At this week's Black Hat security conference, security researchers will be addressing SSL vulnerabilities, "war-texting" and mobile attacks.
descending on Las Vegas this week for the annual Black Hat conference will see
lots of creative hacking.
More than 50 presentations
are planned for Black Hat 2011, which runs through Aug. 4, with security
researchers disclosing more than 20 software and system vulnerabilities. Presentations
will detail security flaws in everything from USB devices, industrial control
systems, iPhones, Android devices, Chrome OS and printers.
Some of the researchers have
already publicly disclosed their presentations. Charlie Miller, a
security researcher from Accuvant, revealed how he managed to hack the microcontroller
chips that control the batteries
inside Apple's MacBook
, MacBook Pro and MacBookAir, and corrupt them to the
point that the devices no longer recognized the battery packs.
Zscaler Labs researcher
Michael Sutton will show how embedded Web servers in printers and scanners can
be discovered on the Internet. The Web servers are found in practically any
appliance that has an IP address and are ubiquitous in home and business
networks. Network-connected devices are regularly deployed with virtually no
security whatsoever, Sutton said. He will demonstrate how a cyber-attacker
could access a device remotely and view all the documents that have been
scanned, listen to phone calls and see the faxes received.
Two researchers from
WhiteHat Security's Threat Research Center, Matt Johansen and Kyle Osborn,
discovered a plethora of serious
security flaws in Google's Chrome OS
. The pair claimed the security flaws
found could result in exposing user emails and documents and stealing session
cookies to hijack their accounts.
In their panel on
"war-texting," Don Bailey and Matthew Solnik, researchers from iSec Partners,
will discuss finding mobile-networking vulnerabilities in automobiles that
would allow an attacker to unlock them and turn the engine on remotely. Bailey
devised a method for exploiting the GSM network to send malicious SMS (Short
Message Service) communications that can upload data and transmit information.
"War-texting" is a variation
of "War-driving," where people drive around in autos with devices designed to
discover and intercept signals from unprotected wireless LANs. With
War-texting, they are intercepting messages sent between servers and autos.
Dillon Beresford, a security
researcher at NSS Labs, will be presenting his work on exploiting Siemens
Simatic S7 process logic controllers. The talk, originally scheduled for the TakeDownCon
conference in May, was withdrawn after Siemens worried about
potential ramifications if he publicized the vulnerabilities before they could
be patched. At Black Hat, Beresford is expected to cover new vulnerabilities
and demonstrate how attackers can impersonate the communication control used by
Researcher Dino Dai Zovi
performed a detailed audit of the security mechanisms and features in iOS 4 for
his presentation. Dai Zovi will be making recommendations on what organizations
can do when deploying iOS devices to their employees.
researcher James Arlen will discuss the threat of attacks on high-frequency
trading systems. The rapid evolution of high-frequency computer-based trading
means there is not a lot of security oversight on those systems, Arlen said.
These systems execute trades in microseconds, which would be a problem for most
IT departments because most security products have operational latencies
measured in milliseconds, according to Arlen. Traditional IT environments are
just too slow to handle the risks facing high-frequency trading systems.
And finally, Moxie
Marlinspike, founder of start-up Whisper Systems, will discuss issues in the SSL
(Secure Sockets Layer) and the fragile
certificate authority infrastructure
. The attack on root certificate
authority Comodo, in which an attacker managed to issue valid certificates for
domains belonging to Google, Yahoo, Skype and other companies, highlighted some
of the issues. Marlinspike will release a client-side software tool for Firefox
to avoid having to rely on the certificate authority infrastructure to
determine which sites were trusted and authentic.