that she had a few remaining packs of
decorations that I was free to take. My standard tactical
assortment of hardware included an almost obsolete Mac Mini
originally purchased when I was still sleeping in a crib, a USB
universal hard drive cable adapter, video cable adapters, and
other odds and ends. As I surveyed her setup, I spotted an
external legacy hard drive where I hoped that she had stored her
precious term paper before she accidentally deleted the file. As
I clicked on the list of recent documents, I saw a possible
listing for the term paper, but the program complained that the
file was not found in a folder on the external drive. When Cleo
verified that filename was correct, I learned the theme of the
paper to help identify the file later on. As I assembled my
hardware, Cleo received a text and was off to the living room.
She was unlikely to return quickly since she was embroiled in
the latest party planning for the summer. The external drive
was easily unmounted and removed from her desktop in a few
steps. I disconnected her desktop from the monitor and connected
my Mac Mini which I booted into Ubuntu Mate. After Ubuntu
mounted the external drive, I browsed the directories to make
sure the lost paper truly was missing. No paper was found, it
was truly gone. At a terminal window, I unmounted the external
drive before using Foremost. As I ran a Foremost command to
locate deleted OLE (Object Linking and Embedding) files on the
external drive, I sat back with my frozen drink and reread Death
Note Vol. I & II. When I was halfway into Vol. I, Cleo returned
briefly to see what was happening. I summarized the current
status that many sectors were searched but the long line of
asterisks meant nothing was found yet. A sad look returned to
her face, and I did not expect her back soon. Well into Vol. 2,
I noticed the external drive had located deleted objects, which
meant that I had some files to review when Foremost was
finished. Finally, as I took the last sip from my drink,
Foremost completed. It reported that 35 files were recovered.
Evidently, my client was not the most prolific writer, which
meant I had fewer files to possibly review. I scanned the
folder where Foremost saved the recovered objects, and I began
to view the files with OpenOffice. The first 15 files were from
an application installation. But the 16th file was indeed the
lost paper and appeared to be a recent version according to
OpenOffice. I returned to Vol. 2 for the conclusion, since I did
not want it to appear that the job had been as easy as it truly
was. I also searched the Internet to see what the going price
was for a prepared original last minute term paper in order to
set my fee accordingly to the value of said paper. I deduced
this job was worth two hotel nights, but I also needed the
DefCon registration fee. That meant more jobs were needed yet.
As we haggled over my fee, Cleo’s father walked in the front
door as he had returned home from work. She had explained to him
earlier in the day about the need for my services, and he had
been rather distressed over the possibility that her paper was
lost. Given the news that Cleo's paper was recovered, he opened
his wallet and handed over enough cash for a two-night stay and
the registration fee! With such a generous payment, I understood
to not discuss the family's reluctance to adopt OUCH devices. It
was fortunate for me that I had delayed the payment until her
father had arrived home. As the funding situation for DefCon
looked much better, I relaxed and finished out my freshman
college year focused on the mundane tasks at hand until I
departed for Vegas. I had established a hacker persona with
social media accounts only accessed from an older, less capable,
non-OUCH smartphone for use at DefCon. I intended to use the
older phone at DefCon without worry since the older phone
itself, and any associated cloud drives held nothing associated
with my true self. I ensured that I followed all of the coolest
presenters’ social media accounts from accounts on the old
phone. When the big day arrived, I used a taxi app on my
non-OUCH phone to call for a self-driving taxi for a ride to the
airport. The packed flight to Vegas was fairly uneventful and
was rather normal but for the array of hacker caps and hats
visible throughout the cabin. Though there was a bit of
commotion when a guy clumsily stored his Safari hat decorated
with many lights and indistinguishable objects in the overhead
bin. The driverless airport shuttle ride to the hotel was quiet
as the riders busily announced to social media that DefCon was
on. Selfies and pics of the slot machines at the airport were
the first to go up. This group was virtually assured that mostly
their moms were the only ones to like their OUCH uploads. After
I arrived at the hotel, I headed over to the long line for my
first DefCon Human (aka non-staff) badge. I read the messages
sent out from DefCon to the world reporting on the latest game
in which some object was tossed around while we waited to
register. While in line, we stared at others as they started the
first hacking opportunity of DefCon, the hacking of the coolest
hackable con badge of all. As I walked away with the prized
Human badge, I read social media accounts which announced that
the Demo Village opened in a few minutes. With a chance to get
actual hands-on time at the select demos of DefCon, I quickly
made my way over to the Demo Village. There were lines at all
the tables, except for one. Naturally, I headed over to the
table without a line. A rather distraught woman was frantically
typing away at her OUCH-less system as I approached. She looked
up with an angry, stressed out expression, and I quickly turned
away. She called out to me and asked me over. Maria introduced
herself as the Team Lead for an open source mobile application
which provided social media public assistance during Disaster
Recovery. Maria went on to say that her application demo was
missing a few key files. After she explained her predicament, I
asked her if she had heard of the program Foremost. She replied
that she had not, to which I fist-pumped in excitement. After
Maria verified that the missing files had resided on her
external legacy hard drive before deletion, I explained the use
of Foremost in the recovery of the deleted files. I assured her
that the program accessed the external drive as read-only and
the rest of the drive would remain exactly as it was. With
nothing to lose and only deleted files to gain, she watched as I
ran a demo of the Foremost program with a drive from the
tactical assortment of hardware in my backpack. For the next
hour, Maria and I enjoyed select beverages at the hotel bar as
we planned the recovery of the deleted files. With a few energy
drinks under our belts, we set up my tactical hardware in a side
room off from the Demo Village. As Maria and I nervously waited
for the Foremost program to finish, we saw that files were
recovered from her drive onto my drive. A few hundred files,
including the important key files, were recovered as Maria had
used the drive extensively during the last few weeks after
recently purchasing the drive at a small local computer store.
A crowd gathered during the file recovery operation, and among
the observers was a DefCon Goon dressed in mainly red. After
Maria’s Disaster Recovery Demo was all up and running, the Goon
made an offer for me to host a Foremost Lab in exchange for a
Human badge to the next DefCon. When my tactical hardware was
in place for the Foremost Lab, I hung a few of Cleo’s Unicorn
decorations to liven up the area. The first crowd of onlookers
gathered as I, Fiona, demonstrated the forensic capabilities of
the Foremost program. My lifelong dream had become a reality
beyond my wildest dreams!