Featured

NFC LED Nails: VanitySec’s Interview with Baybe Doll

Featured / Snow

This week we were lucky enough to chat with Emily (Baybe Doll), who’s known for her bad ass NFC LED Nails.

Tells us about yourself

My name is Emily Mitchell, I go by the names Baybe Doll and N3x7. I am the COO of Terahash / Sagitta HPC, which develops state-of-the-art turnkey password recovery solutions, as well as the Co-Founder & CEO of the security consulting firm Haspanda. I also participate in a few bug bounty programs, own a real estate investment business, and a liquor distribution business. My primary interests are penetration testing, password cracking, NFC/RFID, and of course, fashion. I give back to the community by volunteering at several infosec conferences (SOC Goon at DEF CON, Senior Staff at Security B-Sides Las Vegas, and NCCDC), and a part of Austin Hackers Association (AHA.) I also have a rather large and impressive orchid collection!

What gave you the inspiration to create NFC nails?

I started off with cutting up old motherboards and PCI cards and placing the components on my nails by embeddeding them in acrylic, so that my nails looked like circuit boards. Then I decided I wanted to try to use functional hardware and have actual circuits on my nails. I started with the LEDs, and that quickly fueled the desire for other NFC & RFID chips as well. It’s similar to the bioglass RFID tags that people have been implanting under their skin, except my NFC nails have much higher utility: I can have up to 10 different NFC tags on my hands at any given time, there are far more chip options available, and they are quick and easy to change out. Today I might have 2x NTAG 213 and 2x Mifare Ultralight, tomorrow I might want 2x NTAG 216, 2x Mifare Classic 1K, a DESfire EV1, and a Proxmark 3 tag. It’s a lot easier to remove an acrylic nail than it is to cut your hand open.

Can you explain how they work?

The NFC LED nails have a small antenna tuned to 13.56 Mhz, which passively collects energy from NFC readers to power a small LED light. Some NFC readers emit a pulsing frequency, which will cause the LED to blink. Others are constantly transmitting, which will cause the LED to steadily glow. The nails with actual NFC & RFID tags in them rather than LEDs are tiny NFC/RFID chips (NTAG 213, NTAG 216, Mifare Classic, Mifare Ultralight) embedded in acrylic. The LEDs are useful for identifying where NFC readers are present, as well as which frequency they are transmitting on. The tags themselves have a plethora of uses, of course: authentication, identification, cryptography, payment applications, covert data exfiltration, state sponsored nfc attacks, malware, covert Nintendo Amiibo on my thumb — practically any NFC/RFID application, right at my (literal) fingertips.

Any fun tricks to show them off?

YES!
– 
– 
– 
– 
– 
– 
– 
– 
– 
– 

Do you see yourself doing anything next in Fashion + Tech?

I recently built and NFC-powered tiara (albeit more of a crown than a tiara, because queens don’t wear tiaras) which won first place in the Diana Initiative tiara hacking competition. The crown features an Arduino with a PN532 NFC reader and a small TFT LCD display. The LCD displays the Austin Hackers logo when idle, and displays the contents of one of the NFC chips in my nails when it is touched. My fingertips also glow when I place the crown on my head thanks to the NFC LED nails.

–  I’m working on a Version 2.0 of the crown for next year’s conference. Beyond that, I certainly do have other future plans, but they are a secret! 🙂

Huge thanks to Emily for sharing her story with us!  Check her out on Twitter @Baybe_Doll

Featured

Welcome to VanitySec

Featured / malwareunicorn / Leave a comment

Many of the fashionistas in the InfoSec industry has come together on VanitySec to provide both fashion, beauty, and infosec content that appeals to other fashionistas. Enjoy.

Blinging Your DefCon 27 Badge

/ wendyck
It’s the start of DefCon 27, which means that hackers are figuring out how to wear the official DefCon badge. This year’s badge has been much easier to wear than the famous record of DefCon 23, but many attendees have found ways to wear it beyond just the standard lanyard attachment. Here are some great versions we’ve seen so far- if you have a creative way you’ve set up your badge, please send them to us at VanitySec!

