RFID Reverse-Engineering – Nohl und Starbug

Proprietary algorithms are often kept secret in the false believe that this provides security. We discuss our approach to reverse-engineering proprietary algorithms from silicon chips, in which we open chips, take pictures, and analyze the chips' internal structures. Using these techniques, we hacked the Mifare RFID tags and some other chips, which caused quite a bit of public discussion about proprietary cryptography and "security by obscurity".
The secret cryptography used on proprietary tags is usually weak. Hence, we were able to identify several vulnerabilities in the Mifare tags including weaknesses in the random number generator, protocol weaknesses, and statistical flaws.

Teenage computer crime: A new form of juvenile delinquency? – Shirley McGuire

The presentation will focus on understanding why older children and teenagers participate in computer crime. I will review current theories of juvenile delinquency and discuss ways that we can adapt these psychological models to understand the development computer crime, a new form of children’s behavior problems. Examples will be provided using data from a survey of Internet use (and misuse) in a large, diverse sample of U.S. high school students.

Cisco IOS attack and defense : The State of the Art – Felix 'FX' Lindner

The talk will cover the past, present and future of Cisco IOS hacking, defense and forensics. Starting from the historic attacks that still work on less well managed parts of the Internet, the powerful common bugs, the classes of binary vulnerabilities and how to exploit them down to the latest methods and techniques, this session will try to give everything in one bag.
To each attack type, we will also see what defensive measures are taken, what should be done and how Cisco forensics people will identify the attack and nail the attacker (or not).

iSCSI Security (Insecure SCSI) – Himanshu Dwivedi

The iSCSI presentation will discuss the security issues that exist in the default implementations of iSCSI storage networks/products. The presentation will cover iSCSI storage as it pertains to the basic principals of security, including enumeration, authentication, authorization, and availability.  The presentation will show how iSCSI attacks can compromise large volumes of data from iSCSI storage products/networks.  The presenter will also follow-up each discussion of iSCSI attacks with a demonstration of large data compromise. Each iSCSI attack/defense described by the presenter will contain deep discussions and visual demonstrations, which will allow the audience to fully understand the security issues with iSCSI as well as the standard defenses.

Cold Boot Attacks on Hard Drive Encryption – Bill Paul and Jacob Appelbaum

Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at room temperature and even if removed from a mother-board. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount successful attacks on popular disk encryption systems using no special devices or materials. We experimentally characterize the extent and predictability of memory remanence and report that remanence times can be increased dramatically with simple techniques. We offer new algorithms for finding cryptographic keys in memory images and for correcting errors caused by bit decay. Though we discuss several strategies for partially mitigating these risks, we know of no simple remedy that would eliminate them.

Living on the Edge: The Sources of Creativity – Richard Thieme

The edges of our thinking, the edges of consensus reality, the edges of organizational structures - that's where new ideas first show up. Those we call "geniuses" see them first and give them names. Using the insights and wisdom of the best and the brightest of the infosec and hacking worlds as well as the practice of the craft of intelligence, this presentation demonstrates how creativity infuses the best practices of security and intelligence, how to tend it and make it more likely to happen, and how to capture it on the fly.
The questions for information security practitioners include: How do you generate your creative best in a world driven by cyber attacks and down-sizing? How does creativity fit into the big picture we all know is true in the Dilbert-world of the real work place? This keynote responds to those questions with deep and real insights, grounded in the nitty-gritty of life in the trenches. Thieme argues persuasively that you must tap into your creative potential to succeed as a person-of-interest /and/ a security professional. This talk helps professionals recontextualize how they think about challenges in security by seeing the deeper context of their work.

Vor fast zehn Jahren - im Jahre 1999 - wurde die Trusted Computing Platform Alliance (TCPA) gegründet. 2003 durch die Trusted Computing Group (TCG) abgelöst, propagiert diese die Technologie des Trusted Computing (TC) als Lösungsansatz für die "sichere IT der Zukunft". Die Basis ist dabei das so genannte Trusted Platform Module (TPM), das den Vertrauensanker bilden soll. Dieses schlummert - oft völlig unbemerkt vom
Anwender-  in den meisten modernen PCs. Grund genug, sich mit dieser Technologie zu beschäftigen.
Nach einer Einführung in die Technologie des Trusted Computings zeigt der Vortrag zunächst auf, was ein TPM ist, was es kann, aber auch, was man eben nicht damit machen kann. Weitere Themen sind die Anbindung eines TPM mittels OpenSource, die mit dem Einsatz verbundenen Schwierigkeiten und die Darstellung von möglichen Angriffen auf TPMs. Ein Vergleich zur klassischen Smartcard, sowie eine Betrachtung in Bezug auf den Datenschutz runden den Vortrag ab.

