2011 Talks

Defiling MacOSX

I thought it would be fun and educational to write a kernel rootkit for Mac OS X. Having never messed around in kernel memory before, it was quite an enlightening experience. OS X is similar enough to FreeBSD that a lot of the same techniques apply, but different enough that there are a few surprises in store. I'll show you how some common kernel rootkit techniques are implemented on OS X, which techniques Apple have broken, and hand-wave a bit about the possibilities for rootkit persistence that are presented by the EFI firmware used in current Macs.

Speaker: Snare

 Once upon a time, snare was a code-monkey, cranking out everything from pre-press automation apps to firmware for Big F***ing Laser Machines. Then he got bored and decided to try his hand at the high-flying buzzword-ridden world of Information Security. A couple of thousand "weak SSL ciphers" write ups and a triple-bypass later, here he is.

 

Open Source Intelligence is not just Facebook Open Source Intelligence is not just Facebook
Analysis Avoidance Techniques of Malicious Software Analysis Avoidance Techniques of Malicious Software