An improvised bolo tie:

https://platform.twitter.com/widgets.js

And here’s the wrist watch variation:

https://platform.twitter.com/widgets.js

And a bedazzled badge!

https://platform.twitter.com/widgets.js

2018 Winter Cosmetic Picks – Lesley

/ hacks4pancakes

Hello, lovely hackers and hacker adjacents! It’s the dead of winter here in Chicago – the absolute best time to counteract winter blues and chills by feeling great in your skin. Even if you’re fortunate to live somewhere blissfully warm during the winter months, these products will lift your spirits and feed your skin on even the shortest days.

#1 – Lush Body Conditioner – LushUSA.com

Battling dry skin in harsh winter weather? Is lotion alone just not cutting it? Consider a new approach – natural skin conditioners by Lush. Applied similarly to hair conditioner, you apply these lotion-consistency creams in the shower, then rinse off and pat dry. Available in a variety of scents, they’re a super easy, low maintenance fix that will leave you feeling moisturized but not greasy, all day. We love a good skin care hack!

#2 & #3 – Fenty Beauty Foundation and Pro Filt’r Primer – fentybeauty.com

Okay, so I have to confess I’ve absolutely fallen in love with Rihanna’s new makeup line, Fenty Beauty. Fenty has made a name for it’s immense range of shades which fit nearly any skin tone. It’s no joke, and absolutely fantastic. As a pallid NW15,  I have a really hard time finding foundations in a warm or neutral tone that are pale enough to match my ‘monitor tan’. I was stunned to discover that the lightest Fenty shade, 100, was significantly too pale for me. I actually ended up being a balmy shade 120.

The foundation itself provides flawless, soft matte coverage using only a couple pumps. It feels light, and I’ve had no problems with creasing. The matching Pro Filt’r primer is also utterly fantastic with foundation or by itself, and one of my empties for December. I highly recommend testing these products in person at Sephora to find a great shade match for you.

#4 – Neutrogena Hydro Boost Water Gel – neutrogena.com

I was heartbroken when Target decided to stop carrying AmorePacific’s Laneige skin care products. South Korean beauty products have a reputation for being ahead of the curve scientifically and performance-wise, and the Laneige Water Gel was affordable and pretty ideal for dealing with dry, thirsty winter skin. So, in a pinch, I had to find an alternative product that was affordable and on shelves. I wanted something non-greasy with lots of hydration, with similar olive oil components. I could not be more pleased with Neutrogena’s new hyaluronic acid “Hydro Boost” line – specifically their water gel facial moisturizer. It’s light enough to wear under makeup, and moisturizing enough to put on before bed. The best part – the whole line is quite affordable and available at most drug stores!

[The only product in the Hydro Boost line I’ve been a little disappointed with is the day cream with SPF, which doesn’t seem to hold up through the day to me.]

#5 – Body Shop ‘Oils of Life‘ Revitalizing Facial Oil – thebodyshop.com

So, tried everything else, and your face or lips are still impossibly chapped? ‘Oils of Life’ from Body Shop is my last ditch suggestion before you see a dermatologist. A bit pricey for retail skin care at $55 for 1.7oz, I recommend testing this product in store before shelling out. For me, it is a miracle fix. Applied daily, it’s the only thing that keeps my skin from peeling after a bad sunburn or windburn in the wintertime. It’s lightweight and great for sensitive skin – I’ve had no problems with breakouts despite it being comprised primarily of seed oils.

(Neither I, nor VanitySec received any compensation or products in exchange for these reviews.)

Hot Geek Makeup for Cool Fall Con Parties

/ hacks4pancakes

Summer’s almost over, but that means hacking con season! From DerbyCon in Louisville to GrrCON in Grand Rapids, we can’t wait to see hackers showing off all their unique personal styles. Still looking for ideas? No problem! We tested out some unique, fun, and flashy products from some of the top ‘geek themed’ cosmetics brands, and hand-picked three foolproof color palettes to get you started.

Look One: Ergo Proxy

File_000(1)
The Basics: Teal to purple ombre.
Great For: Glaring diabolically from the recesses of a really good hoodie. Anime cons.
We Used:
Shiro Cosmetics – Eyeshadow in “A Fell Voice on Air” ($1.00–$6.50)
Impulse Cosmetics – Eyeshadow in “Ritual” ($3.99)
Geek Chic Cosmetics – Eyeshadow in “Krampus” ($5.99)

With a little help from:
Makeup Forever – Aqua Liner in Turquoise ($23)
File_000(2)We Learned:
All the Impulse Cosmetics shadows we tried were really pigmented. Any loose shadow requires good brushes, something to stick to, and patience, but “Ritual” went on reliably in 2 coats with a little Urban Decay primer on the lid, which is better than we could have hoped.

