Welcome to the DCG 201 Guides for Hacker Summer Camp 2024! This is part of a series where we are going to cover all the various hacker conventions and shenanigans both In-Person & Digital! This year in 2024 we have completely lost our minds and thus we will have a total of 18 guides spanning 3 months of Hacker Insanity!
As more blog posts are uploaded, you will be able to jump through the guide via these links:
HACKER SUMMER CAMP 2024 — Part One: Surviving Las Vegas & Virtually Anywhere 2024
HACKER SUMMER CAMP 2024 — Part Two: Capture The Flags & Hackathons
HACKER SUMMER CAMP 2024 — Part Three: Design Automation Conference #61
HACKER SUMMER CAMP 2024 — Part Four: ToorCamp 2024
HACKER SUMMER CAMP 2024 — Part Five: LeHack 20th
HACKER SUMMER CAMP 2024 — Part Six: HOPE XV
HACKER SUMMER CAMP 2024 — Part Seven: SummerCon 2024
HACKER SUMMER CAMP 2024 — Part Eight: DOUBLEDOWN24 by RingZer0
HACKER SUMMER CAMP 2024 — Part Nine: TRICON & REcon 2024
HACKER SUMMER CAMP 2024 — Part Ten: The Diana Initiative 2024
HACKER SUMMER CAMP 2024 — Part Eleven: Wikimania Katowice
HACKER SUMMER CAMP 2024 — Part Twelve: SquadCon 2024
HACKER SUMMER CAMP 2024 — Part Thirteen: BSides Las Vegas 2024
HACKER SUMMER CAMP 2024 — Part Fourteen: Black Hat USA 2024
HACKER SUMMER CAMP 2024 — Part Fifteen: DEFCON 32
HACKER SUMMER CAMP 2024 — Part Sixteen: USENIX Security Trifecta 2024
HACKER SUMMER CAMP 2024 — Part Seventeen: HackCon 2024
HACKER SUMMER CAMP 2024 — Part Eighteen: SIGS, EVENTS & PARTIES
SummerC0n 2024
Date & Time: Friday, July 19th (10:00AM — 7:00PM EST) — Saturday, July 20th (10:00AM — 7:00PM EST)
Location: Littlefield (635 Sackett Street Brooklyn, NY 11217) & Lucky 13 Saloon (644 Sackett St, Brooklyn, NY 11217)
Website: https://www.summercon.org/
Tickets: https://www.eventbrite.com/e/summercon-2024-tickets-894704203357
Virtual Platform(s): TBA
Schedule: https://www.summercon.org/schedule/
Live Streams:
TBA
YouTube: TBA
Virtual Chat: TBA
Affordability: Early Bird Tickets (SOLD OUT) were $125.00, General Admission Tickets (SOLD OUT) were $135.05. At the time of writing there is a “Procrastination Special” at $161.69. You can also sponsor a Student for $108.39.
Code Of Conduct: https://www.summercon.org/conference/
It’s time for Summercon!
Summercon is one of the oldest hacker conventions, and the longest running such conference in the United States. It helped set a precedent for more modern “cons” such as H.O.P.E. and DEF CON.
Summercon is open to everyone, including “hackers, phreakers, phrackers, feds, 2600 kids, cops, security professionals, U4EA, r00t kids club, press, groupies, chicks, conference whores, k0d3 kids, convicted felons, and concerned parents.
Summercon has been hosted in cities such as Pittsburgh, St. Louis, Atlanta, Washington, D.C., New York City, Austin, Las Vegas, and Amsterdam. Originally run by Phrack, the underground ezine, and held annually in St. Louis, the organizational responsibilities of running Summercon were transferred to clovis in 1998 and the convention took place in Atlanta, dubbed ‘Summercon X’.
In its modern incarnation, it is currently organized by redpantz and shmeck, who emphasize the importance of face-to-face interaction as technology increasingly mediates relationships between members of the information security community.
One of the oldest hacker conventions along with The Annual Phone Phreak Convention, Pumpcon & HoHoCon, they’ll be kicking off the summer conference season with their great presentations, games, drinks, and a celebration of the Pwnies! Designed to be smaller and more personal in size and scope, they will be using the same hybrid format as they did in 2021.
