10:00 AM
to 11:00 AM
Rafal Wojtczuk & Alexander Tereshkin: Attacking IntelĀ® Bios
57 Attendees
Location
Milano Ballroom 5-6-7-8
Type Hardware
Rafal Wojtczuk, Alexander Tereshkin
We demonstrate how to permanently reflash Intel BIOSes on the latest Intel Q45-based systems. In contrast to a previous work done by other researches a few months earlier, who targeted totally unprotected low-end BIOSes, we focus on how to permanently reflash one of the most secure BIOSes out there, that normally only allow a vendor's digitally signed firmware to be flashed. As an extra bonus we describe yet-another-one, on-the-fly, previously undisclosed attack against SMM on Intel platforms affecting most of the recent chipsets.
11:15 AM
to 12:30 PM
Travis Goodspeed: A 16-bit Rootkit and Second Generation Zigbee Chips
39 Attendees
Location
Milano Ballroom 5-6-7-8
Type Hardware
Travis Goodspeed
This lecture in two parts presents first a self-replicating rootkit for wireless sensors, then continues with recent research into the security of second generation Zigbee radio chips such as the CC2430/2431 and the EM250. A live demo and a vulnerability will be released as a part of this presentation.
1:45 PM
to 3:00 PM
Joe Grand, Jacob Appelbaum & Chris Tarnovsky: 'Smart' Parking Meter Implementations, Globalism, and You
69 Attendees
Location
Milano Ballroom 5-6-7-8
Type Hardware
Joe Grand, Jacob Appelbaum, Chris Tarnovsky
Throughout the United States, cities are deploying "smart" electronic fare collection infrastructures that have been commonplace in European countries for many years. In 2003, San Francisco launched a $35 million pilot program to replace approximately 23,000 mechanical parking meters with electronic units that boasted tamper resistance, payment via smart card, auditing capabilities, and an estimated $30 million annually in fare collection revenue. Other major cities, including Atlanta, Boston, Chicago, Los Angeles, New York, Philadelphia, Portland, and San Diego, have made similar moves.
In this session, we will present our evaluation of electronic parking meters, including smart card protocol analysis and emulation, silicon die analysis, and firmware reverse engineering, all of which aided in successful breaches.
In this session, we will present our evaluation of electronic parking meters, including smart card protocol analysis and emulation, silicon die analysis, and firmware reverse engineering, all of which aided in successful breaches.
3:15 PM
to 4:30 PM
Chris Tarnovsky: What the Hell is In there?
55 Attendees
Location
Milano Ballroom 5-6-7-8
Type Hardware
Chris Tarnovsky
An in-depth look inside the latest high-security smartcard devices commonly found inside GSM sim cards. Several different manufactuers have been torn down. Most are certified at the highest Common Criteria levels available. High-resolution images will be the focal point of the discussion as well as how secure really are these devices. Is the latest Comp128 algorithm secure or is there is a risk of exposure from one of these sim cards?
4:45 PM
to 6:00 PM
Mike Davis: Recoverable Advanced Metering Infrastructure
46 Attendees
Location
Milano Ballroom 5-6-7-8
Type Hardware
Mike Davis
Smart Grid. Smart Meters. AMI. Certainly no one has escaped the buzz surrounding this potentially ground-breaking technology. However, equally generating buzz is the heightened threat of attack these technologies provide. Mike Davis and a team of IOActive researchers were able to identify multiple programming errors on a series of Smart Meter platforms ranging from the inappropriate use of banned functions to protocol implementation issues. The team was able to "weaponize"
