Bridge Attack(BA) is new attack surface for mobile phone and IoT devices in LAN. The abstract bridge is usually implemented by some custom schemes or protocols, such as Javascript Bridge in webview, Upnp Protocol in IoT. In some cases, the Bridge's expanded ability makes the risks of devices in LAN, and the vulnerability can be persistently exploited with a common web attack(Eg. XSS/CSRF)
Bridge Attack finds the potential vulnerability in communication between internal and external components. We think that external component gives more data-flow attack entries which should be checked identification in the internal component. That means bridge attack makes devices in LAN face more attack risks which can lead to remote code execution, sensitive data leak and IOT devices being controlled.
Zidong Han, is an android security researcher from Tencent Mobile Security Lab, Razor Team. Focuses on mobile security research, especially App vulnerability and IOT related security research, Attended HITB-SECCONF-2018-Beijing,as a speaker in CommSec:《Who Hijacked My Smart Home: One URL to Hack ALL IoT Devices 》Attended GeekPwn 2018, Hack Pwn in House. Found and exploited more than 20 vulnerabilities in eight kinds of IoT devices.
WeChat: hzddm12340
WARNING: Magnitude 10 Earthquake Is Coming in One Minute
Weiguang Li LTE Security Researcher from 360 Technology
JingLi Hao
Yuwei Zheng
Public warning system (PWS) based on mobile communication system is used to alert the public to emergency events such as earthquakes, tsunamis, hurricanes, etc. We carefully study the PWS in LTE network and uncover the vulnerability of PWS in LTE air interface, i.e., the warning messages of the PWS are not encrypted or signed when they are transmitted over the air. Thus, it is possible that malicious PWS warning messages can be transmitted.
We simply use a low cost soft define radio (SDR) device and modify not much code of the LTE open source project srsLTE in order to forge the warning messages. Both Apple and Android test mobile phones are affected by our forged warning messages.
Fake PWS warning messages will cause serious panics among the population, they also could be used to send advertising or spam messages. The public warning system may become paralyzed and useless under the threat of the abuse of fake warning messages.
Weiguang Li is a mobile network security researcher from UnicornTeam of 360 Technology Co. Ltd in China. He mainly focuses on GSM and LTE security, He is also interested in NB-IOT baseband reverse engineering and software-defined radio development.
WeChat: ColorLight
Yuwei Zheng is a senior security researcher from 360 technology. He focuses on the security issues of embedded hardware and IOT systems. He was the speaker of DEFCON, HITB and BlackHat.
JingLi Hao is a researcher of 360 Security Research Institute, member of Unicorn Team, satellite hacker
Breaking the back end! It is not always a bug. Sometimes, it is just bad design!
Gregory Pickett Cybersecurity Operations, Hellfire Security
Reverse engineering is critical to exploitation. However, going through the process of reverse engineering can often lead to a great deal more than just uncovering a bug. So much so that you might find what you need for exploitation even if you don't find a bug.
That’s right. If you go through object data, object representation, object states, and state changes enough you can find out quite a lot. Yes. Poor application logic is a bitch. Just ask any application penetration tester. This time it is not the magstripe. It’s appsec and you will get to see how application attacks can be used against a hardware platform.
In this talk, I will go through the journey that I took in reverse engineering the public transportation system of an east asian mega-city, the questions that I asked as I wondered “How does this work?”, the experiments that I ran to answers those questions, what I learned that lead me to an exploit capable of generating millions of dollars in fake tickets for that very same system, and how other designers can avoid the same fate. Not without risk, this research was done under a junta so I will also be telling you how I kept myself out of jail while doing it. Please join me. You won’t want to miss it.
Gregory Pickett CISSP, GCIA, GPEN has a background in intrusion analysis for Fortune 100 companies but now heads up Hellfire Security’s Managed Security Services efforts and participates in their assessment practice as a network security subject matter expert. As a security professional, his primary area of focus and occasional research is networks with an interest in using network traffic to better understand, to better defend, and sometimes to better exploit the hosts that live on them. He holds a B.S. in Psychology which is completely unrelated but interesting to know. While it does nothing to contribute to how he makes a living, it does demonstrate how screwed up he actually is.