Last year was a tribute to Kelly “Aloria” Lum (RIP), one of the many casualties of the mass hacker graveyard storm last year. This year, in adition on continuing her torch, like EVERY convention this year there will be a major change with the addition of the METAL AF bar Luckky 13’s being the lounge area, saving littlefield for the actual in person presentations.
See you there!
HACKING THE BIG APPLE
Once you’ve arrived in New York City, here are some transit suggestions for getting to Littlefield in Brooklyn. You can also find suggestions and specific time information at https://tripplanner.mta.info.
Offline NYC MTA Subway Map for Android: https://play.google.com/store/apps/details?id=com.thryvinc.nycmap&gl=US
Offline NYC MTA Subway Map for iOS: https://apps.apple.com/us/app/new-york-city-subway-map/id683294660?ign-mpt=uo%3D8
Accessibility Map: https://new.mta.info/map/5346
One ride on a subway or local bus is $2.90 (transfers are free between modes of transit). 7-day unlimited MetroCards, as well as pay-per-ride options, are available; a $1 surcharge also applies for getting a new MetroCard. MetroCard vending machines are available at subway stations and transit hubs, but not at bus stops. All buses and subway entrances are also equipped with OMNY readers, which will allow you to use a contactless credit or debit card for your fare. If you do not want to leave a digital trail of your travels, we suggest you purchase a MetroCard with cash or coins. Learn more about buying MetroCards at https://new.mta.info/fares/where-to-buy-a-metrocard.
VIA MTA LOCAL TRANSIT
(You will need to sign up to the OMNY system or a MetroCard to ride the MTA. One ride on a subway or local bus is $2.90 7-day unlimited cards ($33), as well as pay-per-ride options, are available; a $1 surcharge also applies for getting a new MetroCard. MetroCard vending machines are available at subway stations and transit hubs, but not at bus stops.)
There are nearly an infinite number of ways of getting from one place to another in the subway system. All subway lines run frequently around the clock.
The easiest way to get to SummerCon is to take the R Train directly to Union Street and then walk around the block. Your second best option (especially if the system is down) is to take the D, B (ORANGE), N, R, Q (YELLOW), 2, 3, (RED) 4, or 5 Trains (GREEN) to Atlantic Ave — Barclays Center. You an also take the F (ORANGE) or G Train (LIME GREEN)to 4th Ave/9th Street and transfer uptown to Union St or walk from there.
OMNY TAP-TO-PAY SYSTEM
There are three ways to pay using OMNY:
- A Digital Wallet
- A Contactless Bank Card
- The OMNY Card
All three payment methods generally work the same, in that you have to hold the payment method against a special OMNY reader to unlock the turnstile.
A Digital Wallet
Your smartphone or smartwatch likely already supports a digital wallet like Apple Pay, Google Pay/Wallet or Samsung Pay. With these digital wallets you usually set up one or more credit/debit cards as a payment option(s) and select one as the default payment. Depending on your phone/watch settings, you might have to unlock the device before you can use it at the OMNY reader. On Apple Pay, I recommend you set up your card as a Transit Express card, which will allow you to tap your phone/watch without unlocking your device. With most digital wallets, as you tap your device against an OMNY reader it will vibrate indicating successful payment.
A Contactless Bank Card
Many credit cards, debit cards or prepaid cards already support contactless payment. Oftentimes, on the back of these bank cards you will find this logo: which indicates that the card supports contactless payment. You might have to call your bank to activate contactless payment if you have never used it that way. If you bank card does not support contactless payment, you can still pay with it if you add it to a digital wallet discussed previously.
The OMNY Card
The OMNY card is a physical, plastic card. It is shaped like a credit card with the word OMNY in the front. It has barcodes both on the front as well as on the back of the card. The back side also has a magnetic stripe as well as an expiration date.
These cards will carry a monetary value/balance similar to the old Pay-by-value MetroCard. Each time you use the card to pay for a ride, the cost of the ride will be subtracted from its balance. OMNY cards are not yet sold in subway stations, but you can buy them at local convenience and neighborhood stores (like CVS, Walgreens, 7-Eleven stores) with cash or credit. If you have trouble finding a store, the New York Transit Museum Gallery & Store at Grand Central Terminal also sells them. They come in a black gift-card like sleeve like so:
It costs $5 to purchase an OMNY card, which does not go towards the balance of the card. When you buy the card, the retailer will ask you how much money you want to put on the card. The minimum amount to load is $1, which is a bit useless given that a single fare costs more than that. You can return to any retailer to reload your card when its balance is low or do so online at omny.info. Inside subway stations, you will also find OMNY readers where you can tap these cards to find out how much value you have left, but currently there is no way to recharge those cards inside the subway station yet. New OMNY-card capable vending machines to buy and recharge OMNY cards inside subway stations are slowly being introduced and will be fully available throughout the entire system by the end of 2024.
