2007-03-02.08:38:00.EuSecWest_day_1_afternoon

I ended up not posting this yesterday, as uncle Bill got us all drunk at the Elusive Camel (the pub next door to the hotel) and I crashed pretty hard due to no sleep the night before. For once I managed to catch most of the talks in the afternoon, starting with Adam Laurie's RFID talk. The highlights included a live demo of cloning an animal ID tag, and lots of talk about the flaws in the new RFID passports. Specifically that the data is signed with a private key, but since there is no public key repository available, there is actually no way to currently verify the validity of the signature. This makes spoofing the biometric data trivial. Adam has all his tools and details of how to read and write various RFID tags up at http://rfidiot.org

The next two talks were on video conferencing security and VoIP security by Navid Jam and Dustin Trammel respectively. I was surprised by the number of badly written CGIs on the various videoconferencing appliances that were trivially vulnerable. This is 2007 after all - that stuff was outdated last century. Best quote was from Dustin, "And that was a flood of Martians - and I'm running on very little sleep so I'm finding that quite funny." (in reference to a clip from Mars Attacks! used to illustrate various flooding attacks on VoIP services).

The final talk was Christian Wieser, who switched from the morning slot today with our mystery speaker (Saumil Shah, doing a Metasploit talk which hopefully I'll make it to this morning). His slides about PROTOS-Genome, which does some automatic structure inference for fuzzing were quite interesting, but I wish he had spent more time on that and less on more historical fuzzing material.

Then it was on to the lightning talks, which are probably my favourite part of the conferences. This time there were talks on decoding GSM data obtained using GNU Radio, some information about GDH - Global Distributed Honeynet, a compliance tool talk that was a bit scattered, and one on SAP credentials that could probably have used some slides to clarify his points. Phillipe got up and presented some hand drawn slides on using scapy for ASN.1 and SNMP. Adam Laurie then got up and stole the show. We had a new speaker clock to let speakers know when their time was up. As each speaker got up for lightning talks Dragos reset the clock for 5 minutes. Adam seemed to be having trouble with his laptop, and the clock was ticking down. At the 1 minute mark, he finally got it rebooted, X running, and a video signal out to the projectors. He then held up a IR device attached to his laptop and ran ./bitchslapclock.py from the command line, resetting our vulnerable clock. The final two lightning talks were on Prelude IDS and a request from Christian for a Total Internet System - internet in a box, presumable to make fuzzing network protocols easier.

We also got our first news story of the conference, at pcworld.com, hopefully there will be a few more before the conference is over. Finally off to the pub, for the aforementioned drinks on uncle Bill and the usual conference debauchery.