Geek Chic’s “Krampus” didn’t look the same under any light source we had to the photo on their site – it seems quite a bit darker than the advertised teal – nearly black. The hue was spot on, though, so we loved it for a crease color for the lighter “A Fell Voice on Air” by Shiro. It’s always good to remember to just try indie cosmetic products in person to see what works for you under your lighting. None of the shadows we used were prohibitively expensive.

A black liner on the upper lid just didn’t do this look justice, so we grabbed a Makeup Forever teal liquid liner that I already had.

When creating this look, finish the eyeshadow before anything else, because you will make a mess. Blend the magenta shadow a bit farther out than a normal smoky eye. This can take a few tries – it’s very different than creating a clean cat eye. Ensure you use a small brush to line under the eye with the same shadow and blend lightly using your ring finger or a blending sponge, while still avoiding coloring the lower inner corner about 1/4 of the way. The teal colors should be applied about half way up the eyelid.

A little dab of white shadow highlight on the inner eye corner can add a lot to a dramatic look like this.


Look Two: Seriously, Don’t Call It Cyber!

File_001(2)
The Basics: 90’s cyberpunk, with bold metallics.
Great For: The Paul Oakenfold concert at Derbycon.
We Used:
Geek Chic Cosmetics – Eyeshadow in “Totality” ($5.99)
Aromaleigh – Eyeshadow in “Coronilla” ($3.50)
Impulse Cosmetics – Glitter in “Allure” ($3.99)
Shiro Cosmetics – Eyeshadow in “Corona” ($6.50)
Geek Chic Cosmetics – Bronzer in “Perfidious Pyrite” ($10.99)
Makeup Monsters – Highlighter in “Zenith” ($14.00)

With a little help from:
MAC – Paint Pot in Dream Scene ($22)
File_000.jpeg
We Learned: Our first attempts to get an Aromaleigh shadow to stick to my eyelid (or literally anything) failed miserably. Out of all the shadows we used, these were the loveliest, shimmery colors in the jar, but the hardest to apply. After trying a few cream shadows and eyelid primers, we found a MAC cream shadow held the powder the best.

Makeup Monsters highlighter in Zenith turned out to be great for way more than facial contouring. It also makes a great under-eye and corner eye highlighter and an decent base to build up powder highlighter for a more dramatic contouring look (which was exactly what this look called for). Both techniques were used in our example look. Zenith was our favorite face product we reviewed this month.

Zenith (Ethereal) Illusive Lights Highlighter

Our Face Product Pick of the Month: “Zenith” Cream Illusive Lights Highlighter – $14.00, Makeup Monsters, makeupmonsters.net

The Impulse cosmetic glitter will stick to a cream shadow okay, but the best bet is probably to use cosmetic glue for a large quantity. They sell a reasonably priced one. Aside from the usual mess that glitter involves, it was really fun to work with, comes in some amazing shades, and definitely adds shimmer under light that photos don’t do justice.

This set of colors could be used on somebody of any skin tone with a bit of reorganization. Golds are a great choice for anybody with a neutral or warm skin tone. Our look consists of a base of the MAC silver paint pot on the lid, shading to (covered in) Coronilla, then a little Corona as our outer lid and crease color. Totality was used for small highlights. We then added a sparkling of gold glitter and did dramatic, shiny contouring.

We ordered a few gold and silver lip products for this look and none did it adequate justice. We used our silver MAC paint pot instead with a small amount of gold glitter. If you choose something more “everyday”, ensure it’s neutral pale pink, a tan, or beige.


Look Three: Would You Like To Play a Game?

File_000(4)
The Basics: Violet and gold smoky eye.
Great For: An easy switch from day to night – just add bold lipstick. Purples compliment brown eyes really well.
We Used:
Shiro Cosmetics – Eyeshadow in “Corona” ($6.50)
Geek Chic Cosmetics – Eyeshadow in “Our Greatest General” ($5.99)
Geek Chic Cosmetics – Eyeshadow in “Totality” ($5.99)
Geek Chic Cosmetics – Bronzer in “Perfidious Pyrite” ($10.99)

With a little help from:
MAC – Lipstick in “Kling It On” (Star Trek Collection – Discontinued)
Urban Decay – Razor Sharp Liner in “Retrograde” ($22)File_000(3)We Learned:
We tried a number of great purple shadows when tweaking this look. In the end, we went with amethyst shades that complimented Geek Chic’s bright gold “Totality” shadow that we used for our lid base.

A few of the shadows we tried this month were from various “Eclipse” collections. Although Shiro’s color of the month set has two shades, “Umbra” and “Corona”, we decided that Geek Chic’s gold “Totality” was way more complimentary to the red-violet “Corona” as a set.  “Umbra” is a very pretty sparkly dark shade, but we would definitely pair it was a light blue or gold on it’s own. We used a little “Our Greatest General” on the under eye and as an intermediate color. It’s a great violet with gold flakes, and our top pick this month as a standalone buy for anybody with brown eyes.

You may have noticed we used “Totality” in two of our looks. It’s really one of the most solid light gold shadows with intense sheen we’ve come across in a while and is very versatile as a corner or lid color. It also sticks extremely well. I’m a super pale NW15, and we suspect this shadow might be even more flattering on somebody with a darker warm skin tone. Totality is our “must have” shadow this month, overall.

Once again, black or brown liner just didn’t accent the shades we selected properly, so we ended up grabbing a dark purple Urban Decay liquid liner. A lipstick in a matching hue finishes the look.

Our Pick of the Month, overall, “Totality” Loose Shadow – $5.99, Geek Chic Cosmetics, geekchiccosmetics.com (Left)  and our Pick of the Month for dark eyes: “Our Greatest General” Loose Shadow – $5.99, Geek Chic Cosmetics, geekchiccosmetics.com (Right)

 

 

 

 

Magnetic Lashes for the Degaussing Diva in Your Life

/ mzbat

Ok, so magnetic lashes won’t really degauss a hard drive but they’re a pretty nice alternative for folks allergic to latex (the bonding agent found in most eyelash glues).

I recently ordered a couple of sets of magnetic lashes and here’s what I discovered:

Although brands may vary by shape, fullness, quality, and color, lash application is the same across the board. For each eye, there are 2 sets of lashes – both with tiny magnets at the base – and the magnets meet at the eyelid, sandwiching your natural lashes in between. Removal should be handled with care, gently sliding the magnetic lashes off the natural lash without applying pressure that could cause the natural lash to fall out. Overall, removal of magnetic lashes (at least in my case) was easier than glued lashes.

The lashes I ordered are about as subtle as most natural-looking lashes available at beauty supply stores, but are only half as wide. This is a probably a logistical issue: wider lashes would require more magnets and increase difficulty of application. There may be more options available than the products I tried, but I didn’t find any lashes that yielded dramatic results. Of the lashes in my test group, none would be pageant or performance worthy.

One Two Lashes are, by far, the priciest lashes I tried. The quality is outstanding, but I’d highly recommend ordering a cheaper lash set to see if you can tolerate the weight and application before committing to an expensive set. I definitely want to try out their Bold Lash set in the near future to see if they offer a more dramatic look than the Original Lash I tried.

bold

Speaking of cheaper lashes, I ordered this set from Amazon but there’s no name brand anywhere on the packaging. They do the trick and come with 2 full sets, so you don’t have to worry if you mess up a lash while practicing application. They’re a little fragile, so be careful when you separate the lashes from the packaging. The manufacturer used a stronger glue in the display compact than they should have.

amazon

Alright, so just how difficult is it to apply magnetic lashes? I won’t lie; I had a tough time with my first few applications. I watched an application video one of the vendors posted, and the model held the bottom magnetic lash in place while placing the top lash. Maybe I’m not coordinated enough, but this method didn’t work for me. I was dropping lashes, poking myself in the eye, and generally just having a bad time. I found it much easier to curl my natural lash, rest the first magnetic lash on top of my natural lash, then place the bottom magnetic lash. Once I started with the top lash, I nailed the application about 80% of the time on the first try.