As noted the OMNY card has an expiration date printed on the back of the card after which the card becomes unusable. Newly issued cards don’t expire until 7 years from issuance. You can transfer any remaining value on the card to a new card up to two years after the expiration date.
A word of caution: the OMNY card has a bunch of details in the back including an 18-digit card number, a CVV number and an expiration date. Using these information, anyone can register the card online and see the card’s entire past usage including all the subway stations you have swiped in. As such, be careful about posting pictures of the card on social media.
Once you are set up with any of these three payment methods, you are ready to use it to pay for your subway ride. You will find OMNY readers at every turnstile at every subway station and on every MTA bus throughout the entire system. The readers look like this:
Note that the reader is slightly angled to the left, because each reader always unlocks the turnstile to the left of it.
In order to use OMNY, first make sure that the reader has the four blue corner lights and says “OMNY TAP HERE”:
As you approach the turnstile, simply hold your payment method near the reader (you don’t actually have to touch it). You will hear a beep and the digital screen will display “GO” with green corners:
At this point, the regular single-ride fare of $2.90 has been deducted from your payment method and you should proceed in going through the turnstile to the left of the reader. You do not have to hurry as the turnstile will remain unlocked until you go through it (but don’t hold up other commuters behind you for that matter). If for some reason the tap is not confirmed, an error message will appear with one of the following reasons:
- TAP AGAIN: The tap was not successful. Simply try again.
- TAP ONE CARD: You are likely trying to tap with multiple payment methods at the same time. This usually happens if you tap a physical wallet with multiple eligible cards in it, or maybe your mobile phone has one of those fancy cases that also holds a credit card. Make sure to tap only one payment method at at time.
- PAYMENT METHOD EXPIRED: The bank card has expired.
- PAYMENT NOT ACCEPTED: This particular payment method you used is not accepted with OMNY.
- RIDE LIMITED EXCEEDED: While you can tap a single payment method multiple times to pay for multiple people traveling in a group, you can do so only at maximum 4 times (including yourself) at any given station.
Children under 44 inches (112 cm.) regardless of age can ride trains for free as long as they are accompanied by a fare-paying adult. (The children can just walk underneath the turnstile.)
UNLIMITED RIDE
Besides using OMNY to deduct $2.90 for each ride, the MTA also supports a fare capping mode. Think of it as an “unlimited week pass”. This is how it works:
In any given 7-day period, if you use OMNY more than 12 times, all remaining rides until 11:59pm on the 7th day are free. This is known as fare-capping and basically sets the maximum amount you have to pay at $34 (a little bit less than 12 * $2.90).
In order for this to work, you must use the exact same OMNY payment method each time. The system will deduct $2.90 for each of the first 11 rides. The 12th tap will only cost $2.10 (to make this a whole $34) and all remaining rides will be free for the rest of the 7-day period.
Note that the 7-day period can start on any day of the week, but ends at midnight on the 7th day. For instance, if you first tap on a Wednesday at 10pm your “free” window will end next Tuesday at 11:59pm.
For those travelling in a group, remember that you can use a single OMNY payment method multiple times at a given turnstile to let through multiple people, but only the first tap in that case will be counted against your fare capping goal. In other words, each person must accrue their own 12 rides individually using their own payment method.
For those familiar with the old yellow MetroCard system, you might recognize that $34 is the same cost in both systems, but there are a few key differences.
First, with OMNY you don’t have to commit to paying the full $34 for the week pass right away. You might not know ahead of time if you use it more than 12 times, so with fare-capping you get the best of both worlds and the system decides on what will be cheaper for you. With the previous MetroCard, you pay $34 up front even if you end up only using it for a single ride.
Secondly, OMNY does not support monthly passes (yet), which is why you’ll still see some local New Yorkers still use MetroCards.
