The year 2016 comes to an end quickly and so it was time for another Sides conference. This year’s HamburgSides, formerly known as BSidesHH, was held in the Bucerius Law School in Hamburg next to the 33C3. I’ve been supporting this event since the very first BSidesHH in 2014, so I had to attend this year again of course. For those of you who haven’t had the chance to attend it yet, here’s a short recap of what had happened ;-)
With this blog post I’d like to thank Arron and Caroline for their really amazing work on organizing such a cool community event again. Of course I do also wish my readers, everybody who supports HamburgSides and all hackers out there a happy and safe new year!
The Magic Superpowers of a well-established “us” - The Opening Keynote
Marion Marschalek a reverse engineer in the area of malware analysis presented the HamburgSides’ keynote about the equality of people in the area of Information Security so that neither the gender, ethnics nor any social backgrounds are a barrier to join the hacker community. This “us” community (and it’s even applicable to the business side as well) is dominated by men, and it’s still quite hard for an aspiring woman to get into the same jobs or even attending conferences without being discriminated in some explicit or implicit ways. While this still seems to be an overall problem, it is probably even more applicable to very special fields like reverse engineering where it’s even harder to find women, because they just feel like the blue duck among all those yellow ones.
Marion has proven that there are talented women working on such topics and that they do not need to feel like the blue duck. Her BlackHoodie project therefore is about her giving a free reverse engineering workshop to women in Austria, which turned out to be a really successful event based on the numbers of attendees, who not only came from all over the world, but constantly showed their passion and motivation. She is the perfect example of why diversity among people does not need to be a barrier and that no one needs to fear to be the blue duck. She walked the long way up to where she is now, a respected woman, teaching people on how to reverse engineer and talking about deep-going technical things at the biggest conferences in the world. She really knows her stuff best!
I do really like the BlackHoodie project and would like to encourage every women reading my blog to get in touch with Marion about her cool project!
Privilege Escalation Techniques on Linux Systems
Nikos Danopoulos a Junior IT Security Researcher gave the second talk of the day about privileges escalation techniques on Linux systems (did you know that you can use Docker to escalate your privileges?) and demonstrated them by live-pwning some VulnHub machines, which again shows that VulnHub is a great resource for starting your Information Security career.
TLS = Privacy. What?
Dirk Wetter, author of testssl.sh, who is a constantly presenting part at HamburgSides since the very first conference, gave a talk about his favorite topic TLS. But this was surprisingly not one of those “encrypt everything” talks, but rather about some side effects that come with the use of TLS like fingerprinting connecting browsers based on the cipher suites they are negotiating. Definitely an interesting topic!
Thomas and the Bots - Using Open Source Mathematics Analysis for Classification
There are a lot of social bots out there that are not only used to increase your Twitter follower numbers, but also to generate specific contents which could be used to manipulate opinions during let’s say presidential elections. But how do you detect these bots, especially if those are not such obvious bots? Michael Goedekergave a brief overview about neural networks and how to categorize and analyse side-channel information to be able to detect and predict bots. Amazing work!
Do Tinder Bots Dream of Electric Toys?
Inbar Raz always receives a lot of dating requests from beautiful women via the quite famous platform “Tinder”. However these requests always seem to be rather homogeneous in terms of sending times and contents - most of them almost every time just contain a link to some third party sites or many of them contain simple spelling mistakes or even logical mistakes when it comes e.g. to profession and living relations. But not all bots are that easy to detect in terms of they’re just sending you a plain link, there are even more sophisticated bots that start to chat with you in a quite human manner from the first sight before they send you a link. So Inbar analyzed the behavior of these bots and uncovered that they are using stolen identities from Facebook pages to create Tinder profiles with real pictures. He finally uncovered a range of unique domains behind those bots - the rest is up to you ;-)
Unfriend your Boss
Quentin Kaiser presented an interesting story about mapping organizations through social networks for the use in red team engagements. He mainly bases his work on Facebook’s Graph Search to find out connections between people who are stating on their profiles that they do work for the same employers. This can in return be used to identify high value targets or individual targets that may open a door to the company for an hacker. Be aware of what you open up to the public on your Facebook profile ;-)
Why I forked my own project and company to create a better internet
Frank Karlitschek founder of NextCloud talked about the evolution from ownCloud to NextCloud and how they do plan to tackle the monopoly of the big players. Quite an interesting talk when it comes to the evolution, but with a few sales pitches in it. However it’s always a good thing to have some insights of cool companies.