Archive > 2003 Presentations

  1. Auditing the (opensource) kernel [kfc style] - Silvio Cesare
  2. Writing exploits under Mips/IRIX - Peter Werner
  3. The State of Web Applications Security - David Jorm
  4. Privilege Separation and Related Technologies - Solace
  5. Attacking RSA key generators - Icebsd
  6. Using Data Recovery and Discovery Techniques for Presenting Forensic Evidence - Rival
  7. Decompilation for Security Analysts - Trent Waddington
  8. Breaking Network Authentication, from Passwords to Hardware - Ruptor
  9. Regulation of Encryption Technologies - Nick Ellsmore
  10. GSM Operators Security - Emmanuel Gadaix
  11. Artificial Intelligence for the Lazy Hacker - Fyodor Yarochkin and Mikasoft
  12. Smart Cards and Side-Channel Cryptanalysis - Ryan Junee
  13. Law enforcement, cyber crime and the Australian security community - Alastair MacGibbon
  14. RUXCON Discussion Panel

top ^

Presentation Details

Details on the presentations at RUXCON 2003 is available below to view. Presentation material (slides, etc) is available in the Archive section of the site.

Auditing the (opensource) kernel [kfc style] - Silvio Cesare
Level: Intermediate to Advanced

Silvio will be presenting the results of manual auditing the major opensource kernels. The presentation will be both technical and political discussion of these results. The auditing is aimed primarily at language implementation, not conceptual kernel design issues. Prevalent bug classes and bug trends will be examined and practical kernel exploitation will be shown for some class categories. The equivalence to userspace auditing and program implementation will be discussed. This presentation will also cover the politics of vulnerability disclosure through the responses of opensource vendors along with the individual work that goes behind the opensource community.

Bio:
Silvio Cesare has for the most recent years worked in the development of managed vulnerability assessment. He has also during this time, made many contributions to the opensource community providing bug reports and patches to the security of operating system kernels.

top ^

Writing Exploits under Mips/IRIX - Peter Werner
Level: Intermediate

The presentation will begin with an overview of the mips architecture and n32 IRIX operating environment at a systems/assembler level. It will primarily focus on the issues faced when developing mips exploits, and work arounds to commonly encountered problems. The presentation will also look at example shellcode, and an example exploit to a test program.

Bio:
Peter Werner is a programmer for IFOST, he has worked a variety of roles in Australia and overseas, and is also studying for a Science degree at Macquarie University.

top ^

The State of Web Applications Security - David Jorm
Level: Introduction

David will first explain each key web technology, the basics of its operation and any security concerns with its design. This includes: HTTP, HTTP Authentication, HTML, Javascript, PHP and ASP.

He will then explain various common web applications vulnerabilities, including a sample vulnerability, sample exploit and sample fix to the vulnerability. This includes: Unvalidated parameters, SQL Injection, various authentication problems, and Cross Site Scripting (XSS).

Bio:
David Jorm has been a professional web applications developer for the last 4 years, working on various commercial and government projects. He writes documentation for the PHP project and about PHP for various commercial publications. He is currently studying computer science and environmental science, aiming to pursue analysis of environmental and agricultural scientific data.

top ^

Privilege Separation and Related Technologies - Solace
Level: Intermediate

This presentation will go into detail on Privilege Separation technologies which are being implemented into vital privileged networking daemons and services.

Bio:
A computer programmer and systems administrator, with strong skills in C, PHP and fluent in a variety of other languages and technologies. Currently studying a Diploma of Information Technology and Networking on the side of work priorities and personal projects.

top ^

Attacking RSA key generators - Icebsd
Level: Intermediate to Advanced

This presentation will cover everything that a developer of any RSA key generator needs to know. It brings to programmers the essentials without having to do a month of research in an unrelated field. This is not a presentation for number theorists and crypto experts, as they won't find anything new here.

Bio:
A computer programmer with 7+ years experience in C, C++, Java and small amounts of assembly for a couple of architectures (x86, 8051). Current interests include network applications, profiling and analysing code and is currently studying Bachelor of Science majoring in Mathematics and Computing.

top ^

Using Data Recovery and Discovery Techniques for Presenting Forensic Evidence - Rival
Level: Introduction to Intermediate

This talk will discuss the procedures involved in performing a forensic job and will attempt to give a bit of an insight as to how a forensics job is performed and some of the data recover and discovery techniques used to achieve the end result. A look into some of the tools available for both data recovery and computer forensics and how these tools are utilised will also be shown.

Bio:
Rival has over 10 years of experience in the IT industry specialising in Data conversion, Data recovery and reconstruction and Computer Forensics. He has worked on evidence for a number of cases in the District, Local and Supreme Court, as well as providing technical expertise for several major investigations for organisations like the ACCC.

top ^

Decompilation for Security Analysts - Trent Waddington
Level: Advanced

This talk introduces the audience to the field of decompilation and relates it to security analysis. The Boomerang decompilation research platform is presented in depth.