OTHER OMNY INFORMATION
Here are some other things to know about OMNY:
- NYC-based students, senior citizens, and people with disabilities can use OMNY at a reduced fare ($1.45 per ride). This involves first applying for the old MetroCard Reduced-Fare program here and then linking your Reduced-Fare transit card with your OMNY account online. See the MTA website on this for more information.
- The system currently only supports full-fare, Pay-per-ride, Reduced-Fare and the weekly fare capping options. It does not yet support the monthly Unlimited Ride option, which we do not expect to arrive until 2024.
- In the Pay-per-ride mode, the system allows for a single free transfer between subway and buses (within 2 hours). With OMNY, make sure to tap the exact same payment method on both forms of transportation. The OMNY reader still says “GO” on the second tap, but at the end of the day, the MTA will only charge you a single fare.
- While not required, you can also optionally register for an OMNY account online so you can view your trip history and manage your payment methods. This even works retroactively, so even if you register today and specify the details of your payment methods, you can see a full history of past usage as far back as a year including the specific time and location of each tap. Presumably in the near future, you can recharge your OMNY card online here as well.
- If you only have cash, the only way to use OMNY is by buying the OMNY card at a local retailer. The majority of subway stations are not yet equipped with vending machines to buy or recharge OMNY cards yet, but we expect them very soon in 2024. For now, you are better off buying the old MetroCard with the cash instead. Every subway station is still equipped with a MetroCard vending machine.
- A long term goal is for OMNY to replace all of New York’s transportation modes. You can already use it on all subway lines as well as the Staten Island Railway. It is also available on local, limited, and express buses including Select Bus Service routes buses. In addition, you can use OMNY to pay for the AirTrain at the JFK airport as well. Expect to see OMNY even on commuter rail lines like PATH, Long Island Rail Road and Metro-North in the near future.
VIA MTA EXPRESS BUS
(You will need a MetroCard to ride the MTA. 7-day unlimited options, as well as pay-per-ride options, are available; a $1 surcharge also applies for getting a new MetroCard. MetroCard vending machines are available at subway stations and transit hubs, but not at bus stops. If you plan on utilizing the Express Bus option, one ride is $6.75. You can also purchase a 7-day unlimited MetroCard with Express Bus availability for $62.)
BUS ROUTES: TBA
VIA LONG ISLAND RAILROAD (LIRR)
Long Island Railroad tickets are available for purchase at LIRR stops, including Penn Station. They may be purchased in conjunction with MetroCards at marked kiosks.
The Long Island Railroad will take you directly to the Atlantic Ave — Barclays Center Station, which you can either work a few short blocks down to the venue or switch to the MTA Subway to take the R Train down to Union Ave to save you the trip!
VIA CAR (ALSO DIRECTIONS FOR LYFT, UBER, ETC.)
VIA CITI-BIKE RENT-A-BIKE & REVEL SCOOTER
VIA THE NYC FERRY
NYC Ferry App for Android: https://play.google.com/store/apps/details?id=co.bytemark.nycf
NYC Ferry App for iOS: https://apps.apple.com/us/app/nyc-ferry/id1225258864
Take the South Brooklyn Route (YELLOW) to Atlantic Ave — Brooklyn Bridge Park Pier 6 and you can either hike it or take a cab/Uber/Lyft/Revel/Bike over!
FROM NEW JERSEY (AKA OUR HOME TURF)
PATH TRAIN
RidePATH App for Android: https://play.google.com/store/apps/details?id=gov.panynj.pathuatapp
RidePATH App for iOS: https://itunes.apple.com/us/app/ridepath/id1338908581?mt=8
Your best way of of travel from New Jersey should be taking the PATH Train in Hoboken, Newark or Jersey City to the Newark — WTC (RED) to the World Train Center Station. Once you exit you can either catch the MTA R Train directly to Union Street or the Q (YELLOW), 2, 3, (RED) 4, or 5 Trains (GREEN) to Atlantic Ave — Barclays Center. You can also use the transfer from the PATH WTC stop to board the NYC Water Way at the Wall Stret Pier 11 to take the South Brooklyn Route (YELLOW) to Atlantic Ave — Brooklyn Bridge Park Pier 6.
