Pumpcon 2019 Speakers:

Power to the People - Better privacy & security training


Every time we hear of a co-worker falling for a phish, having their Spring2019 password cracked, or someone's intimate pictures from their phone blasted all over the Internet, we roll our eyes and laugh at the idiot. It's the "human factor", which makes us at the infosec community feel superior without taking the blame or doing meaningful non-CYA work around it.

I got tired of it, so I got involved in a few projects that make security and privacy more accessible to ordinary people. I've learned that most people are just as concerned about their digital life, and will follow good practice if you only arm them with sufficient knowledge (and make it engaging: our training rules banned Powerpoint, limited group size to 10 attendees, and other things).

I want to solicit the audience experiences and thoughts throughout the talk, but please no bitching about how people are morons and still use Windows XP despite our warnings. Complaining is easy, it's fixing things that’s hard.

Sucker(s) Presenting:
Aelon Porat/@whereisbiggles

Panel Talk- What the fuck is wrong with us (the infosec community)


Seriously, what the fuck is wrong with us? Why do we insist on eating our young on social media, at conferences, and in our industry? Why do we gatekeep and snipe at each other when we should be sticking together? How can we improve our situation to keep the real enemy in sight? Who is the real enemy?

All these questions and more are fodder for a conversation fraught with examples of how we're failing each other as hackers. Let's name some names, show some shitty social media posts and talk about how to pull ourselves a little closer back together again.

Panel Suckers:

rand0h (Senior TAM @ Gigamon)
Ofir (Professional ShitPoster) George Sandford (Senior Manager @ FireEye)
And invited guests

BLE Protocol & tools


BLE is one of the most common wireless protocols used in IoT devices today. This talk will follow the BLE protocol and apply a 4 phases approach to assessing the security of these devices: Reconnaissance, Sniffing and Capturing, Extracting Sensitive Data, and Exploitation. This talk will walk attendees through the tools needed for testing similar devices and how to create a CTF for practicing their BLE skills.

Sucker(s) Presenting:

Project Overlord - using drones to aid vision impaired people


People needing visual assistance today have limited options. Companies offer the blind smart walking sticks. These devices can identify given obstacles; detect pot holes, and changes in surface texture. Other manufacturers offer supposedly artificial vision and GPS capability. Where they lack is detecting low hanging objects, sign boards, or open windows. Additionally, bumping into people is a common problem. There is no immediate call for help if someone should need assistance except for the dependence on another person placing a call to law enforcement or Emergency Medical Services. This proposal will offer a solution that will do all of the above and give constant distance to object feedback, object identification, and make a call to a monitoring service or emergency help if needed. All of this will be accomplished with drones that fly and are terra-firma based. There are many challenges to creating a solution. We would like to ask the audience to provide input as to whether or not this is a good project to pursue

Sucker(s) Presenting:
FX & PacketTeaser