It’s the week of Black Hat and DEF CON and thousands of computer security experts have gathered to Las Vegas.
Hot topics this year include Siemens PLC security, revamping the SSL model and Mac laptop batteries.
Mikko keynoting in DEF CON 19
One talk which was highly anticipated was Riley Hassell’s and Shane Macauley’s “Hacking Android”. For mysterious reasons both speakers never showed up for their own talk, leading to wild conspiracy theories on why this might have happened.
However, from antivirus point of view, the most interesting talk was Tavis Ormandy’s talk titled “Sophail”.
In the summer of 2010, Tavis Ormandy found a zero-day vulnerability from Windows Help and Support Center. Five days after informing Microsoft of the vulnerability, and before Microsoft had shipped a patch for it, Tavis publicly released proof-of-concept code. Days later, unknown malware authors integrated this code into drive-by-download exploits, which went on to infect tens of thousands of computers around the world.
Sophos experts vocally criticized Tavis for his action, and even nicknamed the patch that eventually followed to “Patch Tavis”
Fast forward to summer of 2011, and Tavis Ormandy released “A critical analysis of Sophos Anti-virus” in Black Hat.
In his highly unusual talk, Tavis explained that he had reverse engineered the Sophos anti-virus engine and released tools to decrypt the protection systems of Sophos detection databases.
Shifting gears, it’s good to note that connecting to a wireless network during DEF CON is really not recommended. There are simply too many hackers playing with the networks to make them safe. Even the official program pamflet wishes you “good luck” in connecting to the party network. This is nicely illustrated by just looking at the list Wi-Fi hotspots that were available in the DEF CON hotel:
Leave a reply