NY-NJ WATERWAY
COMING SOON
ABOUT LITTLEFIELD
Littlefield has been one of NYC’s premier independent live venues since 2009. It has showcased some of the best comedy, live music, dance parties, podcasts, art, film and theater. Currently housed in a former 1920’s printing press warehouse, littlefield’s layout and sound system also makes it ideal for weddings, private parties, conventions and festivals.
- Between 3rd and 4th Avenues
- R to Union Street, then
one block to Sackett. - 2, 3, 4, 5, B, D, N, Q to
Atlantic Avenue or Pacific Street. 9 blocks south to Sackett.
THE NEW OTHER SIDE OF THE CON
SummerCon has a great option for those who missed out on getting a ticket or are at the con but want to experience it in a less crowded, more insane, Sidepocket Approved place. This year, across the street is the literally METAL AF bar Lucky 13 Saloon! Many of the con attendees will be there and it has a full bar with bar food & drink. In addition, the LIVE Stream of the convention will be displayed on the TV and projector screen. No con fees, just pay for food and drink!
In additon, all the vendors will be located here! Who knows…you might even learn how to pick locks Dirty Jersey Style?
PLACES NEARBY:
Kosher Restaurants: https://www.tripadvisor.com/Restaurants-g60827-zfz10768-Brooklyn_New_York.html
Halal Restaturants: https://www.zabihah.com/sub/United-States/New-York/New-York-City/Brooklyn/3avrh3Cth4
PRE-REGISTRATION PARTY @ ©ANAL Bar
The traditional Summercon pre-registration is once again at Canal Bar, Thursday (June 18th) from 7pm-10pm.
Get your wristbands, T-shirts, and swag; see your friends, throw a shoe; whatever. We’ll see you at Canal — 270 3rd Ave # A, Brooklyn, NY 11215
PWNIE AWARDS 2024 NOMINATIONS
How do I submit?
On the website linked below you will find a list of categories they’ve selected for this year’s pwnie awards! Simply click the category you’d like to submit to and you’ll be brought to a Google form asking you a few questions. If you don’t want your submission to be tossed out the door immediately we HIGHLY recommend following the instructions as accurately as possible.
How do I submit?
Below you will find a list of categories we’ve selected for this year’s pwnie awards! Simply click the category you’d like to submit to and you’ll be brought to a google form asking you a few questions. If you don’t want your submission to be tossed out the door immediately we HIGHLY recommend following the instructions as accurately as possible.
How do I win?
All accepted nominations are voted on by a select committee of hackers, breakers, and coders. Simply put, if your hacks are great you get a pwnie.
How do I collect?
A selection of nominations will be announced at SummerCon in NYC. If you’ve been nominated we ask that you kindly join us this year at Black Hat USA in Las Vegas where the winners are announced and given their very own Pwnie Awards!
If you can not make it we will reach out to arrange some way to get it to you.
Submission Guidelines, Requirements, Tips & Tricks
We ask that submissions be well written and explain in clear and concise terms why you think the nomination deserves a pwnie. Just because you submit a nomination does not mean it will be accepted into the running. We receive many dozens of submissions every year and if you put some thought and effort into your submission we will happily give it the due consideration it deserves.
If you copy/paste your entire 500 line PoC it’s going to be immediately tossed out and/or lambasted on social media. If you send us a single link to a tweet with zero context it’s getting the ol > /dev/null treatment.
PARTY LIKE A HAXOR WITH A CAN OF ROCKSTAR
Summercon 2024 Presents: Residual Groove
July 19th
9:30pm EST — 12:30am EST
Doors at 9pm
Residual Groove is a five-piece funk/fusion band from Norwalk, CT featuring brothers Previn Edwards (guitar/vocals) and Kiran Edwards (keys/vocals), Miles Livolsi (bass), Henry Thomas (drums), and Garrett Halstead (percussion). With a healthy mix of groovy originals and surprising covers, Residual Groove joins their influences and creations together through tasteful segues and spontaneously improvised segments.
Summercon 2024 Presents: Hackers 1995 Cyberdella Takeover
July 20th
9:30pm EST — ???
Doors at 9pm
Feeling the (Acid) Burn after Summercon? Crash (Override) and relax at our “Hackers” watch party!
Prizes for dressing as your favorite character; popcorn, a fully-stocked bar, and DJ after! Free to the public — rollerblade by with friends!
