DOCSLIB.ORG

Black Hat USA 2012 Program Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

SUSTAINING SPONSORS Black Hat AD FINAL.pdf 1 6/30/12 8:12 PM C M Y CM MY CY CMY K Black Hat AD FINAL.pdf 1 6/30/12 8:12 PM SCHEDULE WELCOME TABLE OF CONTENTS Schedule . 4-7 Welcome to Las Vegas, and thank you for your participation in the growing Black Hat community. As we celebrate our 15th anniversary, we believe that the event Briefi ngs . 8-24 continues to bring you timely and action packed briefi ngs from some of the top Workshops . 21 security researchers in the world. Security saw action on almost every imaginable front in 2012. The year started Turbo Talks . 23 with a massive online protest that beat back US-based Internet blacklist legislation Speakers . 25-39 including SOPA and PIPA, echoed by worldwide protests against adopting ACTA in the European Union. Attackers showed no signs of slowing as Flame Keynote Bio . 25 replaced Stuxnet and Duqu as the most sophisticated malware yet detected. The Floorplan . 40-41 Web Hacking Incident Database (WHID) has added LinkedIn, Global Payments, eHarmony and Zappos.com while Anonymous and other politically motivated groups Arsenal . 42-51 have made their presence known in dozens of attacks. Special Events . 52-53 No matter which incidents you examine—or which ones your enterprise must C respond to—one thing is clear: security is not getting easier. The industry relies upon Stay Connected + More . 54 M the Black Hat community to continue our research and education, and seeks our Sponsors . 55 guidance in developing solutions to manage these threats. Y Black Hat USA 2012 features nine tracks and fourty-nine live, onstage CM demonstrations presented by over one hundred of the community’s best and MY brightest. We’re particularly excited about this year’s keynote speakers, Shawn Henry, former FBI Executive Assistant Director (EAD) and the current President of CY CrowdStrike Services; and Neal Stephenson, one of the world's foremost historical CMY and science fi ction authors. Shawn will take the stage to offer new insights on how UPCOMING EVENTS: K a hostile cyber environment has rendered traditional security obsolete while Neal will take the stage for an interactive interview. Black Hat Training: HALO Summit 2012 The Arsenal returns for its third year, offering researchers and the open source San Diego, CA October 29-November 2 community a platform to demonstrate tools they develop and use in their daily Black Hat UAE 2012 professions. Abu Dhabi, United Arab Emirates December 10-13 I would like to ask for your help with two items: Black Hat EU 2013 U Keep your eye open for the review board members, and give them a hearty thank-you. This team spent countless hours reviewing over 500 submissions; Amsterdam, The Netherlands March 11-14 their guidance ensures that the show remains connected to its roots. Black Hat USA 2013 U Please fi ll out your surveys! Black Hat is the most important security event of the year, and our ethos remains focused on the community. We need to hear from Las Vegas, Nevada July 27-August 1 you! Whether it’s your fi rst Black Hat or your fi fteenth, I want to encourage all attendees reach out and connect. This event offers unique opportunities for STAY CONNECTED professional growth, while providing access to a very niche population—nowhere else on earth will you have this kind of access to