Overall, I like the look of magnetic lashes. They’re subtle, but my lashes definitely look fuller. They feel a little heavier than the glued lashes I’m used to, but some of that probably comes from knowing I’m wearing magnets on my eyelids. Once I got the hang of it, application was, hands down, faster than gluing lashes – and I’m a pro at gluing lashes. That said, it’s nice to have a new tool in my makeup kit that quickly plumps my lashes without mascara or glue.

Disclaimer: I have absolutely no idea what the long term effects of wearing tiny magnets near your eyeballs are. I wouldn’t suggest wearing for more than a few hours at a time, and maybe limit use to special occasions until more data becomes available. Deploy at your own risk.

Physical Pentest Wearables: Picks and Keys

/ Snow

Lock picks never go out of style. This article will provide options whether you want to look stylish or keep your tools concealed.

#1 Handcuff Earrings

WearableLP1.png

#2 Uncuff link (see what they did there?)

WearableLP4

#3 Angle Wing Shim Earrings

WearableLP3

#4 Hidden Handcuff Key Clasp

WearableLP2

Works great with paracord bracelets (as seen below in action shots)

#5 Escape Bracelet

WearableLP5

This gummy bracelet can fit up to a 10” wrist but can be cut down to fit any size wrist, including child size wrists.

#6 Collar Stay Picks (coming soon)

WearableLP6

Keep an eye on Colin Jackson’s Twitter account (@d1dymu5) for when these bad boys will be released on Kickstarter.

#7 Clothing Clip

WearableLP7

#8 Escape Ring

WearableLP8

#9 Bootlace Handcuff Key

WearableLP9

#10 Lockpick Earrings

WearableLP10.png

#11 Hidden Bogotas

WearableLP14

#12 Patch with a hidden secret 

WearableLP15

#13 Zipper-Pull Covert Handcuff Key

WearableLP16

#14 Acid etched stainless steel chandelier lock pick earrings

WearableLP17

#15 Bracelet Wallet

WearableLP18

Action shots

(click the image to see which hacker it is):

WearableLP11

WearableLP12

WearableLP19

WearableLP13

WearableLP20

WearableLP21

Special thanks to all the awesome hackers who gave their input for this article: @darksim905, @JimyLongs, @SynapticRewrite, @dontlook, @nite0wl, @d1dymu5, @deviantollam, @Cannibal, @hacks4pancakes , and @3ncr1pt3d

What to Wear When You Don’t Know What to Wear

/ limbagoa

 

Do you have a big presentation or meeting coming up? Figuring out what to wear in infosec can actually be quite the challenge. For some of us, the stress on what to wear may even outweigh our concerns over our research or presentation (which we know is rock solid!). We want to be taken seriously, and unfortunately we still exist in a world where how we dress can undermine the content of what we say and how others perceive us.  Most guidance I’ve received tends to focus on what not to wear: never wear a skirt; always wear my hair back; don’t wear high heels; only wear neutral nail polish. It has taken me years to push aside the range of guidance that would have me dress like a man, while also recognizing the different nuances that do matter.

In many cases, the distinctions come down to differences in academic, government, or security industry settings, each of which have extremely different workplace cultures that influence the proper attire. It’s impossible to cover them all, but if suddenly you find yourself entering unknown territory for a conference, job talk, or interview, here are some quick tips for maintaining your own personality and style while respecting the unique characteristics of these settings.

Academia

During the day-to-day of the school year, almost anything goes for academics. Where academia becomes tricky is if you’re making a first impression. For a job interview, you should be one of the best dressed in the room. That may feel awkward, but in reality it gives you power. It signals your expertise, and that you are serious about the position. This doesn’t mean you need to go full-out boring, or dark and formal, but more so your favorite suit would be a better choice than your favorite jeans. The jeans are fine once you have the position, but generally aren’t appropriate for a job interview.

