Saturday, March 8, 2014

RootedCON Chronicle: Day 2

We continue covering RootedCON, chronicling the second day.


A more technical than the previous day, with the exclusive presentation of various security tools. José Luis Verdeguer (@pepeluxx) and Víctor Seva (@linuxmaniac) took time to surprise the audience with a communication architecture VoIP secure open to the community, and to remind us that no matter how much a project is Open Source, if we don't control each of the layers you may on the other hand security is insufficient.

Joaquín Moreno continued with a deep traversal of the methods of forensic audit on OS X. A paper full of information, and that the same investigator said it would release to the community.

Is the RSA protocol is a reliable security tool? Jorge Ramió reveals step by step the operation of this system, which meets 36 years, to propose a path of truly revolutionary development: Listening to the sound that makes the processor to have 0s and 1s, isolating it from other sounds (fan noise environment, ...).

Jose Luis Quintero and Felix Estrada, the Ministry of Defence of Spain, gave a talk on Cyberwar, paraphrasing quotes as well known as Die Hard 4. What is cyber warfare, and what arena operates?

In the absence of David Seidman, Jeremy Brown continued his presentation on Microsoft products.

It was his turn to Chema Alonso (@chemaalonso), who spoke about the evolution of his loved Latch, the service that easily allows the user to control access to different accounts. In this new phase, more than 600 companies are using Latch, drawing attention security projects as well known as eGarante or Shodan.

The Tarascó brothers told us in separate presentations on WIFI attacks. Nothing new under the sun ... oh wait! Is it possible to innovate in a sector so used? WXP (Wireless exfiltration Protocol) corroborates the above. A protocol designed to exfiltrating sensitive information by WIFI in targeted attacks, and its counterpart, AcrylicWifi, a tool capable of analyzing Windows natively on such attacks.

We ended the day with two other papers, this time focused on one of the main problems that a security department is to carry out their work: lack of resources. Roberto Baratta (@RoberBaratta), Novagalicia CISO, talked about how to fight this "virus", and César Lorenzana (@GDTGuardiaCivil), between Javier Rodríguez (@Javiover), his experience hunting targeted attacks.


We invite you to rate our posts, to leave your comments and to share them on social networks. Also, if you want you can follow us on our profiles. At the sidebar, you’ve got the links ;-)


Post a Comment