Cupfighter.net

By Yaniv Miron

lolcat adaptation #3, a Creative Commons Attribution No-Derivative-Works (2.0) image from kevinsteele's photostream

Exploit wednessday ois the day after patch Tuesday, the second Tuesday of the month when Microsoft releases its patches. While some people say it’s impossible to write an attack in one day, Yaniv has seen it happen and tries to explain how.

This process is based on diffing. Diffing means finding the differences between the old and the patched version of the binary file.

This could be done on the same machine, or between two different versions of the OS (e.g. Windows XP and Vista).

The toolkit for a typical patch analysis consists of:

• Diff programs
• Compare programs
• Decompiles  and compilers
• Different versions of windows

Yaniv, then went off to demonstrate a to us the creation of an exploit for MS10-005.

First of all information from public source was gathered to find out which program was effected, what the root cause of the vulnerability was and in which version of Windows the problem is present.

The next part is extracting the patch and analyzing it. First this that needs to be done is finding the files that will be updated. The these files will be compared against the original file, just to find which functions have been changed.

Read more…

By Tam Hanna

I had the opportunity to meet Tam at SigInt earlier, so I simply had to attend his talk at Confidence.

The security of mobile systems is often weak because users are not willing to accept reduced battery life to run anti-virus. Also users and developers of do not think about security.

Tam mathematically shows how the chances of two users with a smart phone meeting goes up enormously as the market share of smart phones go up.

The current biggest problem to phones is theft. This is not stopped, because stopping theft does not benefit the carriers, phone manufacturers or governments.

Read more…

By Axelle Apvrille

Axelle talk discusses four examples of mobile malware

• iPhoneOS/Eeki.B
• Symbian/Yxes
• WinCE/Redoc
• Jaa/GameSat

While mallware for mobile phones is far less nuomerous then malware for PC’s, that does however not mean that there are few infections.

• CommWarrior (2005) > 100,000 infections
• Yxes (2009) “hundereds of thousands of infections”

How many owners of a jail broken iPhones have actually changed their root password as recommended by the authors of Cydia just of the screen? This lead to the spreading of the Eeki worm.

Read more…

By Wojciech Bojdol

Wojciech started his talk by explaining the basic principles of social engineering.

The his talk highlights three bugs in human behaviour

Bug #1: We want to trust the world

We are not open to information that contradicts our own view. Information that contradicts our own believes costs us effort.

Bug #2: People are lazy

Read more…

By Eddie Schwartz  (@eddieschwartz and LinkedIn)

Security today is sold by three may motivations. FUD: Fear, Uncertainty and Doubt.

Security sucks because there are certain factors that you cannot do anything about. E.g. if you get a mail from your kids school that 10 children have fallen ill to a new disease, would you open it?

Eddie further highlighted that there is a significant imbalance between the defense and offence. Offence runs broad organizations that make money from there activities (Cybercrime) whereas defense is costing organizations money just to make sure nothing happens (IT Security)

There is quite a different perception if compliance aids security between security officers and information officers.

Read more…

By Jacob Applebaum (@ioerror)

Jacob had to start his talk without slides due to technical difficulties, but he did alright.

First off he talks about some treats against our privacy. Political plans for nation wide key escrow and wide scale data retention are popping up all over the western world.

The Australian web filter against child pornography has proven that these kind of filters don’t work. Before it was deployed nation wide the filter already succeeded in creeping its scope by blocking a dentists web site.

Jacob, personally, specifically cares about cases where Tor is used to censor people.Censorship will never serve humanity and in fact humanity becomes a slave to the truth of its sensors.

Read more…

By Arjen Kamphuis (@ArjenKamphuis)

Arjen started off by explaining why he thinks that software is important. About as important as the first book press. The creation of synthetic life earlier this has reduced the problem of life to a software problem, a very complex software problem, but a software problem non-the-less.

One day, after Arjen noticed that the main Dutch railway website could only be used with Internet Explorer he decided to write the railway and several Dutch politician, he got requested to put in a proposal for a Dutch law pushing open source software as a government policy. Since the Dutch government does 12% of Dutch software spending, they should lead by example. This bill got passed, partly because the day before it got known that Microsoft had a nett. margin of 92% on Windows.

Read more…

By Eleanor Saitta (@dymaxion)

Resistance is futile, a Creative Commons Attribution Non-Commercial No-Derivative-Works (2.0) image from myxi photostream

Modern city dwellers are being tracked in hundreds of ways. From cell phone surveillance to DNS tracking.

Eleanor illustrates the vast numbers of records generated by Joe Sixpack as he travels from his home to his desk in the office. You have been awake all of 2 hours and at least 30 government agencies and double that amount of commercial agencies have stored information about you.

There are a few problems around surveillance:

• Secondary uses
• Buying and sharing data
• Sunk cost
• Opportunity leads to abuse
• Equality versus aggregation

A typical telco gets about one location request per 10 subscribers, excluding 911, secret service and law enforcement requests.

Read more…

By Nick Far (@NickF4rr)

Future 3.0 is about the patterns that will emerge and reemerge in the future.

Future 1.0 is crude, this the beggining of the internet or the beginning of domestic agriculture, it is signified by:

• Low growth
• Nutral
• Decentralized
• Direct

Future 2.0 is an intermediate phase (think web 2.0 or the industrial revolution):

• Refined
• Centralized
• Rapid
• Massive

Future 3.0 is entropic (it is about to happen):

• Sustainable
• Natural
• Decentralized
• Direct

Read more…

By Dmytri Kleiner’s (Slides)

Dmytri’s talk compares peer to peer and client server with communism and captalism. It is important that these terms refer to their original meanings:

• Communism is a theoretical society with no classes and no state.
• Capitalism refers to a society in which the owners of Capital are able to abstain from direct-production by appropriating the products of workers who employ their property in production.

Mesh networks can be compared to communism:

• Participants can interact directly
• No Toll Gate, No Prices

Read more…