Michael Schrenk
  Home     Strategies     Webbots     Publications     Defcon     WebDev     Blogs     Contact             
UPDATE: I'm speaking at DEFCON XXIII. Aug 7, 2015 @ 1:00pm, Bally's Las Vegas
Also, here is a handy printable DEFCON 23 schedule.
I've been fortunate in being able to speak at DEFCON seven times (including the upcoming DEFCON XXIII). I've also covered DEFCON for Computer World Magazine.
  Show
All 		  DEFCON
V 		  DEFCON
X 		  DEFCON
XI 		  DEFCON
XV 		  DEFCON
XVII 		  DEFCON
XXI 		  DEFCON
XXII 		  DEFCON
XXIII 		 
 

 TALK: DEFCON XXIII, AUG 2015
DEFCON XXIII, Aug 2015
“Applied Intelligence: Using Information That's Not There”
Organizations continue to unknowingly leak trade secrets on the Internet. To those in the know, these leaks are a valuable source of competitive intelligence. This talk describes how the speaker collects competitive intelligence for his own online retail business. Specifically, you learn how he combines, trends, and analyzes information within specific contexts to manufacture useful data that is real, but technically doesn't exist on it's own. For example, you will learn about the trade secrets that are hidden within sequential numbers, how he uses collected intelligence to procure inventory, and how and why he gauges the ongoing health of his industry and that of his competitors. And on a related note, you'll also learn how the federal government nearly exposed an entire generation to identity fraud.
 

 TALK: DEFCON XXII, AUG 2014
DEFCON XXII, Aug 2014
“You're Leaking Trade Secrets”
Networks don't need to be hacked for information to be compromised. This is particularly true for organizations that are trying to keep trade secrets. While we hear a lot about personal privacy, little is said in regard to organizational privacy. Organizations, in fact, leak information at a much greater rate than individuals, and usually do so with little fanfare. There are greater consequences for organizations when information is leaked because the secrets often fall into the hands of competitors. This talk uses a variety of real world examples to show how trade secrets are leaked online, and how organizational privacy is compromised by seemingly innocent use of The Internet.

 

 TALK: DEFCON XXI, AUG 2013
DEFCON XXI, Las Vegas NV, Aug 2013
“How my Botnet Purchased Millions of Dollars in Cars, and Defeated the Russian Hackers”
This is the true story of a botnet that created a competitive advantage for a car dealership. This dealership found a website that offered returned lease vehicles—great cars for their inventory—but bad web design and heavy competition from other automotive dealerships made the website useless. In response, a botnet was developed to make automotive purchases with machine precision. With the bot, they could acquire any cars they wanted, without interference from competing dealerships. During its one-year life, this botnet autonomously acquired many millions of dollars in cars. Along the way, it successfully adjusted to competition from a similar bot developed by Russian hackers while maintaining a sufficiently low profile to “stay below the radar” of everyone involved.

 

 TALK: DEFCON XVII, LAS VEGAS NV, AUG 2010
DEFCON XVII, Las Vegas NV, Aug 2010
“Screen Scraper Tricks, Difficult Cases”
Screen scrapers and data mining bots often encounter problems when extracting data from modern websites. Obstacles like AJAX discourage many bot writers from completing screen scraping projects. The good news is that you can overcome most challenges if you learn a few tricks. This session describes the (sometimes mind numbing) roadblocks that can come between you and your ability to apply a screen scraper to a website. You'll discover simple techniques for extracting data from websites that freely employ DHTML, AJAX, complex cookie management as well as other techniques. Additionally, you will also learn how "agencies" create large scale CAPTCHA solutions. All the tools discussed in this talk are available for free, offer complete customization and run on multiple platforms.
    Quoted from the DEFCON XV program
 
 

 TALK: DEFCON XV, LAS VEGAS NV, AUG 2007
DEFCON XV, Las Vegas NV, Aug 2007 “The Executable Image Exploit”
The “Executable Image Exploit” lets you insert a dynamic program into any community website that allows references to off-domain images; like MySpace or eBay. By uploading the following line of HTML to a community website, <img src=”http://www.mydomain. com/executable.jpg”> you can launch a dynamic program that masquerades as a static image and capable of reading and writing cookies, analyzing referrer (and other browser) variables and access databases. It is even possible to create an image the causes a browser to execute JavaScript.     Quote from the DEFCON XV program
This lecture described how to disguise computer programs as online images that may be used to gather specific metrics. I also talked about how these methods were used to help a Private Investigator track an online stalker.
You can watch Michael Schrenk's DEFCON 15 talk here.
 

 TALK: DEFCON XI, LAS VEGAS NV, AUG 2003
DEFCON XI, Las Vegas NV, Aug 2003
“Online Corporate Intelligence”
In this presentation, I enlarged on the previous year's pretension to show how automation can improve Corporate Competitive Intelligence.
 
Follow the link for details on Michael Schrenk's DEFCON XI Talk
 

 TALK: DEFCON X, LAS VEGAS NV, AUG 2002
DEFCON X, Las Vegas NV, Aug 2002
“An Introduction to Writing Webbots and Spiders”
You can have a lot of fun with the Internet by ditching your browser in favor of writing special purpose programs that look for or do very specific things on the Internet. This session will equip you with techniques to extract and interact with data from web sites without a browser, parse and filter data, follow links, deal with encryption and passwords, and manage terabytes of information. You'll also learn why writing these programs is a useful activity, and walk away with ideas and abilities to write useful spiders or web agents of your own design.
    From the DEFCON X program
Follow the link for more information on Michael Schrenk's DEFCON 10 Talk.
 
 

 ARTICLE: COMPUTER WORLD MAGAZINE, AUG 1997
Computer World Magazine, Aug 1997
“Fear and Hacking in Las Vegas”
Back in the '90s, I pioneered ways to transmit heart biometrics to physicians over the Internet via a standard browser and simple hardware. Because of the requirements of the medical industry, I became very interested in online security. At the same time, I became frustrated with the data security education available at the time. During this time I discovered that the hacker community was by far the best place to learn about security (it still is). I wanted to attend DEFCON 5, the world's largest hacker convention, but didn't want to offend the extremely conservative consulting firm that employed me. I found the solution to my problem by covering the story for Computer World Magazine. In the process, I got to work with a big-time photographer, Susan Werner, and had a great introduction to writing. (This was my first paying writing gig.) The article is no longer on the Computer World website, but you can read the archive of Fear and Hacking in Las Vegas on the DEFCON website.

Contact

Contact Schrenk
NOTE: Any third-party images used on this website belong to their respective owners.

Get Updates

The Best Words with Friends Mobile Cheat
US Time Zone Cheat
Copyright © 2024. All rights reserved