|
|
| # ? Jun 7, 2024 23:50 |
|
|
|
#
?
Dec 29, 2023 23:13
|
|
|
Vapor Moon posted:Multiple information-stealing malware families are abusing an undocumented Google OAuth endpoint named "MultiLogin" to restore expired authentication cookies and log into users' accounts, even if an account's password was reset. quote:The exploit was first revealed by a threat actor named PRISMA Balls
|
|
#
?
Dec 29, 2023 23:23
|
|
|
isn't that an adventure time character
|
|
#
?
Dec 29, 2023 23:42
|
|
|
a few months ago I said I keep seeing SEC in the thread title and thinking football. well… https://twitter.com/danwetzel/status/1740858946141999167?s=46 https://twitter.com/danwetzel/status/1740859820599583098?s=46 it may be insiders! https://twitter.com/fireupumich/status/1740869169263067317?s=46 finally the football content we need!
|
|
#
?
Dec 30, 2023 02:44
|
|
|
Vapor Moon posted:Multiple information-stealing malware families are abusing an undocumented Google OAuth endpoint named "MultiLogin" to restore expired authentication cookies and log into users' accounts, even if an account's password was reset. me: "I should link more company accounts to Google for ease of administration" also me: "god loving dammit no one gets security right unique accounts for everything"
|
|
#
?
Dec 30, 2023 04:35
|
|
|
hobbesmaster posted:a few months ago I said I keep seeing SEC in the thread title and thinking football. well… didn't read
|
|
#
?
Dec 30, 2023 06:22
|
|
|
spankmeister posted:didn't read I mean it isn’t particularly interesting security wise and a new high standard has been set for CFB content with the pop-tart Eucharist so fair
|
|
#
?
Dec 30, 2023 06:30
|
|
|
Pendragon posted:me: "I should link more company accounts to Google for ease of administration" don't do this if you don't already have google workspace. you can make a google account off any email you control, such as a work email. so some bad actor may have made a google account off their work email, then you turn on google enterprise, then they get fired and their google workspace account gets suspended, but they still that original google account with the associated work email and not lose access to internal applications
|
|
#
?
Dec 30, 2023 12:15
|
|
|
uninterrupted posted:don't do this if you don't already have google workspace. you can make a google account off any email you control, such as a work email. can you expand on this? my general understanding was that if they had a "personal" account using their work email and the work domain goes to workspace, they get an invite to join the workspace and the account becomes managed, or you can force them to join the workspace, and their "personal" account gets renamed and an entirely new account with their company email is created. if they accept the invite and are later offboarded, the account just no longer functions at all, if the account overrode their original, the old renamed account is still active, but never had access to workspace in the first place if google is somehow doing something stupider than that, it would be useful to know
|
|
#
?
Dec 30, 2023 13:40
|
|
|
infernal machines posted:can you expand on this? for google managed applications you should be good, because it should check for access based on them being managed accounts. however, a third party using google authentication, like an auth0 integration, may not check that the accounts are managed and just check that it's a '@mycompany.com' email and let you in. this part i'm more sure about because i just fixed an issue in some auth code where this happened.
|
|
#
?
Dec 30, 2023 15:44
|
|
|
|
|
#
?
Dec 30, 2023 20:44
|
|
|
uninterrupted posted:for google managed applications you should be good, because it should check for access based on them being managed accounts. ah, fair enough. i misunderstood you. in my particular case that caveat doesn't apply because we're using entra id or whatever the gently caress it's called this week for auth
|
|
#
?
Dec 30, 2023 20:47
|
|
|
uninterrupted posted:for google managed applications you should be good, because it should check for access based on them being managed accounts. if you're using oidc and an org-generated client id then setting it to internal-only might work. should restrict usage to only org members which excludes evicted users even if they retain the non-managed domain. forum enthusiast fucked around with this message at 22:10 on Dec 30, 2023 |
|
#
?
