jawn (noun) : used to refer to a thing, place, person, or event
that one need not or cannot give a specific name to.
October 11-12, 2024
Arcadia University in the Commons Building
8:00 AM
Friday
Reg Open
9:15 AM
Friday
Opening Remarks
Information about what all ya'll Jawn are about to experience!
Russell Handorf
10:00 AM
Friday
Keynote
A moment of reflection.
Heidi Potter
11:00 AM
Friday
Resurrecting COCOTs, or: How We Decided to Stop Worrying and Save Tons of Payphones
Almost all payphones that are still installed today are COCOTs, Customer-owned coin-operated telephones, that are owned by private organizations not affiliated with "the phone company." COCOTs are the black sheep of the payphone world, often dismissed and discarded by enthusiasts because of their "outsider" status and difficulty to configure and program. As more COCOTs enter the second-hand market, those who buy a payphone of their very own often get saddled with hardware they ultimately can't or won't use... but not anymore.

Join us as we discuss the current state of COCOTs, both taking the pulse of COCOTs in North America via a home-grown tool that actively monitors activity/usage from the thousands of payphones we know about, and the two-year journey to not only figure out how to program our "Protel" COCOTs but also set up a free-to-use programming line that others can use to quickly make their payphones usable again or bootstrap their own telephone collectives.
Mike Dank
Naveen Albert
12:00 PM
Friday
Lunch Break
1:00 PM
Friday
Reviving AOL Instant Messenger
AIM (AOL Instant Messenger) was shut down in 2017, after 20 years of service. At its peak, it served over 36,000,000. It was a cultural icon among teenagers and young adults. Some "revival" services sprang up from the ashes of AIM's demise. They made the defunct AIM clients work again, allowing a small community of AIM enthusiasts to relive the glory days of instant messaging. Unfortunately, none of the operators were willing to open the source code for their reverse-engineered servers.

Flash forward several years. A software engineer and former teenager who used to live on AIM thought it would be fun to poke into AIM's internals. After stumbling on to a treasure trove of reverse engineered AIM protocol documentation from decades past, he decided to implement his own open source AIM server aptly named Retro AIM Server. This talk discusses the origins and motivations of Retro AIM server, dives into the internals of the OSCAR protocol and server implementation, and talks about the challenges of building community around an open source project.
Mike "mk6i"
2:00 PM
Friday
Women in Cybersecurity: Our Rise, Fall, and Return by the Numbers
Once upon a time, women were a rising force in tech. But now you look around, and there are few to be found. It wasn't always a KOTH CTF IRL. In this talk we explore the roots of the prevalent and important question, "What's it like being a woman in cybersecurity?" and how we can all work together to support more inclusive spaces.
Moderator
Jellyphish

Panelists
Kelly Ohlert
Ayliffe Brown
muteki
3:00 PM
Friday
A Strange Tour of North Korea with Red Star OS
Ever wonder what Linux is like outside of the normal distros? in 2015, Chaos Computer Club did that at CCC32, where they demonstrated and dove into a very unique distro: Red Star OS, the Linux distro made in North Korea and tightly controlled by the government.

It's been a while, so now LambdaCalculus is going to dive into Red Star OS and show us all what's under the hood, how it can be cracked, and while he's at it, also demonstrate Red Star running on bare metal! There will be packet sniffing, compiling of code, and of course, running DOOM on it!
Robert "LambdaCalculus" Menes
4:00 PM
Friday
The Top 5 Defensive Measures of 2024 (according to the insurance industry)
In the past cyber insurance was a major driving factor in the adoption of multifactor authentication. Learn what defensive measures the insurance industry is focusing on today by looking at the models they use to assess risk. See what directions the insurance industry might take in the future.
Amanda Draeger
5:00 PM
Close for day
8:00 AM
Saturday
Reg Open
9:00 AM
Saturday
Developing Highly Evasive Malware: Techniques for Bypassing Modern AV and EDR Solutions
This talk will explore advanced malware development techniques, specifically designed for use in red team engagements. I will share my experience in creating a shellcode-loader that successfully evades detection from most modern antivirus (AV) and endpoint detection and response (EDR) systems. The presentation will cover several key techniques for developing tools such as API hashing, process injection, syscall manipulation, and payload encryption, offering several different methods for each technique to achieve operational stealth. Attendees will gain a thorough understanding of the implications of these techniques, along with strategies for detecting and mitigating these threats.

