Friday, March 6, 2015

#RootedCON Day 1: The show begins!

RootedCON began yesterday in Madrid. This is one of the biggest events of information security in Europe. It is good excuse to gather different professionals and passionate about this industry under the same roof. The event takes place throughout three days on which several 0-days will be revealed.

Early in the morning Hotel Auditorium is already a beehive. Thousands of attendees, knowing looks and pats on the back. Who has ever gone to a Rooted before, repeat. The atmosphere is relaxed. Most of the people in T-shirt, no ties. Hackers, security consultants, military and law enforcement, lawyers, journalists, activists and even some attorneys. All of them share the same enthusiasm. In fact, people go there for the networking, but above all to enjoy with the "family".

The success of the event was such that the first talk by David Barroso (@lostinsecurity) had to be delayed about half an hour. When he finally was able to exercise its role as a speaker, Barroso spoke of the history of infections on BIOS, UEFI and other low-level components of our devices, focusing on three main points: Central role played by reverse engineering for the development of this concept; the difficulties that the bad guys found to infect the BIOS; and how the most common attack vector nowadays are the surrounding system components, which also have a "mini-bios" with almost the same permissions than the main BIOS.

That happened to Jorge Bermudez (@ender_halon), an attorney whose talk last year seduced many attendees. This time he talked about the brand new Spanish Criminal Procedure Act. Bermudez analyzed thoroughly its legal intricacies in a friendly and accessible tone for technical for an hour, explaining the role (and capacity) of law enforcement to access private content. He demystified some of the concepts that the community feared and described the cloud as the main obstacle for his work when facing charges involving the use of digital media.

In the afternoon, Andrzej Dereszowski (@deresz666) talked about Agent.BTZ, one of the most sophisticated Trojans known, from its first versions to its increasing ramification (Pfinet in 2009, Snake in 2011). The analyst acknowledged that it was extremely difficult to realize what they had in front of them, and actually they discover the malware thanks to some mistakes made by his developers in the code.

It was the turn of Yaiza Rubio and Felix Heather (@febrezo) from Telefónica Digital. Their audience enjoy with a lecture on different types of digital portfolios and the "theoretical" methods for stealing bitcoins. Priority of transactions plays a critical role in a system based on data mining, many times only controlled by a simple alphanumeric code. The two-step authentication and multifirm verification systems are recommended security measures to mitigate risks.

The first day concluded with a panel on "The hacker ID" as response for the future regulation of professional security. Many very interesting topics were discussed, ranging from what an actual hacker is  to the importance of the group, communication skills among professionals and  even if the new law will ultimately penalize those who do not have such license. Is it better not to be regulated? Does it harm the fundamental right to freedom of expression? Can a computer with nmap be considered as a cyber weapon according to the penal code?

The first day ended Rooted and the attendees were still thirsty for more knowledge: What will tomorrow (today) have for us?

As we have being doing since yesterday, we will continue covering this event in real time on our Twitter today and tomorrow morning:

You may also like:
#RootedCON, Day 2: PoC earthquake


Post a Comment