@shogun7273, https://sourceforge.net/u/shogun7273/profile/
Attacks you can't combat: vulnerabilities of most robust mobile operators
Sergey Puzankov Telecom Security Expert, Positive Technologies
The mobile world is moving to 5G. However, there are billions of subscribers who still use old 2G and 3G networks. These networks rely on the SS7 (Signaling System #7) protocol stack that was developed in the 1970s. The SS7 stack was supposed to be used as an isolated network within a small club of large telephone operators, so nobody thought about upper-layer security mechanisms. Further development of SS7 brought the possibility of sending signaling traffic over IP networks. Thus, the SS7 stack got vulnerabilities “by-design” that allow an external intruder to perform such attacks as location tracking, service disruption, SMS and voice call interception. Mobile operators, equipment vendors, and non-commercial organizations (such as the GSMA - the association of mobile operators) are aware of the problem. They develop and implement security solutions mitigating threats from SS7 networks.
Our recent research shows that SS7 has vulnerabilities that allow bypassing any protection tools. Manipulation of parameters on different layers of an SS7 message may help an intruder to cheat a security tool and achieve the goal even with subscribers served by a well-protected network. The research findings were reported to the GSMA Coordinated Vulnerability Disclosure Programme and FASG (Fraud and Security Group). The report was used for a security recommendations update.
In this presentation, I will demonstrate how an intruder can use new SS7 vulnerabilities to bypass security tools. I will explain why it is possible and how network equipment reacts to malicious traffic. In addition, I will give recommendations to operators on how to make their networks more secure.
Sergey was born in 1976. He graduated from Penza State University with a degree in automated data processing and management systems in 1998. Before joining Positive Technologies in 2012, he worked as a quality engineer at VimpelCom. Being a security expert in telecommunication systems at Positive Technologies, he researches signaling network security and participates in audits for mobile operators around the world.
Sergey is also the general developer of the PT Telecom Vulnerability Scanner tool, member of the PT Telecom Attack Discovery development team, writes Positive Technologies annual reports on telecom security.
He is part of the team that revealed vulnerable points in popular two-factor authentication schemes using texts and demonstrated how easy it is to compromise Facebook, WhatsApp, Telegram accounts, and a Bitcoin wallet.
Apart from that, Sergey actively contributes the results of security research and discovered vulnerabilities to global organizations, such as GSMA and ITU.
Twitter: xigins
Derevolutionizing OS Fingerprinting: The Cat and Mouse Game
Jaime Sanchez Global Security Research Lead, Telefónica
With the explosive growth and distributed nature of computer networks, it has become progressively more difficult to manage, secure, and identify Internet devices. An outsider has the capability to discover general information, such as which operating system a host is running, by searching for default stack parameters, ambiguities in IETF RFCs or non-compliant TCP/IP implementations in responses to malformed requests. By pinpointing the exact OS of a host, an attacker can launch an educated and precise attack against a target machine.
There are lot of reasons to hide your OS to the entire world:
- Revealing your OS makes things easier to find and successfully run an exploit against any of your devices.
- Having and unpatched or antique OS version is not very convenient for your company prestige. Imagine that your company is a bank and some users notice that you are running an unpatched box. They won't trust you any longer! In addition, these kind of 'bad' news are always sent to the public opinion.
- Knowing your OS can also become more dangerous, because people can guess which applications are you running in that OS (data inference). For example if your system is a MS Windows, and you are running a database, it's highly likely that you are running MS-SQL.
- It could be convenient for other software companies, to offer you a new OS environment (because they know which you are running).
- And finally, privacy; nobody needs to know the systems you've got running.
This talk aims to present well-known methods that perform classification using application-layer traffic (TCP/IP/UDP headers, ICMP packets, or some combination thereof), old style approaches to defeat remote OS fingerprinting (like tweaking Windows registry or implement patches to the Linux kernel) and why this doesn't work with nowadays and could affect TCP/IP stack performance. We'll also present a new approach to detect and defeat both active/passive OS fingerprint with OSfooler-NG, a completely rewritten tool, highly portable, completely undetectable for the attackers and capable of detecting and defeating famous tools like nmap, p0f, Xprobe, pfsense and many commercial engines.
Sorry guys, OS fingerprinting is over...
Jaime Sánchez (aka @segofensiva) has worked for over 20 years as a specialist advisor for large national and international companies, focusing on different aspects of security such as consulting, auditing, training, and ethical hacking techniques. He holds a Computer Engineering degree and an Executive MBA. In addition, he holds several certifications, like CISA , CISM , CISSP , just to name a few, and a NATO SECRET security clearance, as a result of his role as advisory of many law enforcement organizations, banks and large companies in Europe and Spain.
