SecTalks & CryptoParty - TrustZone, the most trusted subsystem in your Mobile

https://a248.e.akamai.net/secure.meetupstatic.com/photos/event/e/4/0/1/600_454318369.jpeg

This is a joint event with our friends at CryptoParty Sydney (https://www.cryptoparty.in/sydney). Read on.

#0. Lightning Talk: Can a hobbyist fit an ARM processor inside your USB port for less than $10 USD?

The Tomu project (http://tomu.im/) enables hobbyists to create their own 2-factor authentication, indicator lights or key storage without having to trust big manufacturers or forking over large amounts of cash.

Speaker: Tim 'mithro' Ansell (https://twitter.com/mithro)
Bio: Tim is a long time open source contributor. Originally getting into FOSS to make cool computer games, he quickly found and fell in love with the language Python. Tim loved the language so much he would eventually go on to start a conference dedicated to the topic called PyCon AU (https://2016.pycon-au.org/).

#1 Talk: TrustZone, the most trusted subsystem in your Mobile

"In this talk, we’ll discuss TrustZone, the most trusted subsystem in your Qualcomm based Android Device, we’ll be investigating how the Kernel communicates with TrustZone, as well as the TrustZone architecture itself, then we’ll then use a publicly known TrustZone exploit to gain full Read and Write memory access to the HLOS Kernel and Secure Memory, we’ll then use that access to gain root level access to a device that doesn't even have a kernel vulnerability."

Speaker: Dylanger Daly Bio: Security Researcher at BinarySolutions (http://binarysolutions.io/)

#2 Walkthough of CTF SYD0x14

By the CTF SYD0x14 winning team

#3a CTF SYD0x15 (60min)

There will be a CTF game (http://www.sectalks.org/ctf101/). Whether you are a guru at CTFs or a complete beginner, you will have fun.

1. Bring your laptop.

B) Internet access may not be provided. You may want to bring your own wifi dongles or tether to your iPwns.

F) Have a hypervisor software, e.g. VMWare player, Virtual box. It is necessary for running some CTF challenges.

4. Based on the number of participates for the CTF, the group may be divided into teams. PREPARE TO MAKE NEW FRIENDS. We will try to team up beginners with gurus. Those that want to go solo are still welcome to do so.

five: This is a learning exercise for everyone. The idea is to think about problems, make friends and have fun. Don't treat it like a competition.

VI- The winner is the first team who solves the challenge. The winner will win the praise and admiration of fellow attendees. Gentle prods and hints will be offered during the session to move things along if people get stuck. The goal is to learn, not to beat your head against a wall for days on end.

7: Have fun. Learn. Mentor if you are able to. Participate, or just socialise. This is supposed to be a fun, learning event for the security and hacker community.

8. Know how to run OpenVPN client (https://openvpn.net/index.php/access-server/docs/admin-guides/182-how-to-connect-to-access-server-with-linux-clients.html) on your system. This may be required to access CTF server(s).

#3b Workshop: Set up your own Tor relay! (90 min)

We have teamed up with our friends at CryptoParty to contribute to the Tor project. After the talks, we are going to help you setup your very own Tor relay.

As you may know, the Tor network relies on volunteers. The more people who run relays, the faster the Tor network will be. By the end of the workshop, you will be contributing to the global Tor network with your relay.

On this workshop, you are going to use your own computer to register a private account at a popular cloud provider. We are going to launch a virtual machine and install the Tor agent on it together.

We have a bunch of coupons, so you will be able run your Tor relay for about 6 months for free!

Don’t forget to take your computer with you!

About CryptoParty Sydney

The CryptoParty events are open for everyone, but especially for people without prior knowledge whothat didn't dare to attend yet. The events are, for free, and most of all, fun.

CryptoParty is a decentralised movement with events happening all over the world. The goal is to pass on knowledge about protecting yourself in the digital space. This can include encrypted communication, preventing being tracked while browsing the web, and general security advice regarding computers and smartphones.

Further details, our following meetups and any of our used slides can be found here:

https://www.cryptoparty.in/sydney

--

If you would like to give a talk at this or any of the upcoming meetups, please fill up http://j.mp/sectalkscfp

If you wish to volunteer to help organising SecTalks Sydney, contact us (http://www.sectalks.org/sydney/)

For sponsorship and supporting the community, visit http://www.sectalks.org/sponsor/