Advanced attackers in possession of firmware signing keys, and even potential access to chip fabrication, could wreak untold havoc on cryptographic devices we rely on.
After surveying all-too-possible low level attacks on critical systems, we will introduce an alternative open source solution to peace-of-mind cryptography and private computing.
James Langevin (1, 2) David Latimer Michael Leibowitz Nick Leiserson Yves Le Provost Jun Li Xiangyu Liu M Jerod Mac Donald-Evoy Andrew Mac Pherson Caleb Madrigal Dhia Mahjoub Slava Makkaveev Major Malfunction Dennis Maldonado Malware Unicorn Manfred (@_EBFE) Thomas Mathew Andrea Matwyshyn Vasilios Mavroudis Maximus64 Michael C.
Mc Neil Terrell Mc Sweeny (1, 2) Jon Medina Salvador Mendoza Whitney Merrill Sean Metcalf Jesse Michael Oleksandr Mirosh Ben Morris Alvaro Muñoz Myles N Marc Newlin (1, 2) Niki7a Jim Nitterauer O Kurt Opsahl "Snide" Owen P p3n3troot0r Dan "Alt F4" Petro Josh Pitts Plore Professor Plum Q Chris Quartier Cooper Quintin R Jay Radcliffe Michael T.
We continue to identify technical compliance solutions that will provide all readers with our award-winning journalism.
0 0ctane 0x00string A Aleph-Naught- Hyrum Anderson Ayoul3 Dor Azouri B Leonard Bailey (1, 2) Avi Bashan Ryan Baxendale Max Bazaliy Oleksandr Bazhaniuk Scott Behrens B1TKILL3R Steinthor Bjarnason Hanno Böck Daniel Bohannon (DBO) Francis Brown Elie Bursztein Shabid Buttar C Caezar Nick Cano Nate Cardozo Damien "virtualabs" Cauquil ceyx chaosdata Cheng CINCVol FLT CJ_000 Gil Cohen Tomer Cohen Romain Coltel Joshua Corman (1, 2) Dan Cvrcek D Christian "quaddi" Dameff MD MS Josh Datko Dark Tangent (1, 2) Patrick De Santis Andreas Dewes Roger Dingledine Cory Doctorow Christopher Domas E Chris Eagle Svea Eckert Omar Eissa El Kentaro Peyton "Foofus" Engel F Allan Friedman Joe Fitz Patrick Gus Fritschie Fuzzy Nop G Eva Galperin Denton Gentry ginsback Igal Gofman Chris Grayson Grifter H Jason Haddix Hawaii John Weston Hecker Jeremy Heffner Jason Hernandez High Wiz Kashmir Hill Lee Holmes (1, 2) Lin Huang Stephan Huber Rep.
However, below the surface of open source operating systems, strictly closed source firmware along with device driver blobs and closed system architecture prevent users from examining, understanding, and trusting the systems where they run their private computations.
Embedded technologies like Intel Management Engine pose significant threats when, not if, they get exploited.
The rise of Free and Open Source Software has led to more secure and heavily scrutinized cryptographic solutions.
In this talk, we demonstrate an AI agent trained through reinforcement learning to modify malware to evade machine learning malware detection.
Reinforcement learning has produced game-changing AI's that top human level performance in the game of Go and a myriad of hacked retro Atari games (e.g., Pong).
In an analogous fashion, we demonstrate an AI agent that has learned through thousands of "games" against a next-gen AV malware detector which sequence of functionality-preserving changes to perform on a Windows PE malware file so that it bypasses the detector.
No math or machine learning background is required; fundamental understanding of malware and Windows PE files is a welcome; and previous experience hacking Atari Pong is a plus.