25C3 Day 3

Paul and I turned in pretty early on Day 2 and managed to make the first talk on Day 3, though not without the assistance of Club Mate and Starbucks.  Day 3 was where things started to get really hairy in terms of being able to get into rooms to see the talks I wanted to see; I ended up missing the RFID talk I really wanted to see in favor of getting to the room for the Storm talk half an hour early.  But that’s what conference recordings are for, isn’t it!

As before, be sure to also check out Security4All’s post on Day 3 for a more Belgian perspective on things.

Continue reading “25C3 Day 3”

25C3 Day 2

Continuing on from my post from a couple of days ago, here are my notes from Day 2 of the 25th Chaos Communications Congress in Berlin.  I’ve been slow with getting these posted – Day 2 was December 28th.  Better late than never, right?

soviet unterzugedorf represent
A lighthearted moment from Soviet Unterzoegersdorf

As with the previous posts, for a different perspective and selection of talks I highly recommend checking out Security4All’s blog post about Day 2 as well.

Finally, if you’re particularly interested in anything I’ve written about, you should check out the official recordings here.  Most of the talks have been posted both as direct downloads and torrents.  I can’t even begin to say how amazing this is given that the conference is barely over.  From what I hear as well the live streams coming from the conference while it was running were also totally solid.

And now for the actual comments about this day’s talks!

Continue reading “25C3 Day 2”

25C3 Day 1

Finally sitting down at Paul’s laptop to write up some notes on the talks I’ve seen so far.  I’m going to break it up into days becaus eI’ve taken a lot of notes 🙂  Here goes, with comments in brackets:

Gadi Evron on Cyberwarfare

  • EU security operations / CERTs are not very organized
  • cyber warfare is mostly bull****

iPhone hacking

  • They’ve fully soft-unlocked the phone, but it’s been done in such a way that Apple can still fix it with a software update

Memory Forensics with the Cold Boot Attack

  • attack has been fully weaponized to USB keys (or functional iPods) and PXE boot
  • Jake has found a somewhat unrelated bug in Mac OSX’s Login.app which results in logged-in users’ passwords being stored in RAM; Apple is aware of the issue and not fixing it.  Same for FileVault keys [o_0]
  • Linux dm_crypt is vulnerable
  • loop_aes devs thought they weren’t vulnerable because of some key-shifting stuff they do, turns out it just means that they store twice the keydata 🙂
  • Co-author of USENIX paper Nadia wrote an awesome keyfinding tool which can grab keys from RAM even with something like 75% corruption
  • Bitlocker default / simple mode is totally pwned
  • Even with TPM in use Bitlocker is still vulnerable if precise timings are used

Dan Kaminsky – Why were we so vulnerable to the DNS vulnerability?

  • random person named Paul sitting beside me on the couch by the Go boards describes it as “+5 insightful”
  • My Paul is all excited that Dan is now publicly in favour of DNSSEC 🙂

dns pwnage

Edited to add:  For some additional perspectives on Day 1, have a look at my Belgian friend Security4All’s blog post, which has a different selection of talks.