Dec 30, 2023 21:41
|
|
|
right i got a bit annoyed with c3 having all of their videos on youtube but still private so (almost) all of the links are to ccc's site. didn't want to take up a big chunk of their bandwidth, but hey these reviews have been sitting here for days now previously at c3 33c3 to 35c3. i also did 32c3 at some point but effort finding that post before we begin the normal disclaimer: i'm not the sole person capable of reviewing a talk and will have bad takes. even if you liked a talk and just want to say it was okay without going into detail do so, it'll give people an idea of which talks jump out of this long list. if you think i missed a good talk mention it too and i'll add it to the pile 37c3 day 1: Place & route on silicon by Thomas - rough talk on placement and routing of digital integrated circuits. very top-level but decent watch if you have no knowledge but an interest in chip manufacturing. speaker doesn't have any specialist knowledge and if you've been around chip designers you'll know 99% of this. small audio issue in the talk as it's one of the first ones. q&a is mostly people who are new to silicon design issues. if you've talked about silicon design on here before you'll be able to answer all of this better than the speaker... Apple's iPhone 15: Under the C by stacksmashing - great talk on the history on iphone hardware hacking, and getting JTAG/SWD working on an iphone 15 in under 48h via usb-c. speaker acknowledges others to start with too! really fun talk that goes into the details and limitations of the interfaces available and sharing the hardware and software created in the process. spmi analyser too, really nice. debugging integrated in the phone you say? hrmm.... wonder what a later talk is about. sadly no q&a but a great dense talk. Open CPU / SoC design, all the way up to Debian by Dolu1990 - weird talk on designing a RISC-V cpu (NaxRiscv core). speaker has an electrical engineering background and explain from that perspective. briefly touches on branch prediction, multiple cores, cache, usb, etc. bluntly the speaker comes across more as a student rushing through random research in a project they're nearby, rather than an explanation of anything coherent they've done. they do cover 1 debugging issue they had in a single slide.. and mention simulation quickly when that'd be interesting as their talk instead. q&a is dire too, claims disabling branch prediction only impacts execution by 2x??? someone brings up a question about running 2 cpus in lock-step in practice and doesn't get a real answer. Unlocking the Road Ahead: Automotive Digital Forensics by Kevin Gomez - very basic car hacking and forensics talk. speaker focuses on modern vehicles. vaguely talks about an investigation into a tesla autopilot crash they were involved with, but no details. mainly this talk is a pretty basic overview of digital forensics in the black box of cars without going into anything concrete - mainly because it's to lead into the next talk. i feel like i had my time wasted tbh. q&a tries to get something out of the talk but the speaker is also very broad and doesn't give any useful detail, and passes off any questions to the next talk instead - so why did this take a slot up? Back in the Driver's Seat: Recovering Critical Data from Tesla Autopilot Using Voltage Glitching by Niclas Kühnapfel, Christian Werling, and hnj - must watch talk. this is part 2 of the previous talk, but 30s in and you've learned more than the entire previous talk. really concise information on autopilot since 2014. abuses fault injection to break the hash check in the bootloader. honestly in retrospect i'm not surprised a tesla has no protections against voltage glitching. holy poo poo at the integration testing slide lmao. includes an example of camera data sent to tesla silently from the car. q&a is pretty light and from people who haven't seen voltage glitching before. Operation Triangulation: What You Get When Attack iPhones of Researchers by oct0xor, kucher1n, and bzvr_ - must watch on kaspersky's alleged 'researchers' being targeted with a zero-click attack on a researchers' iphones. they manage to capture all the stages and recover 4 0-days. what a bizarre campaign for how aggressive they were in repeatedly exploiting an obviously monitored environment (no persistence techniques? that bold? that dumb?). talk presumes you know a good chunk about iphone exploitation. the undocumented mmio addresses is targeting the gpu btw. kinda weird they have a md5 hash list of accounts that'd send the malicious imessage. neat that the final payload includes a function to use machine learning for local processing of photos. nothing new in the q&a, other than them saying there's no persistence mechanism Adventures in Reverse Engineering Broadcom NIC Firmware by Hugo Landau - decent talk but starts with literally the speaker's lifestory, him rambling about upcoming talks, and why he got into reverse engineering. the core of the talk focuses on the process of getting to start writing firmware for the bcm5719 gigabit ethernet controller. has funny sections for what seem to be completely abandoned sections of the controller. mystery compression algorithm, to glossing over finding a buffer overflow to get shellcode executing on the device because "i wouldn't consider this a vulnerability because you can only do this from the host"(???). talk then goes into the security issues of a ethernet controller having power of packets. i uh doubt his analysis of the bitbang is accurate but this quick review is getting long as-is. not a lot to the q&a KIM: Kaos In der Medizinischen Telematikinfrastruktur (TI) by Christoph Saatjohann, and Sebastian Schinzel - good talk on security in medicine (german, linked the english translation). speaker is being bluntly honest on the lack of any security in most medical communications as we all know. shows off the limitations of a business service for handling emails 'securely' for medicine: gematik's KIM. covers spoofing signatures in s/mime, rce via log4j, duplicated keys across insurance companies, and more! q&a is good and covers a lot All cops are broadcasting