“Lockpicking in the IoT, …or why adding BTLE to a device sometimes isn’t smart at all” by Ray was one of my favourite talks, as it beautifully showed many different attack vectors as well as giving a nice guide for getting started in this area. Continue reading “Summary of “Lockpicking in the IoT” at 33C3”Continue reading
This was one of the few technical talks at 33c3 I managed to see, by that I mean live-stream during an access control shift, by Clémentine Maurice and Moritz Lipp.
The talk gave an overview of some already known possible information leaks by abusing certain x86 instructions(the same concept applies to ARM too though) and demonstrating the various ways an attacker could use them. Continue reading “33c3 Talks – What could possibly go wrong with “insert x86 instruction here” ?”Continue reading
This is part 1 of our report series on interesting talks of the 33rd Congress of the Chaos Computer Club. Every year the congress attracts hundreds (up to twelve thousand this year) of technical interested people with the opportunity to socialize and exchange knowledge with each other. The congress is organized by the European largest hacker association and speakers give talks about technical and societal issues like surveillance, privacy, freedom of information, data security and various more.
Talks in this part deal with CCC at schools, Wi-Fi security and the security of the N26 banking app.Continue reading
Niklaus, Manuel and me had a great time speaking about one of the latest Tablet PCs from DPRK at 33C3 this year. Our work on RedStar OS from last year revealed a nasty watermarking mechanism that can be used to track the origin and distribution path of media files in North Korea. We have seen some interesting dead code in some of RedStar’s binaries that indicated a more sophisticated mechanism to control the distribution of media files. We got hands on a Tablet PC called “Ul-lim” that implemented this advanced control mechanism.Continue reading