That latest report on mass location surveillance using SS7 makes me want to try a test.

https://www.motherjones.com/politics/2025/10/firstwap-altamides-phone-tracking-surveillance-secrets-assad-erik-prince-jared-leto-anne-wojcicki/

I’ll enable airplane mode and VoLTE, and see how calls and messages perform when only using VPN over WiFi.

If that works reasonably well then the next step is to us a mobile hotspot for the WiFi.

In the end my SS7 location would always show the geolocated IP address of where the VPN terminates.

Does that sound about right #Privacy #DefCon #Phreaks?

That latest report on mass location surveillance using SS7 makes me want to try a test.

https://www.motherjones.com/politics/2025/10/firstwap-altamides-phone-tracking-surveillance-secrets-assad-erik-prince-jared-leto-anne-wojcicki/

I’ll enable airplane mode and VoLTE, and see how calls and messages perform when only using VPN over WiFi.

If that works reasonably well then the next step is to us a mobile hotspot for the WiFi.

In the end my SS7 location would always show the geolocated IP address of where the VPN terminates.

Does that sound about right #Privacy #DefCon #Phreaks?

Good thing there's a weekend coming up - the #defcon Youtube channel has dropped a few hundred #defcon33 videos for your leisurely perusal. Clear your schedule and let the #dc33 Main Stage and Creator Stage Talks wash over your thirsty brain.

https://www.youtube.com/playlist?list=PL9fPq3eQfaaBB9HANwjaTlKFuVhRxkdz2

Even more #dc33 village and music goodness on the way.

As always, enjoy and #passiton.

Good thing there's a weekend coming up - the #defcon Youtube channel has dropped a few hundred #defcon33 videos for your leisurely perusal. Clear your schedule and let the #dc33 Main Stage and Creator Stage Talks wash over your thirsty brain.

https://www.youtube.com/playlist?list=PL9fPq3eQfaaBB9HANwjaTlKFuVhRxkdz2

Even more #dc33 village and music goodness on the way.

As always, enjoy and #passiton.

@janet and @andy announced #TechReclaimers to the world at #defcon33

Now you can watch our video on #Peertube

https://video.infiniteloop.tv/w/gJoNQQB6CABxLAGJhkDmtX

Join us on Discord and #reclaimcontrol of your digital lives:

https://discord.gg/5AhGRMVDBR

#reclaimcontrol #defcon #reclaimtech

The music from #DEFCON 33 just got posted to https://media.defcon.org - Enjoy during the extended shutdown. Thanks to @Defcon_Music for getting it recorded and edited!

We will post soon under the @defcon account, but want to give my followers a sneak peek.

The music from #DEFCON 33 just got posted to https://media.defcon.org - Enjoy during the extended shutdown. Thanks to @Defcon_Music for getting it recorded and edited!

We will post soon under the @defcon account, but want to give my followers a sneak peek.

Missing DEF CON already and don’t want to wait until 2026 to be back in the action? We’ve got a solution! DEF CON is headed to Bahrain for the Arab International Cybersecurity Conference & Exhibition, hosted by the National Cyber Security Center Bahrain. Everything will kick off with two days of training from our expert instructors.

Check out the course offerings and secure your seat today: https://training.defcon.org/collections/arab-cybersecurity-2025

#defcontraining #defcon #defconbahrain#AICS2025#Bahrain#UAE#SaudiArabia #cybertraining #infosec #cybersecurity #cyberdef ense #AI #digitalforensics #threathunting #cloud

A journey of a thousand miles begins with a single pick.

#throwbackthursday #defcon #defcon33 #toool#LockpickVillage

Updated #DefCon 33 presentation materials have been posted to the https://media.defcon.org server. As more content is ready we will post updates.

Thank you to everyone who attended my #Meshtastic talk at #HOPE, focused on building your own nodes & emerging attacks demonstrated at #Defcon!

