Back from Rising Sun Empire (a Pacsec 2006 report)
Par Sid,
mercredi 20 décembre 2006 à 15:45 :: Conférences
:: lu 6380 fois :: #158
:: rss
:: atom
Le lire en français avec Google
o I'm back from Japan. For quite a while now, but I really did not find the time to write a decent post about my journey there. I was attending Pacsec/core06 IT security conference, held in Tokyo, November 29 and 30, and running my "Applied Wi-Fi (in)Security" dojo.
Japan truely amaze me, every time. So different. We landed at night in the evening and went right away to a sushi restaurant near our hotel in Shibuya. Then we spent some time in Tokyo, visiting small places we didn't come to before, then took the Shinkansen to Kyoto, city of thousand temples. Another enjoyable stay there, with lots of photos you can find online, as usual. Next time, we have to go south, in Hiroshima or Fukuoka.
Now, the conference...
Monday, November 27th - Dojo
First day for the dojos. As Aoyama Diamond Hall is closed, everything moved to luxury New Otani Hotel in Akasaka. It's huge. Really. Luckily, I went there with Will and Sean who seemed to know the place. Otherwise, I would have get lost here. There's three buildings with underground corridors between them. Entrance we use is in fact level B5 for the main building... I had two students for my dojo. Everything went fine, they had tons of questions, especially regarding fragmentation attack and WPA/WPA2 mechanisms, part I have detailed a lot more this time. Everything went fine, they were happy, I was too.
Then everyone met at speaker diner that took place in that mexican restaurant we were last year, the only place that would accept around forty people. Lot of smalltalk, food and drinks. Great time. Sadly, there was no wedding this time, we had the whole place for us only.
Wednesday, November 29th - Day 1
8 o'clock. Back to the New Otani. Conference room is wierd: only three rows depth and big width. Must be some kind of ballroom, but definitly not a conference room. However, it has a great vue on one of the most beautiful japanese garden in town. Surprisingly, talks are starting on schedule. Regular Secwest conferences speakers and attendees do know how surprisingly is a small word to describe the situation ;)
- First two talks were IPTV, triple play, triple threat by YM Chen from Foundstone (McAfee) and Smashing Heap by Free Simulation by Sandip Chaudhari. Thoses talks have been presented at Hack.lu 2006, so you can refer to my earlier report.
- Then we had Ben Chelf from Coverity with Methods of increasing source code security automatically. Good talk with a pretty complete review of source code analysis technics, but far too commercial to me. Too bad.
- Martin Johns from the University of Hamburg presented On XSRF (Cross Site Request Forgery) and why you should care. XSRF is an attack where attacker can inject arbitrary requests to a website through a client, taking advantage of its priviledges and authenticated sessions. It may look like XSS, but it's not. A good example of how difficult it is to design secure web applications.
- With Mobile IPV6, Les Problemes, Arnaud Ebalard (EADS) and Guillaume Valadon (University of Tokyo) presented security concerns around Mobile IPv6. Their demo of secure continuous streaming to a mobile client moving from one network to another is impressive.
- Then Ariel Waissbein from Core Security demonstrated several way for an attacker to use strong cryptography to obfuscate its attacks in his Strong cryptographic payload obfuscation and encryption talk. A must read, in the same line than Frédéric Raynal at Eusecwest/core06.
- In IPV6 Mapping, Yuji Ukai from eEye presented several methods for enumerating IPv6 hosts despites huge address space and fingerprint IPv6 aware hosts. A very good example of IPv6 mechanisms exploitation.
- Last talk of the day, Hacking fingerprint recognition systems by Jan Krissler, Fraunhofer Institute, was both entertaining and enlighting. As the slides speak for themselves, I'll just urge you to read them. I can't help give the conclusion there as they confirm what I think of biometrics: 100% of them were bypassed...
A banquet closes this first day, allowing attendees and speakers to discuss and share. Food was great.
Thursday, November 30th - Day 2
Today, we woke up at 4:30am to get to the Tsukiji Fish Market at 5:00am. We were on time to see fresh tuna auctions. Visitors are not supposed to be allowed there, but as long as you're small groups and just keep quiet, it seems OK. We've been there last year around 11am and everything was pretty sold out. So it's a completely different atmosphere we found this time. Finally, we had breakfast in a sushi bar.
This second day was Microsoft day, with no less than four talks. Yes. We're in Twilight Zone. Some cosmic incident must have occured near Tatooine. Even schedule goes crazy: we are ahead of schedule ! There's even time left for a lightning talk session...
