null Meetup

KPN

Meetup about Flying Drones, NSA Hacking and Backdooring Bootloaders

Activity website: https://www.meetup.com/null-The-Open-Security-Group/events/243862342/

Add Event to Calendar: vCal | iCal

Time & Place

01 Nov 2017 from 18:30 to 21:30
Teleportboulevard 121 Netherlands

Target Audience

Everyone

Description

Agenda: 1. "Drones Don't Fly When the Sky is Grey" with Javi Moreno 2. "I Boot when U-Boot" by Bernardo Maia Rodrigues - Vincent Ruijter ------------------ Abstract of first talk: A short film by Bea Cabrera. Project presentation, film screening and Q&A. Storyline: After discovering the tracks of what looks like an illegal hacking attempt upon his company’s network, Mike Donahue will pursue the trespassers’ digital trail while staying one step ahead of the NSA. A fictional story about government surveillance loosely, but factually, based on recent real events. ------------------ Abstract of second talk: Personal computer systems are now considerably more secure than embedded devices. Trusted Platform Module (TPM) and secure boot are readily available and even default in a lot of new desktop computers and laptops. Numerous small office and consumer devices, including routers and smart televisions, however, are lacking even the most basic security features. In this talk we will demonstrate and describe the inner-workings of a custom developed (Fully Weaponised IoT Cyber™) bootkit, which gains persistence on U-Boot based embedded devices, at a lower level than even the firmware. Firmware updates and factory resets usually do not interfere with the bootloader, as a small problem could render the device unusable for an end-user: the bootkit will therefore remain present. By including a properly functioning killswitch and a multi-boot like technique, it is possible to switch between a regular and a backdoored image to thwart detection. Enterprises and ISPs must take this additional attack surface into account, and put effort into detecting and responding to this threat. Well-known security researchers have long advocated for easier ways to verify and demonstrate the integrity of hardware, but this comes at a price that vendors are not willing to pay for security. Recently however, regulatory bodies have started to enforce vendors to lock-down their wireless devices, in order to prevent them from operating outside of their certified frequencies. But these 'vendor lock-downs' are not sufficient to increase the device security, as we will demonstrate, it's just a minor inconvenience.