The selection of ZeroNights 2018 talks is finished
Last but not least! The final set of speakers of the ZeroNights 2018 main programme.
1. Alexander Ermolov and Ruslan Zakirov will deliver their «NUClear explotion» talk. A major and most significant approach to UEFI BIOS security is preventing it from being illegitimately modified and the SPI flash memory from being overwritten. Modern vendors use a wide range of security mechanisms to ensure that (SMM BLE / SMM BWP / PRx / Intel BIOS Guard) and hardware-supported verification technologies (Intel Boot Guard). In other words, they do everything just not to let an attacker to place a rootkit into a system. Even the likelihood of execution in the most privileged mode of a processor – System Management Mode (can be achieved through vulnerable software SMI handlers) – is of no interest to adversaries since it does not guarantee they will be able to gain a foothold in a system. A single reboot and an attack must be started anew. However, there is a thing that can make all BIOS security mechanisms inefficient. And this thing is a vulnerable update mechanism implemented by a vendor. Moreover, quite often a legitimate updater adds lots and lots of critical security holes to a system. In this talk, we will speak about how vendors manage to throw all those security flaws together in one system using Intel NUC, a small home PC, as an example. Besides, we will demonstrate how an adversary can compromise BIOS from the userland.
2. Vladimir Dashchenko will present his «Denial, anger, bargaining, depression and acceptance: Stages of reporting 0-days to Russian ICS vendors» report. The substitution of foreign ICS systems is an interesting process from the point of view of vulnerability searching. On the one hand, foreign companies have already made much progress in fixing vulnerabilities in their devices. On the other hand, international practices and experience of development, working with vulnerabilities and disclosing them are neglected by Russian vendors. In this talk, I will tell you several real-life stories of interacting with Russian ICS vendors and compare the experience of working with vulnerabilities in the products of both foreign and Russian vendors.
3. DAVID Baptiste will deliver his speech «Vulnerability in compiler leads to stealth backdoor in software» titled. It is a fact, software has bugs and compilers (software which builds other software) are not an exception. The CVE-2018-8232 discloses a vulnerability found in ML compiler from Microsoft which is used to compile assembly code since decades. This vulnerability is able to introduce a misinterpretation of conditions resulting in a gap between what is written in the source code to what is really compiled and executed by a machine. Of course, if this gap of behavior would only be for the sake of speaking, it will not be fun. In this presentation, we will talk about how it has been possible to exploit the vulnerability to silently introduce operational backdoors in any software compiled with ML, with no risk to be discovered. The result is to provide to a normally not authorized user an access to a higher credential such as runas software does. Attendees to the talk will learn how critical compilers are for security, the methodology to introduce a backdoor in a software at compiler level and how a company such as Microsoft dealt (or did not deal) to correct a bug in a compiler which potentially impacted other software for at least 30 years.
4. A group of independent researchers will speak about and present «Race Condition exploration tool». Race condition exploitation may lead to severe consequences, including financial losses. The point here is that most people check this kind of a security weakness without due attention and care. That is why a significant number of web applications is still open to an attack of the kind although ostensibly there is no vulnerability at all. In this report, we will speak about the ways to exploit race condition, our personal observations and opinion about the problem. We will also present a new tool to test the vulnerability.
5. Boris Ryutin will present his «Issues in Nodejs Desktop applications (hypster_mode_ON in development)» research. In recent years, there has been a considerable increase in the number of applications that use nodejs on desktop devices. Some bugs that might have been either not so dangerous or quite complicated to be exploited earlier in the server environment, get their new start in the world of workstations. Considering these, here is a question for you to answer: Do you know how many nodejs interpreter there are in your system?
Thanks to all those who have sent their submissions to the CFP! You have shown your proficiency and tremendously high skills. It was quite a challenge for us to choose this-year speakers. We hope to see those applicants who have not made it past the filter as speakers at the conference next year. Follow our news and the WebVillage and HardwareZone announcements.