Rumps À Rennes 0x3

12 Dec 2023

Presentation

After the 2 previous editions, we would like to innovate by providing conferences in English and featuring international speakers.

Rumps À Rennes 0x3 will take place at the Foyer of the INSA Rennes, batiment 23, 20 Avenue des Buttes de Coësmes 35700 Rennes, Britanny, France.
🚶 OpenStreet Map

This third edition focuses on hardware security, reverse engineering and wireless technologies. Another new feature is that we're aiming to go international, by offering conferences in English (when possible) by French and non-French speakers.

Sponsor

We would like to thank Thales Group, RootMe, our school INSA Rennes for their trust on this third edition of Rumps à Rennes!

Tickets

Take your ticket HERE!

We offer full-price tickets, student prices and prices for INSA Rennes students.

Food / Drink

Food provider: Mi Casita with vegetarian options, detailed menu is available here.

You will receive a coupon at the entrance to order food.

Good news for us, a bad one for you all: no more tickets with food! But don't worry, we released tickets without food and you can bring your own!

Drinks will be kindly served to you by the Foymens of the Foyer de l'INSA Rennes.

Planning

See it on Twitter or here (thanks to seri]!

Speakers

Dr. Jiska Classen - Lois... Ma... Mommy...: Stewie Talking to Apple's Satellite Network (🇬🇧)

Jiska Classen is a wireless and mobile security researcher. The intersection of these topics means that she digs into iOS internals, reverse engineers wireless firmware, and analyzes proprietary protocols. Her practical work on public Bluetooth security analysis tooling uncovered remote code execution and cryptographic flaws in billions of mobile devices. She also likes to work on obscure and upcoming wireless technologies, for example, she recently uncovered vulnerabilities in Ultra-wideband distance measurement and reverse engineered Apple's AirTag communication protocol.

Starting in July 2023, she will have her own research group at Hasso Plattner Institute in Potsdam.

She has previously spoken at Black Hat USA, DEF CON, RECon, hardwear.io, Chaos Communication Congress, Chaos Communication Camp, Gulasch Programmier Nacht, MRMCDs, Easterhegg, Troopers, Pass the Salt, NotPinkCon, gave various lectures and trainings, and published at prestigious academic venues. (source)

Abstract

Apple's cutting-edge emergency SOS and location sharing services have empowered users with crucial communication alternatives, particularly when traditional network coverage is not available. This talk will shed light on the functioning of these satellite services, present the security measures employed to safeguard resource access and privacy, and explore how this communication is embedded within the operating system.

With the release of the iPhone 14, users can reach out to emergency services, by sending an SOS message via a satellite link directly from their phone. This innovative use of the GlobalStar network facilitates two-way communication with emergency responders through the Messages app. Users can swiftly send text messages and respond to queries. This communication channel, due to its sensitive nature, demands robust security and authentication. It is imperative for Apple to ensure that the system is foolproof, negating the possibility of dispatching emergency responders to incorrect locations or individuals. Equally significant is the protection of the privacy of those in need, including their location and the nature of their emergency.

Moreover, Apple's satellite features allow users to share their location in Find My with up to ten friends via a satellite link. This capability serves as a convenient tool for staying connected with friends and family while venturing off the beaten path. Whether you're hiking, globe-trotting, or exploring remote locations where data roaming is unavailable, this feature ensures you're never entirely off the grid. We’ll take a look into how this new Find My extension is implemented.

Whiterose - Messing around with hardware devices (🇬🇧)

Whiterose is a hardware security hobbyist since 2018, she started by breaking any electronic devices to see how it was made and slowly started to reverse, dump, hack them.
Working as a freelance on this field, but it's more for fun than profit so far.

Subjects she treated on her blog are: (as of 12/12/23)

She previously spoke at SteakOverflow and M82 but also provided multiple CTF challenges based on Arduino boards for students on Cybersecurity Master degree.

Abstract

Have you ever wondered how MacDonald's know where you are in their restaurant ?
Maybe you are looking why you should by that 250$ oscilloscope instead of the 700$ version (Yes you've read it right)?
Or maybe you are more into practical things like getting a remote access on widely used IP cameras with a few tricks ?
If so, she is sure you'd like to know what happens to a commercial drone when they are in the middle of an airport ?
And maybe do fancy and funny things on [REDACTED] controllers ?

Well, look no further. In this talk, let me get you through the story of some of the security assessment work and researches she did on physical equipment.
We will venture into the world of hardware reverse engineering, the art and science of dissecting physical systems to understand and decode their intricate design and functionality with (sometimes) a meticulous approach.

The subject of her talk is vague; she knows that's because the devices she will present are not defined yet and might evolve with her actual work in progress.

Virtualabs - Tear it down, make it better (🇬🇧)

Damien Cauquil is a security engineer with a specific focus on embedded systems security, wireless hacking as well as embedded development. He loves to create tools to help the security community tackle some problems related to wireless protocols (Bluetooth Low Energy) or hardware architectures (iMX6 firmware extraction, Binbloom).

He spoke at various security conferences such as DEF CON, Chaos Communication Congress, WOOT, leHACK, Pass The Salt and others.

Abstract

Hardware reverse engineering is great for understanding how a device has been designed and basically works, and is often used to extract firmwares and search for vulnerabilities. And that's great, it makes devices more secure.

But once you exactly know how a device works and what's inside, you can also modify it, improve it and sometimes reuse it for other purposes. Giving a second life to an object, be it an old wireless router, a BLE tracker or a vinyl cutter, is always interesting and valuable !

In this talk, we'll show some objects we've reverse-engineered and repurposed or improved using knowledge gathered through reverse- engineering. We'll discuss the challenges we faced, how we managed to solve or bypass them, and how security is still laying around and is a concern we need to take care of. In summary, hack all the things !

Jessie - The accountant who thought he was a good fraudster (🇫🇷)

Jessie is an expert in forensics analysis, having started his career in reverse engineering of embedded electronic boards before moving over to the forensics side in 2014.

He opened up his field of expertise to OSINT and CTI several years ago. Drawing on his past experience, he was able to put all his skills into practice on a particular case involving internal transfer fraud.

Passionate about IT security, a member of the former CTF team 0XDECA (deceased), he has already spoken at SteakOverflow and gives numerous Forensics and CTI training courses at schools such as ESNA, CNAM and IIA.

Abstract

How can you prove that one of your former accountants is behind fraudulent transfers to companies that are not among your customers?

Thanks to digital investigations and CTI, nothing is impossible:

The most complicated part is to make the link between all this and find digital proof of his involvement and links with companies.
And don't forget to pay attention to the legal aspects of the various complaints currently being lodged (discussions with the law enforcement and the company's lawyers).

Correlating forensic elements/analysis of accounting documents with elements found in OSINT allows for greater openness of analysis and research.
The use of this dual OSINT/Forensic approach enabled the case to be solved and helped law enforcement agencies to make progress in their investigations.

CFP

End of CFP: Decembre 8, 2023

The information we need for your submission to the CFP:

Our CFP mail: cfp[at]securinsa[dot]fr