27c3 - HTTP Live Streaming

Problems or bugs? Contact kyriii

Saal 1

Wideband GSM Sniffing
Speakers
- Karsten Nohl
- Sylvain Munaut
Info

Start time Tue Dec 28 14:00:00 2010

Duration 1:00:00

Track Hacking

Language en
Abstract GSM is still the most widely used security technology in the world with a user base of 5 billion and a quickly growing number of critical applications. 26C3's rainbow table attack on GSM's A5/1 encryption convinced many users that GSM calls should be considered unprotected. The network operators, however, have not woken up to the threat yet. Perhaps the new capabilities to be unleashed this year – like wide-band sniffing and real-time signal processing – will wake them up.

Saal 2

logische Schaltungen mit Pneumatik Logikschaltungen ohne Elektronik
Speakers
- Äpex
- xif
Info

Start time Tue Dec 28 14:30:00 2010

Duration 0:30:00

Track Making

Language
Abstract Ein kurzer Überblick über mechanische und strömungstechnische Logikschaltungen und Computer

Saal 3

Attack Vectors Through the Eyes of Software-based Fault Isolation I Control Your Code
Speakers
- Mathias Payer
Info

Start time Tue Dec 28 14:00:00 2010

Duration 1:00:00

Track Hacking

Language
Abstract Unsafe languages and an arms race for new bugs calls for an additional line of defense in software systems. User-space virtualization uses dynamic instrumentation to detect different attack vectors and protects from the execution of malicious code. An additional advantage of these virtualization systems is that they can be used to analyze different exploits step by step and to extract the exploit code from a running program. This talk explains the concept of different attack vectors (stack buffer overflows, format string attacks, return to libc attacks, race attacks / TOCTTOU, integer overflows, heap buffer overflows, and code anomalies). For each of these attack vectors we show possible exploits and explain how the virtualization system is able to detect and prevent the exploit.

Saal 1

Wideband GSM Sniffing
Speakers
- Karsten Nohl
- Sylvain Munaut
Info

Start time Tue Dec 28 14:00:00 2010

Duration 1:00:00

Track Hacking

Language en
Abstract GSM is still the most widely used security technology in the world with a user base of 5 billion and a quickly growing number of critical applications. 26C3's rainbow table attack on GSM's A5/1 encryption convinced many users that GSM calls should be considered unprotected. The network operators, however, have not woken up to the threat yet. Perhaps the new capabilities to be unleashed this year – like wide-band sniffing and real-time signal processing – will wake them up.

Saal 2

logische Schaltungen mit Pneumatik Logikschaltungen ohne Elektronik
Speakers
- Äpex
- xif
Info

Start time Tue Dec 28 14:30:00 2010

Duration 0:30:00

Track Making

Language
Abstract Ein kurzer Überblick über mechanische und strömungstechnische Logikschaltungen und Computer

Saal 3

Attack Vectors Through the Eyes of Software-based Fault Isolation I Control Your Code
Speakers
- Mathias Payer
Info

Start time Tue Dec 28 14:00:00 2010

Duration 1:00:00

Track Hacking

Language
Abstract Unsafe languages and an arms race for new bugs calls for an additional line of defense in software systems. User-space virtualization uses dynamic instrumentation to detect different attack vectors and protects from the execution of malicious code. An additional advantage of these virtualization systems is that they can be used to analyze different exploits step by step and to extract the exploit code from a running program. This talk explains the concept of different attack vectors (stack buffer overflows, format string attacks, return to libc attacks, race attacks / TOCTTOU, integer overflows, heap buffer overflows, and code anomalies). For each of these attack vectors we show possible exploits and explain how the virtualization system is able to detect and prevent the exploit.

HSDPA/WiFi (avg. 1200kbit/s)

3G (max. 290 kbit/s)

EDGE - High (max. 225 kbit/s)

GPRS (max. 130 kbit/s)