Black Hat security conference explores war-texting
Aug 2, 2011 — by LinuxDevices Staff — from the LinuxDevices Archive — viewsAt this week's Black Hat security conference in Las Vegas, security researchers will be addressing SSL vulnerabilities, mobile attacks, Chrome OS security gaps, and “war-texting” — a snooping technique that could also enable a car to be started remotely. Meanwhile, the nominations for the 2011 Pwnie Awards at Black Hat include a nod to Sony for its incompetence at security.
Security professionals descending on Las Vegas this week through Aug. 4 for the annual Black Hat conference will see more than 50 presentations on creative hacking. Security researchers will disclose more than 20 software and system vulnerabilities. Presentations will detail security flaws in everything from USB devices, industrial control systems, iPhones, Android devices, Chrome OS, and printers.
Some of the researchers have already publicly disclosed their presentations. Charlie Miller, a security researcher from Accuvant, revealed how he managed to hack the microcontroller chips that control the batteries inside Apple's MacBook, MacBook Pro, and MacBookAir, and corrupt them to the point that the devices no longer recognized the battery packs.
Zscaler Labs researcher Michael Sutton, meanwhile, will show how embedded web servers in printers and scanners can be discovered on the Internet. The web servers are found in practically any appliance that has an IP address, and are ubiquitous in home and business networks. However, network-connected devices are regularly deployed with virtually no security whatsoever, according to Sutton.
Sutton will demonstrate how a cyber-attacker could access a device remotely and view all the documents that have been scanned, listen to phone calls, and see the faxes received.
Two researchers from WhiteHat Security's Threat Research Center — Matt Johansen and Kyle Osborn — recently discovered a plethora of serious security flaws in Google's Linux-based Chrome OS. The pair will offer a presentation on how the security flaws found could result in exposing user emails and documents, as well as stealing session cookies to hijack their accounts. Chrome OS-based Chromebooks from Samsung and Acer — the latter's AC700 is pictured at right — recently reached the commercial market.
War-texting follows war-driving path
In their Black Hat panel on "war-texting," Don Bailey and Matthew Solnik, researchers from iSec Partners, will discuss finding mobile-networking vulnerabilities in automobiles that would allow an attacker to unlock them and turn the engine on remotely. Bailey devised a method for exploiting the GSM network to send malicious SMS (Short Message Service) communications that can upload data and transmit information.
"War-texting" is a variation of "war-driving," where people drive around in autos with devices designed to discover and intercept signals from unprotected wireless LANs. With war-texting, they are intercepting messages sent between servers and autos.
Dillon Beresford, a security researcher at NSS Labs, will be presenting his work on exploiting Siemens Simatic S7 process logic controllers. The talk, originally scheduled for the TakeDownCon security conference in May, was withdrawn after Siemens worried about potential ramifications if he publicized the vulnerabilities before they could be patched. At Black Hat, Beresford is expected to cover new vulnerabilities and demonstrate how attackers can impersonate the communication control used by the industrial control systems.
Researcher Dino Dai Zovi is performing a detailed audit of the security mechanisms and features in iOS 4 for his presentation. Dai Zovi will be making recommendations on what organizations can do when deploying iOS devices to their employees.
Independent security researcher James Arlen will discuss the threat of attacks on high-frequency trading systems. The rapid evolution of these systems has limited effective security oversight, Arlen says.
Trading systems execute trades in microseconds, which would be a problem for most IT departments because most security products have operational latencies measured in milliseconds, according to Arlen. Traditional IT environments are just too slow to handle the risks facing high-frequency trading systems.
And finally, Moxie Marlinspike, founder of start-up Whisper Systems, will discuss issues in the SSL (Secure Sockets Layer) and the fragile certificate authority infrastructure. The attack on root certificate authority Comodo, in which an attacker managed to issue valid certificates for domains belonging to Google, Yahoo, Skype and other companies, highlighted some of these issues.
Marlinspike will release a client-side software tool for Firefox that enables users to avoid having to rely on the certificate authority infrastructure to determine which sites were trusted and authentic.
Pwnie awards "honor" Sony
On Aug. 3, security professionals heading to Black Hat can look forward to the "Pwnie" awards, the hacker version of the Academy Awards. The Pwnies celebrate superior security skills or catastrophic security incompetence over the past year, according to the Pwnie Awards website.
Pwnies will be awarded in eight categories, including best server-side bug, most innovative research, lamest vendor response, best client-side bug, best privilege escalation bug, "Most Epic FAIL" and "Most Epic 0wnage."
A "Best Song" category includes a nomination for a rap song written and performed by George "GeoHot" Hotz (pictured). Hotz was sued by Sony for jailbreaking the PlayStation 3 and then distributing the tool. "Yo it's geohot / And for those that don't know / I'm getting sued by Sony," the song begins.
There were five nominees for the "Epic Fail" award: Sony, Sony, Sony, Sony, and again, Sony. The top award, "Most Epic 0wnage," will go to "hackers responsible for delivering the most damaging, widely publicized, or hilarious 0wnage," according to the organizers.
The nominees are Anonymous for hacking HBGary Federal, LulzSec for "hacking everyone", WikiLeaks for posting classified documents, and Bradley Manning for carrying them out on fake Lady Gaga CDs. Stuxnet, meanwhile, is nominated for being the first malware to damage centrifuges used in nuclear power plants.
(For more details on these and other nominations, see this longer eWEEK version of the Pwnies story.)
Fahmida Rashid is a writer for eWEEK.
This article was originally published on LinuxDevices.com and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.