Questionable Hardware
With less than a month to go, Black Hat Europe 2013 is now officially "pretty close." With the clock ticking, have you set your schedule yet? In case you're still deciding, in this update we'll look at a trio of Briefings that focus on exploits in some very ubiquitous hardware: the devices all around us.
At 15:45 on March 14th security researchers Nikita Tarakanov and Oleg Kupreev will present Huawei: From China with Love. Chinese manufacturer Huawei's small, cheap, 3G/4G USB modems are everywhere, letting people stay tethered to the digital ether. Knowing a good target when they see it, Tarakanov and Kupreev set to work on exploiting the little boxes. The result? Total takeover, with remote code / local privilege execution and the prospect of constructing a world-wide botnet. If you want to see how they did it, you know where to be.
Later, at 17:00, Andy Davis of NCC Group will host To Dock or Not to Dock, That is the Question: Using Laptop Docking Stations as Hardware-based Attack Platforms. To many, laptop docking stations are trusted, "dumb" devices, perhaps the equivalent of an extension cord. Of course, this elevated level of trust makes them an ideal attack vector, and Davis will show how attackers can exploit the privileged position that laptop docking stations have within the corporate environment. He will also describe the construction of and demonstrate a remote-controlled, covert hardware implant in a commonly used docking station. A dumb device? Maybe. Safe? A good question to ask!
If your schedule has space, give consideration to Robert Leale's Vehicle Networks Workshop. Access to workshops is included in your Black Hat attendee pass. Robert's Workshop runs all day, starting at 10:45, and will take you on a deep dive into the fragmented, hidden world of automobile network systems. As cars become increasingly computerized, we really ought to understand what sorts of systems we're driving. Leale, an experienced vehicle network hacker, will show you what types of networks can be found in modern vehicles, explain how they work, show how they might be compromised (along with appropriate countermeasures), and much, much more.
Black Hat Europe 2013 will take place March 12-15 at the Grand Hotel Krasnapolsky in Amsterdam. For all the latest information, be sure to follow us on Twitter.