The presentation will also briefly touch on several topics necessary to demystify the complexities of creating highly-evasive programs such as Windows internals, and use of undocumented Native APIs (NTAPIs).
Max Covey
10:00 AM
Saturday
Leveraging the Adversarial Mindset to Become a Better Cybersecurity Professional
The adversarial mindset is an approach to security characterized by a focus on potential adversaries and their capabilities. It involves actively considering the perspectives, strategies, and actions of others who may be working against our interests or objectives and leveraging them to better protect the networks and data we are responsible for protecting.
Kai Pfiester
11:00 AM
Saturday
A Pebble Down the Well: Network Exploration
This short presentation digs into the past, present, and future of network exploration; from the telephone system to virtual overlay IP networks and everything in between.
HD Moore
11:30 AM
Saturday
Exploring Entities within a Threat Detection System
An entity is a jawn. If we know what entities are present in a system, we can use their behavior and interactions to describe the system. Each entity can perform actions, or have actions performed against it, and are distinct and independent things.

Codifying our knowledge about an entity within a technical system — such as a search engine, online workspace, or threat detection system — we can explore a number of knowledge groups:


- Properties of the entity
- Existence within the system
- Behavior or actions taken by the entity
- Relationships to other entities
- Aggregate or emergent characteristics of the entity as a whole.

While this contains a huge swath of possibilities, we can build our understanding of these characteristics from the ground up and help know what level of information you might actually need for understanding your system.
Mike Moran
12:00 PM
Saturday
Lunch Break
1:00 PM
Saturday
Industry Hot Takes: Audience Choice Edition
In our ever changing industry, there is always a new term, a new topic, or a new technology, and with it, comes opinions. See some of your opinionated faves draw your topic submissions at random and give their unadulterated, unmoderated, no holds barred thoughts and opinions, how spicy can we get?
Moderator
GuardianCosmos

Panelists
Bruce Potter (gdead)
Matt Mahler
Josh Marpet (quadling)
2:00 PM
Saturday
WarDriving: A Brief History Through Today
A brief history of WarDriving; From its name giver through their effort of work into a West Coast and East Coast perspective into the beginning of the stats through gamification and the current state of who what and where.
BusySignal
3:00 PM
Saturday
Tales From the Crypt...Analyst: The After Life
The speaker began his career in InfoSec at the National Security Agency first as a Cryptologist, designing and fielding the first software-based cryptosystem ever produced by NSA, and later becoming the primary architect of the first NSA Red Team. He has shared his NSA story in a series of talks, "Tales from the Crypt...Analyst" and "MORE Tales From the Crypt...Analyst". This talk is the third installment in his story and features the transition from NSA to the private sector in the early days of Information Security consulting. He will recount stories from the days of trying to convince companies that if they wanted to connect to the Internet they really needed a firewall; how penetration testing evolved to vulnerability assesments and then to security architecture advisory work; convincing clients that you didn't need a browser to talk to a web server; finding an open network jack really did mean you had access to the network; why it's not a good idea for your mainframe to be Internet reachable; rooting a mainframe; and ultimately trying to find ways to get organizations to think about Information Security from a strategic perspective rather than just selling them a bunch of blinky boxes and telling them where to place them. Of course, we've solved all these problems from the early days...or maybe, just maybe there are still lessons to be learned.
Mr. Jeff Man
4:00 PM
Saturday
Closing Ceremony
Let's see how this went!
Russ Handorf
5:00 PM
Saturday
Closed


JAWNCON0x1 CLASSROOM
9:00 AM
Saturday
Ham Radio Class
This class will teach attendees what they need to know to pass the Technician Class amateur radio license exam and get started in amateur radio. It includes six hours of instruction, with the exam administered immediately after the workshop.

Participants will increase their chances of passing the test if they download the study guide from https://www.kb6nu.com/study-guides/ and familiarize themselves with the material before coming to the class. The text for this workshop is Dan's No Nonsense Technician Class License Study Guide. The PDF version of the study guide is available for free at the above page. EPUB and print versions are also available for a small charge.
Dan Romanchik, KB6NU
~3:30 PM
Saturday
HAM Exams
More info coming....
Ed Wilson, N2XDD
Dan Romanchik, KB6NU
Ⓒ 2024 - JawnCon, LLC. Website written in haste in VI, as mother nature intended.