Apr 19 2007

CanSecWest: Day 2

Published under Tech

Best Talk: Exploiting Embedded Systems by Barnaby Jack.

He presented his finding on taking a null pointer vulnerability to the next level by allowing code execution. Traditionally, null pointer vulns were overlooked because it would result in a denial of service. He showed how a D-Link router with the latest firmware, password enabled, and telnet disabled can be exploited into a password-less, telnet enabled device!

Moment that reminded me of the movie Sneakers: Eating lunch on the rotating top floor.

I had a great view into this office, and with my 200mm lens, I could see the content on the monitors.

img_1436.jpg

“PWN2OWN” just got bigger: Tipping Point gives a $10k incentive for an apple hack.

The additional incentive is probably working, as I saw a few more people attempt to break in, and these guys seem to be working hard on something.

img_1458.jpg

Honorable Mention: Lightning talks on the ANI vulnerability.

HD Moore presented his timetable on the exploit, and then Mike Reavey from Microsoft talked on the patch timetable.

img_1533.jpg

If a presenter went over the five minutes allocated for the talk, the gong would be hit.

img_1535.jpg

Popularity: 3% [?]

  • Digg
  • del.icio.us
  • Facebook
  • Reddit
  • StumbleUpon
  • TailRank
  • Technorati
  • TwitThis

No responses yet

RSS feed | Trackback URI

Comments »

No comments yet.

Name (required)
E-mail (required - never shown publicly)
URI
Your Comment (smaller size | larger size)
You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> in your comment.

Trackback responses to this post