Carsten Zero to perform at PHDays 9
One of the key speakers at Positive Hack Days 9 will be Karsten Nohl, the famous GSM security researcher. In his student years, he was known as a member of the German hacker group Chaos Computer Club, today Karsten is a specialist in data encryption and security. It questions and often disproves common ideas about proprietary software. It relies on the support of Reliance Jio, the fastest growing company in the world.
For the first time, Carsten announced himself in 2009, when he managed to crack the data encryption algorithm in GSM networks. At the conference Chaos Communication Congress in Berlin, he was the first to publicly demonstrate the hacking process.
In 2013, he discovered a SIM-card vulnerability that was contained in the DES (Data Encryption Standard) encryption algorithm — used by many manufacturers and supported by millions of SIM-cards. The essence of the attack was to send a special message to the phone, the device took it as an SMS from the operator and issued a cryptographic signature in the reply message. Having received this, the attacker could eavesdrop on the conversations of the owner of the phone, intercept SMS and make payments. On hacking the phone from the attacker could take just a couple of minutes.
')
Together with Jacob Lell (Jakob Lell), a researcher at Security Research Labs, Karsten reported vulnerabilities in 2014 in USB devices. With its help, attackers could hack the microcontroller and get the opportunity to control the victim's computer. The method is called BadUSB. In the same year, at the Chaos Communication Congress, Karsten Nol and researcher Tobias Engel (Tobias Engel) spoke about serious vulnerabilities in SS7, which give attackers the ability to easily intercept phone conversations and SMS messages, even if cellular networks use the latest encryption standards. All phones and smartphones, regardless of the operating system, are vulnerable.
Last year, Carsten Zero and Jacob Lell at the Hack In The Box conference shared the results of a two-year study, during which they examined the composition of security updates produced by major manufacturers of devices based on Android. It showed that many large manufacturers only create the appearance of patches, but in fact many bugs remain uncorrected.
On PHDays 9, which will be held on May 21–22, 2019, Carsten Nol will make a presentation on “What’s under the iceberg under water: let's talk about real cyber threats”. A global analysis of data on the level of protection of thousands of companies from dozens of industries shows how difficult it is for most organizations to integrate basic security principles. Karsten will discuss with the forum participants what the public is really concerned with, striving for information security.
By the way, Carsten is not the first time participating in PHDays. In 2014, he spoke at PHDays IV with a report on attacks on mobile networks and ways to circumvent traditional protection measures taken by telecom operators.
Do not miss the chance to listen to the performance live, register and come to Positive Hack Days! And if you want to speak at one podium with renowned experts, send a request until March 31. Read more about the topics and rules of participation on the forum website .
For the first time, Carsten announced himself in 2009, when he managed to crack the data encryption algorithm in GSM networks. At the conference Chaos Communication Congress in Berlin, he was the first to publicly demonstrate the hacking process.
In 2013, he discovered a SIM-card vulnerability that was contained in the DES (Data Encryption Standard) encryption algorithm — used by many manufacturers and supported by millions of SIM-cards. The essence of the attack was to send a special message to the phone, the device took it as an SMS from the operator and issued a cryptographic signature in the reply message. Having received this, the attacker could eavesdrop on the conversations of the owner of the phone, intercept SMS and make payments. On hacking the phone from the attacker could take just a couple of minutes.
')
Together with Jacob Lell (Jakob Lell), a researcher at Security Research Labs, Karsten reported vulnerabilities in 2014 in USB devices. With its help, attackers could hack the microcontroller and get the opportunity to control the victim's computer. The method is called BadUSB. In the same year, at the Chaos Communication Congress, Karsten Nol and researcher Tobias Engel (Tobias Engel) spoke about serious vulnerabilities in SS7, which give attackers the ability to easily intercept phone conversations and SMS messages, even if cellular networks use the latest encryption standards. All phones and smartphones, regardless of the operating system, are vulnerable.
Last year, Carsten Zero and Jacob Lell at the Hack In The Box conference shared the results of a two-year study, during which they examined the composition of security updates produced by major manufacturers of devices based on Android. It showed that many large manufacturers only create the appearance of patches, but in fact many bugs remain uncorrected.
On PHDays 9, which will be held on May 21–22, 2019, Carsten Nol will make a presentation on “What’s under the iceberg under water: let's talk about real cyber threats”. A global analysis of data on the level of protection of thousands of companies from dozens of industries shows how difficult it is for most organizations to integrate basic security principles. Karsten will discuss with the forum participants what the public is really concerned with, striving for information security.
By the way, Carsten is not the first time participating in PHDays. In 2014, he spoke at PHDays IV with a report on attacks on mobile networks and ways to circumvent traditional protection measures taken by telecom operators.
Do not miss the chance to listen to the performance live, register and come to Positive Hack Days! And if you want to speak at one podium with renowned experts, send a request until March 31. Read more about the topics and rules of participation on the forum website .
Source: https://habr.com/ru/post/442670/
All Articles