researchers, technology experts Twitter: Twitter.com/Black HatEvents and Black Hat sponsors. We hope you enjoy this year’s show! Facebook: Facebook.com/Black Hat Trey Ford General Manager LINKED.IN: search for “Black Hat” on LinkedIN Groups Black Hat 3 SCHEDULE / WED, JULY 25 Time Track 1 Track 2 Track 3 Track 4 Track 5 Track 6 Track 7 Track 8 Track 9 Track Defi ning the Scope Upper Layers Lower Layers Mobile Defense Breaking Things Gnarly Problems Applied Workshop I Applied Workshop II Track Chair: Vincenzo Iozzo Track Chair: Shawn Moyer Track Chair: Chris Rohlf ROOM Augustus III + IV Augustus I + II Augustus V + VI Palace I Palace II Palace III Romans I-IV Florentine Pompeian 08:00-12:00 REGISTRATION: Emperiors Ballroom 08:00-08:50 BREAKFAST: Octavius Ballroom—Sponsored by 08:50-09:00 Jeff Moss: Welcome & Introduction to Black Hat USA 2012: Augustus Ballroom 09:00-10:00 Keynote Speaker: Shawn Henry: Augustus Ballroom 10:00-10:15 Break 10:15-11:15 Smashing the Future for Fun and Profi t Advanced ARM Exploitation SexyDefense: Maximizing the A Stitch in Time Saves Nine: File Disinfection Framework: <GHZ or Bust: Black Hat Advanced Chrome Extension with Jeff Moss, Adam Shostack, Marcus Ranum, Bruce Schneier by Stephen Ridley + Stephen Lawler Home-Field Advantage A Case of Multiple Operating Striking Back at Polymorphic by Atlas Exploitation: Leveraging API Moderated by Jennifer Granick by Iftach Ian Amit System Vulnerability Viruses Powers for The Better Evil by Rafal Wojtczuk by Mario Vuksan + by Kyle Osborn + Tomislav Pericin Krzysztof Kotowicz 11:15-11:45 Coffee Service—Sponsored by 11:45-12:45 Black Ops Google Native Client: Analysis Of A How The Analysis of Electrical Scaling Up Baseband Attacks: The Defense RESTs: Automation Expoiting The Jemalloc Memory Confessions of a WAF Developer: <GHZ or Bust: Black Hat cont. Advanced Chrome Extension by Dan Kaminsky Secure Browser Plugin Sandbox Current Consumption of Embedded More (unexpected) Attack Surface and APIs for Improving Security Allocator: Owning Firefox’s Heap Protocol-Level Evasion of Web Exploitation: Leveraging API by Chris Rohlf Systems Could Lead to Code by Ralf-Philipp Weinmann by David Mortmon by Patroklos Argyroudis + Application Firewalls Powers for The Better Evil cont. Reversing? Chariton Karamitas by Ivan Ristic by Yann Allain + Julien Moinard 12:45-14:15 Lunch: Forum Ballroom—Sponsored by 14:15-15:15 CuteCats.exe and The Arab Spring ModSecurity as Universal Cross- Looking Into the Eye of The Meter Don’t Stand So Close To Me: Control-Alt-Hack(TM): The Info Leak Era on Software Torturing OpenSSL Code Reviewing Web Application Linux Interactive Exploit by Morgan Marquis-Boire platform Web Protection Tool by Don C. Weber An Analysis of the NFC Attack White Hat Hacking for Fun & Exploitation by Valeria Bertacco Framework Based Applications Development with GDB and by Greg Wroblewski + Ryan Barnett Surface Profi t (A Computer Security by Fermin J. Serna (Struts 2, Spring MVC, Ruby on PEDA The Last Gasp of the Industrial by Charlie Miller Card Game) Rails (Groovy on Grails), .NET by Long Le Air-Gap... HTExploit bypassing htaccess by Tadayoshi Kohno + MVC) by Eireann Leverett restrictions Tamara Denning + by Abraham Kang by Maximiliano Soler + Matias Katz Adam Shostack STIX: The Structured Threat Information eXpression libinjection: A C library for SQLi by Sean Barnum detection and generation through lexical analysis of real world attacksTurbo by Nick Galbreath 15:15-15:30 Break / Booksigning with the authors of “iOS Hacker’s Handbook”: Palace Pre-Function 15:30-16:30 Errata Hits Puberty: 13 Years of PRNG: Pwning Random Number Windows 8 Heap Intervals Probing Mobile Operator Networks Intrusion Detection Along the Are You My Type?