Registration
8:30 - 9:00 AM
Check in & badges
Opening Remarks
9:00 - 9:10 AM
Welcome!
Opening Keynote
9:10 - 9:55 AM
Opening Keynote: A Call To Action with Chris Burrows
Embracing the power of a community, a person at a time. As an infosec community, we are stronger together but it takes courage, commitment and action. We will discuss some recent examples of great community projects, share some programs that are happening in our communities today and how you can get involved.
Embracing the power of a community, a person at a time. As an infosec community, we are stronger together but it takes courage, commitment and action. We will discuss some recent examples of great community projects, share some programs that are happening in our communities today and how you can get involved.
Talk 1
10:00 - 10:25 AM
The world of deepfakes, deception, and adversarial AI! with Chris Roberts
In the words of the late, great Sir Terry Pratchett, A lie can run round the world before the truth has gotten its boots on. This is never so right as today’s digital world of 5 second slices of attention, and a global population eager for the next calamity to seize and opine upon. Yet here we are, clutching our McMouse burger, ready to inflict our fake images, story, and feelings upon our audience. Our world of likes, and desire for attention vs. that of the corporation and its desire to remain controversy free, ecofriendly, and to all outward appearances the best custodian of the truth (or its version thereof). Which brings us to the question as to which is mightier? The consumer with their iPhone, or the corporation and all its resources? With AI, Deepfakes, and adversarial capabilities at hand it IS the time of the users uprising, if only they could tear themselves away from…
In the words of the late, great Sir Terry Pratchett, A lie can run round the world before the truth has gotten its boots on. This is never so right as today’s digital world of 5 second slices of attention, and a global population eager for the next calamity to seize and opine upon. Yet here we are, clutching our McMouse burger, ready to inflict our fake images, story, and feelings upon our audience. Our world of likes, and desire for attention vs. that of the corporation and its desire to remain controversy free, ecofriendly, and to all outward appearances the best custodian of the truth (or its version thereof). Which brings us to the question as to which is mightier? The consumer with their iPhone, or the corporation and all its resources? With AI, Deepfakes, and adversarial capabilities at hand it IS the time of the users uprising, if only they could tear themselves away from…
Talk 2
10:30 - 10:55 AM
Vibe Coding: It's Time to Secure the Inputs AND Outputs from our AI Revolution with Stephanie Frantz
What is 'vibe coding,' and why are developers, even seasoned ones, embracing this AI-driven approach? Is it a revolutionary leap forward, or a potential security minefield? We find ourselves in uncharted territory, wielding new and powerful tools. We'll delve into the ethical considerations, the potential security pitfalls, and the creative solutions emerging in this rapidly evolving landscape. We will examine how understanding the risks empowers us to build secure, ethical, and responsible AI-powered systems. Join us to discuss how to navigate this transformative era with integrity and foresight, ensuring our security practices are not just reactive, but proactive, by fully leveraging the established security principles we've long advocated.
What is 'vibe coding,' and why are developers, even seasoned ones, embracing this AI-driven approach? Is it a revolutionary leap forward, or a potential security minefield? We find ourselves in uncharted territory, wielding new and powerful tools. We'll delve into the ethical considerations, the potential security pitfalls, and the creative solutions emerging in this rapidly evolving landscape. We will examine how understanding the risks empowers us to build secure, ethical, and responsible AI-powered systems. Join us to discuss how to navigate this transformative era with integrity and foresight, ensuring our security practices are not just reactive, but proactive, by fully leveraging the established security principles we've long advocated.
Talk 3
11:00 - 11:25 AM
Smart Homes, Smart Security: Keeping Your Connected Devices Safe in the Neighborhood with Reid Brosko
More info coming soon...
More info coming soon...