HRF x PubKey — Financial Privacy is a Human Right with Anna Chekhovich
Thursday, July 18, 2024
6:00 PM to 8:00 PM EDT
Each month, the Human Rights Foundation and PubKey dive into specific HRF initiatives with a focus on how #Bitcoin and #FreedomTech advance humanitarian goals.
We’re thrilled to partner with HRF to shine a light on how Bitcoin is a powerful force for peace and human flourishing.
Our next event will be Thursday, July 18th at 6pm with Anna Chekhovich, HRF’s nonprofit bitcoin adoption lead. Anna will take the stage for a fireside chat with Arsh Molu to discuss how she found her path to anti-corruption activism while living in Russia, and what drives her passion for promoting bitcoin’s as a tool for journalists, freedom fighters, and organizations facing financial oppression from governments and the banking systems they control.
Join us at 4:30 PM for a live Spaces here.
As always, these events are free & open to the public.
DEFCON NYC INDUSTRIAL PARTY
Friday, July 19th
10:00pm — 4:00am EST
$10
Defcon NYC Industrial dance party (since 2009) aka the OTHER DEFCON
the sounds of EBM, Industrial (classic & new), Belgian New Beat, Synth!
DJs:
stalagmike
guests:
grave
strykknine (philly)
back room parkside lounge
fog machine
10pm
12$ 10$ w flyer
Saints & Sinners: Pop-Up Strip Club Party
Friday, July 19, 9pm-3am, 21+ (25+ suggested), HoS members only*
$0–25 GA / $0–45 reserved seats**, depending on membership level
Gemini & Scorpio Loft [267 Douglass St, 3rd fl (ADA accessible)]
For one night only, our sexy clubhouse becomes a full-on strip club, with a double-pole stage, an array of lap dance-ready seating, and our very own Champagne Room. A hand-picked lineup of burlesque, pole or circus stars awaits, each stepping outside the boundaries of their genre to spend the whole night dancing for you on stage and in your lap.
Featuring:
- Audrey Love, Miss Hollywood Burlesque 2023
- Sideshow Scandal, most shameless clown in show business
- Peekaboo Pointe, fastest tassel-twirler from East to West
- Nita B Yellowcakes, the tastiest slice of slink & spice
- Lethal Kitt, fierce Puss from Hell
- Juno, queer chaos
- Ro, the lover munch
Don’t be late: entertainment starts at 9:45pm. Once the dancers are done at 1:30am, the stage is yours to shake your booty on. Live out your strip fantasies as our DJ provides the beats into the night.
Rules of the club: Tip generously (dancers, wait & bar staff). Don’t hog the rail (stage-side seating) if not actively tipping. Get lap dances: they’re the best part…then try the champagne room, because that’s the only way it can get better. Respect the dancers. Keep your hands to yourself (or your partner). Please treat our pole gently; no wild swinging.
*HoS rules: HoS membership, Dress Code & PAL required; prior approval not required; Code of Conduct always applies; no photos except in the designated front area.
COVID safety: HoS requires proof of vaccination on file; masks encouraged; two hospital grade UV air purifiers will cycle the air.
- *Reserved seats include: admission + seat at either a couch or a 4-person table with prime stage view + access to reserved lap dance seat. Seat choice is first-come, first-served.
Levels House Party feat. Vicky T of Cobra Starship
Le Poisson Rouge (158 Bleecker St, New York, NY 10012)
Fri, Jul 19, 11:00 PM
Levels House Party brings you a night of non-stop throwback electro-pop bangers straight out of the party scenes of your favorite college movies. Come dance your face off to everything from the best Avicii and David Guetta remixes to Ke$ha, LMFAO, and Cobra Starship. It’s all the energy of neon, black lights, shutter shades, and spring break but without the noise complaints!
WEEB ADJACENT
Friday, July19th
9:00pm — ???
Wonderville (1186 Broadway, Brooklyn, NY 11221, USA)
WEEB-ADJACENT is your monthly series of anime con afterhour jams by the best chronically online DJs the algorithm has to offer!! Come thru for anime songs, j-core, hard dance, hardstyle, gabber, jungle, hyperpop, and the しかのこのこのここしたんたん song played realllyyyy fasttttt😭😭😭!!!
