Chris Hadnagy - What Your Body Tells Me - Body Language for the SE

12/14/14 • -1 min

DEF CON 22 [Materials] Speeches from the Hacker Convention.

Chris Hadnagy - What Your Body Tells Me - Body Language for the SE

Previous Episode

Charlie Miller & Chris Valasek - A Survey of Remote Automotive Attack Surfaces

A Survey of Remote Automotive Attack Surfaces
Charlie Miller Security Engineer, Twitter
Chris Valasek Director of Threat Intelligence, IOActive

Automotive security concerns have gone from the fringe to the mainstream with security researchers showing the susceptibility of the modern vehicle to local and remote attacks. A malicious attacker leveraging a remote vulnerability could do anything from enabling a microphone for eavesdropping to turning the steering wheel to disabling the brakes.

Last year, we discussed 2 particular vehicles. However, since each manufacturer designs their fleets differently; analysis of remote threats must avoid generalities. This talk takes a step back and examines the automotive network of a large number of different manufacturers from a security perspective. From this larger dataset we can begin to answer questions like: Are some cars more secure from remote compromise than others? Has automotive network security changed for the better (or worse) in the last 5 years? What does the future of automotive security hold and how can we protect our vehicles from attack moving forward?

Charlie Miller is a security engineer at Twitter. Back when he still had time to research, he was the first with a public remote exploit for both the iPhone and the G1 Android phone. He is a four time winner of the CanSecWest Pwn2Own competition. He has authored three information security books and holds a PhD from the University of Notre Dame. He has hacked browsers, phones, cars, and batteries. Charlie spends his free time trying to get back together with Apple, but sadly they still list their relationship status as "It's complicated".

Twitter: @0xcharlie

Christopher Valasek is the Director of Security Intelligence at IOActive, an industry leader in comprehensive computer security services. Valasek specializes in offensive research methodologies with a focus in reverse engineering and exploitation. Valasek is known for his extensive research in the automotive field and his exploitation and reverse engineering of Windows. Valasek is also the Chairman of SummerCon, the nation's oldest hacker conference.

Twitter: @nudehaberdasher

Next Episode

Christopher Soghoian - Blinding The Surveillance State

Blinding The Surveillance State
Christopher Soghoian Principal Technologist, American Civil Liberties Union

We live in a surveillance state. Law enforcement and intelligence agencies have access to a huge amount of data about us, enabling them to learn intimate, private details about our lives. In part, the ease with which they can obtain such information reflects the fact that our laws have failed to keep up with advances in technology. However, privacy enhancing technologies can offer real protections even when the law does not. That intelligence agencies like the NSA are able to collect records about every telephone call made in the United States, or engage in the bulk surveillance of Internet communications is only possible because so much of our data is transmitted in the clear. The privacy enhancing technologies required to make bulk surveillance impossible and targeted surveillance more difficult already exist. We just need to start using them.

Christopher Soghoian is a privacy researcher and activist, working at the intersection of technology, law and policy. He is the Principal Technologist with the Speech, Privacy and Technology Project at the American Civil Liberties Union. Soghoian completed his Ph.D. in 2012, which focused on the role that third party service providers play in facilitating law enforcement surveillance of their customers.