Stealing the Internet: An Internet-Scale, routed Man-In-The-Middle attack – Anton Kapela

“Stealing the Internet" will describe a method where an attacker exploits trust relationships in the BGP routing system to facilitate transparent interception of IP packets. The method will be shown to function at a scale previously thought by many as unavailable to anyone outside of intelligence agencies and carrier networks.
The talk highlights a new twist in sub-prefix hijacking that I demonstrated at Defcon 16: using intrinsic BGP logic to hijack network traffic and simultaneously create a 'bgp shunt' -- a "feasible path" -- towards the target network. This method will be shown to preserve end-to-end reachability while creating a virtual 'wire tap' at the attackers network. I'll also demonstrate that the attack doesn't require prior coordination with any devices or hardware in or adjacent to the target network. Additive TTL modification will be presented as a means for the attacker to obscure the presence of the interceptor.
Results of a recent inter-provider filtering practices survey will be presented as further rationale for stronger route filtering and increased routing security research.
There will not be a live demonstration of the hijack or interception methods. Those interested in observing the attack in action and the original demonstration are encouraged to view the video of the presentation, posted at www.defcon.org.

Die Rechtssichere Website: Haftung im Internet – Jörg Heidrich

Ein Link auf eine Seite mit rechtswidrigem Inhalt, eine geklautes Bild im Forum oder ein beleidigender Eintrag in einem Blog-Kommentar: Die Möglichkeiten, als Betreiber eines Online-Angebots sogar ohne eigenes Verschulden in eine teure juristische Haftungsfalle zu tappen, sind vielfältig. Der Vortrag zeigt die Grundsätze der Haftung im Internet und deren Ausprägung im Bereich der Haftung für Links sowie Foren- und Web 2.0-Inhalte. Im Vordergrund steht dabei vor allem die Frage, wie man Haftungsrisiken vermeiden oder zumindest minimieren kann.

Ein Dutzend dummer Fehler kluger Techies – und was man stattdessen tun kann – Martina Diel

Ob BSD oder Linux, vi oder emacs, Check Point oder Pix – da gehen die Meinungen auseinander. Aber was Fauxpas im Job angeht, herrscht gerade in Kreisen eingefleischter "Techies" häufig Einigkeit: gewisse Fehler werden immer wieder begangen und einige regelrecht zelebriert.
Welche das sind und wie man sie umgehen kann, ohne seine Seele zu verkaufen, darum geht es in diesem Vortrag:
-  Die größte Geißel der Menschheit: Perfektionismus
-  Der Aberglaube, dass nur Vertriebler etwas verkaufen müssen
-  Ein Übermaß an Geek-Folklore und das Ritual des Rantens
-  Der Trend zur Standardisierung am falschen Ort
... und viele mehr!

The problems with cyberwar – Marcus J. Ranum

“Cyberwar" - it sounds so clean and practical, until you start to look at the logistical, military, and political problems implicit in the concept. In fact, while cyberterror and cybercrime may be eminently practical, cyberwar suffers from several fundamental flaws which its proponents wilfuly ignore. In this presentation, we will look at why cyberwar is not likely to be a serious part of any nation-state's set of military options.

Microsoft Security Fundamentals: Engineering, Response and Outreach – Andrew Cushman

MS08-067 – A Case Study in the Evolution of the MSRC Andrew Cushman –
Sr. Director of the Microsoft Security Response Center provides Microsoft's unique perspective on 2008 security ecosystem changes and a behind the scenes look, using actual case studies from 2008 security updates, to highlight the continued transformation of the MSRC.

Weitere Informationen zu den Vorträgen erfolgen nach Freigabe durch die Referenten.

nach oben