Defending the Poor
- Type
- Video
- Tags
- Flash, Rich Internet Applications
- Authors
- Felix 'FX' Lindner
- Event
- Chaos Communication Congress 26th (26C3) 2009
- Indexed on
- Mar 25, 2013
- URL
- http://mirror.fem-net.de/CCC/26C3/mp4/26c3-3494-de-defending_the_poor.mp4
- File name
- 26c3-3494-de-defending_the_poor.mp4
- File size
- 801.4 MB
- MD5
- 8ab596ac3bede7fcd772150592931be4
- SHA1
- c01e6f4368458b440ebd832b3bcc3fe69590bdd5
The talk will discuss a class of in-the-wild malware and exploits, reasons for it's success as well as reasons why protecting against it in common ways is not effective. This will be done by examining the internals of the attacked subject. Following this, the second part of the talk will present an alternative protection mechanism, which the presenter believes prevents large parts of this class of attacks. The mechanisms and code to do this will be presented and released. The talk presents a simple but effective approach for securing Rich Internet Application (RIA) content before using it. Focusing on Adobe Flash content, the security threats presented by Flash movies are discussed, as well as their inner workings that allow such attacks to happen. Some of those details will make you laugh, some will make you wince. Based on the properties discussed, the idea behind the defense approach will be presented, as well as the code implementing it and the results of using it in the real world.
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
