NEWS FROM THE LAB - Thursday, April 5, 2007

Greetings from HITBSecConf Dublin Dubai Posted by Mikko @ 10:43 GMT

We used to have to worry about the criminals that were close to us

Mikko here. Excellent conference going on in Dubai. The organizers have managed to collect an excellent speaker lineup from all over the world (USA, India, Germany, Singapore, South Africa, Malaysia, Finland…).


The beginning was a bit unusual: all guests were asked to stand up when the guest of honour, His Excellency Mr. Mohammed Nasser Al Ghanim arrived to deliver the welcome address. Afterwards me and Lance Spitzner were invited to have a private chat with him. Learned interesting stuff: for example, United Arab Emirates has just set up their own CERT (aeCERT).

Two independent researchers, Vipin and Nitin Kumar from India had an interesting demo with a proof-of-concept rootkit that loaded from the boot sector during boot up process. Similar to the eEye Bootroot technique… except this one also worked under Windows Vista!

Remember Mark Weber Tobias? We blogged about his research into security locks in October 2004 while we were conducting our own hands-on testing against laptop locks. He was at the conference, demoing bump key attacks against different locks live. Impressive. Don't lend your keys to this guy.

Tareq Saade from Microsoft made an interesting note regarding the malware situation in Middle East. As many countries are centrally filtering questionable content (offending sites, porn, et cetera) for all citizens, this has actually helped the malware situation somewhat. Access to some spyware web sites is blocked, preventing tons of infections that would otherwise happen. It would actually be a good idea to use this functionality to filter dangerous sites (exploits, phishing, et cetera) more aggressively.

Signing off,

P.S. Thanks to biatch0 for the conference photo. I took the Rolls photo from a local parking lot.