This month features a stacked lineup of DJs: DV-i, TSJulien , Odyssey, Ceritifed Jesus Freak, and CryoType!!
$10 for entry and dancing all night!!
21+ entry,
FRI 7/19
9PM — LATE!!
Cabaret of Carnage: A Heavy Metal Variety Show
Saturday, July 20 · 6:30–9pm EDT
The Deep End
1080 Wyckoff Avenue Queens, NY 11385
Join us for a wild ride of metal music, devilish drag and burlesque, and unforgettable pole dance and sideshow acts. This event promises to be a night to remember — filled with energy, excitement, and a touch of darkness.
Witness the spectacle of:
\\ Bayonetta
\\ Caresse Deville
\\ Legs Akimbo
\\ Queensiñera
\\ Show Ponii
. . . and more!
Enter thee who dare:
\\ The Deep End
\\ 1080 Wyckoff Ave, Queens NY
\\ Doors @ 6:30 PM / Show @ 7:00 PM
Monetary Sacrifice:
$15 in advance
$20 day of show
21+ only
Night of 1000… HAUNTED HOTTIE$! A $pooky $ummerween Burlesque Show!
Sat Jul 20, 2024 9:30 PM — 12:30 AM
Talon Bar (220 Wyckoff Ave, Brooklyn, NY 11237)
Catboy Harley and JayJayy are back and BRINGING THE FEAR! Please bring your friends, lovers, ghosts, and more to this Summerween themed burlesque show! Costumes encouraged with a costume contest at the intermission!
Feature Performers: Katastrophe Thee Don & Scarlett Hexx
Gogo Demon: Lethal Kitt & Queen Rose
Hosts and Emcees: Fistin Amethystin & JayJayy
Performers! Gogo! Lap dances! Let’s get titillated and terrified with a bunch of spooky babes!
There is a 2 drink minimum to support the bar for this event, but food and non-alcoholic drinks are acceptable as well (Please consider 3 NA drinks)! Buy your favorite costume, sexy monster friend, favorite performer, or yourself some libations to keep the mood going.
21+ with valid ID.
*Catboy Harley will not be able to be in attendance due to personal need.
- *This show takes place down a flight of stairs
https://www.tickettailor.com/events/thejayjayy/1297317
WEEB ADJACENT (Hell Edition)
Saturday, July 20th
10:00 PM — 3:00 AM EST
Hell Phone (247 Varet Street, Brooklyn, NY 11206)
WEEB ADJACENT (HELL EDITION) is NEET rotmaxxing in audio form. Come thru for hardcore, hard dance, speedcore, jungle, dnb, and Caramelldansen played reallyyyy fast. Featuring our insane crew of djs: Actual Angel, Siren, Certified Jesus Freak, rabbitcrime, CryoType, and bubucore69.
DCG 201 TALK HIGHLIGHTS FOR SUMMERCON 2024 (EST)
This is the section where we have comb through the entire list of talks on both days and list our highlights for the talks that stand out to us. Note that this does not invalidate any talks we didn’t list, in fact, we highly recommend you take a look at the full convention schedule beforehand and make up your own talk highlight lists. These are just the talks that for us had something stand out, either by being informative, unique or bizarre. (Sometimes, all three!)
RIPHASH: ANALYZING EXECUTION TRACES ON A BUDGET
Friday, 11:00am
This talk presents a strategy for analyzing dynamic execution of binaries based on sample traces.
Kai is a security researcher and PHD student at NEU.
FROM EXPLOIT BROKERS TO EXTORTION
Friday, 11:00am
Underground communities have provided marketplaces for selling malware, illicit accesses, and stolen data for well over twenty years. But in the past decade, it has become increasingly common for financially motivated actors to specialize in specific stages of the attack lifecycle. Ransomware-as-a-Service (RaaS) offerings are a notorious example of this shift, but cyber crime actors can purchase a wide range of services and tools, including private or semi-private malware capabilities, malware distribution services, domain registration services, traffic distribution services, code signing certificates, and exploits. In this presentation, we’ll review how the cyber crime ecosystem has flourished under this approach. We’ll then discuss the types of exploits available for purchase. Finally, we’ll examine several case studies that illustrate how specific threat actors have benefited from the professionalization and commoditization of the attack lifecycle.
