Our editorial team has handpicked the best of the best talks at DEF CON 26 -is one of the world's largest hacker conventions, held annually in Las Vegas, Nevada. Following is the list of top talks on Hardware Security at DEF CON 26.
DEFCON 2018, 26th Def-Con Hacking Conference is among one of the most main event on Computer, Information Technology, Cyber Security, Software, Hacking and Hack topics.
(Source: DEF CON 26)
1. GOD MODE Unlocked: Hardware backdoors in x86 CPUs
Christopher Domas, Cyber Security Researcher
Complexity is increasing. Trust eroding. In the wake of Spectre and Meltdown, when it seems that things cannot get any darker for processor security, the last light goes out. This talk will demonstrate what everyone has long feared but never proven: there are hardware backdoors in some x86 processors, and they're buried deeper than we ever imagined possible. While this research specifically examines a third-party processor, we use this as a stepping stone to explore the feasibility of more widespread hardware backdoors.
2. Project “The Interceptor”: Owning anti-drone systems with nanodrones
David Melendez Cano R&D Embedded Systems Engineer. Albalá Ingenieros S.A.
This talk provides a new vision about drone protection against anti-drone systems, presenting "The Interceptor Project", a hand-sized nano drone based on single-core tiniest Linux Board: Vocore2.
3. Your Watch can watch you ! Gear up for broken privilege pitfalls in the samsung gear smart watch
- Dongsung Kim, Graduate Student, Sungkyunkwan University
- Hyoung-Kee Choi, Professor, Sungkyunkwan University
In this talk, we will investigate if the Samsung Gear smartwatch series properly screens unauthorized access to user information. More specifically, we will focus on a communication channel between applications and system services, and how each internal Tizen OS components play the parts in access control.
4. HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
- Feng Xiao, Hacker
- Jianwei Huang, Hacker
- Peng LiuRaymond G. Tronzo, M.D. Professor of Cybersecurity
In this talk, we extend the attack surface and introduce Custom Attack, a novel attack against SDN controllers that leverages legitimate SDN protocol messages (i.e., the custom protocol field) to facilitate Java code vulnerability exploitation. Our research shows that it was possible for a weak adversary to execute arbitrary command or manipulate data in the SDN controller without accessing the SDN controller or any applications, but only controlling a host or a switch.
5. It's Assembler, Jim, but not as we know it: (ab)using binaries from embedded devices for fun and profit
Morgan ``indrora'' Gangwere, Hacker
With the proliferation of Linux-based SoCs -- you've likely got one or two in your house, on your person or in your pocket -- it is often useful to look "under the hood" at what is running; Additionally, in-situ debugging may be unavailable due to read-only filesystems, memory is often limited, and other factors keep us from attacking a live device. This talk looks at attacking binaries outside their native environment using QEMU, the Quick Emulator, as well as techniques for extracting relevant content from devices and exploring them.
6. Jailbreaking the 3DS through 7 years of hardening
This talk will describe hacking the console through all these defensive features by walking through a 0-day exploit chain that takes us all the way from zero access to a full system jailbreak.
7. Breaking Smart Speakers: We are Listening to You.
- Wu HuiYu, Security Researcher At Tencent Blade Team
- Qian Wenxiang, Security Researcher At Tencent Blade Team
In this talk, we will present how to use multiple vulnerabilities to achieve remote attack some of the most popular smart speakers. Our final attack effects include silent listening, control speaker speaking content and other demonstrations. And we're also going to talk about how to extract firmware from BGA packages Flash chips such as EMMC, EMCP, NAND Flash, etc. In addition, it contains how to turn on debug interfaces and get root privileges by modifying firmware content and Re-soldering Flash chips, which can be of great help for subsequent vulnerability analysis and debugging. Finally, we will play several demo videos to demonstrate how we can remotely access some Smart Speaker Root permissions and use smart speakers for eavesdropping and playing voice.
8. Infecting the Embedded Supply Chain
- Zach, Security Researcher at Somerset Recon
- Alex, Security Researcher at Somerset Recon
In this talk we discuss the various attack vectors that these embedded development tools expose users to, and why users should not blindly trust their tools. This talk will detail a variety reverse engineering, fuzzing, exploit development and protocol analysis techniques that we used to analyze and exploit the security of a common embedded debugger.
9. A Journey into Hexagon: Dissecting Qualcomm Basebands
Seamus Burke, Hacker
In this talk, we will dive into the internals of a qualcomm baseband, tracing it's evolution over the years until its current state. We will discuss the custom, in-house DSP architecture they now run on, and the proprietary RTOS running on it. We will also cover the architecture of the cellular stack, likely places vulnerabilities lie, and exploit mitigations in place. Finally we will cover debugging possibilities, and how to get started analyzing the baseband firmware—how to differentiate between RTOS and cellular functions, how to find C std library functions, and more.
10. What the Fax!?
- Yaniv Balmas, Security Researcher, Check Point Software Technologies
- Eyal Itkin, Security Researcher, Check Point Software Technologies
This talk is intended to be the canary in the coal mine. The technology community cannot sit idly by while this ongoing madness is allowed to continue. The world must stop using FAX!
Your Complete Guide To Top Talks @DEF CON 26
Get your FREE Guide on Top Talks @ DEF CON 26 . Our editorial team has gone through all the talks and handpicked the best of the best talks at DEF CON into a single guide. Get your Free copy today.