-Breaking.net WebTracking For You Code Reviewing Web Application Linux Interactive Exploit Chagrin Generators (in PHP applications) by Chris Valasek + Tarjei Mandt by Collin Mulliner Kill Chain: Why your Detection Sandboxes Through Serialization by Gregory Fleischer Framework Based Applications Development with GDB and by Jericho by George Argyros + Aggelos Kiaylas System Sucks and What to Do by James Forshaw (Struts 2, Spring MVC, Ruby on PEDA cont. About it Rails (Groovy on Grails), .NET by John Flynn MVC) cont. 16:30-17:00 Coffee Service—Sponsored by 17:00-18:00 The Myth of Twelve More Bytes: Owning Bad Guys {and Mafi a} Ghost is in the Air(traffi c) Adventures in Bouncer Land Exploit Mitigation Improvements PinPadPwn Here Be Backdoors: Code Reviewing Web Application From the Iriscode to the Iris: Security on the Post-Scarcity Internet with Javascript Botnets by Andrei Costin by Nicholas Percoco + Sean Schulte in Windows 8 by Nils + A Journey Into the Secrets of Framework Based Applications A New Vulnerability of Iris by Alex Stamos + Tom Ritter by Chema Alonso by Matt Miller + Ken Johnson Rafael Dominguez Vega Industrial Firmware (Struts 2, Spring MVC, Ruby on Recognition Systems by Ruben Santamarta Rails (Groovy on Grails), .NET by Javier Galbally MVC) cont. 18:00-19:30 Reception: Octavius Ballroom—Sponsored by our Diamond, Platinum, Gold Sponsors 18:15-19:30 PWNIE awards: Augustus III + IV 4 SCHEDULE / WED, JULY 25 Time Track 1 Track 2 Track 3 Track 4 Track 5 Track 6 Track 7 Track 8 Track 9 Track Defi ning the Scope Upper Layers Lower Layers Mobile Defense Breaking Things Gnarly Problems Applied Workshop I Applied Workshop II Track Chair: Vincenzo Iozzo Track Chair: Shawn Moyer Track Chair: Chris Rohlf ROOM Augustus III + IV Augustus I + II Augustus V + VI Palace I Palace II Palace III Romans I-IV Florentine Pompeian 08:00-12:00 REGISTRATION: Emperiors Ballroom 08:00-08:50 BREAKFAST: Octavius Ballroom—Sponsored by 08:50-09:00 Jeff Moss: Welcome & Introduction to Black Hat USA 2012: Augustus Ballroom 09:00-10:00 Keynote Speaker: Shawn Henry: Augustus Ballroom 10:00-10:15 Break 10:15-11:15 Smashing the Future for Fun and Profi t Advanced ARM Exploitation SexyDefense: Maximizing the A Stitch in Time Saves Nine: File Disinfection Framework: <GHZ or Bust: Black Hat Advanced Chrome Extension with Jeff Moss, Adam Shostack, Marcus Ranum, Bruce Schneier by Stephen Ridley + Stephen Lawler Home-Field Advantage A Case of Multiple Operating Striking Back at Polymorphic by Atlas Exploitation: Leveraging API Moderated by Jennifer Granick by Iftach Ian Amit System Vulnerability Viruses Powers for The Better Evil by Rafal Wojtczuk by Mario Vuksan + by Kyle Osborn + Tomislav Pericin Krzysztof Kotowicz 11:15-11:45 Coffee Service—Sponsored by 11:45-12:45 Black Ops Google Native Client: Analysis Of A How The Analysis of Electrical Scaling Up Baseband Attacks: The Defense RESTs: Automation Expoiting The Jemalloc Memory Confessions of a WAF Developer: <GHZ or Bust: Black Hat cont.
Recommended publications
  • A Roadmap for Cybersecurity Research

