1. Glitter nail polish vs the Evil Maid, the Story 2. I put CVE in your CVE
Details
** NEW VENUE **
Room 080.02.002 at RMIT (Building 80) - 445 Swanston St, Melbourne
** NEW VENUE **
Glitter nail polish vs the Evil Maid, the Story - @hoodiePony
The Evil Maid attack vs the Glitter nail polish tamper evident seal; recommended by many as one of the best defences in detecting tampering. But, what if it isn’t as infallible as we think it is? What if, a real maid could learn and do it without any lengthy specialised training? In this story, we’ll do a speedrun of the techniques used to bypass tamper evident seals and how the previously impossible to bypass Glitter Nail Polish seal was bypassed. It's an introduction to the field of tamper evident seals bypass.
I heard you like CVEs, so I put CVE in your CVE! Speaker: @Snyff (Pentesterlab.com)
Too many people read a CVE to populate a risk register and decide when, or if, they should patch. What’s the fun in that? In this talk, we will do the opposite. We will take the patch diff, understand what it tries to block, then try to bypass it.
Streaming
If you can't attend the event in person the talks will be streamed in the "ruxmon-stream" voice channel in the Ruxcon Discord in the day of the event! (join now by clicking here: https://discord.gg/g2CpEbkXmM