Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Insecurity-In-Security version.2 (2011)

Insecurity-In-Security version.2 (2011)

Presentation (version.2) from 2011 describing how Security mechanisms placed to secure us are insecure themselves.

Abhishek Kumar

April 16, 2011
Tweet

More Decks by Abhishek Kumar

Other Decks in Technology

Transcript


  1. “Hacker's Work
    Hacker's Work
    is
    is a Form Of
    a Form Of
    Participation
    Participation
    in the Work of
    in the Work of
    God in Creation
    God in Creation.”
    .”
    -by,
    -by,
    Father Antonio Sapadaro (Vatican)
    Father Antonio Sapadaro (Vatican)
    R e c e n t
    N e w
    s

    View full-size slide

  2. Do You?
    Do You?
    + O.S. User Accounts
    + Browse Web
    + Use Web Services
    + Use Computer Networks Any Way
    + Have Any Form Of Binary Data

    View full-size slide

  3. You Are Not Secure If You Don't...
    You Are Not Secure If You Don't...
    + Use Strong Passwords 'n Keep Them Safe
    + Browse Web In Safe Browsers
    + Use SSL-ified Web Services
    + Use Patched Name Servers
    + Keep Your Data Protected

    View full-size slide

  4. You Are InSecure Even If You Did...
    You Are InSecure Even If You Did...

    View full-size slide

  5. I
    In
    nS
    Security
    ecurity
    S
    Security
    ecurity
    I
    In
    n
    Security is just maintained... it's never achieved.

    View full-size slide

  6. First Some history from Version
    First Some history from Version 1
    1

    View full-size slide

  7. O.S. User Accounts
    O.S. User Accounts

    View full-size slide

  8. Bypass Account Protection
    Bypass Account Protection

    View full-size slide

  9. Vaccinated Browsers
    Vaccinated Browsers

    View full-size slide

  10. Browsing WWW
    Browsing WWW
    [+] SMBEnum
    |=+ using 'file ://', 'res ://', 'resource ://'
    Say, if it gains success accessing
    'file:///c:/oracle/ora81/bin/orclcontainer.bmp'
    [+] ResTiming Attack
    |=+ using 'res ://', 'resource ://' to execute
    So, gains timing for different binaries &
    Identify which exists

    View full-size slide

  11. Protector of All
    Protector of All

    View full-size slide

  12. Defeating SSL
    Defeating SSL
    [] “Signing Authority” field in Digital Certificates
    [] Tricking SSL Libraries with NULL Mod Certificates
    [] Online Certificate Revocation Policy {ResponseStatus=3, ResponseBytes='' || SSL}

    View full-size slide

  13. Basis Of All Networks
    Basis Of All Networks

    View full-size slide

  14. DNSSEC ain't all GOOD
    DNSSEC ain't all GOOD
    [] Provides 'Origin Auth', 'Integrity
    Protection', PKI & even Auth. Denial of Data
    Existence
    [] Still No 'Confidentiality' {basics of security}
    AND CPU-flooding is possible due to exhaustive
    cryptography
    [] Variation of DNS Rebinding Attack
    presented at BH2010 still affected network

    View full-size slide

  15. Data Forensics
    Data Forensics

    View full-size slide

  16. Data Forensic Hackers
    Data Forensic Hackers
    [] Data Carving (Imaging RAM, Dig O.S.)
    [] Dig Information from Files
    [] Timestomp, Zipbomb
    -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
    [] Mining Network Traffic for Files/Sessions

    View full-size slide

  17. Now Some Mystery for Version
    Now Some Mystery for Version 2
    2

    View full-size slide

  18. Hash-Crack on Steroids
    Hash-Crack on Steroids
    http://hashcat.net/oclhashcat/

    View full-size slide

  19. 'RSA' Theft & Threat
    'RSA' Theft & Threat
    http://www.schneier.com/blog/archives/2011/03/rsa_security_in.html

    View full-size slide

  20. Comodo Pwn3d CertS
    Comodo Pwn3d CertS
    Janam
    Fadaye
    Rahbar
    http://www.wired.com/threatlevel/2011/03/comodo_hack/

    View full-size slide

  21. OpenBSD 'n Backdoors
    OpenBSD 'n Backdoors
    []10yrs back FBI consulted NETSEC, CTO Perry
    []Lotz of code commit by NETSEC developers
    []Few daz back, Perry's NDA expired with FBI
    []Alleged backdoors in IPSEC Stack
    []FreeBSD inherited lotz code from OpenBSD
    http://marc.info/?l=openbsd-tech&m=129236621626462&w=2

    View full-size slide

  22. Samsung Key-loG Conflict
    Samsung Key-loG Conflict
    http://arstechnica.com/hardware/news/2011/03/samsung-laptop-keylogger-
    almost-certainly-a-false-positive.ars

    View full-size slide

  23. Who Is This Guy?
    Who Is This Guy?
    Family Named: AbhishekKr
    Friends Call: ABK
    g33k Handle: aBionic {@Twitter, @LinkedIn, @Facebook}
    Itweet : http://www.twitter.com/aBionic
    iBlog: http://abhishekkr.wordpress.com
    Security Enthusiast; Working for ThoughtWorks Inc.; OpenSource Lover
    My Crime Is That Of Curosity
    My Crime Is That Of Curosity
    ANY QUESTIONS?
    ANY QUESTIONS?

    View full-size slide