1. browse
  2. congress
  3. 2019
  4. Security

36C3: Resource Exhaustion

Security

Full playlist: Video / Audio
Hirne Hacken
43 min

Hirne Hacken

Menschliche Faktoren der IT-Sicherheit

What's left for private messaging?
60 min

What's left for private messaging?

Messenger Hacking: Remotely Compromising an iPhone through iMessage
61 min

Messenger Hacking: Remotely Compromising an iPhone through iMessage

"Hacker hin oder her": Die elektronische Patientenakte kommt!
60 min

"Hacker hin oder her": Die elektronische Patientenakte kommt!

Das nützlich-unbedenklich Spektrum
63 min

Das nützlich-unbedenklich Spektrum

Können wir Software bauen, die nützlich /und/ unbedenklich…

Hacking an NFC toy with the ChameleonMini
13 min

Hacking an NFC toy with the ChameleonMini

Leaving legacy behind
52 min

Leaving legacy behind

Reducing carbon footprint of network services with MirageOS…

All wireless communication stacks are equally broken
38 min

All wireless communication stacks are equally broken

SELECT code_execution FROM * USING SQLite;
46 min

SELECT code_execution FROM * USING SQLite;

--Gaining code execution using a malicious SQLite database

Tales of old: untethering iOS 11
39 min

Tales of old: untethering iOS 11

Spoiler: Apple is bad at patching

Plundervolt: Flipping Bits from Software without Rowhammer
49 min

Plundervolt: Flipping Bits from Software without Rowhammer

How to Break PDFs
58 min

How to Break PDFs

Breaking PDF Encryption and PDF Signatures

A systematic evaluation of OpenBSD's mitigations
53 min

A systematic evaluation of OpenBSD's mitigations

The sustainability of safety, security and privacy
43 min

The sustainability of safety, security and privacy

Harry Potter and the Not-So-Smart Proxy War
35 min

Harry Potter and the Not-So-Smart Proxy War

Taking a look at a covert CIA virtual fencing solution

Intel Management Engine deep dive
60 min

Intel Management Engine deep dive

Understanding the ME at the OS and hardware level

Uncover, Understand, Own - Regaining Control Over Your AMD CPU
56 min

Uncover, Understand, Own - Regaining Control Over Your AMD CPU

The Great Escape of ESXi
40 min

The Great Escape of ESXi

Breaking Out of a Sandboxed Virtual Machine

(Post-Quantum) Isogeny Cryptography
52 min

(Post-Quantum) Isogeny Cryptography

On the insecure nature of turbine control systems in power generation
60 min

On the insecure nature of turbine control systems in power generation

A security study of turbine control systems in power…

15 Jahre deutsche Telematikinfrastruktur (TI)
41 min

15 Jahre deutsche Telematikinfrastruktur (TI)

Die Realität beim Arztbesuch nach 15 Jahren Entwicklung…

Hacking Sony PlayStation Blu-ray Drives
49 min

Hacking Sony PlayStation Blu-ray Drives

The One Weird Trick SecureROM Hates
38 min

The One Weird Trick SecureROM Hates

Email authentication for penetration testers
61 min

Email authentication for penetration testers

When SPF is not enough

Cryptography demystified
53 min

Cryptography demystified

An introduction without maths

Hacking (with) a TPM
37 min

Hacking (with) a TPM

Don't ask what you can do for TPMs, Ask what TPMs can do…

It's not safe on the streets... especially for your 3DS!
46 min

It's not safe on the streets... especially for your 3DS!

Exploring a new attack surface on the 3DS

A Deep Dive Into Unconstrained Code Execution on Siemens S7 PLCs
62 min

A Deep Dive Into Unconstrained Code Execution on Siemens S7 PLCs

High-assurance crypto software
61 min

High-assurance crypto software

No source, no problem! High speed binary fuzzing
59 min

No source, no problem! High speed binary fuzzing

Boot2root
62 min

Boot2root

Auditing Boot Loaders by Example

Vehicle immobilization revisited
55 min

Vehicle immobilization revisited

Uncovering and assessing a second authentication mechanism…

ZombieLoad Attack
55 min

ZombieLoad Attack

Leaking Your Recent Memory Operations on Intel CPUs

KTRW: The journey to build a debuggable iPhone
54 min

KTRW: The journey to build a debuggable iPhone

TamaGo - bare metal Go framework for ARM SoCs.
59 min

TamaGo - bare metal Go framework for ARM SoCs.

Reducing the attack surface with pure embedded Go.

SigOver + alpha
55 min

SigOver + alpha

Signal overshadowing attack on LTE and its applications

Practical Cache Attacks from the Network and Bad Cat Puns
42 min

Practical Cache Attacks from the Network and Bad Cat Puns

Don't Ruck Us Too Hard - Owning Ruckus AP Devices
48 min

Don't Ruck Us Too Hard - Owning Ruckus AP Devices

3 different RCE vulnerabilities on Ruckus Wireless access…

Identifying Multi-Binary Vulnerabilities in Embedded Firmware at Scale
36 min

Identifying Multi-Binary Vulnerabilities in Embedded Firmware at Scale

Breaking Microsoft Edge Extensions Security Policies
30 min

Breaking Microsoft Edge Extensions Security Policies