Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Jan 21, 2016
System updates, Attack and Defense Sofiane Talmat - ekoparty #11 (2015)
From device firmware to full complex operating systems, system updates are critical to maintain an up to date version of the running software, providing security patches and fixes for vulnerabilities, however many update and upgrade systems contain vulnerabilities that could make things go wrong. In this talk we will not only dissect in details some existing system updates vulnerabilities, we will also deep dive into common vulnerabilities concepts discovered during this research and previous work, we will describe different attack scenarios and approaches and how this could lead to the whole system subversion. We will also talk about both common design and technical mistakes and best practices on how to design secure system updates and upgrade for both devices and softwares.