We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

ThunderStrike 2: Sith Strike

2
 Zitieren
 Teilen
 Herunterladen
 Bestellen
Kein Logo verfügbarDEF CON
 Hudson, Trammel Kovah, Xeno Kallenberg, Corey

Formale Metadaten

Titel
ThunderStrike 2: Sith Strike
Untertitel
A MacBook firmware worm
Serientitel
Anzahl der Teile
109
Autor
Lizenz
CC-Namensnennung 3.0 Unported:
Sie dürfen das Werk bzw. den Inhalt zu jedem legalen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen.
Identifikatoren
Herausgeber
Erscheinungsjahr
Sprache

Inhaltliche Metadaten

Fachgebiet
Genre
Abstract
The number of vulnerabilities in firmware disclosed as affecting Wintel PC vendors has been rising over the past few years. Although several attacks have been presented against Mac firmware, unlike their PC counterparts, all of them required physical presence to perform. Interestingly, when contacted with the details of previously disclosed PC firmware attacks, Apple systematically declared themselves not vulnerable. This talk will provide conclusive evidence that Mac's are in fact vulnerable to many of the software only firmware attacks that also affect PC systems. In addition, to emphasize the consequences of successful exploitation of these attack vectors, we will demonstrate the power of the dark side by showing what Mac firmware malware is capable of. Speaker Bios: Trammel Hudson enjoys taking things apart and understanding how they work. He presented the Thunderstrike firmware vulnerability at 31C3, created the Magic Lantern firmware for Canon cameras, and teaches classes at the Brooklyn hackerspace NYC Resistor. Twitter: @qrs Web: https://trmm.net/ Xeno Kovah's speciality area is stealth malware and its ability to hide from security software and force security software to lie. To combat such attacks he researches trusted computing systems that can provide much stronger security guarantees than normal COTS. He co-founded LegbaCore in 2014 to help improve security at the foundation of computing systems. He is also the founder and lead contributor to OpenSecurityTraining.info. He has posted 9 full days of class material material on x86 assembly, architecture, binary formats, and Windows rootkits to OpenSecurityTraining.info. Twitter: @XenoKovah Twitter: @legbacore Corey Kallenberg is a co-founder of LegbaCore, a consultancy focused on evaluating and improving host security at the lowest levels. His specialty areas are trusted computing, vulnerability research and low level development. In particular, Corey has spent several years using his vulnerability research expertise to evaluate limitations in current trusted computing implementations. In addition, he has used his development experience to create and improve upon trusted computing applications. Among these are a timing based attestation agent designed to improve firmware integrity reporting, and an open source Trusted Platform Module driver for Windows. Corey is also an experienced trainer, having created and delivered several technical courses. He is an internationally recognized speaker who has presented at BlackHat USA, DEF CON, CanSecWest, Hack in the Box, NoSuchCon, SyScan, EkoParty and Ruxcon. Twitter: @CoreyKal Twitter: @legbacore