by Jos Wetzels, Carlo Meijer, and Wouter Bokslag - must watch if you want to know anything about tetra. gives an overview of tetra itself, and tea1 - an old algorithm used by emergency services communications in the eu, but still used by a ton of critical infrastructure. key points include breaking into a mtm5400 radio to get the secret key and access to the tea1 algorithm. or breaking into a base station to prove real world attacks to the vendors who refused to listen. more info on the de-anonymisation attacks, and controlling the time on any tetra device to manipulate the keystream. nice list of places still using tea1, and how it is also used for some networking setups. vendors keep lying, what a shocker. q&a is p great How to Hack Your Way to Space by Manthos Papamatthaiou, and Alfredos (fredy) Damkalis - decent talk on making a satellite from scratch. the speakers worked alongside a university, and give a quick runthrough of hardware issues, and then the long process to get something into space. anything software related is just glossed over. dovetails into foss philosophy towards the end. q&a is good as it's people trying to get actual information out of the speakers Unlocked! Recovering files taken hostage by ransomware by Tobias Mueller - good quick crypto talk focusing on breaking the scheme used by germany's 2nd most used ransomware (black basta) w/o the decryptor or key. switched to using ecc in nov '22, but reused the keystream when xor'ing, and esxi disk images had lots of 00 chunks so whoops. q&a is pretty good, but there's a weirdo obsessed that the malware was updated 10 days ago so the entire talk was useless/'wrong' (???) Bifröst: Apple's Rainbow Bridge for Satellite Communication by Alexander Heinrich, and jiska - must watch dense reverse engineering talk on how apple uses the globalstar network for emergency communications. ties into a later talk about uncovering fake rouge base stations on ios devices too! speakers are great at covering the technical side in a concise and thorough manner. q&a is good and drops lots of useful information The Extremely Large Telescope (ELT) by lk, and panic - great quick talk about the (soon to be built) largest optical telescope on earth. speakers are from ESO and love to talk about the issues in construction and ground-based astronomy. first-time i recall a talk covering the practicalities of adaptive optics. great q&a with a lot of space nerds asking the right questions SMTP Smuggling – Spoofing E-Mails Worldwide by Timo Longin - must watch quick talk on the self-described dumpster fire of a disclosure. speaker is honest about how they ended up researching the issue and stumbled on it. goes into pretty good detail in abusing the spf record for spoofing. lmao at cisco's response in the responsible disclosure timeline. wtf were cert/cc doing lmao. q&a is very short Breaking "DRM" in Polish trains by Redford, q3k, and MrTick - must watch talk on a company that deserves to be in jail for geofencing 'breakdowns' of critical infrastructure when in competitor's workshops. speakers are great at swapping on the fly and covering everything in-depth. crash course into plc analysis. for the 40 trains checked they were 26 different variants of the software... wtf. solid gold throughout the talk. great q&a too Sucking dust and cutting grass: reversing robots and bypassing security by Dennis Giese, and braelynn - alright iot talk covering ecovacs in particular. speakers split focus between hardware and software but jump around and don't go into good detail imo. talk is briefly touches on replacing the firmware, potential privacy issues, vulnerabilities, certifications, and spends a good chunk talking about talks they did since 34c3. the live video attack is pretty decent. audio issues (just in the room) in the middle of the talk sadly. q&a is good in trying to get more detailed info out of the speakers day 2: Hacking Neural Networks by jate - good neural network talk (german, linked the english translation). speaker is upfront on not covering anything new, just giving an overview - so this is mainly if you're new. gives a good breakdown of neural network models and how they can be applied. covers model stealing, brute-force, adversarial attacks, last layer attacks, and data poisoning. q&a is p funny though as there's some people trying to defend the models Why Railway Is Safe But Not Secure by Katja Assaf - rough crypto talk about railway communication protocols (trackside). takes a bit to get into the details but mainly summarises other people's research and talking vaguely about the infrastructure. weirdly keeps mixing up encryption and hashing. q&a is alright but it's still mainly "someone should look into this", and the questions really just explaining the topic better than the speaker Predator Files: How European spyware threatens civil society around the world by Donncha Ó Cearbhaill - must watch thorough talk by the head of the security lab at amnesty international. covers spyware, mainly Intellexa's Predator, targeting journalists and political enemies. great insight into the isp-level networking injection devices used in practice to make 1-click exploits into 0-click. marketing material on a 5g/4g/3g downgrade -> baseband exploit for samsung devices too. q&a is good but short The impact of quantum computers in cybersecurity by Alessandro Luongo - lol talk by a phd who's covered "quantum machine learning". writing quantum algorithms!! okay more seriously they have comically small text on their slides and are doing pretty trivial maths on time to complete a workload with extra parameters with quantum attached to their terms. they do the normal quantum topics: rsa2048->ecc256. post-quantum crypto with lattices, then make up poo poo for the impact of quantum machine learning for cybersecurity. the first two have been covered significantly better by qualified people in previous c3 talks. they go about it weird though by taking theoretical proofs and going "we could make this look better by changing variables", then repeating shor's algorithm like it gives their talk substance. i'm sounding mean here but he's taking a rough cost