Explore a comprehensive security analysis of Apple's ZeroConf technologies in this 42-minute Black Hat conference talk. Delve into the potential vulnerabilities of automatic device configuration systems like Multipeer Connectivity, Bonjour, and AirDrop. Learn how researchers uncovered serious security flaws that allow for impersonation and Man-in-the-Middle attacks, potentially compromising document printing and file transfers between devices. Examine the fundamental security challenges inherent in ZeroConf techniques and understand why some vulnerabilities persist despite being reported to Apple. Gain insights into the technical details of these attacks and discover why TLS may be inadequate for securing device-to-device communication in ZeroConf scenarios. This presentation by Luyi Xing and Xiaolong Bai offers a critical look at the balance between usability and security in modern portable computing systems.
Discovering and Exploiting Novel Security Vulnerabilities in Apple ZeroConf
Overview
Syllabus
Discovering and Exploiting Novel Security Vulnerabilities in Apple ZeroConf
Taught by
Black Hat
Related Courses
-
The Last Line of Defense - Understanding and Attacking Apple File System on iOS
-
Protecting TLS from Legacy Crypto
-
IPC - The Broken Dream of Inherent Security
-
New Vulnerabilities in 5G Networks
-
Gattacking Bluetooth Smart Devices - Introducing a New BLE Proxy Tool
-
Security Vulnerabilities in DVB-C Networks - Rahul Sasi - Ekoparty Security Conference - 2014