He has spoken in renowned security conferences nationally and internationally, as in RootedCON , Nuit du Hack , Black Hat , Defcon , DerbyCON , NocOnName , Deepsec , Shmoocon or Cyber Defence Symposium , among others. As a result of his researches, he has notified security findings and vulnerabilities to top companies and vendors, like Banco Popular, WhatsApp, Snapchat, Microsoft, Apple etc.
He is a frequent contributor on TV (TVE, Cuatro, LaSexta, Telecinco), press (El Pais, El Mundo, LA Times, NBC News) and radio programs, and writes a blog called 'SeguridadOfensiva'
Twitter: @segofensiva
Website: https://www.seguridadofensiva.com
Tools: https://github.com/segofensiva
VoIPShark: Open Source VoIP Analysis Platform
Nishant Sharma R&D Manager, Pentester Academy
Jeswin Mathai Security Researcher, Pentester Academy
Ashish Bhangale Senior Security Researcher, Pentester Academy
Leveraging the packet switched network for making phone calls or VoIP has come a long way now. Today, it has already replaced conventional circuit switching based telephones from the large organizations and now moving to capture the non-commercial users. In this talk, we will focus on the traffic analysis based security analysis of SIP and RTP protocols which are one of the most popular protocols for VoIP. These protocols are already gaining new adopters on high rate and also replacing older protocols like H323.
We will discuss VoIPShark open source VoIP Analysis Platform which will allow people to analyze live or stored VoIP traffic, easily decrypt encrypted SRTP stream, perform macro analysis, generate summary specific to VoIP traffic/nodes and export calls/SMS/DTMF in popular user friendly file formats. We will also be releasing VoIPShark collection of Wireshark plugins written in Lua under GPL. VoIPShark is plug-n-play, easy to modify/extend and platform independent in nature. We will also discuss the currently available open source tools for SRTP decryption, their shortcomings and how VoIPShark address those.
Nishant Sharma is a R&D Manager at Pentester Academy and Attack Defense. He is also the Architect at Hacker Arsenal where he leads the development of multiple gadgets for WiFi pentesting such as WiMonitor, WiNX and WiMini. He also handles technical content creation and moderation for Pentester Academy TV. He has 6+ years of experience in information security field including 4+ years in WiFi security research and development. He has presented/published his work at Blackhat USA/Asia, Wireless Village, IoT village and Demo labs (DEFCON). Prior to joining Pentester Academy, he worked as a firmware developer at Mojo Networks where he contributed in developing new features for the enterprise-grade WiFi APs and maintaining the state of art WiFi Intrusion Prevention System (WIPS). He has a Master's degree in Information Security from IIIT Delhi. He has also published peer-reviewed academic research on HMAC security. His areas of interest include WiFi and IoT security, AD security, Forensics and Cryptography.
LinkedIn: https://www.linkedin.com/in/wifisecguy/
Twitter: @wifisecguy
Facebook: https://www.facebook.com/wifisecguy
Ashish Bhangale is a Senior Security Researcher at Pentester Academy and Attack Defense. He has 6+ years of experience in Network and Web Application Security. He has also worked with the state law enforcement agencies in the capacity of a Digital Forensics Investigator and was instrumental in solving IT fraud/crime cases. He was responsible for developing and testing the Chigula (WiFi Forensics Framework) and Chellam (First pure WiFi Firewall) frameworks. He has also created and managed multiple projects like Vulnerable Web Application OSes, Vulnerable Router Project and Damn Vulnerable Wordpress. He has presented/published his work at Blackhat, Wireless Village, IoT village and Demo labs (DEFCON). His areas of interest include Forensics, WiFi and AD security.
Jeswin Mathai is a Researcher at Pentester Academy and Attack Defense. He has published his work at Blackhat Arsenal and Demo labs (DEFCON). He has a Bachelor's degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals, conducted awareness workshops for government institutions. He was also the part of team Pied Piper who won Smart India Hackathon 2017, a national level competition organized by GoI. His area of interest includes Malware Analysis and Reverse Engineering, Cryptography, WiFi security and Web Application Security.