formula and treating it as a real device to simulate security proofs from. "machine learning is ubiquitous in cybersecurity"???? this is an absurd amount of waste to look into answering "is that domain from a domain generation algorithm", but this 'review' is already too long. he doesn't even talk about anything of substance in the entire talk!? q&a is funny and mostly the speaker saying they implemented algorithms not they they created any, or that they don't have answers. internet question really trips him up lol, take a drink every time he goes "it requires more than one phd", or "i don't know" i'll be honest and reveal my initial brief of this talk (shared with the discord) off of a glance at the abstract now - i smell a rat of a young student and a talk they're not qualified to do, but surprise me... but let this be a great example talk for someone to come in any give a different view. please, i'm serious show me that i'm wrong here. Fuzz Everything, Everywhere, All at Once by domenukk, van Hauser, Dongjia Zhang, andreafioraldi, and Addison Crump - must watch dense 5-speaker talk on AFL++ and QEMU black box binary testing. speakers know their audience and just give a very quick background on fuzzing rather than wasting time. great example pulling from the p0 samsung qmage codec research too! shows off the fuzzer being able to support detecting injections attacks. really this should be an example of how to do a group talk in general. more talks should have speakers taking breaks on comfy chairs. q&a is great too Nintendo hacking 2023: 2008 by PoroCYon - great console hacking talk on the nintendo dsi. speaker is very competent and talks around their background. starts with the history of dsi exploits and how it wasn't properly broken .. until now. we move into electromagnetic voltage glitching in this talk. lol at all the unusually well implemented cryptography at almost every stage along the way in this talk, especially for 2008. turns into a practical modchip implementing consistent voltage glitching to get code execution on both cpus bypassing multiple signature checks with one glitch. great q&a of people mostly wondering how they glossed over complex steps in the process that other talks tend to overexplain AlphaFold – how machine learning changed structural biology forever (or not?) by Jan Gebauer - great fun science talk trying to explain the limitation of protein folding machine learning. aimed at both biologists wanting to know about machine learning in practice, and computer scientists wanting to know how biologists focused on protein folding use machine learning in the real world. very rightfully critical of google and how they were sharing no peer-reviewable data while repeatedly breaking records in the CASP awards. covers the biology aspects really great for non-biologists imo. good q&a and the crew are having fun Rust Binary Analysis, Feature by Feature by Ben H - rough rushed talk on an intro to rust disassembling. speaker tries to focus on the big differences to analysing a rust program vs any other one a reverse engineer would be used to .. in theory. pretty dry though on rust internals, but that's what the title did say. q&a makes a point that they aren't using any of the rust reverse engineering tools, and speaker doesn't want to handle any real question Demoscene now and then by LordSpreadpointAmiga - awkward demoscene talk. speaker was active 30 years ago and just came back to show how things were vs now. it's mainly the speaker showing off demos they like with little explanation at all (or audio normalisation). they don't really talk about any technical limitations demos are usually written in but vaguely about the art scene that around it. really it's amazing to see someone get a slot like this and share practically no information. no time for q&a either... Turning Chromebooks into regular laptops by elly - good quick talk on the headaches in getting linux running on a variety of chromebooks via chrultrabook. goes into great depth on the changes google made to create chromeos, and the limitations that their setup has. speakers swap on the fly and cover everything great. great q&a with the speakers being up front with the limitations ARMore: Pushing Love Back Into Binaries by @cyanpencil (Luca Di Bartolomeo) - great cursed talk about creating a heuristic-free static binary rewriter for .. aarch64. speaker is a bit odd. what an rear end in a top hat of a prof giving this as a 'simple project'. love the trick to abuse execute-only memory and a segfault handler to make self-reading binaries function. q&a is good with arm32 and the thumb co-processor being brought up... Decentralized energy production: green future or cybersecurity nightmare? by Sebastien - great talk focused on networked home solar panels. speaker is looking at four different systems but can only name one of them. some pretty serious vulns are discussed, it's functionally a entry-level iot device but attached to the electrical grid yay. great video demos. good q&a too BLUFFS: Bluetooth Forward and Future Secrecy Attacks and Defenses by Daniele Antonioli - great bluetooth crypto talk. speaker is a very experienced academic and covering new ground. mainly mitm, spoofing, and downgrade attacks abusing no integrity protection, nonce reuse, same as always. whole host of devices tested too, and with a bunch of patches to mitigate. q&a is good in covering a lot of questions fast and making it more obvious than ever that BT SIG don't care about security Tor censorship attempts in Russia, Iran, Turkmenistan by Roger Dingledine - great talk going over how each country tried to block tor and countermeasures used. speaker gives a good quick overview of pre-existing transport obfuscation in tor. lol at russia just blocking all of azure. ooh nice insight in hardware aes when testing vs software stack in practice on older phones changing the cipher flags and letting iran block them. good q&a day 3: NEW IMPORTANT INSTRUCTIONS by Johann Rehberger - must watch talk on attacking LLMs. speaker used to red team at azure and is great at breaking down the terminology. really destroys openai and their plugin