SSCC 96 – NFC hacking, audio steganography, IPv6 security and automated malware analysis

Sophos Security Chet Chat logoThis week’s Chet Chat features Peter Szabo from SophosLabs as my guest to discuss some of our favorite talks from Black Hat and DEF CON. A small contingent of us were lucky enough to have Sophos send us to Las Vegas to learn (and party) with the best security experts in the world.

Peter and I largely took a divide and conquer approach to the talks at the conferences. By attending different talks we could cover more ground. In this Chet Chat we chose two favorites each to share our thoughts with our listeners.

We both were able to attend Charlie Miller’s talk “Don’t stand so close To me: An analysis of the NFC attack surface” where Miller explained his methodologies and shared his findings on the security of the NFC stack on both Meego and Android devices. Peter discovered that the simplest way to stop someone from surreptitiously scanning your NFC cards is to buy a stick of gum.

Peter attended Thor’s talk “Socialized Data: Using Social Media as a Cyber Mule” on steganography. For those who aren’t familiar, steganography is the technique of taking some sort of sensitive information you wish to transmit in secret and hiding it inside of some other type of file. For example you might send a message by hiding it in slack space inside a JPEG image.

Peter explains how Thor’s technique utilizes social media and what is called a waterfall effect.

I attended a talk titled “The myth of twelve more bytes: Security on the post-scarcity internet” presented by Alex Stamos and Tom Ritter. Many folks are under the illusion that the vast number of IP addresses available on the IPv6 internet will make attacking infrastructure much harder, if not impossible. In this talk Stamos and Ritter talk about the new risks introduced when using IPv6 and even some of the troubles with DNSSEC and secure name services.

Lastly Peter explains the new File Disinfection Framework project announced by Mario Vuksan of Reversing Labs. This tool can be used by malware researchers to automate the unpacking of obfuscated malware samples. Peter does a lot of reversing work for SophosLabs and gave listeners his impressions.

(03 August 2012, duration 14:08 minutes, size 8.5 MBytes)

You can also download this podcast directly in MP3 format: Sophos Security Chet Chat 96, subscribe on iTunes or our RSS feed. You can see all of the Sophos Podcasts by visiting our archive.