Thursday, September 11, 2014

TechEd 2014 - Hack-Ed: Threat Modeling your software to design for security

At TechEd 2014, Andy and Kirk gave a talk titled "Hack-Ed: Threat Modeling your software to design for security".

The talk covered the new Microsoft Threat Modeling Tool 2014 (a free download), and used the diagramming technique and threat generation as motivation for uncovering and remediating attacks against a sample web application.

Attacks covered Wifi sniffing and interception using Karma and the Wifi Pineapple, XSS via EXIF data embedded in JPEG files, and a couple of other techniques.

The slides for the talk are available here:

2014-ARC307-ProwJackson-HackEdThreatModeling (34mb PDF)

The video recording of the talk is available on Channel9:

Fun wifi analysis:

There were 261 devices in the Skycity Theatre probing for 485 different wifi networks.

Congratulations to the two folk with 26 stored wifi networks on their phones, you made the record books :)
(Although you might want to disassociate / remove some of those free wifi networks from your phones if you value your privacy)

A little unexpectedly, the probes for wifi networks were very diverse. 149 devices were probing for 'TECHED2014-SC', but there were no other networks in common with more than 7 people.

In comparison, the device sat upon my hotel windowsill while I was downstairs for breakfast this morning. 868 devices went past, probing for 1173 different networks.

Hotspot Number of People
Telecom WiFi 70
CP Public Wireless 66
TECHED2014-SC 62
Spark WiFi 34
Auckland WiFi 17
Callplus Public Hotspot 15
Airport_Hotspot 9

You can see how profitable it could be to masquerade as one of these access points - something like 8% of devices will automatically join to your network!

While we demonstrated capturing network traffic, we didn't actually capture anyone's network traffic during our demos. You'll have to trust us :)


1 comment:

  1. Mean preso guys, as always enjoyed it and learnt heaps.


Comments are moderated. Be nice!