Unlike the job talk, academic conferences don’t necessarily require the suit, but for the presentation itself, it again is better to err on the side of dressing up. Choose a dress, or pants or skirt and fitted jacket, which is what I chose (pic below) at a recent conference The outfit should not be overly formal or stuffy, as that can be perceived as infringing on the academic pursuit of knowledge, but you still need to emit a professional vibe. When you’re not giving the presentation, it’s generally fine to network and attend talks in more casual leggings or jeans, dressed up with a blouse or jacket.

what-to-wear_image3

Finally, if you are visiting a school to talk to students, and are representing your company or the infosec community, it can get a little tricky. The classrooms are casual, but at the same time, you still want to look put together and not get confused with the student who just rolled out of bed. Company shirts or sweatshirts are acceptable in these situations, but try to pair them with nicer jeans and flats.

Government

Almost a year ago, The Atlantic wrote a great style guide on what to wear when working for the federal government – but it was all from a male’s perspective. I could easily have used something similar years ago. The government is not monolithic, and the environments vary depending on federal, state, or local levels as well as departments. Since I know the national security apparatus best, I’ll focus on that. The Pentagon floors can be a challenge for heels (especially the ramps!), but it doesn’t mean it’s impossible. You’ll be in meetings with everyone from four star generals to contractors to civilians, each of which brings a range of styles. Generally, a suit is most appropriate in these situations, and you can then personalize it with various accessories and colors (Olivia Pope’s style is a good case in point, or check out these ‘cyber warriors’ for a range of ideas). As in all situations, don’t shy away from your individual style, but remember that most of these organizations likely have a dress code, and you should respect that.

However, context and purpose matter and should guide your fashion decisions for government outings.  If you’ll be in day-long meetings, or running an all-nighter training exercise, comfort may be the most important factor, but do still keep it professional.  Interestingly enough, the farther you get from DC, the more these quick rules of thumb change, especially OCONUS. I had meetings in Hawaii, where most of my colleagues wore their favorite Hawaiian shirt and khakis. Conversely, a trip to the Ministry of Defence in London required more formal attire. Basically, geography has a strong influence on what to wear in the government sector. To see how govvies dress at cons, check out the picture below for this year’s Meet the Fed panel at DEFCON, where women comprised 75% of panel! In general, when speaking at government conferences – whether in Tampa or Dayton or Newport – business casual is often a safe bet. And if you’re making an appearance on the Hill, step it up a notch further for business conservative, but be sure to maintain individuality among the sea of dark suits.

what-to-wear_image1

The Security Cons & Tech Meetings

As in the other situations, geography and attendees guide what to wear at these conferences. For the security cons, each has its own unique characteristics. For instance, the BSides conferences (such as the picture below, my  colleague Amanda Rousseau) tend to attract practitioners, so this is the place for anything edgy that you love or you can never go wrong with your nerdiest infosec shirt and jeans. On the other end of the spectrum, if you’re representing your company at a talk at RSA, this is a much more corporate environment. Business casual is a good rule of thumb, but if you have a suit that you love and nowhere to wear it, RSA could be the place for it. For any of these, I personally would add shorts into the section of what not to wear if you are giving a talk. I’ve seen this before, and it quite frankly seemed like the speaker was prepping for a barbecue, not a tech talk. Similarly, other than RSA, unless you want to throw off the ‘spot the Fed’ game, you can keep your suits at home.

what-to-wear_image2

This is generally relevant advice for meetings in the tech industry as well. I had a friend with an academic/military background who had a security meeting in Silicon Valley. She was surprised when I recommended she wear jeans, which could still be dressed up with a blazer and heels. When she returned, she was thankful for that advice. In some situations, wearing a formal suit is actually a distraction.

In general, there is one consistency across all of these environments – they tend to be overly generous in the use of air conditioning. If you’ll be sitting all day, bring a hoodie, jacket, pashmina, or whatever extra layers you need so you don’t have to constantly run outside to warm up.

I refuse to accept the assumptions that unless I abandon my own identity, my research, presentations and publications will not be taken seriously. At the same time, it is essential to take into account geographies and settings and their nuances. The key is to absolutely remain true to your own style, while respecting the unique characteristics in each of these environments. Most importantly, prep your favorite circuit board nails and get ready to rock the outfit that empowers you.