Genevieve is a manager on Google Threat Intelligence’s Cyber Crime Analysis team, which researches financially motivated threat actors involved in a variety of operations, including extortion and financial fraud. She has supported and led in-depth research projects on ransomware actors and regularly spearheads initiatives for improving Mandiant’s analytical capabilities and standards. Prior to joining Mandiant in 2019, Genevieve spent a decade providing threat intelligence, digital forensics, and training support to US Government customers.
DA BOMB: BEYOND INSANITY
Friday, 3:00pm
As offensive security professionals, our most limiting factor is often our time. If we find an exploit on one host, how can we accurately communicate the impact for our entire network? If the vulnerability is fixed, how do we monitor for regressions? Manual exploit verification on hundreds or thousands of hosts is unrealistic — we need to be able to do more with less. Atomic red team is an open-source library of simple, focused tests that map to the MITRE ATT&CK framework. Combined with an automation platform, we can exponentially multiply the effectiveness of our red team talent and allow them to focus on novel attacks rather than low-hanging fruit. This talk will demonstrate how, with a few free tools, we can automate red teaming techniques to amplify our output without expanding our team or increasing our time spent.
Steve Myrick is the manager of adversarial engineering and DevSecOps at Avalara. For the last 5 of his 8 years in security, he’s been building the offensive security practice at his job from the ground up.
Back home in NC, he spends his time hosting the CTF events for CackalackyCon and BSides RDU and occasionally speaking there as well.
Steve loves a good security conference, followed by a cold beer over hearing stories of hilarious pentest findings or social engineering hijinx.
FREQUENTLY ATTACKED QUESTIONS
Frdiay, 4:30pm
This presentation introduces a novel attack against the most popular LLM integration of the past year Retrieval Augmented Generation (RAG) systems. RAG systems enhance language model responses by retrieving and incorporating relevant text into LLM generations to provide up-to-date information and reduce hallucinations in model outputs. The attack exploits the embedding process of RAG systems by smuggling biased or malicious content into the database, which then gets retrieved irrespective of the user’s query. The attack’s effectiveness hinges on the ability to predict and influence the text retrieved by the system, thereby subtly (or not so subtly!) altering the responses. Effectively, no matter what question a user asks attackers will be able to bias the responses. Since these systems are being set up to replace virtually every customer service interaction on the internet, the implications are significant. And they have been made more significant due to recent legal rulings that hold companies responsible for the claims of their chat-bots in customer interactions.
TBD — It’s Visi, so it’s something cool
Friday, 5:00pm EST
INVISIGOTH
WE KILL PEOPLE BASED ON METADATA
Saturday, 2:00pm
Apple presents itself as a privacy first company and the choice for dissidents, journalists, politicians, and others in need of protection from surveillance, however a number of their products and decisions actively prevent real privacy and put their users at risk digitally and physically. In this talk we explore some of these short comings and make suggestions on how to address them.
J. Gdanski is the Founder and CEO of Evertas, where he has led Evertas’s technical development and underwriting, as well as secured multiple rounds of funding from top investors; he is a security, privacy, and risk expert. J is also a founder of CryptoISAC.
Prior to launching Evertas, he was a leader in the enterprise blockchain space and was one of the first to work on institutional custody for crypto. In this capacity he served as an early, significant contributor to blockchain consortia including R3 and Enterprise Ethereum Alliance, of which he was a founding member. He was an integral part of the first enterprise blockchain RFP and has worked on numerous blockchain-based systems. He was the first dedicated hire in the space for a bulge bracket bank and the world’s largest custodian bank and has presented to regulators, legislators, politicians, and business executives, including from Fortune 50 companies.
STARFOX: A CASE STUDY IN EXPLOITING IMPRACTICAL BUGS
Saturday, 3:00pm
Not knowing when to give up can sometimes be your greatest asset. In this talk I’ll dive into my first ever project at Trenchant, a capability named Starfox, and how the worst bug ever was turned into a crazy Rube Goldberg machine with reliable iOS persistence as a side-effect.
Michael Coppola is a Senior Security Researcher working at L3Harris Trenchant (formerly known as Azimuth Security). Michael has over a decade of experience in professional vulnerability research and focuses primarily on hacking mobile platforms.
CHINESE DISCOURSE POWER
Saturday, 4:00pm
TBD
Saturday, 5:00pm
