Summercon 2025

Tom Ritter

Browser fingerprinting is the creepy party trick of the internet: change your VPN exit and clean your cookies and websites can still re-identify you. Is it as bad as it seems?

Well, we’ve got the receipts and we know just how unique fingerprinters think you are – and why.

More importantly, we’ll dig into what can actually be done about it when you’re the one on defense. Spoiler: “lie about everything” isn’t a viable strategy, unless you’re also cool with breaking your own browser. The hardest part of anti-fingerprinting isn’t figuring out how to make users less unique – it’s avoiding catastrophic, silent breakage of real-world sites, and even detecting when that breakage happens. Most fingerprinting defenses involve some combination of lying in APIs, randomizing outputs, and overriding user preferences – but every one of those approaches risks pissing off your users _and_ subtly breaking Google Meet.

No browser has performed as detailed a fingerprinting study as ours, and no one but a browser can. Find out why things are both not as bad as you thought they were and much worse. Come for the scary graphs showing how unique people are. Stay for the spicy takes on perverse incentives for browsers…

Audience-driven tangents can include: why it’s harder to exploit Tor Browser than Firefox, what are other browsers doing, ranting about browser fingerprinting sites like browserleaks or panopticlick, and why you shouldn’t enable Tor’s stricter fingerprinting protections that are present in Firefox.

Thomas Wilson

Making apps for TVs is hard, so what happens if you install one without running a single line of code? In this talk, we’ll walk through the process of exploring Samsung’s Tizen platform, focusing on low-friction ways to find bugs in the app install surface. Along the way, we’ll look at the surprisingly simple package that gave us shell access, how we broke out of Samsung’s official emulator, and what’s left to uncover. In an environment where even the emulator denies you a shell, we’re taking back the console.

Jennifer Hay, with Colin Ahern (moderator)

Jennifer Hay’s nearly 25 year career at the intersection of technology, security, and intelligence culminated with her as the last director of the Defense Digital Service before she resigned in protest this April in the face of DOGE. Hear from Jennifer’s unparalleled perspective on leading the rapid delivery of critical software and technology in some of the most austere and demanding environments, “hacking” the Pentagon, and how we move forward. Colin Ahern, New York State’s Chief Cyber Officer moderates.

J. Gdanski

The FOSS/Privacy communities are on a mission, but what if the mission is doomed for no reason other than our inability to get out of our own way? Until the tools that are necessary for us to have both freedom and privacy are ubiquitous and easy to use we have already lost the fight.

We will review examples of what we are doing wrong, show some examples of what we are doing right, and perhaps plot a path towards a brighter future.

Caleb Gross

We often hear about the risks of S3 buckets that are accidentally made publicly readable (leaked spreadsheets, source code), but what happens when you can also write to those buckets? Sure, you could deface the occasional static site, but let’s think bigger. Why not treat those buckets as free infrastructure and build your own backup service? Hold on, you say—that’s probably unreliable, right? Won’t admins simply delete our files upon discovering them? Perhaps we can mitigate that by using multiple buckets for redundancy! Hmm, this is starting to sound familiar…

Enter RABID: Redundant Array of Buckets of Independent Data. Think RAID, but instead of disks, we’re using exposed bucket storage. Slice a file into chunks, scatter them across dozens of targets, and replicate just enough times to shrug off cleanup scripts. One bucket vanishes? The other replicas still have your back.

This talk explores how parasitic storage holds up in a truly hostile cloud environment. We’ll outline the core challenges with decentralized storage: placing chunks without central coordination and embedding lightweight metadata pointers for rapid lookup. You’ll see how classic RAID concepts and erasure-coding theory translate (and sometimes break) when “drives” can be deleted at any moment. We’ll also touch on parasitic computing, opportunistic caching, and then bring the conversation back to defenders: bucket policies and automated scanners designed to root out rogue backups before they become a problem.

Whether you’re an admin hardening your cloud perimeter, a blue-teamer justifying investment in continuous audits, or a red-teamer looking to push the limits of misconfiguration exploits, you’ll leave with concrete tactics and a newfound respect for just how RABID cloud storage can get.

Dr. Ang Cui

Tired of spending sleepless nights hunched over a workbench, prodding circuit boards with multimeters and squinting at hex dumps until your eyes bleed? Those days are behind you! We’re giving hardware reverse engineering a robotic makeover: it’s much more satisfying to probe when you’re not doing it by hand. 

We’ve built a human-on-the-loop hardware reverse engineering robot that pokes, prods, and interrogates embedded devices with the relentless enthusiasm of a caffeinated security researcher. Our robot doesn’t need coffee breaks, doesn’t get tired or frustrated; it just keeps doing its thing, transforming the bespoke (read: painfully slow) process of hardware RE into an automated, scalable operation. The robot can interrogate gadgets to reveal their deepest, darkest secrets: scanning PCBs, identifying components, and extracting firmware, all with mechanical precision. 

We’ll conduct a live demonstration of how this works and discuss how we’re utilizing it to enhance our hardware hacking capabilities.

Mark Griffin

Time-Traveling Debugging (TTD) is so much more than just adding an undo button to your normal debugger, but without the appropriate tools and mindset, we risk approaching TTD thinking like Marty McFly instead of a four-dimensional super-alien.

This talk will focus on unlocking the true power of TTD through scripting and clarifying visuals. We’ll start by giving a brief technical foundation of what TTD really is and how it works, what the tooling is available on different platforms, and the basics of how you can get started experimenting with it.

Then we’ll move on to the meat of the talk: sharing some of the power user workflows and tools that help us wrap our heads around the capabilities of TTD. We’ll dive into some of our favorite visuals that can help us understand what’s going on when debugging, giving us liberation instead of feeling like we’re stuck building a ship in a bottle with standard debugging tools. We’ll also show how little improvements really add up in terms of ergonomics and speed when debugging or reversing code, and spending a little extra time scripting or getting to know one’s tools can really pay off.

But we’ll also share the downsides and hardships of a potential time-traveler: the platform-specific nonsense, inconvenient APIs and workflows, and the difficulty having to script and debug our own tools… but by the end of the talk we’ll see the beginnings of tooling that can help us understand code like a planeswalker, saving our time, even if it can’t save our timeline.