We Are Not What We Wear

/ CyberPathogens

Within the InfoSec community, we have numerous diverse positions. Some that require formal business attire on a daily basis. Several that only necessitate this form of dress when we are client facing. Still yet, with others it is never relevant what we wear outside of the hiring process. Our outward appearance for professions are based upon the established dress code, be it official or simply a social expectation dictated by the definition of the situation. When we move towards styles chosen for conference attendance, we get to see the preferred manner of dress. We see largely three camps, when it comes to these gatherings; the Casuals, the Suits and the Adaptive. In public settings, the deviant manifestation is that which clashes with the set norm. However, during conferences we have two sets of social norms, each with interesting clashes. I should note here, that in this context, I am only considering the manageable fashion; style of dress, hair, makeup, accessories. This does not consider the range of appearance that an individual has no control of; skin color, deformities, gender, attractiveness and so on.

Our superficial style communicates for us long before we ever articulate statements in a conversation. It has long been used as an external technique of establishing in-group members; even when they are a stranger to us. This likewise, influences the definition of the situation regarding how others carry themselves and interact with us. When the other person does not verbalize their acceptance, we must gauge what they perceive. When we enter a new situation with others this is the only choice the individual has.

I feel the need to define the Casuals, as many within this camp can be extravagant in their appearance as well. This includes everything from the jeans and tee-shirts types to those donning vibrant hair, costumes and so on. The “comfort is key” crowd all the way to the “let your freak-flag fly” crowd and those in between. Absent the typical hacker personification of the black hoodie, these are the types often imagined when outsiders hear the word “hacker.”

Due to the diverse nature of this category, those within it are often adept in dealing with the negative interactions in traditional societal settings. The jeans and tee-shirts types tend to blend more in conventional society, as this is considered norm for the “working class.” The more extravagant personas often have a more challenging time in customary social settings as they are deviating from the set norm. Those in this subcategory are often met with reactions ranging from glares to mocking to physical violence, based solely on their appearance. The more one deviates from the cultural norm of fashion, the harsher the reactions become. All within this category will be determined to be middle class or below by out-group members regardless of what their income may be.  The jeans and tee-shirts are often regarded as more approachable while the more extravagant types are more likely to be avoided by society’s “normal.”

During conferences, the Casuals regardless of where on the spectrum they lay, are considered approachable and are inclined to feel more accepted in the setting. Interestingly, in many cases the Suits will view this group as more of the hobbyists than professionals. Others that are not conference attendees yet, share the space through coincidence will react as they would in any other setting, though are often shocked by the sheer number of this type.

The Suits require less definition than the previous. It would be business or formal attire. In traditional public settings, this group would be viewed as middle-upper to upper class citizens and treated as such. In day to day lives they are afforded a higher level of respect than others. Often, their outward appearance dictates an interpretation of them being an “important” person and presumed to be constantly “busy.” These are more likely to be approached less in a common setting as others will interpret themselves as lesser than the Suits. An exception is that this group is more likely to be approached by homeless as they will be viewed as having the means to give freely.

A curious shift is seen during conference attendance as The Suits are often viewed rather harshly. They can frequently be seen as “sell-outs,” viewed as less approachable and are often targets during “spot the Fed.” However, this group blends more easily with the coincidental others in the conference areas. More than likely not being associated with the conference itself. The external style of this group does not make them any less of a hacker than the next, but it is often interpreted as such. The Suits are also regarded as “intimidating” by the Casuals, even when they do not openly admit it.

As one example, I look back to my first Defcon. I had brought a fabulous dress and had intended on going full glam. However, I was advised against doing this as it would make the others feel uncomfortable. That Defcon, I heeded the advice and remained in my casual attire for the duration. Though, that eventually changed and I opt for semi-glam at the more recent events, there were some noticeable reactions but nothing too unreasonable. I do however, see the common social avoidance and hear the whispers about being a groupie (regardless of the glammed person’s actual technical abilities) or other equally pejorative comments. This cattiness derived from our own insecurities is something that we need to work on.

While anyone can change their outward appearance by simply changing their clothes, hair, and accessories; many fail to be comfortable with that switch. This discomfort becomes painfully obvious to others. Of course, this is not to say that the individual does not make minor adjustments to become more accepted, they just cannot “sell” the persona that they are attempting to externally exhibit. Those successful in their switch go unnoticed between the two groups, these chameleons are the Adaptive. This is well practiced among the social engineers within InfoSec and known as part of their pretext. Given, this is simply one element of “playing the part.” This is a concept that the Adaptive understand, be it naturally or through conditioning. This group easily transitions between the two, experiencing aspects of the positives and negatives associated with both the Casuals and the Suits. However, they choose to be viewed in either way. They are acknowledging the perceived view of the other, internalizing it and then accepting or rejecting it.