    A Roadmap for Cybersecurity Research

    A Roadmap for Cybersecurity Research November 2009 Contents Executive Summary ................................................................................................................................................iii Introduction ..............................................................................................................................................................v Acknowledgements .................................................................................................................................................ix Current Hard Problems in INFOSEC Research 1. Scalable Trustworthy Systems ...................................................................................................................1 2. Enterprise-Level Metrics (ELMs) ..........................................................................................................13 3. System Evaluation Life Cycle ...................................................................................................................22 4. Combatting Insider Threats ....................................................................................................................29 5. Combatting Malware and Botnets ..........................................................................................................38 6. Global-Scale Identity Management ........................................................................................................50 7. Survivability of Time-Critical Systems ..................................................................................................57
  • Fill Your Boots: Enhanced Embedded Bootloader Exploits Via Fault Injection and Binary Analysis

    Fill Your Boots: Enhanced Embedded Bootloader Exploits Via Fault Injection and Binary Analysis

    IACR Transactions on Cryptographic Hardware and Embedded Systems ISSN 2569-2925, Vol. 2021, No. 1, pp. 56–81. DOI:10.46586/tches.v2021.i1.56-81 Fill your Boots: Enhanced Embedded Bootloader Exploits via Fault Injection and Binary Analysis Jan Van den Herrewegen1, David Oswald1, Flavio D. Garcia1 and Qais Temeiza2 1 School of Computer Science, University of Birmingham, UK, {jxv572,d.f.oswald,f.garcia}@cs.bham.ac.uk 2 Independent Researcher, [email protected] Abstract. The bootloader of an embedded microcontroller is responsible for guarding the device’s internal (flash) memory, enforcing read/write protection mechanisms. Fault injection techniques such as voltage or clock glitching have been proven successful in bypassing such protection for specific microcontrollers, but this often requires expensive equipment and/or exhaustive search of the fault parameters. When multiple glitches are required (e.g., when countermeasures are in place) this search becomes of exponential complexity and thus infeasible. Another challenge which makes embedded bootloaders notoriously hard to analyse is their lack of debugging capabilities. This paper proposes a grey-box approach that leverages binary analysis and advanced software exploitation techniques combined with voltage glitching to develop a powerful attack methodology against embedded bootloaders. We showcase our techniques with three real-world microcontrollers as case studies: 1) we combine static and on-chip dynamic analysis to enable a Return-Oriented Programming exploit on the bootloader of the NXP LPC microcontrollers; 2) we leverage on-chip dynamic analysis on the bootloader of the popular STM8 microcontrollers to constrain the glitch parameter search, achieving the first fully-documented multi-glitch attack on a real-world target; 3) we apply symbolic execution to precisely aim voltage glitches at target instructions based on the execution path in the bootloader of the Renesas 78K0 automotive microcontroller.
  • A Study of Android Application Security

    A Study of Android Application Security

    A Study of Android Application Security William Enck, Damien Octeau, Patrick McDaniel, and Swarat Chaudhuri Systems and Internet Infrastructure Security Laboratory Department of Computer Science and Engineering The Pennsylvania State University enck, octeau, mcdaniel, swarat @cse.psu.edu { } Abstract ingly desire it, markets are not in a position to provide security in more than a superficial way [30]. The lack of The fluidity of application markets complicate smart- a common definition for security and the volume of ap- phone security. Although recent efforts have shed light plications ensures that some malicious, questionable, and on particular security issues, there remains little insight vulnerable applications will find their way to market. into broader security characteristics of smartphone ap- In this paper, we broadly characterize the security of plications. This paper seeks to better understand smart- applications in the Android Market. In contrast to past phone application security by studying 1,100 popular studies with narrower foci, e.g., [14, 12], we consider a free Android applications. We introduce the ded decom- breadth of concerns including both dangerous functional- piler, which recovers Android application source code ity and vulnerabilities, and apply a wide range of analysis directly from its installation image. We design and exe- techniques. In this, we make two primary contributions: cute a horizontal study of smartphone applications based on static analysis of 21 million lines of recovered code. We design and implement a Dalvik decompilier, • Our analysis uncovered pervasive use/misuse of person- ded. ded recovers an application’s Java source al/phone identifiers, and deep penetration of advertising solely from its installation image by inferring lost and analytics networks.
  • When Memory Serves Not So Well Memory Errors 30 Years Later

    When Memory Serves Not So Well Memory Errors 30 Years Later

    i i i i WHEN MEMORY SERVES NOT SO WELL MEMORY ERRORS 30 YEARS LATER PH.D. THESIS VICTOR VAN DER VEEN VRIJE UNIVERSITEIT AMSTERDAM, 2019 i i i i i i i i Faculty of Science The research reported in this dissertation was conducted at the Faculty of Science — at the Department of Computer Science — of the Vrije Universiteit Amsterdam This work is part of the research programme Cyber Security with project number 628.001.021, which is nanced by the Netherlands Organisation for Scientic Research (NWO) Copyright © 2019 by Victor van der Veen ISBN 978-94-6361-334-7 Cover design by Victor van der Veen Printed by Optima Grasche Communicatie This work was written in Vim, not Emacs i i i i i i i i VRIJE UNIVERSITEIT WHEN MEMORY SERVES NOT SO WELL MEMORY ERRORS 30 YEARS LATER ACADEMISCH PROEFSCHRIFT ter verkrijging van de graad Doctor aan de Vrije Universiteit Amsterdam, op gezag van de rector magnicus prof.dr. V. Subramaniam, in het openbaar te verdedigen ten overstaan van de promotiecommissie van de Faculteit der Bètawetenschappen op donderdag 24 oktober 2019 om 13.45 uur in de aula van de universiteit, De Boelelaan 1105 door VICTOR VAN DER VEEN geboren te Hoorn i i i i i i i i promotor: prof.dr.ir. H. J. Bos copromotor: dr. C. Giurida i i i i i i i i Voor Marieke i i i i i i i i i i i i i i i i “First, it is slightly cheaper; and secondly it has the words DON’T PANIC inscribed in large friendly letters on its cover” Douglas Adams on The Hitchhiker’s Guide to the Galaxy i i i i i i i i i i i i i i i i Acknowledgements “Haha, het is echt het meest vage projectvoorstel dat ik ooit heb geschreven.” This is how Herbert pitched his open PhD position to me, back in 2013.
  • KPMG Report A4