If you didn't catch it, it was recorded here: https://www.youtube.com/live/zxgoACKKH30?si=kbd3JDryZBfrAHd1&t=63

Several people were arrested during an undercover operation targeting child sex predators in Nevada. One of them is Tom Alexandrovich, who turns out to be the Executive Director of the Israel Cyber Directorate. The child predator was released.

I believe the security community must denounce this person and be banned from the conferences, including BlackHat and DefCon.

@fr0gger since, unfortunately, you are in the picture with this person (LinkedIn account of him was deleted already), and you have a good reputation within our community, would be super cool if you'd take a lead and get in touch with the BlackHat/DefCon organizers.

Link to news: https://www.msn.com/en-us/tv/news/israeli-official-arrested-in-nevada-child-sex-operation-is-released-and-back-in-israel/ar-AA1KCpah

#BlackHat#BHUSA#BlackHatUSA2025#Cybersecurity#ThreatIntelligence#DefCon#Israel#DEFCON33#TomAlexandrovich

This research by Marek Tóth presented at #DEFCON is good. The vulnerability he discusses is real.
However, exploiting it requires the attacker to compromise a website and add phantom workflows to it that the victim doesn't notice as suspicious. Not impossible, but also IMO not likely unless you visit shady websites frequently.
Personally, I do not think the likelihood is high enough to disrupt my existing workflows to protect against the attack.
#clickjacking #infosec
https://marektoth.com/blog/dom-based-extension-clickjacking/

Several people were arrested during an undercover operation targeting child sex predators in Nevada. One of them is Tom Alexandrovich, who turns out to be the Executive Director of the Israel Cyber Directorate. The child predator was released.

I believe the security community must denounce this person and be banned from the conferences, including BlackHat and DefCon.

@fr0gger since, unfortunately, you are in the picture with this person (LinkedIn account of him was deleted already), and you have a good reputation within our community, would be super cool if you'd take a lead and get in touch with the BlackHat/DefCon organizers.

Link to news: https://www.msn.com/en-us/tv/news/israeli-official-arrested-in-nevada-child-sex-operation-is-released-and-back-in-israel/ar-AA1KCpah

#BlackHat#BHUSA#BlackHatUSA2025#Cybersecurity#ThreatIntelligence#DefCon#Israel#DEFCON33#TomAlexandrovich

Burning, man

｢ DEF CON attendees appeared to pay little attention to the human rights atrocities committed by CACI while resting their Vegas-priced beverages on a table prominently displaying the company’s backlit logo ｣

https://jackpoulson.substack.com/p/when-counterculture-and-empire-merge

#defcon #uspol #cybersecurity

Yet another amazing time at #DEFCON.

Shout out to all the cool people I was able to spend time with.

Thank you to @thegibson for... all the things.

Lots of awesome stuff at #defcon this year, lots to improve too. Feel like I’m aging out, but also excited for its future.

Which brings me to part two, MeshMarauder.

An open source tool demonstrating proof-of-concept exploits against the DEFCON 33 Meshtastic firmware.

MeshMarauder will demostrate:

- Tracking user activity on any mesh regardless of encryption usage
- Hijack all meshtastic user profile metadata
- Change any users public key
- Send messages as any user in channel chats that appear authentic
- MITM direct messages

https://meshmarauder.net

#defcon #meshtastic #meshmarauder #cybersecurity

So when it's this easy to get a MITM going things like making posts in public chats as anyone you want feels kinda low key.

But I do hope that extended warranty works out, everyone seems pretty concerned about them.

#defcon #meshtastic #lora #cybersecurity

Which brings me to part two, MeshMarauder.

An open source tool demonstrating proof-of-concept exploits against the DEFCON 33 Meshtastic firmware.

MeshMarauder will demostrate:

- Tracking user activity on any mesh regardless of encryption usage
- Hijack all meshtastic user profile metadata
- Change any users public key
- Send messages as any user in channel chats that appear authentic
- MITM direct messages

https://meshmarauder.net

#defcon #meshtastic #meshmarauder #cybersecurity