10:00 AM
to 11:00 AM
Rod Beckstrom: Beckstrom's Law
38 Attendees
Location
Milano Ballroom 1-2-3-4
Type Legal & Management
Rod Beckstrom
Beckstrom's Law is a new model or theorem of economics formulated by Rod Beckstrom. It purports to answer 'the decades old question of "how valuable is a network."' It is granular and transactions based and can be used to value any network. It applies to any network: social networks, electronic networks, support groups and even the Internet as a whole. To read a white paper explaining the law and mathematics in detail, please see Economics of Networks. This new model values the network by looking from the edge of the network at all of the transactions conducted and the value added to each. It states that one way to contemplate the value the network adds to each transaction is to imagine the network being shut off and what the additional transactions costs or loss would be.
11:15 AM
to 12:30 PM
Dmitri Alperovitch: Fighting Russian Cybercrime Mobsters
134 Attendees
Location
Milano Ballroom 1-2-3-4
Type Legal & Management
Dmitri Alperovitch, Keith Mularski
A Supervisory Special Agent from the FBI and a native Russian security researcher join forces to present an in-depth insider view of the most prominent cases against Russian and other Eastern European-based online crime syndicates of the past decade. Learn about their experiences gained from being in the middle of major international cybercrime investigations by US law enforcement. The talk will include an in-depth discussion of the investigation into the DarkMarket carding forum, the biggest cybercrime operation by the FBI of 2008, by the agent who has spent 2 years undercover working to identify and shutdown the leading criminals in the organization.
1:45 PM
to 3:00 PM
Tiffany Rad & James Arien: Your Mind - Legal Status, Rights and Securing Yourself
45 Attendees
Location
Milano Ballroom 1-2-3-4
Type Legal & Management
Tiffany Strauchs Rad, James Arlen
As a participant in the information economy, you no longer exclusively own material originating from your organic brain; you leave a digital trail with your portable device's transmitted communications and when your image is captured by surveillance cameras. Likewise, if you Tweet or blog, you have outsourced a large portion of your memory and some of your active cognition to inorganic systems. U.S. and International laws relating to protection of intellectual property and criminal search and seizure procedures puts into question protections of these ephemeral communications and memoranda stored on your personal computing devices, in cloud computing networks, on off-shore "subpoena proof" server platforms, or on social networking sites.
Although once considered to be futuristic technologies, as we move our ideas and memories onto external devices or are subjected to public surveillance with technology (Future Attribute Screening Technology) that assesses pre-crime thoughts by remotely measuring biometric data such as heart rate, body temperature, pheromone responses, and respiration, where do our personal privacy rights to our thoughts end and, instead, become public expressions with lesser legal protections? Similarly, at what state does data in-transit or stored in implantable medical devices continuously connected to the Internet become searchable? In a society in which there is little differentiation remaining between self/computer, thoughts/stored memoranda, and international boundaries, a technology lawyer/computer science professor and a security professional will recommend propositions to protect your data and yourself.
Although once considered to be futuristic technologies, as we move our ideas and memories onto external devices or are subjected to public surveillance with technology (Future Attribute Screening Technology) that assesses pre-crime thoughts by remotely measuring biometric data such as heart rate, body temperature, pheromone responses, and respiration, where do our personal privacy rights to our thoughts end and, instead, become public expressions with lesser legal protections? Similarly, at what state does data in-transit or stored in implantable medical devices continuously connected to the Internet become searchable? In a society in which there is little differentiation remaining between self/computer, thoughts/stored memoranda, and international boundaries, a technology lawyer/computer science professor and a security professional will recommend propositions to protect your data and yourself.
4:45 PM
to 6:00 PM
Jennifer Granick: Computer Crime Year in Review
96 Attendees
Location
Milano Ballroom 1-2-3-4
Type Legal & Management
Jennifer Granick
Its been a booming year for computer crime cases as cops and civil litigants have pushed the envelope to go after people using fake names on social networking sites (the MySpace suicide case), researchers giving talks at DEFCON (MBTA v. Anderson), and students sending email to other students (the Calixte/Boston College case). The Electronic Frontier Foundation has been front and center in these cases, either filing amicus briefs or directly representing the coders and speakers under attack. At this presentation, Jennifer Granick and other EFF lawyers fresh from the courtroom will share war stories about these cases, thereby informing attendees about the latest developments in computer security law and giving pointers about how to protect yourselves from overbroad legal challenges.
10:00 AM
to 11:00 AM
Zane Lackey & Luis Miras: Attacking SMS
135 Attendees
Location
Milano Ballroom 1-2-3-4
Type Mobile
Zane Lackey, Luis Miras
With the increased usage of text messaging around the globe, SMS provides an ever widening attack surface on today's mobile phones. From over the air updates to rich content multimedia messages, SMS is no longer a simple service to deliver small text-only messages. In addition to its wide range of supported functionality, SMS is also one of the only mobile phone attack surfaces which is on by default and requires almost no user interaction to be attacked.
This talk will seek to inform the audience of threats to today's mobile phones posed by hostile SMS traffic. We will discuss attacking the core SMS and MMS implementations themselves, along with 3rd party functionality that can be reached via SMS. Results will be presented of testing against mobile platforms in real-world situations.
In addition to our own results we will discuss and release a number of tools to help users test the security of their own mobile devices. Finally, we will demonstrate and release an iPhone-based SMS attack application that facilitates a number of the attacks we discuss.