- MSKK Security Fundamentals by Yuji Okuten apparently showed some of Microsoft actions to improve security. I was late due to fish market so I only saw the very last minutes of his presentation. Too bad. Especialy when online slides are in japanese only...
- Philippe Lagadec, from CELAR (part of french DoD), described and compared OOo and MS Office from the security point of vue. OpenOffice/OpenDocument and MS OpenXML security gives an overview of theses two suites weaknesses and conclude on a tie. A must read.
- Another Microsoft guy, Greg Galford presented Threats against and protection of Microsoft's internal network. This talk was great. Greg described the year 2000[1] incident when Microsoft internal network was breached. He explained how intruders targeted the company employees home network and workstations, compromised them, bounce through VPN links to central network and used gathered credentials to enter. Then he came to incident analysis and response, and security mesures deployement. This scenario is alike what I presented last year at Cansecwest/core05. Some may not have liked it, but it happens. Hope slides will be online soon...
- Abolade Gbadegesin, also from Microsoft, presented Vista networking stack. How to secure a networking stack: IPv6 and NetIO has been a pretty nice description of this brand new stack services and features. As people were worrying about Vista trying to set up IPv6 connectivity by all possible means[2], we were assured that IPv6 now required an IPv6 aware firewall to be registered and active. Pretty good news.
- With Undermining Security in Vista WCF, Marc Schoenefeld exhibits some ways to attack .Net 3.0 communication layer, aka WCF. Not really my topic of interest, but still interesting.
- Adam Overton & Jeff Williams, two other guys from Redmond, described how Microsoft was handling malwares in The Malware Landscape. Interesting talk, especially when they're asked if they're starting to compete with antivirus/antispyware solutions. Official answer is No.
Windows Vista Security Model - Matt Conover, SymantecShock talk was canceled apparently due to some internal politics... Too bad, I was really looking forward to see it. So symantec sent someone else. Well, some may say hopefully, but it's not be the appropriate word. I usually don't flame speakers, being one myself, but honestly, it's been the worst talk I ever seen. Truely. Presenting Evolving Windows Shellcode, he barely spent one hour slowly reading his notes. Even Dr. Sbaitso would have performed better ! The thing is I don't even know if he was actually understanding what he was talking about. In the end, nothing new went out of this, a complete loss of time. I am both disappoionted and angry...- Last talk was Linux Kernel == Security Nightmare by Marcel Holtmann from Red Hat Security Response Team and Linux BlueTooth stack maintainer. He detailed Red Hat vulnerability handling for Linux kernel with some good real life examples. A very instructive talk.
- Conference closed on few lightning talks:
- An IPSEC failover on OpenBSD demonstration failed attempt, apparently due to a typo in configuration. However, I could see that privatly and I can assure you it's working very well...
- Philippe presented a small Python based[3] shellcode tester and brand new Scapy SNMP support. As stated before, we had the exclusivity of new Scapy documentation as well as Philippe stuntman capabilities demonstration.
- Marcel did some demos he first intended for his talk.
- Finally, when he could get some stable Internet access, Arnaud demonstrated Scapy v6 brand new Teredo extensions successfully.
Then we left for Ninja restaurant, after a stop at this glass tower where Dragos could play with his mini-helicopter he found at Yodobashi store in Akihabara district. I pretty enjoyed this place last year, but I must admit I've been quite disappointed this time: more expensive, less food, less creative dishes, poor ninja show. My last time there.
Conclusion
Pacsec/core06 was a good opus. This conference gets better and better every year. Some will object Microsoft was too present, which is true. However, behind their Go Vista, Go ! mojo, we had really interesting topics, pretty far from usual We care about security commercials. My four prefered ones were, in order of apparition and not counting Arnaud and Guillaume talk[4]:
- Ariel Waissbein with his malicious crypto;
- Jan Krissler hacking fingerprints readers;
- Greg Galford on Microsoft penetration in 2000;
- Marcel Holtman on Linux kernel security.
I won't tell you my least prefered ones, you already know. As you may have noticed, most slides are now online.
Note this post from Martin Johns on his personal blog. If you're interested in photos, you can have a look at Hirosan gallery, Martin's or lcars'.
Commentaires
1. Le mercredi 20 décembre 2006 à 19:15, par Nono
Réponse de Sid
2. Le mercredi 20 décembre 2006 à 22:09, par Bruno Kerouanton
Ajouter un commentaire