SquareX at Hacker Summer Camp: DEF CON 32 Day 2

Recording new podcast episodes and speaking at Adversary Village

Day 2 of DEF CON 32 kicked off just like the previous day — with a hearty breakfast and a sense of anticipation as we headed to the Las Vegas Convention Center.

Today’s agenda was clear: we had a lineup of guests for which to record new episodes for the Be Fearless Podcast, and our founder Vivek Ramachandran and Principal Software Engineer Shourya would be speaking at Adversary Village.

Sharing Our Research at Adversary Village

SquareX had the honor of taking the first slot at Adversary Village with our talk, Sneaky Extensions: The MV3 Escape Artists, scheduled for 10 AM. After a quick sync-up and sound check, Vivek and Shourya took the stage to deliver a highly technical and eye-opening presentation on Chrome’s new Manifest V3 (MV3) and how bad actors could still bypass its security restrictions.

The talk highlighted how even with the security enhancements in MV3, malicious Chrome extensions with minimal permissions can still bypass these restrictions to compromise users and steal sensitive information. Vivek and Shourya also demonstrated specific scenarios, such as how a malicious extension could steal master passwords from password managers or record a live Google Meet call without the user’s knowledge.

The takeaway was clear: even with minimal permissions, Chrome extensions can pose significant risks, and users should only use extensions from trusted sources.

Setting Up Our Pop-Up Podcast Booth

While Vivek and Shourya were busy at Adversary Village, the rest of the SquareX team was hard at work setting up our pop-up podcast booth. Throughout the day, we had the privilege of hosting an impressive lineup of guests for our Be Fearless Podcast, each bringing their own unique perspectives and experiences in the cybersecurity field.

Our guests included:

1. Aseem Jakhar, Nullcon/hardwear.io
2. Fred Heiding, Harvard University
3. Michael Kouremetis, MITRE
4. Nikhil Mittal, Altered Security
5. Mohit Tiwari, Symmetry Systems
6. Nathan Hamiel, Kudelski Security
7. Jayesh Singh Chauhan, Cloud Village
8. Jeff Moss, Founder of DEF CON & Black Hat
9. Nikhil Shrivastava, BSides Ahmedabad
10. Sudhanshu Chauhan, Recon Village

Each conversation was not only insightful but also deeply inspiring as our guests shared their cybersecurity journeys, research interests, and the challenges they face in the industry. These interviews will soon be available in full episodes, so stay tuned!

We were also thrilled to reconnect with other associates and friends during the day. Hackemate, a popular Peruvian YouTuber with whom we’ve previously collaborated, stopped by, as did Sean Kalinich of DecryptedTech. Sean took the opportunity to interview Vivek about the Last Mile Reassembly Attacks that were discussed during our main stage talk the previous day.

Wrapping Up Day 2

With so much activity packed into the day, time flew by, and before we knew it, Day 2 of DEF CON 32 had come to an end. To wrap up, the team headed out for a well-deserved dinner to recharge our batteries.

Overall, Day 2 of DEF CON 32 was a fantastic blend of fascinating podcast interviews, technical discussion and networking. We’re going to be at DEF CON for its final day tomorrow, so be sure to catch us at Level 1, Hall 3, Booth 3!

SquareX at Hacker Summer Camp: DEF CON 32 Day 2 was originally published in SquareX Labs on Medium, where people are continuing the conversation by highlighting and responding to this story.

*** This is a Security Bloggers Network syndicated blog from SquareX Labs - Medium authored by SquareX. Read the original post at: https://labs.sqrx.com/squarex-at-hacker-summer-camp-def-con-32-day-1-77a267c11842?source=rss----f5a55541436d---4