A Black Hat Conference is nothing if not quirky as security geeks try every stunt possible to show what a clueless world we live in when it comes to security. Anyway, here are some such moments from last week's event in Washington, D.C.:
When University of Luxembourg graduate student Ralf-Philipp Weinmann fired up his his laptop/fake GSM base station to lure iPhone users into joining his fake network, it sent a message to some iPhones held by audience members, who were amazed. Though the demo did not go entirely as planned, Weinmann later admitted he was surprised, too, that his trick message went out and hit the vulnerable iPhones. ... Watch it with that fake GSM base station thing.
The advance billing for a talk by Itzhak Avraham, CTO at Zimperium, said he was going to "demo a vulnerable application that is in current Android and can be used for remote attacks(!)." But Avraham had to announce to his audience that he'd gotten a letter two days earlier threatening him with legal action if he talked about that, so he didn't. When later asked who was threatening to sue, he declined to reveal the name of the application vendor but said, "It's not Google! It's not Google's fault!" Just for the record ...
IBM researcher Jon Larimer was going to explain and demo how he "can unlock a locked Linux desktop system just by inserting a USB thumb drive into the PC," according to the description in the Black Hat DC program. Well, as it turns out, although his research into vulnerabilities associated with Ubuntu did result in his finding and receiving credit for four flaws recorded this December in a national database of vulnerabilities, he didn't quite manage to bust in with that USB thumb drive all that easily. He admitted he had to disable the ASLR and AppArmor features in Ubuntu to do the deed. He noted IBM doesn't pay him to do this ... maybe next year.
The Nutty Professor moment was provided by George Mason University professor Angelos Stavrou and student assistant Zhaohui Wang, who showed how to take compromised smartphones and plug keyboards or Ethernet cables and printers into the smartphone USB drive for a display of a "phone attacking a computer, a computer attacking a phone and a phone-to-phone attack." Baffling, with all those Ethernet cables and tiny power supplies snaking around, but we get the idea. Said Stravrou: "A little bit scary and frightening for smartphones." And us, too.
File this in the "Will this happen to me one day?" department: Matthieu Suiche, security researcher and founder of MoonSols, offered what he calls "proof of concept" evidence on how to locally manipulate through a physical memory exploitation technique both the Microsoft and VMware hypervisors for login bypass and system privileges to be able to load up malware running as host. He's not releasing the specific attack details publicly and says it's hard to do. Whew.