    KPMG Report A4

    + = TAKING SECURITY TESTING TO THE NEXT LEVEL 5 MAY 2014 STAN HEGT HAVE YOU EVER ENCOUNTERED AN ADVERSARY THAT RAN NESSUS FROM A MEETING ROOM? PENETRATION TESTING vs RED TEAMING Penetration Testing Red Teaming Gain oversight of vulnerabilities Goal Test resilience against real attacks Predefined subset Scope Realistic access paths Focus on preventive controls Tested controls Focus on detection and response Focus on efficiency Test method Focus on realistic simulation Mapping, scanning, exploiting Test techniques Attacker TTPs Very limited Post-exploitation Extensive focus on crown jewels Part of development lifecycle Positioning Periodical exercise RED TEAMING – THE APPROACH The Red Team . Uses the same Tactics, Techniques and Procedures (TTPs) as real adversaries . Red team members must be on top of threat intelligence . Team members must have operational versatility The Blue Team . Is not only the security team (but also users, IT, management) . Does not know if an incident is real or triggered by a red team . Measure improvement: mean time to detect (MTTD) and mean time to recovery (MTTR) THE APPROACH – CYBER KILL CHAIN METHODOLOGY Transmission of the Select targets and attack via physical, Install “malware” to Complete actions and determine attack email, web, or social gain remote control achieve the red flags methods engineering Before the Hack T-1 T0 After the Hack T+1 Recon Weaponize Deliver Exploit Install Control Execute Establish command & Develop the attack Successful penetration control throughout the methods – access gained network Developed by Lockheed Martin, Intelligence-Driven Computer Network Defense THE ASSUME COMPROMISE MODEL Recon Weaponize Deliver Exploit Install Control Execute Focus on last steps in Kill Chain .
  • Hacks, Cracks, and Crime: an Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St

    Hacks, Cracks, and Crime: an Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St

    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by University of Missouri, St. Louis University of Missouri, St. Louis IRL @ UMSL Dissertations UMSL Graduate Works 11-22-2005 Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St. Louis, [email protected] Follow this and additional works at: https://irl.umsl.edu/dissertation Part of the Criminology and Criminal Justice Commons Recommended Citation Holt, Thomas Jeffrey, "Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers" (2005). Dissertations. 616. https://irl.umsl.edu/dissertation/616 This Dissertation is brought to you for free and open access by the UMSL Graduate Works at IRL @ UMSL. It has been accepted for inclusion in Dissertations by an authorized administrator of IRL @ UMSL. For more information, please contact [email protected]. Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers by THOMAS J. HOLT M.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2003 B.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2000 A DISSERTATION Submitted to the Graduate School of the UNIVERSITY OF MISSOURI- ST. LOUIS In partial Fulfillment of the Requirements for the Degree DOCTOR OF PHILOSOPHY in Criminology and Criminal Justice August, 2005 Advisory Committee Jody Miller, Ph. D. Chairperson Scott H. Decker, Ph. D. G. David Curry, Ph. D. Vicki Sauter, Ph. D. Copyright 2005 by Thomas Jeffrey Holt All Rights Reserved Holt, Thomas, 2005, UMSL, p.
  • By James Juo

