PROGRAMM
VERANSTALTUNGSORT
NEWS / PRESSE
HACKING TRAINING
ANMELDUNG
KONTAKT/IMPRESSUM
AGENDA
VORTRÄGE
REFERENTEN
SPECIALS
IT-DEFENSE
 
     
 
VORTRÄGE – IT-DEFENSE 2008
 

RFIDIOts!!! - Hacking RFID without a soldering iron (or a patent attorney) – Adam Laurie
RFID is being embedded in everything... From Passports to Pants. Door Keys to Credit Cards. Mobile Phones to Trash Cans. Pets to People even! For some reason these devices have become the solution to every new problem, and we can't seem to get enough of them...
This talk will look at the underlying technology, what it's being used for, how it works and why it's sometimes a BadIdea(tm) to rely on it for secure applications, and, more worryingly, how this off-the-shelf technology can be used against itself... Software and Hardware tools and techniques will be discussed and demonstrated, and a range of exploits examined in detail.

Exploiting Embedded Systems - The Sequel! – Andy Müller-Maguhn
Der Vortrag möchte aus dem Selbstverständniss von Hackern - unter Abgrenzung anderer Akteure der Angriffsperspektive - die Illusion IT-Sicherheit im Kontext globaler Interessen an Informationsabflüssen und der Manipulierbarkeit von Technologie beleuchten. Neben der Betrachtung einiger technischen Details aus der Kryptowelt und Erfahrungen aus dem Universum der Incidents soll es vor allem um die Frage gehen, auf welchen Annahmen eigentlich realistische Policies im IT-Kontext abgestellt sein sollten.

The Spying Game? – Annie Machon
I would like to give a presentation about the role of intelligence agencies in the current era of the unending “war on terror”, how they monitor us, and the implications for our democracies.
In the name of protecting national security, spy agencies are being given sweeping new powers and resources. Their intelligence has been politicised to build a case for the disastrous war in Iraq, they are failing to stop terrorist attacks, and they continue to collude in illegal acts of internment and torture, euphemistically called “extraordinary rendition”. Most western democracies have already given so many new powers to the spies that we are effectively living in police states. As an informed community, what can we do about this?

1. What it was like to be recruited and work for MI5?
2. The crimes of MI5 and MI6. These include:
  • MI5 files held on government ministers,
  • IRA bombs that could and should have been prevented
  • Illegal MI5 phone taps
  • Lying to go government
  • The 1994 bombing of the Israeli embassy in London by Mossad, and the subsequent wrongful imprisonment of two innocent people
  •The illegal MI6 assassination attempt against Colonel Gaddafi of Libya
3. How to go “on the run”, what it’s like to cross the secret state, and how to survive
4. The lack of accountability and oversight. The spies literally get away with murder
5. The current situation. Despite glaring intelligences failures, both in the run-up to the Iraq war and in a number of recent terrorist attacks on the UK, our government still continues to grant more resources and powers to the spies. Why?
6. The implications of these new laws for our democracy
7. On a lighter and more hopeful note – examples of the spies’ technological ineptitude
8. The failure of the mainstream media to effectively hold the spies to account

What can we do? We have a (probably limited) window of opportunity to halt this slide towards totalitarianism. It’s time for our fight back.
"All that is necessary for the triumph of evil is for good men to do nothing.” Edmund Burke, MP

Exploiting Embedded Systems - The Sequel! – Barnaby Jack

This presentation will give a walk through of an attack on an embedded device. From retrieving and reverse engineering firmware, through to hardware assisted debugging, and finally - reliable remote exploitation. The techniques that are described are applicable to all popular embedded architectures. Additionally, I will discuss some exploitation methods that are specific to ARM based processors. Live demonstrations will be given throughout the talk.

