iCloud hacking, Microsoft bounty winner at Hack in The Box security conference
Next week in Malaysia security conference Hack in The Box Kuala Lumpur is set to make headlines in its 11th year with talks on hacking airline systems, getting iCloud data access, and the Microsoft bounty winner.
Hack in The Box has a reputation for featuring explosive talks from security researchers whose findings often sound like the basis for dramatic movie plots.
Among the eyebrow-raising presentations is Hugo Teso, who will talk about real life aviation security exploits that could seize an airplane's controls in mid-flight and control an aircraft remotely.
James Forshaw's talk on XML digital signature forging just became hot: he's the the UK hacker who nabbed the first Microsoft $100,000 bug bounty when he revealed security holes in Windows 8.1 Preview - using a new mitigation bypass technique.
We're looking forward to the provocative talk Cracking and Analyzing Apple’s iCloud Protocols, where Vladimir Katalov will give the first-ever report on Apple iCloud communication protocols - and promises to reveal how an attacker can extract Apple user data from the cloud (including geolocation data) without a device tethered to the cloud or access to iCloud.
Upon the release of iOS 7 last month, Hack In The Box speakers Cyril ‘@POD2G’ Cattiaux and GG divulged a few teaser details to press about their still-shadowy presentation that promises to reveal how Apple can eavesdrop on iMessage users.
The speaker lineup also includes Facebook Chief Security Officer Joe Sullivan, Akamai's Andy Ellis, Cryptoseal's Ryan Lackey, and many others.
Hack in The Box ("Keeping knowledge free for over a decade") pulls in many of the world’s top - and most infamous - security experts and hackers; HiTB is often where they stage their most daring public presentations.
At last year's conference, we broke the news when researcher Felix "FX" Lindner revealed onstage exactly how Huawei routers have default, unchangeable root passwords that allow remote access of users' networks.
Huawei intelligence operatives attended the conference in secret, and we were the first to spot them in the audience during Mr. Lindner's talk.
In the days leading up next week's Hack In The Box Kuala Lumpur (#HiTB2013KUL), hundreds of sleep deprived hacking legends are streaming into to the five-star Southeast Asian InterContinental Hotel for two solid days of talks featuring new research.
Not all of the attendees will be sleep-deprived, of course: Kuala Lumpur is a thriving technology hub, the location is friendly for "jurisdictionally aware" hackers, as well as the fact that hackers flock from all over Asia for the conference.
Last year, Pirate Bay founders Peter Sunde and Fredrik Neij were scheduled to speak on a secret topic, but canceled at the last minute under travel cautions from their lawyers.
At present Sunde and Neij still have one-year prison sentences and a hefty fine held against them in Sweden. Only four days before HiTB, Neij had won the restoration of his passport with the express intent to attend Hack In The Box.
The lavish hotel serves as a backdrop for this year's 41 speakers, a collection comprised of hackers, security professionals, law enforcement, corporate intelligence representatives, and more.
Some big corporate players are directly participating in HiTB's anticipated two days of controversy and excitement - although the list of companies with vendor tables (usually for recruitment) is a handpicked, exclusively short lineup.
Vendors include Facebook, Microsoft, Lego, Nokia, Mozilla, OWASP, Rift Recon, Rapid7 and a few others.
Registration for the conference is still open for the first two days of competitions and hands-on sessions (October 14 and 15), and the following two days of talks (October 16 and 17).
The conference will have exhibits at its CommSec Village, which is free to the general public.
Tickets for HiTB 2013 Malaysia are MYR (Malaysian Ringgit) 1499 or USD $550, and credit cards can be processed on-site. Student pricing ranges from MYR 299 to MYR 699.
Hack In The Box will be held at the Intercontinental Hotel Kuala Lumpur with conference days Oct 16th to 17th, 9am to 6pm.
Find out more:
- Hack in The Box Security Conference 2013 Malaysia
- Hack in The Box Security Conference News (blog)
- HiTB Facebook
- HiTB Twitter
ZDNet will be reporting developments and news as it happens from the conference.