Please tell us the top facts about your talk. It discloses a vulnerability that affects Linux systems encrypted with Luks, and how it can be abused to escalate privileges: CVE-2016-4484 Includes a sketch of the boot sequence with a deeper insight into the initrd Linux process A brief discussion about why complexity is the enemy of security: The whole system needs to be observed. A practical real working demo attack will be presented. How did you come up with it? Was there something like an initial spark that set your mind on creating this talk? Well, this is a difficult question. Basically, it is an attitude in front of the computer. When we start a research line, we don’t stop digging until the ultimate doubt and question is addressed. After the GRUB 28 bug, we keep reviewing the rest of
The Internet Protocol Version 6 (IPv6) is the successor to the currently main IP Version 4 (IPv4). IPv6 was designed to address the need for more addresses and for a better routing of packets in a world filled with billions of networks and addresses alike. Once you decide to develop a new protocol, you have the chance to avoid all the mistakes of the past. You can even design security features from the start. That’s the theory. In practice IPv6 has had its fair share of security problems. There has been a lot of research, several vulnerabilities have been discussed at various security conferences. DeepSec 2014 features a presentation called Safer Six – IPv6 Security in a Nutshell held by Johanna Ullrich of SBA Research, a research centre for information security based in Vienna.