Hacking Vehicle Telematics: Satellite Navigation Hacking and Other Attacks Against your Car – Andrea Barisani & Daniele Bianco
The 2007 presentation "Injecting RDS-TMC Traffic Information Signals a.k.a. How to freak out your Satellite Navigation." [1] met worldwide success showing the potential for abuse of inadequately secured in-car telematics systems.
A new version of the presentation will follow-up the Satellite Navigation Traffic Message Channel hacking research with more in-depth coverage and new techniques, ideas and concerns for current and future in-car Navigation and Telematics Systems.
[1] http://dev.inversepath.com/rds

Black Box Analysis and Attacks of Nortel VoIP Implementations Reloade – Richard Gowman & Eldon Sprickerhoff
The presenters performed black-box analysis of against Nortel Call Management VoIP implementations. Nortel VoIP infrastructure is widely implemented worldwide, but very little attention appears to be paid to its security issues, probably due to the fact that a proprietary protocol (UNIStim) is used. The presenters will discuss the methods used to reverse engineer the protocol, specific attacks they developed, and how successful they were.
In this updated talk, details that we were not able to make previously (due to responsible disclosure - Nortel has since released patch MPLR 23899) will be revealed.
Updated (currently unavailable) code (UNISTimpy NG) will be released.

Unternehmen in Gefahr! Wenn Sicherheitsmanager betriebsblind werden… – Stephan Schlentrich
Wenn heute von Angriffen auf Unternehmen die Rede ist, braucht es keine weitere Erläuterung: IT ist das Ziel, der Weg, das Instrument - in den allermeisten Fällen!
Die kriminelle Energie ist ausgeprägt, die Technik tückisch, das Know-how der "Feinde" trickreich - und der Schaden geht in die Milliarden. IT ist der Schlüssel. Wer Gefahren abwehrt, ist erfolgreich.
Doch je mehr Unternehmen weltweit hochrüsten und ihre "IT-Schotten" dicht machen, desto größer ist das Risiko, dass andere Gefahren vernachlässigt oder gar nicht
erkannt werden. Wie sieht diese Bedrohung aus, welche Strategien der Gefahrenabwehr sollten innovative mittelständische oder große Unternehmen verfolgen? Wie werden Firmen wirklich sicher? Oder ist dieses Ziel nur eine Illusion?

How I Learned to Stop Fuzzing and Find More Bugs – Dr. Brian Chess
Fuzzing and other runtime testing techniques are great at finding certain kinds of bugs. The trick is, effective fuzzing requires a lot of customization. The fuzzer needs to understand the protocol being spoken, anticipate the kinds things that could go wrong in the program, and have some way to judge whether or not the program has gone into a tailspin. Get this setup wrong, and you end up fuzzing the wrong thing, excersising and re-excersising trivial paths through the program, or just plain missing bugs (as Microsoft did with the .ANI cursor vulnerability). Fuzzing effectively takes a lot of customization and a lot of time.
Proponents of fuzzing often avoid static analysis, citing irrelevant results and false positives as key pain points. But is there a more effective way to channel the energy required for good fuzzing in order to find more bugs faster? This presentation will propose a series of techniques for customizing static, rather than dynamic, tools that will let you find more and better-quality bugs than you ever thought possible.
We will compare static and dynamic approaches to testing and look at:
- The fundamental problems involved in fuzzing
- Why static analysis is harder for humans to think about than fuzzing
- Interfaces for customizing static analysis tools
- The kinds of bugs static analysis is good at finding
- Why static analysis is both faster and more thorough then fuzzing
- Where static analysis tools break down

Regular Exceptions – Tavis Ormandy & Will Drewry
Programming and design errors in string manipulation facilities have plagued software over the years. Despite this, modern string manipulation mechanisms receive very little attention from the security community even with their ubiquity in hostile environments. We investigate these overlooked mechanisms, detailing the flaws and limitations exhibited across programming languages and platforms in widely deployed software. In addition, we discuss mitigation techniques applicable to the development and deployment of these facilities.

Core Wars – Tobias Klein
Dieser Vortrag beschäftigt sich mit Schwachstellen innerhalb moderner Betriebssystem-Kernel. Anhand einiger konkreter Beispiele werden u.a. folgende Fragestellungen behandelt: Warum sind Kernel-Schwachstellen immer fatal? Wie findet man Kernel-Schwachstellen? Wie nutzt man Kernel-Schwachstellen aus? Kernel-Schwachstelle gefunden, was nun? Hersteller kontaktieren, Verkauf, ...? Welche Schutzmöglichkeiten gibt es?

Weitere Informationen zu den Vorträgen erfolgen nach Freigabe durch die Referenten.

nach oben