Aug
10
3:00 PM15:00

Facts, figures, and fun from managing 100,000 hard drives.

Speaker: Andy Klein

For the last five years Backblaze has collected daily operational data from the hard drives in our data centers. This includes daily SMART statistics from over 100,000 hard drives totaling over 500 Petabytes of storage. We’ll start by looking at the lifetime statistics for all the hard drives we have ever used, split out by size and manufacturer. Then we’ll compare the failure rates of consumer versus enterprise drives and we’ll also compare helium-filled versus air-filled drives. We’ll finish up with looking at a handful of SMART attributes to see how temperature relates to hard drive failure and whether or not you can use SMART stats to predict hard drive failure. As a bonus, we’ll show you where to get the data so you can do your own analysis – enjoy.

View Event →
Aug
10
4:00 PM16:00

The Beginner’s Guide to the Musical Scales of Cyberwar

Speaker: Jessica “Zhanna” Malekos Smith

Whether you have a background in information security, law, or national security, this talk is a beginner’s guide to understanding the law of war in cyberspace. By juxtaposing the law of war with a keyboard, the process of how states evaluate the scale and effects of a cyber operation and determine a basis for resorting to a use of force under the Law of Armed Conflict, can be more readily conceptualized. For if music is indeed, the universal language of mankind, then by encouraging society to learn about this area we can collectively better strategize ways to mitigate cyber conflict.

View Event →
Aug
11
2:00 PM14:00

The Memory Remains - Cold drive memory forensics 101

Speaker: Lior Kolnik

Full disk images introduce large amounts of data into a forensic investigation. Still, certain evidence exists only in memory, especially when dealing with malware or fileless attacks designed to stay completely in memory and avoid hitting the disk, exactly for the purposes of avoiding detection and analysis by forensic examiners. Memory forensics is a rapidly growing field, offering many free tools for RAM analysis to uncover important evidence and further the case quickly. As it turns out, these tools can also be applied to a cold drive. Due to OS features such as hibernation, paging and swap space, data from memory ends up being written to disk and survives even when the machine is powered down. In this session, the presenter will introduce the challenges faced when investigations rely solely on disk images, in cases where live memory had not been captured. The audience will then learn how investigators can still benefit from memory forensics in such cases. The presenter will give a full walkthrough of applying techniques, discuss their benefits and limitations, and show examples of results.

View Event →
Aug
11
3:00 PM15:00

Owning Gluster FS with GEVAUDAN

Speaker: Mauro Cáseres

 

Gluster is a free scalable network filesystem. Using common off-the-shelf hardware, it allows the user to create large, distributed storage solution for media streaming, data analysis, and other data and bandwidth intensive tasks, thus providing a nice alternative to create a data replication pool easily. It was acquired by Red Hat in 2011, and merged into Red Hat Storage server in 2012, while still available in the open source world. Gluster itself doesn't have a large vulnerabilities history, having only 6 vulnerabilities reported in the last 6 years (2 of them after being bought by Red Hat). In this talk, we'll focus on the latter two, releasing GEVAUDAN, an exploit for newcomers to the gluster world to learn about it's architecture and security, and the implicancies of proper access managament on replicated data systems. This is a talk for begginers from both fields: data replication schemas and exploits writing, so both fields will have a proper introductory section. A live demo will take place during the talk, and the public can actively participate.

View Event →