Black Hat Roundup: Let the Electric-Shock Craziness Begin

Ready to power on next week, the annual Black Hat Conference in Las Vegas promises to be the high-voltage event it has been in the past where security experts tear apart any naïve hope that there's really anything secure at all that was ever made by the high-tech industry.

Ready to power on next week, the annual Black Hat Conference in Las Vegas promises to be the high-voltage event it has been in the past where security experts tear apart any naïve hope that there's really anything secure at all that was ever made by the high-tech industry.

Black Hat 2011 will showcase more than 50 presentations by security researchers in which the most intense will detail vulnerabilities in everything from USB devices, to printers and scanners, to iPhones to Android devices, to hacking Chrome OS and notebooks, to industrial SCADA systems.

PREVIEW: Exploit demo at Black Hat could 'make your water undrinkable'

Details on some of this are already spilling out, such as in the case of Charlie Miller, who in a Fortune article said he has found a way to hack the chips that control the batteries in Apple's MacBook, MacBook Pro and MacBook Air, letting him ruin them or install persistent malware.

There could be a few horror-inducing sessions, too, such as the presentation from iSec Partners researchers Don Bailey and Matthew Solnik, who will provide a few tips on "war texting" to find cars -- yes, automobiles -- and exploit mobile-networking vulnerabilities in them in order to unlock someone else's car and turn the engine on via a laptop.

And if you're interested in printers, there's a session on how embedded Web servers in printers and scanners can be easily found on the Internet and documents they recently processed gathered up without even breaking into them. That one is being done by Zscaler Labs researcher Michael Sutton.

Here are a few picks from the Black Hat schedule that promise some electrifying chills and thrills (unless the presenters chicken out, as has happened before, because they're afraid that some vendor might sue them). Also, the excitement can also be a little muted once the researcher tells you that of course he already told the vendor about the problem and it's been fixed. Nonetheless, here are some promising acts from the surreal circus that is Black Hat:

- "Exploiting the iOS Kernel," by Stefan Esser, who promises to "introduce the audience to kernel-level exploitation of iPhones."

- "Hacking Androids for Profit," by Riley Hassell and Shane Macaulay, who swear they will "reveal new threats to Android apps, and discuss known and unknown weaknesses in the Android OS and Android market."

- "Apple iOS Security Evaluation: Vulnerability Analysis and Data Encryption," by Dino Dai Zovi, will focus on what the enterprise should be concerned about in "several key security mechanisms" in terms of their strengths and weaknesses.

- "Hacking Google Chrome OS," by Matt Johansen and Kyle Osborn, who say they have "discovered a slew of serious and fundamental security design flaws that with no more than a single mouse-click may victimize users by exposing all user email, contacts, and saved documents," plus much more, including "taking over their Google account by stealing session cookies" and other ways.

- "Chip & PIN is definitely broken," by foursome Adam Laurie, Zac Franken, Andrea Barisani and Daniele Bianco, with their take on "credit-card skimming and PIN harvesting in an EMV world," which will bite down on chip-based payment cards.

- "Exploiting Siemens Simatic S7 PLCs" will feature Dillon Beresford, an independent researcher who also works at NSS Labs, telling us what's wrong with industrial SCADA systems.

- "Owning the Routing Table," by Gabi Nakibly, intends to "present newfound vulnerabilities in the OSPF protocol" which enable an attacker to "own a router's routing table without having to own the router itself."

- "Sophail: A Critical Analysis of Sophos Antivirus," by Tavis Ormandy, gets a little personal in ripping into the Sophos Antivirus product for a "thorough examination of Sophos Antivirus" in order to do an analysis of the vendor's technical claims, as well as "exploring the rich attack surface exposed, and demonstrating weaknesses and vulnerabilities."

- "Exploiting USB Devices with Arduino," by Greg Ose, will talk about exploiting components of the Arduino hardware architecture.

- "A Crushing Blow at the Heart of SAP J2EE Engine," by Alexander Polyakov, will detail an attack on vulnerabilities -- and offer a free tool to try scanning against the attack.

- "Hacking and Forensicating an Oracle Database Server" will feature David Litchfield, an experienced database security researcher who in the past has found critical security weaknesses in Oracle products and who should be taken very seriously.

Some additional highlights: Although it may only have historic value to most of us, security researcher Chris Paget intends to talk about "Microsoft Vista: NDA-less The Good, The Bad and The Ugly," in which he will reveal "previously secret information about the security process that Vista went through." He says he will talk about Vista because the non-disclosure agreement he signed five years ago to get access to the source code and design specifications related to Windows Vista expires right before the Black Hat Conference starts.

That should make it feel like old home week when Kate Moussouris, head of Microsoft's Security Community Outreach and Strategy Team, does her talk, "From Redmond with Love!"

She's supposed to tell the Black Hat attendees -- who have sometimes shown almost excessive love for finding holes in Microsoft Windows products --about how "in 2008, people thought we'd lost our minds when we announced three strategic programs: sharing vulnerability information in our products before there was an update, finding vulnerabilities in third-party products and predicting which vulnerabilities would get reliably exploited in a short timeframe."

After all these years, Microsoft is still wild and wacky, she assures us, saying, "Well, it's 2011 and we haven't stopped coming up with crazy ideas." What gonzo stuff is Microsoft sending her out to tell us about at Black Hat? Stay tuned.

Read more about wide area network in Network World's Wide Area Network section.

Copyright © 2011 IDG Communications, Inc.

22 cybersecurity myths organizations need to stop believing in 2022