Are you fully Briefed on Protocol Pains?
With just a handful of days left to our early registration deadline, here's the Black Hat USA 2013 intel update for Tuesday - just one of multiple updates we'll be giving you this week, since we have a whole heap of amazing Briefings content to reveal.
This time, we're focusing on three talks presented for the first time at Black Hat USA 2013, each of which dip into clever exploits and workarounds for major protocols - from BlueTooth 4.0 through SSL to TLS sessions. Here's some more details on each of them:
- In 'Bluetooth Smart: The Good, The Bad, The Ugly, and The Fix!', iSec Partners' Mike Ryan presents a painstakingly researched talk on the widely used protocol. This talk not only shows the weaknesses (both bad and ugly, as noted!) of BlueTooth 4.0, it shows the tools to hack it and even how to prevent being sniffed yourself. And even better, in a growing trend at Black Hat, more and more researchers are including guidance in how to fix the discovered issue. So if you'd like to see a live demonstration of sniffing and recovering encryption keys using open source tools Ryan and partners developed, alongside a clever fix to render the protocol secure against passive eavesdroppers, this'll be the lecture for you.
- Next, we're focusing on 'SSL, gone in 30 seconds – A BREACH beyond CRIME', presented by Angelo Prado and Neal Harris. This talk is particularly important because HTTPS gives consumers the feeling of safety. Security professionals look to SSL to provide a notion of identity (you know who you are talking to) and confidentiality (the stream of data is just for you and the server!) This talk shows how to reliably retrieve encrypted messages like session IDs, OAuth tokens, email addresses, and more via an exploit. The presenters then explain how you can protect against this type of attack, and will even release a tool, BREACH, at the end of the session to help the community test and mitigate.
- Finally, 'Truncating TLS sessions to violate beliefs' from Ben Smyth showcases attacks against a basic Internet communication security layer to do a number of eye-opening things. As Smyth explains, his research has "identified web applications which fail to maintain order between TLS sessions... thereby causing a desynchronisation between the expected state of the user and server." As a result, Smyth shows how he can exploit the Helios electronic voting system to cast votes on behalf of honest voters, take full control of Microsoft Live accounts, and gain temporary access to Google accounts - all substantive and notable exploits which will give major lessons to web security development professionals.
These three talks are but a small chunk of the newly revealed Briefings content with even more flowing in over the next few days - look out for more announcements on major content for our Black Hat show in Las Vegas this July, coming over the next couple of days.