Talk 4
11:30 - 11:55 AM
Meshtastic Attacktastic with Dave Swartzberg
Meshtastic is an innovative, open-source platform that allows for long-range, off-grid communication through LoRa-based mesh networks. While offering powerful tools for decentralized communication, particularly in remote areas or during emergencies, Meshtastic also introduces a set of security risks that could be exploited by adversaries. This talk introduces Meshtastic then explores the potential vulnerabilities within Meshtastic networks, focusing on attack vectors such as message interception, replay attacks, Denial of Service (DoS), and jamming. Additionally, we will analyze the effectiveness of the platform's encryption and authentication mechanisms, offering insights into how these systems can be compromised and how users can mitigate these risks.
This session will include a technical breakdown of known weaknesses and present both simulated and real-world examples of attacks on Meshtastic networks. Attendees will gain a deeper understanding of how to defend against these threats, hardening their mesh networks against malicious actors. Whether you’re a hobbyist experimenting with off-grid communications or a security professional assessing decentralized systems, this presentation will equip you with the tools and knowledge to secure your Meshtastic devices.
Meshtastic is an innovative, open-source platform that allows for long-range, off-grid communication through LoRa-based mesh networks. While offering powerful tools for decentralized communication, particularly in remote areas or during emergencies, Meshtastic also introduces a set of security risks that could be exploited by adversaries. This talk introduces Meshtastic then explores the potential vulnerabilities within Meshtastic networks, focusing on attack vectors such as message interception, replay attacks, Denial of Service (DoS), and jamming. Additionally, we will analyze the effectiveness of the platform's encryption and authentication mechanisms, offering insights into how these systems can be compromised and how users can mitigate these risks.
This session will include a technical breakdown of known weaknesses and present both simulated and real-world examples of attacks on Meshtastic networks. Attendees will gain a deeper understanding of how to defend against these threats, hardening their mesh networks against malicious actors. Whether you’re a hobbyist experimenting with off-grid communications or a security professional assessing decentralized systems, this presentation will equip you with the tools and knowledge to secure your Meshtastic devices.
Lunch
12:00 - 1:00 PM
Lunch sponsored by Panther!
Acknowledgements & Announcements
1:00 - 1:15 PM
Sponsor Acknowledgements & Announcements
Thank you sponsors! Stay tuned for after-lunch announcements.
Thank you sponsors! Stay tuned for after-lunch announcements.
Afternoon Panel
1:15 - 2:25 PM
Women in Tech Panel hosted by Mattie D, with panelists Ariel Gordon, Bandhan Kaur, Jeseekia Vaughn, and L'Oréal Del-Vonné
Join us as we spotlight the powerful role of women in technology. This panel will feature inspiring stories of overcoming challenges, driving innovation, and shaping a more inclusive tech landscape. Gain insights, build connections, and leave empowered to push boundaries in your career!
Join us as we spotlight the powerful role of women in technology. This panel will feature inspiring stories of overcoming challenges, driving innovation, and shaping a more inclusive tech landscape. Gain insights, build connections, and leave empowered to push boundaries in your career!
Talk 5
2:30 - 2:55 PM
KICKing out FUD: Kindness, Information & Communication trump Fear, Uncertainty & Doubt with Ray Davidson
The increasing chaos in the environment along with increasing concerns around global relationships and the undermining of our national cybersecurity apparatus can feel overwhelming. This presentation will draw particular attention to cyber threats that have impact in daily life, and suggest actions for cybersecurity professionals. The talk presented will undoubtedly reflect IRL activities between the time of this abstract and the presentation; come see what happens!
The increasing chaos in the environment along with increasing concerns around global relationships and the undermining of our national cybersecurity apparatus can feel overwhelming. This presentation will draw particular attention to cyber threats that have impact in daily life, and suggest actions for cybersecurity professionals. The talk presented will undoubtedly reflect IRL activities between the time of this abstract and the presentation; come see what happens!
