Tuesday 24th June, 2014 Agenda: +++ 1st Speaker: Tom Keetch (@tkeetch) Bio: Tom Keetch works as a Security Researcher for BlackBerry and has been working to secure the NFC implementation in the BB10 OS. He is also involved in other aspects of mobile device security including the QNX OS, secure-boot, ARM TrustZone, the web browserand BBM and sandboxing. Title: NFC - the non-radio bits Synopsis: When we talk about NFC, often people think of the short-range radio protocol and RFID. But that's only a small part of the picture. Smart cards play an important role in NFC and this presentation will focus on how NFC standards build on and extend smart card security concepts to enable applications like contactless mobile payments. Slides are here: http://tkeetch.co.uk/blog/?p=34 +++ Planned 2nd speaker was ill, and his talk was postponed until July. We had an improvised second talk instead. 2nd Speakers: Adam Laurie, Aperature Labs (@rfidiot) Tony Naggs (@xa329) Title: Update on the RFIDler LF, a Software Defined RFID Reader/Writer/Emulator Synopsis: The first Beta RFIDlers ordered through KickStarter have shipped. The source code and schematics are open for non-commercial use - https://github.com/ApertureLabsLtd/RFIDler +++ Tuesday 27th May, 2014 Agenda: +++ 1st Speaker: David Rogers (@drogersuk) http://blog.mobilephonesecurity.org/ Title: Mobile phone hacking - lucrative, but hidden Synopsis: Mobile phone hacking has been going on for many years, but if you listen to most security companies, they'll only talk about the iPhone and Android. Either that, or they'll talk about mobile malware. This talk gives some of the real background, from the late 90s through until the present day including the jailbreaking and rooting community’s roots in SIMlock and car radio hacking. Some impressive, but questionably legal engineering feats that made a lot of people a lot of money, but with little publicity. +++ 2nd Speaker: Kyriakos Economou (@kyREcon) Title: A short overview for Shellter v1.0 http://www.shellterproject.com/ Synopsis: It is a dynamic shellcode injector (maybe the first really dynamic PE infector). It can be used to hide shellcode into native 32-bit applications without using any static executable templates for which it would make easy writing AV detection signatures. Won't use any static locations, won't modify the original EntryPoint, won't add sections, won't change original access rights of sections defined in the PE header. Shellter will gather information during the execution of an application and then will use this in conjunction with the payload selected in order to provide to the user a set of locations where execution is guaranteed to fall on the 1st instruction of the injected shellcode without breaking the shellcode or the execution prior to execute the injected shellcode. The engine is capable of recognizing self-modifying code on the run and during filtering to avoid injecting into location that would break the shellcode. The filtering stages also perform more analysis to guarantee a successfull shellcode injection. Shellter also includes a junk code generating polymorphic engine. It also supports encoded/self-decrypting payloads, and it does that without modifying the executable host with extra sections with dodgy access rights (RWE), or changing the permissions of the existing ones. Everything happens in memory, dynamically. No static executable templates, just get any native 32-bit executable and use it as a host as many times as you want and produce a different result every time. +++ Tuesday 29th April, 2014: April DC4420 was sponsored by Cigital - www.cigital.co.uk Cigital bought a round of drinks for everyone. Agenda: +++ We have one speaker for you this month, after which the mic is open to anyone with a short talk they want to share. +++ Speaker: Paco Hope, Cigital Title: Bugs versus flaws Synopsis: A fun look at the differences between a bug (glitch in the code) versus a flaw (problem in the design itself). +++ Tuesday 25th March, 2014: Agenda: +++ 1st Speaker: Tony Naggs Title: Introduction to NFC Synopsis: It's not just another word for RFID. All you need to know about Near Field Communication. +++ 2nd Speaker: Tomasz Miklas Title: Playing tag - the online version Synopsis: A picture says 1000 words, some of them say great stories (and some not). +++ Tuesday 25th February, 2014: Agenda: +++ 1st Speaker: Chris Sumner (Suggy), Online Privacy Foundation Title: Predicting Susceptibility to Social Bots Synopsis: Are some Twitter users more naturally predisposed to interacting with social bots and can social bot creators exploit this knowledge to increase the odds of getting a response? Social bots are growing more intelligent, moving beyond simple reposts of boilerplate ad content to attempt to engage with users and then exploit this trust to promote a product or agenda. While much research has focused on how to identify such bots in the process of spam detection, less research has looked at the other side of the question--detecting users likely to be fooled by bots. This talk provides a summary of research and developments in the social bots arms race before sharing results of our experiment examining user susceptibility. We find that a users' Klout score, friends count, and followers count are most predictive of whether a user will interact with a bot, and that the Random Forest algorithm produces the best classifier, when used in conjunction with appropriate feature ranking algorithms. With this knowledge, social bot creators could significantly reduce the chance of targeting users who are unlikely to interact. Users displaying higher levels of extroversion were more likely to interact with our social bots. This may have implications for eLearning based awareness training as users higher in extraversion have been shown to perform better when they have greater control of the learning environment. Overall, these results show promise for helping understand which users are most vulnerable to social bots. +++ 2nd Speaker: Dominic Spill Title: USBProxy - building a cheap and open USB MitM device Synopsis: With the introduction of FaceDancer, there has been a surge of interest in USB security. USBProxy is an open framework for the BeagleBone Black to make it simpler for anyone to monitor, inject or modify data carried over a USB connection. While the FaceDancer will allow devices to be written on a host system, we are able to go further and man-in-the-middle connections to existing devices as well. The BeagleBone Black also enables us to operate at USB 2.0 Hi-Speed +++