model and how they try to patch any issues with half-assed policy changes. it's funny how only one vendor was unwilling to fix anything. q&a is short with some dumb questions Unlocking Hardware Security: Red Team, Blue Team, and Trojan Tales by René Walendy, e7p, and Steffen Becker - pathetic hardware security talk focused on detecting malicious digital ICs. first speaker unusually takes the bloomberg supermicro story seriously which lmao, but they need a premise. second speaker deals with the real talk hardware trojans covering 4 chips between 90-28m, 10 modified logic gates per chip. really it's an image comparison talk but remaking the wheel. the third speaker really confirms this as a half-assed directionless group project but one person had access to an electron microscope and some fabbed chips. somehow we end up at cognitive factors impacting reverse engineering and how this needs more research, tripling down on my last sentence now. all the mentions of other talks again highlights how little they've done. q&a is mostly the speakers making up hypotheticals in response to questions... Fuzzing the TCP/IP stack by Ilja van Sprundel - bad talk on someone fuzzing tcpip for the first time. it's all theoretical on what they want to do, and they are aware of what fuzzing has happened in the past. they pull up emails to the afl mailgroup from 2017, then try to use a random userland tcpip stack they stumbled on (picotcp). they uh, apparently never heard of tcp-fuzz, but anyway congrats on a pre-alpha fuzzer on a stack abandoned 4 years ago. q&a is just useless, but people are confused over what he even did (apparently he's fuzzing a remote system.. somehow.. with this setup) Einführung in Smartphone Malware Forensik by Viktor Schlüter, and Janik Besendorf - good talk on the basics of mobile phone malware forensics (german, linked the english translation). speakers are from reporters without borders' digital security lab, and upfront on it being an introductory talk - slides are in english oddly. goes through a rough methodology to backup ios and android phones for analysis. approve of distilling this to stalkerware and detecting iocs as a starting point. good q&a too Numerical Air Quality Modeling Systems by ottopaul, and Johannes Bieser - must watch dense talk on the practicalities of producing air quality models. speakers are great at explaining air pollution in depth while making it accessible. gets really interesting when they go into the models and how different emission sources that aren't dangerous individually combine in the ozone. even go into secondary particle formation depending on the tree and season. great q&a too What is this? A machine learning model for ants? by etrommer - okay talk on shrinking deep learning models. speaker quickly covers each step of how a model is made better than previous talks imo. goes through quantization, pruning, mixing 'experts' (sub-models), and knowledge distillation. doesn't actually explain energy usage in any depth. good q&a Full AACSess: Exposing and exploiting AACSv2 UHD DRM for your viewing pleasure by Adam Batori - must watch crypto talk on breaking AACSv2 publicly since it was released in 2015. speaker gives great quick history lessons on css and its successors. moving to aacsv2 we dive into SGX, secret extraction, stripping themida, and why they don't need to break intel pcl. sadly only able to handle 1 question at the end given it was such a dense talk Finding Vulnerabilities in Internet-Connected Devices by Pascal Zenker, and Christoph Wolff - good intro talk on attacking softphones and conference speaker systems. speakers are researching the poly trio 8800 and ccx 400 specifically. aimed at beginners looking at logic flaws before getting more technical, avoids hardware attacks. moves onto fuzzing with boofuzz, and isolating test cases. nice pre-recorded demo on chaining the exploits into a proper attack. sadly the q&a is a single simple question RFC 9420 or how to scale end-to-end encryption with Messaging Layer Security by Konrad Kohbrok, and Raphael Robert - good quick crypto talk covering the MLS protocol. speakers briefly covers the history of e2e: pgp->off-the-record->signal and now MLS. covers the functional and security properties MLS wants and how it differs from tls. briefly goes into the rfc-compatible implementations but the spec is still being worked on. lot of good q&a About Gamma-Ray Bursts And Boats by Annika Rudolph, and Sylvia Zhu - must watch space talk about a record-breaking gamma-ray burst in oct 2022. speakers are great at breaking the talk down to their specialities. great overview on the physics background, astrophysics theories on what's causing them, how detectors function, etc. the event itself is really interesting and the speakers share as much as they can. great q&a too, lot of detailed answers How Many Planets in Our Solar System? Glad You Asked! by Michael Büker - must watch space talk going over how we've counted planets differently across history. speaker is good at explaining all of this in an entertaining way. takes a western historical take on observations but really interesting. great q&a with really extensive answers Writing secure software by Fefe - decent talk on how to build security architecturally around insecure software. speaker is upfront on the slides being rough as this was a last-minute change in schedule (i was looking forward to the quantum crypto talk too...). mostly a running joke on reducing attack surface for a blog through increasingly convoluted ways. fire alarm in the middle of the talk too lol. decent q&a, love the first internet question pointing out his blog in this talk had been hacked in the past Reconstructing game footage from a Game Boy's memory bus by Sebastian Staacks - great hardware hacking talk on the original game boy. speaker is very enthusiastic on having created the gb interceptor, and have very fancy animations in the talk - showoff! covers the memory state of the game boy great and makes sure to focus on just the relevant parts to avoid losing a chunk of the audience. great demo in showing off some limitations where devs abused hardware tricks. great