LinuxFest Northwest 2012

Bellingham, WA April 28th & 29th

Platinum Sponsors

Man in the Middle - DIY Security and Privacy

Learn to eavesdrop on your own devices for fun and profit! For most of us our lives continue to be inundated with an increasing number of devices. These devices include laptops, smart phones, tablets, game consoles, network attached storage devices, streaming media boxes, smart televisions and more. It has become difficult to buy a a gadget that does not connect to the Internet. What are these devices communicating about us and our lives? What specific data is sent over the wire? To whom is this data sent?

I intend to empower individuals to examine the devices they own and the impact these devices have on their privacy and security. The focus will be on utilizing various methods of becoming the "man in the middle" (MITM). All of the tools to be used in this presentation are open source and freely available (although the devices and platforms we target may not be). Some of the tools we will discuss include tcpdump, wireshark, OWASP Zed Atack Proxy, OpenSSL, the CyberVillains CA and the Mallory transparent TCP and UDP proxy.

We have all seen media reports regarding one vendor or another that transmits sensitive data over the Internet without their users being fully aware. At the end of this talk an attendee will be prepared to go forward and conduct the type of research required to uncover these issues.

About the Speaker:

Andrew Becherer is a Principal Security Consultant with iSEC Partners. His focus is web and mobile application security as well as cloud architecture security. He is a repeat speaker at LinuxFest Northwest and has been a speaker and trainer at a number of information security specific conferences. These include BlackHat USA, the National Information Security Group (NAISG), the Information Processing Management Association and the several Open Web Application Security Project (OWASP) events. A past president of the currently sleeping Tacoma Linux Users Group, Andrew has been involved in the Washington State open source community since moving here in 2001.

Other Session Information:

This is intended to be a 50 minute and will only require the use of a projector.


Experience level: 


Time slot: 


Session Length: 

Session Tags: