CONFERENCE

CONFidence | Krakow | 06.2018

About the conference... 

With more than 1100 attendees, 45 lectures and 60 speakers, the CONFidence is the biggest IT-security conference in Poland. Speakers from around the world give lectures about all the new advances in all IT-security related topics. Security experts, researchers, developers and all kinds of IT-specialists come every year to Krakow to attend the CONFidence.

 

Created in 2005 by a group of enthusiasts, it attracts more and more attendees from different backgrounds and regions.  The focus lies on delivering practical, relevant and diverse content. The Program Committee prepares a full schedule of advanced lectures, real life examples as well as innovative solutions.

 

In cooperation with the committee, the Qubes Team had the pleasure to visit the conference, present interesting topics and even organise a workshop on both days.

  • CONFidence Website
  • CONFidence Facebook Page
  • CONFidence YouTube

PRESENTATION

Surfing on your CAN-Bus

 

Open Source based car-hacking tools and your jump start cable for car hacking

by Thomas Fischer

 

Thomas Fischer had the great opportunity to hold a presentation where he explained the design and vulnerabilities of the ubiquitous network in the automotive industry and introduced the attendees to open source hardware and software tools

Topic

Car-hacking was often an expensive and real frustrating topic. Car-hackers were confronted by non-existent (or expensive) documentation, obscure electronics and different connectors. The situation changed multiple times, but a lot of dead projects are paving the Internet. Luckily for us, car-makers around the world are using more and more standardized electronics and the IoT-device-zoo is putting a lot more tools in our hands.

Quote von Thomas / Team 

Lorem Ipsum Dolor Sit AmetLorum Ipsum Dolor Sit AmetLorum Ipsum Dolor Sit AmetLorum Ipsum Dolor Sit AmetLorum Ipsum Dolor Sit AmetLorum Ipsum Dolor Sit Amet

When was the CAN-Bus published?

The engineers at Bosch started around 1984 with the development of a robust bus-system for a car. It was first released to the automotive press at 1987 in Detroit and it was first used in the Mercedes E500 W124 in 1991. This car was the technology carrier of many of the parts for the Mercedes Benz S-Class W140. 

What does a modern implementation look like?

The S-Class W222 is the top car of Mercedes Benz. There could be (depending on the configuration) more than a 100 ECU. The number of messages changed from less than 100 in the W140 from 1991 to more than 6000. Now the CAN-Bus is widely used as a reliable backbone and interconnects newer protocols and bus-types like the LIN-Bus. The LIN-Bus is used as a cheap alternative for tasks like window-opening or door-locks. Another Bus is the MOST-Bus, which supports the higher data rates needed for media and video transmissions. 

Message based

vs

Address based communication

To understand how the CAN-Bus works, it is important to understand that the CAN-Bus is a message based protocol. Message based means that the receiver has to know while a data packet is floating by that he has to react to it. This also means, that there is no direct knowledge about the participants of the bus.

WORKSHOP

Surfing on your CAN-Bus

 

Open Source based car-hacking tools and your jump start cable for car hacking

by Thomas Fischer

 

Thomas Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. 

Goal

Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod.

For the 2018 Confidence we decided to add a new element to this conference. We wanted to add some more hands-on experience and I proposed to create a car-hacking workshop.

Process

Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod.

System

Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod.

Result

Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod.

LINKS & DOWNLOADS

IT SECURITY MAGAZINE
 
MAGAZINE FEATURE
Download the magazine feature including all the details to Thomas' topic 
Surfing on your CAN-Bus"
  • Download Hakin9 Feature
  • Visit Hakin9 Website
  • Hakin9 Facebook Page
 
PRESENTATION
Download the full presentation
"Surfing on your CAN-Bus"
  • Download Hakin9 Feature
  • Visit Hakin9 Website
  • Hakin9 Facebook Page
 
CONFIDENCE WEBSITE
Get more information about the CONFidence or book your tickets for the next date
  • Download Hakin9 Feature
  • Visit Hakin9 Website
  • Hakin9 Facebook Page
 
 

WANT TO KNOW MORE ABOUT THE TEAM ? 

GET IN TOUCH!