Talk 6
3:00 - 3:25 PM
The Truth, The whole Truth and Nothing but the Truth about Cybersecurity with Dr Louis DeWeaver III
Cybersecurity is currently in a state of crisis, and it is imperative that we confront this issue head-on. The increasing aggressiveness and sophistication of adversaries is not the primary concern; rather, our approach to tackling these threats is a significant part of the problem. In the realm of defending against cyberattacks, it is not the probabilities that count, but rather the actions we take. Implementing a Zero Trust strategy stands out as one of the most effective methods to address the crisis at hand. Merely relying on solutions is insufficient. Many well-known cybersecurity tools from both large enterprises and startups often fail to deliver on their promises or provide misleading, if not outright fraudulent, data. The notion that vendors frequently misrepresent their capabilities is, as the saying goes, "a tale as old as time." However, the idea that these vendors may be so convincing because they genuinely believe in their own fabrications is particularly thought-provoking. In this discussion, we will delve into the realities surrounding cybersecurity vendors, certifications, and a range of other contentious topics within the cyber domain.
Cybersecurity is currently in a state of crisis, and it is imperative that we confront this issue head-on. The increasing aggressiveness and sophistication of adversaries is not the primary concern; rather, our approach to tackling these threats is a significant part of the problem. In the realm of defending against cyberattacks, it is not the probabilities that count, but rather the actions we take. Implementing a Zero Trust strategy stands out as one of the most effective methods to address the crisis at hand. Merely relying on solutions is insufficient. Many well-known cybersecurity tools from both large enterprises and startups often fail to deliver on their promises or provide misleading, if not outright fraudulent, data. The notion that vendors frequently misrepresent their capabilities is, as the saying goes, "a tale as old as time." However, the idea that these vendors may be so convincing because they genuinely believe in their own fabrications is particularly thought-provoking. In this discussion, we will delve into the realities surrounding cybersecurity vendors, certifications, and a range of other contentious topics within the cyber domain.
Talk 7
3:30 - 3:55 PM
i3Detroit Maker Space with Matt Arnold
About 200 volunteers have built out a 13K square foot workshop for technological & creative expression. We meet the needs of ourselves & each other without having to figure out how to get someone to pay us to do it.
About 200 volunteers have built out a 13K square foot workshop for technological & creative expression. We meet the needs of ourselves & each other without having to figure out how to get someone to pay us to do it.
Closing Keynote
4:00 - 4:45 PM
Securing Sexuality: Rewiring our Intimate Connections with Stefani Goerlich
Throughout time, folks looking for love (or lust) have found & formed relationships with one another by leveraging community networks – relatives, clergy, nosy neighbors, even matchmakers. For the first time in history, relationships are no longer mediated by other people, but rather by technology. From dating websites and social media to AI partners and connected sex toys, technology represents an evolutionary factor we have not seen since the agricultural revolution… and for the most part, tech companies are entirely unprepared. Attendees will learn how to critically examine both their use of technologies AND their relationship to these tools. They will be able to articulate a framework for digital health and apply its principles to relationships both online and off. We will critically examine surveillance culture as well as changing legal and social norms and explore the way these impact client safety across the lifespan. This presentation is relevant to anyone who uses technology to manage their personal information, cultivate and maintain their personal relationships, or to facilitate their professional work.
Throughout time, folks looking for love (or lust) have found & formed relationships with one another by leveraging community networks – relatives, clergy, nosy neighbors, even matchmakers. For the first time in history, relationships are no longer mediated by other people, but rather by technology. From dating websites and social media to AI partners and connected sex toys, technology represents an evolutionary factor we have not seen since the agricultural revolution… and for the most part, tech companies are entirely unprepared. Attendees will learn how to critically examine both their use of technologies AND their relationship to these tools. They will be able to articulate a framework for digital health and apply its principles to relationships both online and off. We will critically examine surveillance culture as well as changing legal and social norms and explore the way these impact client safety across the lifespan. This presentation is relevant to anyone who uses technology to manage their personal information, cultivate and maintain their personal relationships, or to facilitate their professional work.
Closing Remarks
4:45 - 5:00 PM
See you next time!