|
PRESENTATION:
|
Digital carjacking: Hacking the modern automobile
|
|
PRESENTERS:
|
Chris Valasek and Charlie Miller
|
|
CONFERENCE:
|
|
|
LOCATION:
|
Punta Cana, Dominican Republic
|
|
DATE & TIME:
|
February 11, 2014 at 9:30 AM
|
As automobiles become more connected, security experts naturally begin to think about their vulnerability to attack. During their talk, Chris Valasek and Charlie Miller will discuss how automotive networks operate and their inherent insecurities. Together, they will outline the various attacks that researchers have performed against automobiles and present ways to secure modern vehicles.
About Chris Valasek
Christopher Valasek is the Director of Security Intelligence at IOActive. He specialises in attack methodologies, reverse engineering, and exploitation techniques. Valasek is widely regarded for his research on Windows heap exploitation. He regularly speaks on the security industry conference circuit on a variety of topics. His previous tenures include Coverity, Accuvant LABS, and IBM Internet Security Systems. Valasek is also the Chairman of SummerCon, the nation’s oldest hacker conference. Chris holds a B.S. in Computer Science from the University of Pittsburgh.
About Charlie Miller
Charles Miller is a computer security researcher with Twitter. Prior to his current employment, he spent five years working for the National Security Agency. Miller has demonstrated his hacks publicly on products manufactured by Apple. In 2008, he won a $10,000 cash prize at the hacker conference Pwn2Own in Vancouver, British Columbia, Canada for being the first to find a critical bug in the ultrathin MacBook Air. The next year, he won $5,000 for cracking Safari. In 2009, he demonstrated an SMS processing vulnerability that allowed for complete compromise of the Apple iPhone and denial-of-service attacks on other phones. In 2011, he found a security hole in the iPhone’s/iPad’s security, whereby an application could contact a remote computer to download new, unapproved software. The software could execute any command and steal data (personal or other) using iOS applications’ functions for malicious purposes. As a proof of concept, Miller created an application called Instastock that was approved by Apple’s App Store. He then informed Apple about the security hole and was promptly expelled from the App Store by Apple.
About Kaspersky Security Analyst Summit
The Kaspersky Security Analyst Summit (SAS) is an annual event connecting anti-malware researchers and developers, global law enforcement agencies and CERTs and members of the security research community. The goal is to learn, debate, share and showcase cutting-edge research, new technologies and discuss ways to improve collaboration in the fight against cyber-crime. The event provides two full days of learning opportunities and networking with industry experts and covers all aspects of the global threat landscape.
About IOActive
IOActive is a comprehensive, high-end information security services firm with a long and established pedigree in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment through to semiconductor reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, USA, with global operations through the Americas, EMEA and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.
-###-