SSCC 97 – Black Hat and DEF CON review, broken crypto, Frak, smart meters and hacking transit

Sophos Security Chet Chat

Sophos Security Chet Chat logoThis Chet Chat is the last one from our summer hiatus and features Peter Szabo and I discussing a few more of our favorite talks from Black Hat and DEF CON 2012.

I started our discussion with Moxie Marlinspike and David Hulton’s talk “Defeating PPTP VPNs and WPA2 Enterprise with MS-CHAPv2”. They explained some of the mistakes Microsoft engineers made in their implementation of MS-CHAPv2 a common authentication protocol used for VPNs and WiFi access points.

Because of these flaws, the cryptographic strength is somewhere in the neighborhood of 56 bits. This allowed Marlinspike and Hulton to launch a service using general purpose FPGAs that can crack any key in 24 hours or less for approximately $200.

Peter went to a talk on reverse engineering firmware titled “Embedded Device Firmware Vulnerability Hunting Using FRAK, the Firmware Reverse Analysis Konsole”. The tool is not yet available, but will be released allowing anyone to peer inside of firmware blobs for printers, routers, phones or any other flashable device.

I attended a very sensible talk about smart meter security called “Looking Into The Eye Of The Meter” in reference to the infrared “eye” that can be used to talk to this latest generation of meters.

SecureState have released a toolkit to assist others in performing vulnerability assessments of meter infrastructure.

Pete wrapped up by sharing the entertaining talk he attended on hacking public transit systems called “How to Hack All the Transport Networks of a Country”. The presenter explored all the different ways that technical skills and social engineering can be combined to manipulate any large, complicated system.

(10 August 2012, duration 14:34 minutes, size 8.4 MBytes)

You can also download this podcast directly in MP3 format: Sophos Security Chet Chat 97, subscribe on iTunes or our RSS feed. You can see all of the Sophos Podcasts by visiting our archive.