Going to DEFCON? See my talk, "We are currently clean on OPSEC": The Signalgate Saga

Hacker Summer camp is upon us. If you're going to DEFCON, make sure to check out my talk! It's Saturday at 4pm. Here are the details:

"We are currently clean on OPSEC": The Signalgate Saga

Saturday at 16:00 in LVCC - L1 - EHW3 - Track 5
45 minutes

In March, former national security advisor Mike Waltz accidentally invited a journalist into his war crimes Signal group with other senior Trump officials. “We are currently clean on OPSEC,” secretary of defense Pete Hegseth posted to the group. In May, Waltz was photographed clandestinely checking his Signal messages under the table during a cabinet meeting.

Only it turns out, Waltz was actually using a knock-off of Signal called TM SGNL. Immediately after that, TeleMessage (the company that makes TM SNGL) was hacked, and the hacker was able to access plaintext Signal messages. It was then hacked again, and the second hacker exfiltrated hundreds of gigabytes of data before TeleMessage took its service offline.

This talk is about the entire Signalgate saga: the journalist getting invited to the Signal group; Trump officials lying to Congress; the history of TeleMessage, which was founded by a former Israeli spook; an analysis of the TM SGNL source code that proves the company lied about supporting end-to-end encryption; the trivial exploit that was used to extract data from TeleMessage’s archive server; and an analysis of hundreds of gigabytes of memory dumps full of chat logs from TeleMessage customers.

Hacks, Leaks, and Revelations: The Art of Analyzing Hacked and Leaked Data book signing

A lot of my talk is about how I analyzed a large cache of hacked data. I wrote a book about this exact topic and on Sunday at 11am I'll be doing a book signing! (It will be at LLC -L1 - Exhibit Hall West 4 - V301 Book Signings.)

Come say hi and get a signed copy of my book!