About Me

I ramble about a number of things - but travel experiences, movies and music feature prominently. See my label cloud for a better idea. All comnments and opinions on this blog are my own, and do not in any way reflect the opinions/position of my employer (past/current/future).

27 October 2012

ZACON IV

The fourth iteration of the local hacker/security conference has grown even larger, and for a change it was not dominated by Sensepost talks (though this was not by design, just impact of the landscape and MWR seems to have taken over somewhat). I missed the bulk of the first talk (as I had some things to do in the morning), and the rest of the program was interesting. More details on the website.

As per previous conferences, ZACON was held once again at UJ's monstrous concrete jungle in Auckland Park. The lecture theatre was quite nice though, with impressive AV facilities. The demographic spread of ZACON is interesting; in terms of gender (the number of ladies in the room could be counted on one hand), age, race etc. There was a distinct lack of corporate guys; a pity in that the forum is great for knowledge sharing. I do know that there were students from UJ and UP, which does skew the demographics a bit.

I have only captured the talks I found interesting.

Glenn Wilkinson's talk mirrored a similar talk at RSA Europe, on exploiting WiFi AP search requests. The differentiator however, was the ability to chain the systems together (instead of offline systems like the Pineapple). There are some interesting applications of the approach - both good and bad; an it was certainly an interesting discussion.

Simeon Miteff's talk on the security challenges on very high speed networks was quite interesting, especially as it has applicability beyond the research network into modern datacentres. I think the solution is really in segregation - not all connectivity is high speed, and it may be better to focus on the interconnects to slower networks and not focus on securing the high speed networks.

Ross Simpson's talk on hacking games focused a lot on memory hacks; but the discussion point was really in client side validation. Whenever the system does client side validation, these values are stored in memory, and thus potentially can be bypassed. What was particular interesting, is that some very popular modern games (examples were shown on iOS) that use a client-server model can be exploited because they use client side validation. It is true that ioS memory hacks for client-server applications would need jail breaking, but there are some interesting attacks exploiting save files on the device that can work on non jailbroken devices.

Andrew MacPherson's talk on physical access control vulnerabilities was amazing. Starting with the traditional locks and lockpicking, the really cools stuff were the demos on magstripes (with a good background on magstripes) and RFID tags. One of the most impressive talks, especially given the widespread use of magstripes as RFID tags - not only for access control but for all sorts of other uses.

Jacques Louw's talk on using software defined radios for attacks was a continuation of the radio theme. The bulk of the talk was rehashing theory from a long time ago, but the application to utility meters and GSM was very cool (and frightening, when considering the social impact for smart metering).

Schalk Heunis' talk was different, focusing on home alarm systems; and reverse engineering the system using Audrino. While there are attack perspective; there are very cool implications for home automation. The House4Hack team have some interesting work in this regard.