LinkedIn: https://www.linkedin.com/in/jeswinmathai/
Twitter: @jeswinMathai
Facebook: https://www.facebook.com/jeswinMathai
Tag-side attacks against NFC
Christopher Wade
This talk covers tag-side attacks against NFC communication protocols, including cracking of Mifare encryption keys and performing targeted attacks against NFC readers. In addition, it will cover the design and creation of devices capable of emulating NFC tags down to the raw protocol using standard components and tools, with no abstraction to dedicated hardware, covering and expanding on the capabilities of available products. This talk will contain how 13.56MHz NFC works at a raw level, how tools can be built for analysing it, how the protocol can be implemented in full on standard Microcontrollers, and the security weaknesses present in its design.
Chris is a seasoned security researcher and testing consultant. His main focuses are in reverse engineering hardware, fingerprinting USB vulnerabilities and playing with Software Defined Radios, with his key strength lying in firmware analysis, which he utilises as part of the hardware testing team at Pen Test Partners.
https://github.com/Iskuri
@Iskuri1 on Twitter
How to perform security analysis on IoT equipment through building a base station system
XiaoHuiHui Senior Security Researcher, Baidu,Inc.
Every year billions more smart devices, like those in vending machines\automobile central controls\shared bicycles\smart watches, are connecting to the network using 2/3/4G technology. On one hand, we need to obtain the data of connections between devices and cloud to analyze and find the vulnerabilities. On the other hand, as latest devices do not have as many direct break-in points to exploit, sniffing and man-in-the-middle into 2/3/4G traffic seem to be the trending and effective attacks, which may cause serious security issues such as leaking confidential information and remote command execution etc.
In this talk, we will first show how to build a test GSM base station system under legal premise, and then introduce a new method (inspired from learnings on malicious BTS practices in China) which make the mobile devices connected to the test base station system automatically. Using this method, we can sniff and run MITM attack easily. This affects all kinds of devices using 2/3/4G. We will demonstrate 4 examples, which use this method to find the vulnerability and take control of the devices. At the end, we will present how to build a 4G LTE test base station to perform the fast and stable testing on mobile devices.
Shupeng is a member of Baidu Security Lab. He is an expert on IoT security, AI security, penetration testing, etc. He was invited to talk on multiple security conferences, and successfully pwned IOT equipments on XPwn 2016/2017/2018, GeekPwn May/October 2017, the biggest pwn competitions in China.
From Ancient to Modern: Diagnosing Root Cause of Software Vulnerabilities from unexpected Crashes
Xinyu Xing Assistant Professor, Penn State University. Research Scientist, JD.com
Jimmy Su Head of security center, JD.com Silicon Valley
Despite the best efforts of developers, software inevitably contains flaws that may be leveraged as security vulnerabilities. Modern operating systems integrate various security mechanisms to prevent software faults from being exploited. To bypass these defenses and hijack program execution, an attacker therefore needs to constantly mutate an exploit and make many attempts. While in their attempts, the exploit triggers a security vulnerability and makes the running process terminate abnormally.
After a program has crashed and terminated abnormally, it typically leaves behind a snapshot of its crashing state in the form of a core dump. While a core dump carries a large amount of information, which has long been used for software debugging, it barely serves as informative debugging aids in locating software faults, particularly memory corruption vulnerabilities. As such, previous research mainly seeks full reproducible execution tracing to identify software vulnerabilities in crashes. However, such techniques are usually impractical for complex programs. Even for simple programs, overhead of full tracing may only be acceptable at the time of in-house testing.
In this talk, we will introduce a reverse execution technique, which takes as input a core dump, reversely executes the corresponding crashing program and automatically pinpoints the root cause of the vulnerable site hidden behind the crash. In the process of performing reverse execution, our technique typically encounters uncertainty (e.g., uncertain control or data flow) which significantly influence the capability of identifying vulnerabilities. To tackle this problem, we augment the technique with deep recurrent neural network, which poses reverse execution with the ability to perfectly infer the control and data flow leading up to the program crash. To demonstrate the utility of this technique, we have already used it to analyze hundreds of crashes pertaining to more than 300 CVEs, and successfully pinpoint the vulnerable site corresponding to each crash. Along with this talk, we will release the tool developed under our technique and make it publicly available.
Dr. Xinyu Xing is an Assistant Professor at the Pennsylvania State University, and currently working at JD Inc. as a visiting researcher. His research interest includes exploring, designing and developing tools to automate vulnerability discovery, failure reproduction, vulnerability diagnosis (and triage), exploit and security patch generation. He was the speaker at BlackHat USA, BlackHat Europe and many academic conferences (e.g., USENIX Security and CSS). He has also received best paper awards from academic conferences such as CCS and ACSAC. His works have been featured by many mainstream media, such as Technology Review, New Scientists and NYTimes etc. He was also the organizer of NSA memory corruption forensics competition.
xingxinyu1983 (wechat)
http://xinyuxing.org (personal site)
Dr. Jimmy Su leads the JD security research center in Silicon Valley. He joined JD in January 2017. Before joining JD, he was the director of advanced threat research at FireEye Labs. He led the research and development of multiple world leading security products at FireEye, including network security, email security, mobile security, fraud detection, and end-point security. He led a global team including members from the United States, Pakistan, and Singapore from research to product releases on the FireEye's first machine learning based malware similarity analysis Cloud platform. This key technology advance was released on all core FireEye products including network security, email security, and mobile security. He won the Q2 2016 FireEye innovation award for his seminal work on similarity analysis. He earned his PhD degree in Computer Science at the University of California, Berkeley in 2010. After his graduation, he joined Professor Dawn Song's team as a post doc focusing on similarity analysis of x86 and Android applications. In 2011, he joined Professor Song in the mobile security startup Ensighta, leading the research and development of the automatic malware analysis platform. Ensighta was acquired by FireEye in December of 2012. He joined FireEye through the acquisition. JD security research center in Silicon Valley focuses on these seven areas: account security, APT detection, bot detection, data security, AI applications in security, Big Data applications in security, and IoT security.
Transferability of Adversarial Examples to Attack Cloud-based Image Classifier Service
Liu Yan (Dou Goodman) Senior Security Researcher, Baidu X-Lab
Hao Xin Security Researcher, Baidu X-Lab
Wang Yang Security Researcher, Baidu X-Lab
Wei Tao Chief Security Scientist, Baidu
In recent years, Deep Learning(DL) techniques have been extensively deployed for computer vision tasks, particularly visual classification problems, where new algorithms reported to achieve or even surpass the human performance . While many recent works demonstrated that DL models are vulnerable to adversarial examples.Fortunately, generating adversarial examples usually requires white-box access to the victim model, and real-world cloud-based image classifier services are more complex than white-box classification and the architecture and parameters of DL models on cloud platforms cannot be obtained by the attacker. The attacker can only access the APIs opened by cloud platforms. Thus, keeping models in the cloud can usually give a (false) sense of security.In this paper, we mainly focus on studying the security of real-world cloud-based image classifier services. Specifically, (1) We propose a novel attack methods, Fast Featuremap Loss PGD (FFL-PGD) attack based on Substitution model ,which achieve a high bypass rate with a very limited number of queries. Instead of millions of queries in previous studies, our methods find the adversarial examples using only two queries per image ; and (2) we make the first attempt to conduct an extensive empirical study of black-box attacks against real-world cloud-based classifier services. Through evaluations on four popular cloud platforms including Amazon, Google, Microsoft, Clarifai, we demonstrate that Spatial Transformation (ST) attack has a success rate of approximately 100% except Amazon approximately 50%, FFL-PGD attack have a success rate over 90% among different classifier services.
Liu Yan (Dou Goodman), Head of AI security team of Baidu X-Lab, is a technology writer of AI Safety Trilogy. His research interests include AI and network security. He starts the open source project Advbox.
Wang Yang is a senior security researcher of Baidu X-Lab. His interests lie in face recognition, adversarial learning, and data mining. He maintains and actively contributes to Advbox project that is an open source toolbox for AI safety.
Hao Xin has been engaged in security product development for many years in Baidu. His main research directions include object detection and image classification.
Dr. Tao (Lenx) Wei is the head of Baidu X-Lab. Prior to joining Baidu, he was an associate professor at Peking University. His research interests include software analysis and system protection, web trust and privacy, programming languages, and mobile security.
Face Swapping Video Detection with CNN
Wang Yang Security Researcher, Baidu X-Lab
Junfeng Xiong Security Researcher, Baidu X-Lab
Liu Yan Security Researcher, Baidu X-Lab
Hao Xin Security Researcher, Baidu X-Lab
Wei Tao Chief Security Scientist, Baidu
Recent developments of fabricating faces in videos such as Deepfakes have raised significant concerns that these deep learning techniques may be abused to create pornographic video or fake propaganda. In Deepfakes videos, the faces of a person are replaced with the faces of another one. And these faked videos are nearly indistinguishable for human.
