Man i have seen other DefCon Lectures too and the guys were screaming from laughter even if something was not very funny!! This guy made some excellent jokes and no response....tough audience! :P Nice Presentation!!!
10 years in jail for guessing passwords and distributing pictures yikes. certainly should be illegal but damn... 10 years... he must have done other stuff too
Great example of hackers using their skills for good. In order to scrape the exif data from all flickr (or other source) does that means downloading all 4 billion images or can you scrape exif without downloading? What language did you program your scrape from php? Some older cameras do not have exif compatible metadata, what would you do in that case just call it a lost cause? Excellent presentation. Kind of sad that some hackers out there are more ethical than data mining/marketing companies. Great publicity for gadgettrak too, I'll remember the name. Congratulations.
Very cool video, the idea that the exif info could be used to track down criminals is pure genius (geo-tagging aside of course) , I guess one question is if the exif info of photos on Facebook or Instagram for example have been indexed. This seems like a really great way to recover stolen items. If only every digital device that takes pictures stored serial numbers.
Jack Kraken I would assume the compression would wipe the exif data. I could be wrong though. Definitely worth a try. He gave you the link to the tools. (Edited due to autocorrect fail)
Nerd Habit exif is not wiped on Facebook as if you take a photo with geotagging (picture from a camera with gps activated), Facebook asks you to set the place where the photo has been taken, and it's always the right place where it was taken.
I got involved with alot of dudes in my past who where crocks and would steal laptops. They paid me 10% of what it sold for to wipe the drives and install the OS. Needless to say they all ended up in jail and I got away with 20k for school. No joking was the easiest money I ever made. But now Im on the Up and Up and dont do black hat.
+Eric Norton you meant burn it? haha Because when you just wipe it, the data is still there, you just lose the pointers to them. What you can do is to overwrite all the data and then format again
Some tracking software is embedded in the BIOS. Even if you format the device it will reinstall itself back onto the OS and report home. I had an Asus laptop that had this feature a long time ago. And once it gets turned on in the BIOS there was no way of turning it off even if you disabled it there!
but what if it's got a hidden partition? or something in the firmware? I'd just use a new harddrive, and make sure to spoof your mac after you reinstall on a new HDD.
Lets say I offer people a phone recovery service. People register there phones with me and upload the s/n of there device. I then sub-license with app developers to report back if any of there apps are running on a device with a s/n on a list I provide to them, they get a bounty for finding a device. Tell me how are is your wiping of the phone going to stop me?
I have a prety simple idea for law enf.. how about equipping LEO agencies with laptops or other small devices , preferably capable of logging running say kali linux rolling or again, a similar distro specifically with kismet running, looking for with airodump-ng as well (logging with that too) the MAC address(es) of the stolen device(s).. think that might be helpful? At least to a degree.
Man i have seen other DefCon Lectures too and the guys were screaming from laughter even if something was not very funny!! This guy made some excellent jokes and no response....tough audience! :P
Nice Presentation!!!
that's cause this mostly appeals to feds, and they don't have any sense of humor
Agent800 Hahaha maybe that's the case..
very tough ·~·
I thinks it's because you just can't hear the audience most of the time.
Clever use of GPS and cameras - which are really proliferating in electronics now.
Nice guy, great conference.
Funny enough, one of the faces wasn't actually blurred.
10 years in jail for guessing passwords and distributing pictures yikes. certainly should be illegal but damn... 10 years... he must have done other stuff too
No, computer crimes is a harder punishment than for example rape or drug dealing :)
Nice Job. That is work to be proud of Ken.
This guy is brilliant.
Great example of hackers using their skills for good. In order to scrape the exif data from all flickr (or other source) does that means downloading all 4 billion images or can you scrape exif without downloading? What language did you program your scrape from php? Some older cameras do not have exif compatible metadata, what would you do in that case just call it a lost cause? Excellent presentation. Kind of sad that some hackers out there are more ethical than data mining/marketing companies. Great publicity for gadgettrak too, I'll remember the name. Congratulations.
Took a while to get up to steam, but this is a great talk!
Very cool video, the idea that the exif info could be used to track down criminals is pure genius (geo-tagging aside of course) , I guess one question is if the exif info of photos on Facebook or Instagram for example have been indexed. This seems like a really great way to recover stolen items.
If only every digital device that takes pictures stored serial numbers.
Jack Kraken I would assume the compression would wipe the exif data. I could be wrong though. Definitely worth a try. He gave you the link to the tools.
(Edited due to autocorrect fail)
Nerd Habit exif is not wiped on Facebook as if you take a photo with geotagging (picture from a camera with gps activated), Facebook asks you to set the place where the photo has been taken, and it's always the right place where it was taken.
That grin at the end lol, so proud of himself
I got involved with alot of dudes in my past who where crocks and would steal laptops. They paid me 10% of what it sold for to wipe the drives and install the OS. Needless to say they all ended up in jail and I got away with 20k for school. No joking was the easiest money I ever made. But now Im on the Up and Up and dont do black hat.
Sooooo always wipe the hard drive after you steal a computer/cellphone?
+Eric Norton you meant burn it? haha
Because when you just wipe it, the data is still there, you just lose the pointers to them. What you can do is to overwrite all the data and then format again
Some tracking software is embedded in the BIOS. Even if you format the device it will reinstall itself back onto the OS and report home. I had an Asus laptop that had this feature a long time ago. And once it gets turned on in the BIOS there was no way of turning it off even if you disabled it there!
but what if it's got a hidden partition? or something in the firmware? I'd just use a new harddrive, and make sure to spoof your mac after you reinstall on a new HDD.
and then change the serial numbers on every chip.
Lets say I offer people a phone recovery service. People register there phones with me and upload the s/n of there device. I then sub-license with app developers to report back if any of there apps are running on a device with a s/n on a list I provide to them, they get a bounty for finding a device. Tell me how are is your wiping of the phone going to stop me?
Man, he didn't even get a chuckle out of his jokes. It was a good talk otherwise though.
He did, lots in fact. The audience is very quiet in the audio.
I have a prety simple idea for law enf.. how about equipping LEO agencies with laptops or other small devices , preferably capable of logging running say kali linux rolling or again, a similar distro specifically with kismet running, looking for with airodump-ng as well (logging with that too) the MAC address(es) of the stolen device(s).. think that might be helpful? At least to a degree.
What an ending.
what was the crazywall software he mentioned. Multigo? didnt find anything
Interesting...
i already knew to be paranoid while online, now im fukn freaked, boogey data got all my shiet
THANKS!
how do u spy on someone?
How can I search the EXIF Database?
iss switched to linux in may
A lot of these Def Con videos are really...meh.
I likeded dis 1 a lotz
it all depends what you are into...
Blackhat had an ethics issue? I thought you had to have a 0day in your presentation to have a talk there
how in the fuck do you take a picture from a laptop's webcam that is not yours ?? HOW
Good, I hate thieves!
Cool
has anyone download the tools
hi
No!
Imean, hello sir. gday 2u
k