    By James Juo

    , by James Juo • AT AGE 14, Aaron Swartz was working with leading tech­ extortion by threat of damage to a computer.9 In addition nologists to craft standards for openly sharing informa­ to traditional computer hacking, the statute also has tion on the Interner.! He then helped Lawrence Lessig with been asserted against employees who take trade secrets Creative Commons, which promotes the use of simple, stored on their employer's computer before leaving to join standardized copyright licenses that give the public per­ the competition. IO In 1984, Congress enacted the CFAA mission to share and use creative works.2 At 19, he was to criminalize the hacking of computers in connection with a founding developer of Reddit, a widely used social national security, financial records, and government prop­ news Web site where users can post news links and vote erty.11 The statute was originally designed to cover unau­ on them.3 Aaron later became a political activist for thorized access of such protected computers having a Internet freedom and social justice issues and formed the specified federal interesr. 12 advocacy group Demand Progress.4 At 26, facing a crim­ The CFAA has been expanded a number of times. 13 inal trial under the Computer Fraud and Abuse Act For example, a 1994 amendment expanded the statute to (CFAA) for allegedly circumventing computer restric­ allow private entities to assert a civil cause of action and tions to an online database of academic articles, Aaron obtain compensatory damages and other equitable relief. 14 Swartz hanged himself in January.s In 1996, the CFAA was further amended to expand the Since then, Internet groups have criticized the U.S.
  • A Review Paper on Effective Behavioral Based Malware Detection and Prevention Techniques for Android Platform

    A Review Paper on Effective Behavioral Based Malware Detection and Prevention Techniques for Android Platform

    International Journal of Engineering Research and Technology. ISSN 0974-3154 Volume 10, Number 1 (2017) © International Research Publication House http://www.irphouse.com A Review Paper on Effective Behavioral Based Malware Detection and Prevention Techniques for Android Platform Mr. Sagar Vitthal Shinde1 M.Tech Comp. Department of Technology, Shivaji University, Kolhapur, Maharashtra, India. Email id: [email protected] Ms. Amrita A. Manjrekar2 Assistant Professor, Department of Technology, Shivaji University, Kolhapur, Maharashtra, India. Email Id: [email protected] Abstract late). It has been recently reported that almost 60% of Android is most popular platform for mobile devices. existing malware send stealthy premium rate SMS messages. Smartphone’s and mobile tablets are rapidly indispensable in Most of these behaviors are exhibited by a category of apps daily life. Android has been the most popular open sources called Trojanized that can be found in online marketplaces mobile operating system. On the one side android users are not controlled by Google. However, also Google Play, the increasing, but other side malicious activity also official market for Android apps, has hosted apps which have simultaneously increasing. The risk of malware (Malicious been found to be malicious [1] [21]. apps) is sharply increasing in Android platform, Android Existing system consist of some limited features of android mobile malware detection and prevention has become an app, malware detection is based on behavioral base. The important research topic. Some malware attacks can make the malware detection and prevention process is also static which phone partially or fully unusable, cause unwanted SMS/MMS create some problems such as it increase false positive rate.
  • The Lost Nuance of Big Data Policing

    The Lost Nuance of Big Data Policing

    THE LOST NUANCE OF BIG DATA POLICING 94 TEX. L. REV. __ (forthcoming 2015) Jane Bambauer* The third party doctrine permits the government to collect consumer records without implicating the Fourth Amendment. The doctrine strains the reasoning of all possible conceptions of the Fourth Amendment and is destined for reform. So far, scholars and jurists have advanced proposals using a cramped analytical model that attempts to balance privacy and security. They fail to account for the filterability of data. Filtering can simultaneously expand law enforcement access to relevant information while reducing access to irrelevant information. Thus, existing proposals will distort criminal justice by denying police a resource that can cabin discretion, increase distributional fairness, and exculpate the wrongly accused. This Article offers the first comprehensive analysis of third party data in police investigations by considering interests beyond privacy and security. First, it shows how existing proposals to require suspicion or a warrant will inadvertently conflict with other constitutional values, including equal protection, the First Amendment, and the due process rights of the innocent. Then it offers surgical reforms that address the most problematic applications of the doctrine: suspect-driven data collection, and bulk data collection. Well-designed reforms to the third party doctrine will shut down the data collection practices that most seriously offend civil liberties without impeding valuable, liberty-enhancing innovations in policing.
  • Coleman-Coding-Freedom.Pdf