q&a that covers a lot of ground How to build a submarine and survive by Nico, and Elias - great talk on building a submarine (german, linked the english translation). speakers have actually built one and run through the theory quick. we get to see every stage of the build process and the safety mechanisms they put in - it's still a deathtrap ofc. lot of details of how they implemented underwater communication to above ground. lol at the registration process they went through. long q&a with thorough answers Unlocked: PICing a wireless door access system by sre - great short crypto reverse engineering ham talk for attacking wireless door systems. speaker is focused on the abus cfa3000 used to secure their local hackerspace that uses aes. moves from rf analysis to key extraction on the chip itself. speaker covered the topic a bit too quick though. good q&a that takes a bit to start What your phone won’t tell you by Lukas Arnold - great talk on detecting rogue base station on iphone 12. speaker starts with reverse engineering the MSM interface on a qualcomm baseband chip. good idea to piggyback on apple's cell data to figure out the probability of a rogue station on top of activity characteristics. good demo of the CellGuard app, but surprised they didn't go near an embassy or any other semi-public place where there'd be an active rogue base station. great q&a but it's a bit short Breathing Life into Legacy: An Open-Source Emulator of Legacy Apple Devices by Martijn de Vos - great reverse engineering talk on the ipod touch 2g. speaker is good at covering previous research on emulating apple devices. builds on top of qemu, however oddly chooses to build the emulator off of the leaked iboot source code from 2018. nice that they manage to launch the entire ui. good q&a day 4: Making homebrew for your very own Vector Super Computer by Johann-Tobias Schäg - alright talk on writing applications for the NEC Vector Engine. speaker mainly focuses on explaining the architectural differences with vector engines. doesn't really talk much about writing code at all really, just compiling. not many answers in the q&a, but also not a lot of questions mainly statements Mobile reverse engineering to empower the gig economy workers and labor unions by Claudio Agosti, and Gaetano Priori - good talk on reverse engineering mobile apps and helping labour unions identify data breaches. speakers focus on the glovo couriers app. good quick intro to android reverse engineering using frida. app wasn't just constantly monitoring gps coords and sending them to the company, but to every tracker in the app too. over years and even after legal rulings nothing's changed. q&a is good Blackbox Chemieindustrie by Janna Kuhlmann, and Janine Korduan - good climate talk on the german chemical industry (german, linked the english translation). speakers give a good overview of the wide variety of companies that make up the chemical industry and their supply chains. lot of talk about the single-use plastic that the industry has no interest in stopping anytime soon. good q&a Should e-voting experience of Estonia be copied? by Märt Põder - great talk about electronic voting in Estonian elections. speaker was an observer during e-voting at the 2023 elections. goes into good depth on the cryptography of the electronic vote and the userflow. lot of interesting details on how unprepared anyone was for him to be an observer. short q&a session that obviously doesn't have many answers Analog rotary phones get a second life with raspberry pi by Hans Gelke - good talk on replicating exchange setups. speaker is very dedicated to put this much work in - took the speaker about 5-6 years to develop, lot of custom hardware designed. cute that they went and tried to replicate different country's dialing tones and announcements. great q&a too, not enough time to cover anywhere close to the interest people had The Ultimate SPC700 Talk by kleines Filmröllchen - great talk on the SNES' sound co-processor S-SMP on the SPC700 architecture. speakers is great at diving straight in to try and cover as much material as possible. you will learn about every instruction, register, and weird architectural detail that can be squeezed into the talk. shame about the audio buzz on the recording. short q&a A Libyan Militia and the EU - A Love Story? by Paul Wagner, Matthias Monroy, and Felix Weiss - great osint talk covering TBZ. speakers cover the EU's role in pushing refugees to libya against german and international law. paying money to libya to create a non-existant coast guard, privitising aerial surveillance with frontex, and more. malta's coastguard hanging up or just saying "we don't respond to NGOs". q&a covers more disturbing ground too Oh no: KUNO - Gesperrte Girocards entsperren by Tim Philipp Schäfers (TPS) - alright fraud talk on using 'blocked' girocards (german, linked the english translation - they're running out of energy this talk though). speaker goes over the process of blocking a card via sperr-notruf over the phone, mobile app, or fax. turns out the lock only affects pin payments, if a signature is used the bank doesn't do any checks lol. to use this you need to use the separate system trades and police made: KUNO - an incredibly poo poo acronym. we get to analysing KUNO's web portal, find potential management interfaces, privacy issues, and a practical bruteforce to unlock a card. they released a 32pg report on what they found. lot of q&a covering mainly basic questions Self-cannibalizing AI by Ting-Chun Liu, and Leon-Etienne Kühr - great talk on visualising the training set of LLMs. speakers take a different approach to explaining how LLMs are trained and focus on CLIP further up the pipeline. good explanation that the model was initially made for image recognition. gets fun when they started doing generative iterations and chaining LLMs. great q&a that touches on more inherent biases remember try and say which talks you liked and if possible what the speaker did good/bad, it's hard for any speakers to get feedback and i can get pretty harsh so having more opinions on even the less good talks will help everyone out
|
|
#
?
