25C3 Day 1

Finally sitting down at Paul’s laptop to write up some notes on the talks I’ve seen so far.  I’m going to break it up into days becaus eI’ve taken a lot of notes :)  Here goes, with comments in brackets:

Gadi Evron on Cyberwarfare

  • EU security operations / CERTs are not very organized
  • cyber warfare is mostly bull****

iPhone hacking

  • They’ve fully soft-unlocked the phone, but it’s been done in such a way that Apple can still fix it with a software update

Memory Forensics with the Cold Boot Attack

  • attack has been fully weaponized to USB keys (or functional iPods) and PXE boot
  • Jake has found a somewhat unrelated bug in Mac OSX’s Login.app which results in logged-in users’ passwords being stored in RAM; Apple is aware of the issue and not fixing it.  Same for FileVault keys [o_0]
  • Linux dm_crypt is vulnerable
  • loop_aes devs thought they weren’t vulnerable because of some key-shifting stuff they do, turns out it just means that they store twice the keydata🙂
  • Co-author of USENIX paper Nadia wrote an awesome keyfinding tool which can grab keys from RAM even with something like 75% corruption
  • Bitlocker default / simple mode is totally pwned
  • Even with TPM in use Bitlocker is still vulnerable if precise timings are used

Dan Kaminsky – Why were we so vulnerable to the DNS vulnerability?

  • random person named Paul sitting beside me on the couch by the Go boards describes it as “+5 insightful”
  • My Paul is all excited that Dan is now publicly in favour of DNSSEC🙂

dns pwnage

Edited to add:  For some additional perspectives on Day 1, have a look at my Belgian friend Security4All’s blog post, which has a different selection of talks.

2 thoughts on “25C3 Day 1

Comments are closed.