Black Hat 2014: How to crack just about everything

From cell phones and cars to IPv6 security researchers have turned their skills against a world of technology

Black Hat
How to crack just about everything

As the world’s best security experts prepare to descend on Black Hat USA 2014 next month, they must be rubbing their hands in anticipation of colleague’s upcoming revelations about the latest means to crack a range of devices and flaws they’ve found in trusted protocols. Here is a sampling of some of the hottest presentations and defensive measures speakers will release in order to block the attacks they describe.

Cars
Cars

Cracking individual car networks isn’t new, but a talk by Twitter security engineer Charlie Miller and IOActive Security Director Christopher Valasek takes a comprehensive look at the security of these networks from different manufacturers. They’re ready to say whether some cars are more secure from remote compromise than others, whether the security has gotten better or worse in the past five years and how cars can be better protected from attacks.

Kerberos
Kerberos

Researchers Alva Duckwall and Benjamin Delpy will demonstrate how thoroughly Kerberos can be compromised in real-world conditions. They say that with the loss of the right hash, Kerberos can be compromised for years after an attacker gains access. “Yes,” they say, “it really is that bad.”

Android
Android

A researcher will show how an Android flaw lets malicious applications escape Android’s app sandbox and gain security privileges without notifying the user. Jeff Forristal has disclosed the bug to Google, which has issued a fix, but it may still exist in un-patched versions. At Black Hat he will release a security tool to help users scan for risk of the vulnerability on their devices.

Mobile broadband modems
Mobile broadband modems

It’s convenient to plug broadband modem dongles into laptops, but they can prove to be the path to compromising sensitive information and becoming a link in the chain of multi-stage attacks. Andreas Lindh, a security analyst with I Secure, will demonstrate relatively easy Web-based attacks for profit and show why it’s easy to be a criminal on the Internet. He also has suggestions about changing the approach to new consumer technology that takes security into account.

Hadoop
Hadoop

The benefits of Big Data have businesses jumping into it with both feet, but perhaps they’re doing so with too little circumspection, according to Davi Ottenheimer, EMC senior director of Trust. He even has a term for it – getting Hadoopy. He says he’ll do a survey of Big Data systems and point out the most difficult challenges they present as well as the best solutions developed so far.

USB devices
USB devices

USB devices have become plentiful and a part of everyday computer use, but that has led to complacency about how secure they are. Cryptographer and security researcher Karsten Nohl and Jakob Lell, a security researcher at SRLabs, will introduce a new form of malware that operates from the controller chips inside USB devices. Common USB sticks can be reprogrammed to imitate other types of devices in order to spy, steal data or take complete control of a victim computer. They plan to demo such a compromise with a virus they say is undetectable with current defenses. They point to where fixes to the USB stack are needed.

Bitcoin
Bitcoin

A mysterious vulnerability led Bitcoin to the brink of collapse in 2011. Now Daniel Chechik and Ben Hayak, security researchers at Trustwave, have taken a closer look at the problem that affected Silk Road, MTGox and perhaps many more trading Web sites and they’ve figured out how to exploit the flaw that led to compromises that were referred to as transaction malleability. They plan to demo how to take advantage of the vulnerability.

Home alarm systems
Home alarm systems

Radio frequency controllers for home alarm systems are a convenience but one that can be exploited easily using a device Qualys researcher Silvio Cesare built. For about $50, the Arduino and Raspberri Pi-based device could capture and replay the codes used to disable the alarms. He further shows how physically tampering with the system by connecting a device programmer attackers can read the password that enables and disables the alarm. Mitigation is relatively easy: buy good systems. He tells how.

Cell phones
Cell phones

Control protocols used by service providers to communicate and control cell phones can pose a risk. Mathew Solnik and Marc Blanchou, both researchers with Accuvant Labs, have reverse engineered these controls to learn how they work. Their research revealed flaws in how the communication is handled and implemented. They will demonstrate how over-the-air code execution can be performed on GSM, CDMA and LTE networks that can affect Android, iOS, Blackberry and embedded machine-to-machine devices. The pair plans to release tools for protecting against these threats.

IPv6
IPv6

Independent security researchers Antonios Atlasis and Enno Rey note that many security devices are configured for IPv6 even though they are being used only for IPv4 traffic, and that introduces security issues. They will present three techniques for exploiting minor details in the IPv6 protocol that can prevent security devices - such as intrusion detection and prevention systems - from detecting any kind of attack. They will discuss security implications for other devices such as firewalls and mitigation techniques to protect against the exploits.

iPhones an iPads
iPhones an iPads

A Georgia Tech team of researchers led by Yeongjin Jang plans to disclose how to jailbreak the latest version of iOS by exploiting vulnerabilities left by incomplete patches. They will show how to use these vulnerabilities to discover new avenues of attack, which they will use to run unsigned code outside the sandboxes on the devices. They say they will release several new vulnerabilities and the exploit techniques they developed.