I had the pleasure to participate in this year’s Power of Community and was invited to talk about the insecurity of medical devices. The conference is based in Seoul, Korea and started in 2006. It has a strong technical focus and it is a community driven event. For me it was great to participate as mostly hackers from Asia were there and I got the chance to talk to a lot of nice folks that I wouldn’t be able to meet otherwise. This is especially true for the host, vangelis.
Concerning the con itself I can really recommend paying it a visit. As a community driven event they had a lot of side events, like a CTF for kids and a CTF for women. There is quite a strong female community in Asia and the CTF was packed with a number of teams.
The talks were chosen wisely (at least the other ones, not sure about my own 😉 ). After the keynote Karsten Nohl gave a talk on BadUSB and showed some progress they made since Black Hat US 2014. After that, the talks were split up into two tracks. GilGil presented his reasearch about bypassing mVoIP filters by tampering with the packets. Furthermore there was a number of technical talks about Microsoft’s Internet Explorer. ZDI was presenting about the technique they used to bypass Internet Explorer’s Sandbox on Pwn4Fun 2014 and demonstrated the exploit they used. The remaining talks covered advanced defenses in Internet Explorer and Windows 10 as well as attacks on SCADA systems with a focus on Korea.
The second day took off with Maxim Goncharov and a talk about data leak cases and the use of one-time emails to catch data leaks. After that I got to present some of my latest research in the field of medical devices (on which I plan to write another post, so stay tuned). John C. Matherly discussed Shodan and Wei Yan was closing the day with a technical talk about the insecurity of cars using OBD-II ports that can be used to inject CAN messages. That was cool stuff!
So, if you consider visiting a con in Asia you should definetly put PoC on the list! Thanks to the staff for making this happen! 🙂