BiaSciLab (@BiaSciLab @GirlsWhoHack @SecureOpenVote) is a 13-year-old hacker and maker, as well as an international speaker. She received national attention when she hacked the voting reporting system at Defcon 26. This work was recently highlighted at the U.S. congressional hearing on election security. She is the founder and CEO of Girls Who Hack, an organization focused on teaching girls the skills of hacking so that they can change the future. She has also started Secure Open Vote and is building an end to end election system. BiaSciLab enjoys inventing things, giving talks, and teaching classes on making, programming, and hacking.
Building a Home Lab and Introduction to Web Application Hacking
Getting started in hacking seems like a big task: Where to start? What should I start learning? How can I practice? Join BiaSciLab, C.E.O. of Girls Who Hack for answers to all these questions and get yourself started on your hacking career! This is an intense, hands-on hacking class to get you started with web application hacking. You will learn: setting up a virtual lab, finding, Cross Site Scripting, and more! These hacking skills can be applied in real life. CTFs (Capture the Flag), an entire section of web applications to hack, Bug Bounty... If you are looking to get started in hacking, this is the workshop to attend! While this is aimed at kids, adults are welcome to sign up if space permits.
The Election System - Can We Fix It? Yes, We Can!
As security experts around the world have proven, our voting equipment and infrastructure are very vulnerable to multiple types of attacks. Instead of focusing on problems and broken things, this talk will focus on simple fixes that vendors and governments can put into action right now.
Starting with the machines themselves, then moving through parts of the entire system, BiaSciLab will offer suggestions on how simple practices and changes in thinking and hiring can improve the security of the entire system. At the Defcon 26 r00tz asylium, BiaSciLab was one of the first to hack the mock election reporting system set up by the voting village. Some have pointed out that this was a purposely flawed system designed for the kids to break. However, as outlined in the Mueller report, Russian hackers used the same SQL injection technique to break into an election reporting system. If our systems are so secure, how was this able to happen? Lack of secure coding practices and both peer and outside review. If proper coding review and application testing had happened, this SQL injection vulnerability would have been found and fixed.
Breaking down these flaws and offering real solutions for each one, BiaSciLab will bring hope in the face of this daunting and complex security problem.