Jan 1, 2024 13:48
|
|
|
❤️
|
|
#
?
Jan 1, 2024 15:02
|
|
|
thank you very much once again for your work, much appreciated
|
|
#
?
Jan 1, 2024 15:07
|
|
|
spankmeister posted:thank you very much once again for your work, much appreciated
|
|
#
?
Jan 1, 2024 19:21
|
|
|
fine, Wayne, I’ll take next week off and watch videos I’m telling my boss that this is your fault though
|
|
#
?
Jan 1, 2024 19:42
|
|
|
Subjunctive posted:fine, Wayne, I’ll take next week off and watch videos Take it from the training budget
|
|
#
?
Jan 1, 2024 19:44
|
|
|
drat that's a lot of videos I want to watch now
|
|
#
?
Jan 1, 2024 19:46
|
|
|
spankmeister posted:thank you very much once again for your work, much appreciated
|
|
#
?
Jan 1, 2024 19:55
|
|
|
Subjunctive posted:fine, Wayne, I’ll take next week off and watch videos
|
|
#
?
Jan 1, 2024 20:19
|
|
|
spankmeister posted:thank you very much once again for your work, much appreciated
|
|
#
?
Jan 1, 2024 22:23
|
|
|
god drat dude this has already made my week
|
|
#
?
Jan 2, 2024 03:51
|
|
|
okay less thanking more substantive feedback: which talks do people like, which do they not like. what reviews were along the same line as your opinion, which were horribly wrong. i've been going for succinct train of thoughts and not cleaning them up later (other than typos). i was going to keep the barrier for must watches to only sec talks, but when i was watching a talk and going "i would have this as a must watch but it's not the right field" i didn't think that was a good enough reason. didn't check the good/great/must spread either, but hey sometimes an event is disparate anyway this isn't a graded curve next time i'll call a popular great talk bad just to see if anyone will provide feedback!!
|
|
#
?
Jan 2, 2024 13:24
|
|
|
Wiggly Wayne DDS posted:
this talk had really good content but a lot of (laugh line) (expectant smile) (completely dead room) on similar bits with similar delivery that worked in other talks, either this was like the first or last talk of the day or c3 has an insider/outsider problem and this guy was an outsider. it was really interesting though and I think the summary low-sells that he also made sgx key extraction and emulation as a portable script. really good talk quote:Back in the Driver's Seat: Recovering Critical Data from Tesla Autopilot Using Voltage Glitching by Niclas Kühnapfel, Christian Werling, and hnj quote:Operation Triangulation: What You Get When Attack iPhones of Researchers by oct0xor, kucher1n, and bzvr_ quote:Bifröst: Apple's Rainbow Bridge for Satellite Communication by Alexander Heinrich, and jiska quote:The Extremely Large Telescope (ELT) by lk, and panic fun! didn't catch the q&a. didn't know they intend to continuously resurface mirrors. hell of a machine, and ESO sounds like a cool job (although "European Southern Hemisphere Observatory" sounds like it could either be what it is or an intelligence agency from an alternate history where the EU was around in the 1700s that did MUCH darker things) quote:SMTP Smuggling – Spoofing E-Mails Worldwide by Timo Longin the standout after the polish trains one. short, sweet, great hacking, great failures of social interaction (in the RD stuff) from them and cert/cc. interesting side effect of the world's turn towards taking security seriously IMO - they didn't have to email every vendor they figured would be affected separately, and in fact only did it for ones they thought would pay a bounty, but that relies entirely on cert/cc not being clowns. oops quote:Breaking "DRM" in Polish trains by Redford, q3k, and MrTick The Certified Good Stuff. Good sharing of time between multiple presenters, well presented, incredible content, engaged audience. A good technical talk but also a good talk, if you see what i'm saying quote:AlphaFold – how machine learning changed structural biology forever (or not?) by Jan Gebauer another good technical talk that was also a good talk. from your summary i thought it was going to be much harsher on alphafold and google than it was. a really interesting look at the realities of how ml stuff can be a tremendously helpful tool, both upsides and downsides. love the buildup to the structural biology koan. quote:NEW IMPORTANT INSTRUCTIONS by Johann Rehberger good one, and one undersung part is the multiple languages thing he was doing to sneak stuff in. an excellent presentation on the downsides of openai's stupid loving plugin model. lmao at openai generally. i thought the comparison to sql injection was a really great one and i will be parroting it frequently. quote:What your phone won’t tell you by Lukas Arnold kind of another one in the category of "[product/service] does [x really cool thing] so we looked at [the userspace computer programs that only interact with the cool thing in an abstracted fashion]" which was weird because i think if it had lived mostly in baseband world it would have been better off, but i guess it ended up mostly being a pitch for cellguard, and that's the world cellguard has to live in. a lot of great stuff overall, thank you for the summaries!
|
|
#
?