    Coleman-Coding-Freedom.Pdf

    Coding Freedom !" Coding Freedom THE ETHICS AND AESTHETICS OF HACKING !" E. GABRIELLA COLEMAN PRINCETON UNIVERSITY PRESS PRINCETON AND OXFORD Copyright © 2013 by Princeton University Press Creative Commons Attribution- NonCommercial- NoDerivs CC BY- NC- ND Requests for permission to modify material from this work should be sent to Permissions, Princeton University Press Published by Princeton University Press, 41 William Street, Princeton, New Jersey 08540 In the United Kingdom: Princeton University Press, 6 Oxford Street, Woodstock, Oxfordshire OX20 1TW press.princeton.edu All Rights Reserved At the time of writing of this book, the references to Internet Web sites (URLs) were accurate. Neither the author nor Princeton University Press is responsible for URLs that may have expired or changed since the manuscript was prepared. Library of Congress Cataloging-in-Publication Data Coleman, E. Gabriella, 1973– Coding freedom : the ethics and aesthetics of hacking / E. Gabriella Coleman. p. cm. Includes bibliographical references and index. ISBN 978-0-691-14460-3 (hbk. : alk. paper)—ISBN 978-0-691-14461-0 (pbk. : alk. paper) 1. Computer hackers. 2. Computer programmers. 3. Computer programming—Moral and ethical aspects. 4. Computer programming—Social aspects. 5. Intellectual freedom. I. Title. HD8039.D37C65 2012 174’.90051--dc23 2012031422 British Library Cataloging- in- Publication Data is available This book has been composed in Sabon Printed on acid- free paper. ∞ Printed in the United States of America 1 3 5 7 9 10 8 6 4 2 This book is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE !" We must be free not because we claim freedom, but because we practice it.
  • Group Project

    Group Project

    Awareness & Prevention of Black Hat Hackers Mohamed Islam & Yves Francois IASP 470 History on Hacking • Was born in MIT’s Tech Model Railway Club in 1960 • Were considered computer wizards who had a passion for exploring electronic systems • Would examine electronic systems to familiarize themselves with the weaknesses of the system • Had strict ethical codes • As computers became more accessible hackers were replaced with more youthful that did not share the same ethical high ground. Types of Hackers • Script Kiddie: Uses existing computer scripts or code to hack into computers usually lacking the expertise to write their own. Common script kiddie attack is DoSing or DDoSing. • White Hat: person who hacks into a computer network to test or evaluate its security system. They are also known as ethical hackers usually with a college degree in IT security. • Black Hat: Person who hacks into a computer network with malicious or criminal intent. • Grey Hat: This person falls between white and black hat hackers. This is a security expert who may sometimes violate laws or typical ethical standards but does not have the malicious intent associated with a black hat hacker. • Green Hat: Person who is new to the hacking world but is passionate about the craft and works vigorously to excel at it to become a full-blown hacker • Red Hat: Security experts that have a similar agenda to white hat hackers which is stopping black hat hackers. Instead of reporting a malicious attack like a white hat hacker would do they would and believe that they can and will take down the perpretrator.
  • A Buffer Overflow Study

    A Buffer Overflow Study

    A Bu®er Overflow Study Attacks & Defenses Pierre-Alain FAYOLLE, Vincent GLAUME ENSEIRB Networks and Distributed Systems 2002 Contents I Introduction to Bu®er Overflows 5 1 Generalities 6 1.1 Process memory . 6 1.1.1 Global organization . 6 1.1.2 Function calls . 8 1.2 Bu®ers, and how vulnerable they may be . 10 2 Stack overflows 12 2.1 Principle . 12 2.2 Illustration . 12 2.2.1 Basic example . 13 2.2.2 Attack via environment variables . 14 2.2.3 Attack using gets . 16 3 Heap overflows 18 3.1 Terminology . 18 3.1.1 Unix . 18 3.1.2 Windows . 18 3.2 Motivations and Overview . 18 3.3 Overwriting pointers . 19 3.3.1 Di±culties . 20 3.3.2 Interest of the attack . 20 3.3.3 Practical study . 20 3.4 Overwriting function pointers . 24 3.4.1 Pointer to function: short reminder . 24 3.4.2 Principle . 24 3.4.3 Example . 25 3.5 Trespassing the heap with C + + . 28 3.5.1 C++ Background . 28 3.5.2 Overwriting the VPTR . 31 3.5.3 Conclusions . 32 3.6 Exploiting the malloc library . 33 3.6.1 DLMALLOC: structure . 33 3.6.2 Corruption of DLMALLOC: principle . 34 II Protection solutions 37 4 Introduction 38 1 5 How does Libsafe work? 39 5.1 Presentation . 39 5.2 Why are the functions of the libC unsafe ? . 39 5.3 What does libsafe provide ? . 40 6 The Grsecurity Kernel patch 41 6.1 Open Wall: non-executable stack .