This talk will seek to inform the audience of threats to today's mobile phones posed by hostile SMS traffic. We will discuss attacking the core SMS and MMS implementations themselves, along with 3rd party functionality that can be reached via SMS. Results will be presented of testing against mobile platforms in real-world situations.
In addition to our own results we will discuss and release a number of tools to help users test the security of their own mobile devices. Finally, we will demonstrate and release an iPhone-based SMS attack application that facilitates a number of the attacks we discuss.
11:15 AM
to 12:30 PM
Charlie Miller & Collin Mulliner: Fuzzing the Phone in your Phone
123 Attendees
Location
Milano Ballroom 1-2-3-4
Type Mobile
Charlie Miller, Collin Mulliner
In this talk we show how to find vulnerabilities in smart phones. Not in the browser or mail client or any software you could find on a desktop, but rather in the phone specific software. We present techniques which allow a researcher to inject SMS messages into iPhone, Android, and Windows Mobile devices. This method does not use the carrier and so is free (and invisible to the carrier). We show how to use the Sulley fuzzing framework to generate fuzzed SMS messages for the smart phones as well as ways to monitor the software under stress. Finally, we present the results of this fuzzing and discuss their impact on smart phones and cellular security.
1:45 PM
to 3:00 PM
Kevin Mahaffey, Anthony Lineberry & John Hering: Is Your Phone Pwned?
127 Attendees
Location
Milano Ballroom 1-2-3-4
Type Mobile
Kevin Mahaffey, Anthony Lineberry, John Hering
The world has never been more connected. Over a billion mobile devices ship every year, five times the number of PCs in the same period. The iPhone and Android have accelerated the mass adoption of smart devices, mobile applications, and high speed mobile networks. Meanwhile, mobile devices are now a material target: they contain sensitive personal and corporate data, access privileged networks, and routinely perform financial transactions. The question remains, how do we keep these devices safe?
Learn about how to detect vulnerabilities on mobile devices, exploitation techniques, how the security architecture of major mobile platforms work, and how to protect your mobile device(s) in the threat landscape of a constantly evolving mobile world. We'll be demonstrating a new mobile device vulnerability (we're also providing a hotfix tool) and analyzing other vulnerabilities that affect major mobile platforms, one of which is already being actively exploited in the wild. To top it off, we will be releasing our 'Sniper' mobile fuzzing framework, a tool specifically designed to fuzz mobile platforms that includes support for major file formats and protocols typically present on mobile devices.
Learn about how to detect vulnerabilities on mobile devices, exploitation techniques, how the security architecture of major mobile platforms work, and how to protect your mobile device(s) in the threat landscape of a constantly evolving mobile world. We'll be demonstrating a new mobile device vulnerability (we're also providing a hotfix tool) and analyzing other vulnerabilities that affect major mobile platforms, one of which is already being actively exploited in the wild. To top it off, we will be releasing our 'Sniper' mobile fuzzing framework, a tool specifically designed to fuzz mobile platforms that includes support for major file formats and protocols typically present on mobile devices.
3:15 PM
to 4:30 PM
Jesse Burns: Exploratory Android Surgery
57 Attendees
Location
Milano Ballroom 1-2-3-4
Type Mobile
Jesse Burns
It's hard to resist open, Linux-based phones with sophisticated programming environments and a novel security model. Android has application-level isolation, new kernel primitives for communication, and fancy UI features wrapped around its open source heart. This talk will explore Android's fancy new kernel and user mode security mechanisms, how to test them, and how to mess around inside your droid.
Jesse will release and demonstrate new tools for exploring Android devices, including an Intent sniffer, Intent fuzzer, a security policy exploration tool, and a tool for exploring any undocumented or proprietary corners of your device.
In the process, the talk will show hidden features on currently shipping devices, illustrate how Android systems fit together and help the attendee understand what this new security model's capabilities and limitations are. The speaker has worked on the security of dozens of Android applications, and on the operating system itself. He will use this experience to explain some of the most common, new types of security weaknesses facing mobile developers and testers.
Jesse will release and demonstrate new tools for exploring Android devices, including an Intent sniffer, Intent fuzzer, a security policy exploration tool, and a tool for exploring any undocumented or proprietary corners of your device.
In the process, the talk will show hidden features on currently shipping devices, illustrate how Android systems fit together and help the attendee understand what this new security model's capabilities and limitations are. The speaker has worked on the security of dozens of Android applications, and on the operating system itself. He will use this experience to explain some of the most common, new types of security weaknesses facing mobile developers and testers.
4:45 PM
to 6:00 PM
Vincenzo Iozzo & Charlie Miller: Post Exploitation Bliss - Loading Meterpreter on a Factory iPhone
59 Attendees
Location
Milano Ballroom 1-2-3-4
Type Mobile
Vincenzo Iozzo, Charlie Miller
IPhones are now widely used by people; as a consequence the number of factory phones is ever increasing. Until very recently, researchers focused on exploitation techniques for jailbroken phones. Most of these approaches are not usable on factory phones due to a number of protections including code signing and additional memory protections. For that reason, even with the ability to execute arbitrary code in an exploit, it is very hard to know what to do. This presentation will show how is it possible to effectively run high level payloads on a factory phone by defeating code signing protections after exploitation. Specifically by injecting an arbitrary non-signed library in the victim's process address space, an attacker is able to run his own code thus granting a much higher attack efficacy. This is especially important because on factory iPhones, there are no useful utilities, not even a shell. With this technique, an attacker can bring along their own tools, including the ability to get directory listing, upload and download files, even pivot attacks, in the form of Meterpreter!