Humans, in general, place a dangerous amount of judgment on the outward appearance. When you consider the fundamental aspects of preconceived beliefs and prejudices’ that every person in society carries with them, you start to place more weight on those types of decisions. This aspect is how we react to each other’s attendance based on superficial appearance. Our community houses some of the most intelligent individuals, they just may not wear what you would expect them to. How can we keep it balanced so that we draw some information from the visible; but the majority from the inner being? Whether they are rocking their favorite hacker tee, their best Louis Vuitton or just some cat ears; try to see them for who they are, not what they are wearing.  Whether we are entirely casual or full glam we should be accepting of each other. We need to curb our own biases on how a hacker should look. The media does that enough for us. At the end of the day, we are all just naked. There are no in-group markers, no out-group shaming, just…us.

Statement Shoes for Walking the Con

/ code_in_heels

The Shoe Game at cons is a BIG deal, which I have experienced through my @DefconHeels account. The con kicks of DC 25 were very impressive. Most of us keep our best shoes for the evening events. And it makes sense, you won’t stand the track line in 5-inch Louboutin heels. You can still turn the hallways into your runway by becoming a glam sneakerhead. Here are a few ideas how to make a statement while walking the con.

Leather and Feminine

Roger Vivier Sneaky Lolita Pearly Bow Sneaker

roger_v

Gucci Embroidered High-Top

gicci

Hype your socks

Ferragamo Sneaker with Wave Sole

ferragamo

Balenciaga Speed Trainer (Extreme Hype Alert)

balenciaga

Over-the-knee heat

Rick Owens Over-the-Knee boots

rickow

Sidewalk Lace-Up Denim Sandals

demin

Big Brother is watching

Pierre Hardy Ballet Flats

pierre

Fendi Moster Slip-Ons

fendi

Get the most out of the cons without sacrificing your style.

Travel in Style | Accessorize Securely

/ aniikagjesvold

Whether you’re flying to a security conference, or finally taking a much needed getaway. Here’s a list of the top accessories to fly it safe.

TravelEssentialsLarge

  1. Luggage set by Raden (A50 Set) – Sleek, stylish, and secure. Proximity sensors leverage Bluetooth technology. $595+ at Raden.
  2. RFID Blocking Travel Passport Wallet by Zoppen. $12.99; Comes in a wide array of options – Black, Red, Orange, Yellow, 3 Shades of Green, 2 Shades of Blue….the whole rainbow…you can find it here on Amazon. 
  3. Leather organizer called the TECH DOPP KIT 2 by This is Ground. $229.00; Comes in black, French grey, cognac, toffee, and bomber. This Is Ground.
  4. Portable power station to stay online and avoid plugging into any public charging stations. Powerstation XXL 20000 by Mophie. $99.95. ($84.95 on Amazon).
  5. Security keys that provide cryptographic encryption and touch to sign in functions. YubiKey 4 Series. $40.00-$50.00. Yubico.
  6. Vysk phone case that encrypts phone calls, and helps prevent eavesdropping. Incldues a microphone jammer, MITM protection, secure headphone port, and a camera shutter to prevent your phones camera from unauthorized access. $229.00 at Vysk.
  7. VPN client from NordVPN, the only VPN to get all the green checks on PCMag, check out their 2 year deal on their website NordVPN.
  8. Protect your peepers. Ray-Ban Clubmasters, maybe you’re going incognito…maybe you just need sunglasses. Either way these will help you get into stealth mode. Customize them for the ultimate combo of matte black on black. $150.00 at Ray-Ban.
  9. Leather RFID blocking backpack from Access Denied. This backpack is also convertible. $95.95. ($85.95 on Amazon).
  10. Leather RFID blocking unisex passport cover, the black on black made it a top pick. $7.99 on Amazon.
  11. Bitdefender antivirus and security software for your devices. Find the right package for your style on their website.
  12. Tiny Hardware Firewall, Belisarius Model from TP-LINK. Check out the review here on PCMAG. There’s lots of other fun gadgets at TP-Link.com.