We find CNN-based networks can effectively distinguish DeepFakes videos from the real ones and present two effective methods. Firstly, we use a simple yet effective CNN architecture with several convolutional layers to build a powerful DeepFakes detector. Secondly, we find a FaceNet based method is an effective binary classifier. FaceNet is one of the state-of-the-art convolutional neural networks for face recognition, which could catch high-level features of faces. We use these features to train an SVM classifier. The two methods demonstrate successful detection reaching an accuracy rate of 99% and 94% respectively among our tests.
Wang Yang is a senior security researcher of Baidu X-Lab. His interests lie in face recognition, adversarial learning, and data mining. He maintains and actively contributes to Advbox project that is an open source toolbox for AI safety.
Junfeng Xiong(Jay Xiong) is an AI security researcher at Baidu X-Lab. His research interests cover deep learning security, privacy and IOT.
Liu Yan (Dou Goodman), Head of AI security team of Baidu X-Lab, is a technology writer of AI Safety Trilogy. His research interests include AI and network security. He starts the open source project Advbox.
Hao Xin has been engaged in security product development for many years in Baidu. His main research directions include object detection and image classification.
Dr. Tao (Lenx) Wei is the head of Baidu X-Lab. Prior to joining Baidu, he was an associate professor at Peking University. His research interests include software analysis and system protection, web trust and privacy, programming languages, and mobile security.
The art of game security
Joey Zhu Expert/Director
The game security is a branch of security without noteworthy, but the problems is critical for game survival. The underground economy cost billions of dollars loss from game, the presentation will discover some founding at underground economy at first. In the main part of presentation will show some techniques details of game hacks with comparison of traditional security problem. The last part will discuss some protection countermeasures against those hacks and exploits.
Joey Zhu is an expert and director at Tencent, and working on Game Security since 2013. Previously, he was an architect and researcher at Trend Micro China from 2005 to 2012. His major work focus on PE virus sandbox, Script Analysis Engine on web threats and Game Security solution. He was honored to be a speaker on the topic “Chinese phishing at DEF CON 19”, in Las Vegas, in 2011.
WeChat: joey-nj
Chinese Mechanical Locks - An Insight into a Unique World of Locks
Lucas Zhao UrbanHawk
In most of the world, the lock market is pretty unremarkable. However, there is a whole other world of lock designs that are sold exclusively to the Chinese domestic market. This presentation will discuss a variety of topics regarding Chinese mechanical lock designs, from the unique dynamics of the market that fostered these designs, to flaws present in these designs, as well as how we can use some of these principles present in these locks for use in other situations.
Lucas Zhao (UrbanHawk) is a 19-year-old lockpicker (albeit a mediocre one) with a special interest in Chinese locks, and an avid collector of locks from all over the world. He has been dissecting and researching locks since he was 10 years of age, and has a fairly comprehensive knowledge of all things related to locks. He loves to talk endlessly about his lock interests to anyone who will listen, much to the annoyance of his friends, who now avoid actively avoid him. He currently attends Case Western Reserve University in Cleveland, OH as an undergraduate student.
Twitter: @TheUrbanHawk
Hacking Driverless Vehicles
Zoz
Did you watch Total Recall and wish you could fuck up JohnnyCab? Driverless vehicles are here at last and practically ripe for the hacking. Autonomous and unmanned systems already patrol our skies and oceans, and are being tested on our streets, highways and sidewalks. All trends indicate these systems are at an inflection point that will show them rapidly becoming commonplace. It is therefore a salient time for a discussion of their capabilities and potential vulnerabilities.
This session will be an informative and light-hearted look at the current state of civil driverless vehicles and what hackers or other reprobates might do to mess with them. Topics covered will include the full suite of common and proposed sensors, decision profiles and potential failure modes that could be exploited. This talk aims to both inspire unmanned vehicle designers and end users to think about robustness to adversarial and malicious scenarios, and to give the paranoid false hope of resisting the robot revolution.
Zoz is a robotics interface designer and rapid prototyping specialist. As co-host of the Discovery Channel show 'Prototype This!' he pioneered urban pizza delivery with robotic vehicles, including the first autonomous crossing of an active highway bridge in the USA, and airborne delivery of life preservers at sea from an autonomous aircraft. He, for one, welcomes our new robot chauffeurs, and would only mess with them out of tough love.