Bio:
Trent Waddington is a self funded researcher at the University of Queensland's Centre for Software Maintenance. He has studied in the fields of binary translation and decompilation for five years and co-authored two papers. He has worked as a security consultant in Australia and abroad and has developed software systems that required a high assurance of security.

top ^

Breaking Network Authentication, from Passwords to Hardware - Ruptor
Level: Advanced

Authentication Under the Microscope: LANMAN, NTLM, KERBEROS, hardware tokens, software tokens, biometrics, smartcards. Some of their issues - from basic to seriously exploitable. Directions on how to hack token, smartcard and biometrics protected LANs and WANs, why nobody needs L0pht Crack and why all the challenge-response authentication protocols, even the digital signature based ones, fail on LAN.

Bio:
Ruptor is a software reverse engineer with 16 years of experience. For the last six years he has been mainly researching vulnerabilities in LAN/WAN authentication protocols, implementing and breaking different kinds of hardware tokens, biometrics and smartcards and securing communications on various platforms with strong encryption and ECC based PKIs.

top ^

Regulation of Encryption Technologies - Nick Ellsmore
Level: Beginner to Intermediate

This presentation will outline the history around the regulation of cryptographic technologies in Australia, will look at the current state of affairs, and what we can expect moving forward.

Bio:
Nick Ellsmore is an information security consultant as well as being a Board member & Crypto chair of Electronic Frontiers Australia (EFA) looking at issues blending information security, industry regulation, and the law. In 1999, Nick unearthed & released the then-classified "Walsh Report" on encryption regulation, and provides guest lectures on the topic of information security regulation at UNSW.

top ^

GSM Operators Security - Emmanuel Gadaix
Level: Intermediate

This presentation focuses on GSM mobile infrastructure and attempts to give an overview on important security issues that are often poorly understood by the mobile operators.

Bio:
Emmanuel has been working in the telecommunications and network security industries over the last 12 years. He now runs the Telecom Security Task Force, an organization offering unconventional security consulting services for the telecommunication industry. Special interests include X.25, SS7, VoIP and upcoming CDMA-based mobile communications standards.

top ^

Artificial Intelligence for the Lazy Hacker - Fyodor Yarochkin and Mikasoft
Level: Intermediate

Bio:
Fyodor's been in business objectives and the security service delivery field for the past few years, contributing his spare time to a few open and closed source projects. He has a background of system administration and programming. Note: Fyodor is not 'nmap Fyodor'. (http://www.snort.org/docs/faq.html#1.2)

Mikasoft has always been a whitehat hacker, happily working for the security industry. He never really did anything with his life.

top ^

Smart Cards and Side-Channel Cryptanalysis - Ryan Junee
Level: Intermediate

This talk will discuss the various side channels that exist in smart cards and microprocessors. It will show how information leaked via these side channels can be exploited to recover secret key material. An overview of current techniques and countermeasures in this active field of research will be presented, along with a concrete implementation of differential power analysis.

Bio:
Ryan Junee is a Research Engineer with Sensory Networks, a security technology company. He holds a Bachelor of Computer Engineering and a Bachelor of Commerce from the University of Sydney. His recent thesis entitled "Power Analysis Attacks: A Weakness in Cryptographic Smartcards and Microprocessors" demonstrated how to recover DES keys from a cryptographic processor by analysing the power consumed during encryption/decryption operations. This research featured on the front page of the IT section in The Australian newspaper (19 Nov 2002) as well as on numerous international smart card web sites. Ryan also helps teach a course on Computer and Network Security at the University of Sydney.

top ^

Law enforcement, cyber crime and the Australian security community - Alastair MacGibbon
Level: General

The presentation will touch on the formation of the Australian High Tech Crime Centre and both its background and goals. How the Cyber Crime Act effects and protects the Australian security community and business. What law enforcement is about, and the future of law enforcement in computer crime.

Bio:
Alastair MacGibbon's current role is the inaugural Director of the Australian High Tech Crime Centre, which is a joint Federal and State policing initiative. The purpose of this venture is to address the emergence of high tech crime on a national basis. Prior to this position, Alastair was the Co-ordinator of the High Tech Crime Team in the Australian Federal Police.

He has been a Federal Agent for the last 13 years, and served throughout Australia in offices in Sydney, Melbourne, Canberra along with a posting to Washington DC as a Police Liaison Officer. He holds a Masters Degree in International Studies and is a graduate of the FBI National Academy.

top ^

RUXCON Discussion Panel
The RUXCON panel will allow delegates to see differening view points on current computer security issues. The people on the panel come from various sectors, but all have an interest in computer security. There will be participants representing the media, law enforcement, Electronic Frontiers Australia (EFA), along with other RUXCON staff.

Possible panel discussion topics will include: