February 7, 2008 - 22:35 EST - Tags: security hackcon conference
#3 is over, and I think HackCon has improved a lot since #1, with so many interesting and inspiring presentations and speakers. Presentations
The conference started out with Agent X talking about hacker history and what type of people hackers are. Very interesting.
Major Malfunction and Zac followed with an interesting talk on access control systems and navigation system.
One of most fun talks was definitely Daniele Bianco and Andrea Barisani's presentation on hacking RDS-systems. It included some really funny videos and examples on what they could do (bull fight).Roger Dingledine
held an excellent presentation on the Tor network and its users. He has some really interesting views on why anonymity is important and the EU passed laws on data retention.
All of a sudden pictures of Renderman from Church of Wifi
started to show up on peoples laptops while they were surfing the open wifi-network. Cool stuff. Renderman's great talk was about the state of wifi security (no shocker there).
Guillaume Lovet also held an interesting presentation on cybercrime and how cybercriminals make money.
Props to Deviant for taking time to explain how different mechanical locks works and how they can be picked, and to Renderman and Roger for inspiring conversation.My presentation
My talk was about web application security. I went through the most common mistakes like (XSS and SQL injection), and proceeded to talk about and show some demos of XSRF+XSS attacks on intranet applications. I'm happy with the result, even though my laptop and the beamer teamed up on me. Props to Suhail and the rest of the HackCon crew for letting me do a talk this year.
I didn't feel like I answered the NoScript-plugin question properly though, so I'll address that here. NoScript will prevent the attack I showed. However, if one of your colleagues does not use this plugin, a hacker might inject the script onto you local server as a permanent XSS. A permanent XSS is an XSS that is stored on the page (e.g. in the database) and is no longer required to be a part of the URL. This could be a script (which you might trust because it's coming from the internal server) or even worse - an iframe linking to an exploit (as mentioned by Guillaume). So the short answer is yes, it will protect you from this exact attack, but...