Jan 2, 2024 14:14
|
|
|
Wiggly Wayne DDS posted:okay less thanking more substantive feedback: which talks do people like, which do they not like. what reviews were along the same line as your opinion, which were horribly wrong. i've been going for succinct train of thoughts and not cleaning them up later (other than typos). i was going to keep the barrier for must watches to only sec talks, but when i was watching a talk and going "i would have this as a must watch but it's not the right field" i didn't think that was a good enough reason. didn't check the good/great/must spread either, but hey sometimes an event is disparate anyway this isn't a graded curve I don't have enough free time to watch every video, or even most of them. Calling out videos as "lmao some dumbass grad student wandered into presenting their class project by accident and it shows" is really, really useful to help know what to skip. You might be wrong, but you're probably right, and I can just watch the few that both sound interesting and likely are interesting. Thank you for you're service in curating my next couple days' free time videos
|
|
#
?
Jan 2, 2024 18:36
|
|
|
Volmarias posted:I don't have enough free time to watch every video, or even most of them. Calling out videos as "lmao some dumbass grad student wandered into presenting their class project by accident and it shows" is really, really useful to help know what to skip. You might be wrong, but you're probably right, and I can just watch the few that both sound interesting and likely are interesting.
|
|
#
?
Jan 2, 2024 19:23
|
|
|
Right, I understand the position you're in. I'm just saying that this helps me go from "ugh gently caress ok guess there's another collection of cool stuff I'll never watch due to the size of it" to getting a few actually great bits of info because it feels like I can reasonably select a couple that will definitely be worthwhile. This way, I can skip things that I'm kind of sort of interested in if it sounds like the presentation isn't great, and the whole thing feels much more manageable.
|
|
#
?
Jan 2, 2024 19:33
|
|
|
i was just using your post as a launching off point tbh
|
|
#
?
Jan 2, 2024 19:59
|
|
|
https://twitter.com/Ms_Snow_OwO/status/1742666456058470739 https://www.bleepingcomputer.com/news/security/hacker-hijacks-orange-spain-ripe-account-to-cause-bgp-havoc/
|
|
#
?
Jan 4, 2024 10:43
|
|
|
the belarusian protest talk was kinda eh if you were already familiar with the events but i did get a chuckle out of the "how do you hack a water cannon truck? just rip parts out of it, they're not protected, it'll turn into a fun fountain!"
|
|
#
?
Jan 4, 2024 12:36
|
|
|
talks seen so far, all good: - Operation Triangulation (the iphone malware talk) - Breaking "DRM" in Polish trains - How Many Planets in Our Solar System? Glad You Asked!
|
|
#
?
Jan 4, 2024 21:13
|
|
|
i have also seen someone else talk favorably about the train video but have not watched it myself
|
|
#
?
Jan 4, 2024 21:29
|
|
|
completely unrelated, there has been discussion about how 23andme didn't do enough to protect their users by disallowing leaked passwords and not enforcing 2fa, but I found this perfect example on their facebook page that shows why they didn't have these strict policies a person getting turned away because they can't use their standard password is another lost sale
|
|
#
?
Jan 4, 2024 21:44
|
|
|
uninterrupted posted:for google managed applications you should be good, because it should check for access based on them being managed accounts. somewhat related to this post and my laughable assumption that google is competent at poo poo: if you use google oidc and pass it a "login_hint" url option, it'll check if that's associated with an existing google application. if it is, it'll populated "hd", some idiot google-specific url option, with the domain in question and forward you to the app instead of take you through the authentication flow, even if you're not using the hinted account. so you could get a phishing link to a legitimate url that uses google auth, click on "google auth", and get prompted to authorize some app that can read all your email.
|
|
#
?
Jan 4, 2024 21:50
|
|
|
https://arxiv.org/abs/2211.03622quote:Do Users Write More Insecure Code with AI Assistants?
|
|
#
?
Jan 4, 2024 21:51
|
|
|
|
| # ? Jun 7, 2024 23:50 |
|
|
uninterrupted posted:somewhat related to this post and my laughable assumption that google is competent at poo poo: can you require admin approval for connected apps in gsuite/workspace? i know you can in m365 because we've enabled that to prevent people from connecting dodgy 3rd party poo poo to tenant resources.
|
|
#
?
Jan 4, 2024 21:53
|
|