LINE Corporation Shinjuku Miraina Tower Office, LINE Cafe, 23th floor
Tokyo, Shinjuku-ku, Shinjuku 4-1-6 JR Miraina Tower 23rd floor
Registration is closed
Second edition of Becks in Japan. Talks by @ninoseki, @binspecta (ramses), and @kkamagui1
Twitter Hashtag : #becks_jp
1. How to become a phisherman by ninoseki (Manabu Niseki)
2. Another one bites the apple! by ramses (JunHo Jang)
Abstract: OSX/iOS kernel has some attack surfaces from user space such as IOKit, system call, MIG(Mach Interface Generator) handler. Especially, MIG is XNU kernel's distinct feature from LINUX or UNIX.
In this talk, I will introduce some methods related to finding vulnerabilities in XNU kernel's MIG handler, including:
Lastly, I will talk about challenges in exploiting this vulnerability.
Profile: My role at LINE is to keep cryptocurrency exchange secure. For this, I do source code auditing, infra structure check, and security policies assessment.
Also, I used to play CTFs as a member of a team named PLUS. ~10 years ago, our team got 3rd place in Defcon CTF. As a bug hunter, I'm very interested in finding bug from web browsers or apple products.
Language: English (with Japanese translation)
3. Betrayal of Reputation: Trusting the Untrustable Hardware and Software with Reputation by kkamagui (Seunghun Han)
Abstract: Reputation is based on trust and people normally believe the products produced by global companies like Intel, HP, Dell, Lenovo, GIGABYTE and ASUS because of their reputation. Their products are built with some kinds of hardware and software that are made by them or confirmed by them. Global companies have spent their efforts making and managing high-quality products for profit and reputation. So, trust based on reputation works properly. Despite their efforts, the complexity of hardware and software has been increasing. Because of it, it is hard to check the correctness and completeness of specifications and implementations related to their products.
In this talk, I introduce the case that hardware and software, especially BIOS/UEFI firmware, Intel Trusted Execution Technology (TXT), and Trusted Platform Module (TPM), betrays your trust. Reputable companies defined specifications and implemented them. TPM with UEFI/BIOS firmware and Intel TXT has been widely used and responsible for the root of trust.
I found two vulnerabilities, CVE-2017- 16837 and CVE-2018-6622, related to the sleep process. Unlike previous researches, the vulnerabilities can subvert the TPM without physical access. To mitigate the vulnerabilities, I also introduce countermeasures and a tool, "Napper", to check the vulnerabilities. Sleep process is a vital part of the vulnerabilities, so Napper makes your system take a nap and check them.
Profile: Seunghun Han is a hypervisor and an operating system security researcher at National Security Research Institute of South Korea and before that was a firmware engineer at Samsung Electronics. He is an expert in the hypervisor and had his own hypervisor, Shadow-box. He also had several CVEs on Linux kernel and BIOS/UEFI firmware, and he contributed patches to various system and security software.
He was a speaker and an author at USENIX Security, Black Hat Asia, HITBSecConf, beVX, and KIMCHICON.
He also authored the books, "64-bit multi-core OS principles and structure, volume 1 (ISBN-13: 978-8979148367) and volume 2 (ISBN- 13: 978-8979148374)".
Language: English (with Japanese translation)
Important Notice We are going to use Conpass instead of Doorkeepr unfortunately. Please keep eye on https://becks.connpass.com/. Beer and Hacks A community of hackers, security researchers, an...
Join community
