Recording computer presentation Live Capture with Atomos Ninja 2 HDMI to SSD recorder – Lessons Learned

Recording HDMI from Computer

Successes

  • Verified okay with Macbook Pro HDMI port, using normal applications like viewing videos and surfing the internet, no issues.
  • Verified okay in live use with a Microsoft Surface with mini-displayport.

Failures

  • Presenter running virtual machines (parallels or such) on Mac. Whenever switching to the virtual environment, HDMI recording and pass-through freezed. Unplugging Atomos unit and connecting Mac directly to the projector, everything worked well.
  • Presenter with an old and torn Mac experienced some temporary screen glitches. Considering the physical state of the the machine, the fault could have been with the HDMI port of that computer and not the Atomos recorder.
  • Presenter with a Mac experienced a HDMI blackout followed by Powerpoint for Mac hanging. So eh, may or may not have been related to the Atomos. Being paranoid, I decided to continue without the Atomos NINJA 2 connected.
  • Presenter with an exotic variant of Linux could detect the Atomos NINJA 2, but was unable to output signal to it. Perhaps it would have worked with other variants of Linux or with more advanced settings.
  • A low cost Delcato Prime VGA-to-HDMI converter did not seem to work at all together with the Atomos. So with this combination, no VGA recordings succeeded.
  • Multiple presenters who had said they had HDMI actually had full sized Display Port. Presenters are not necessarily aware of which cable is named what.

Retrospective / Lessons learned

  • Atomos Ninja 2 is considerably worse than a normal TV/Receiver/Projector at handling ”strange” signals. Lack of supported resolutions, lack of re-scalers, etc (your guess is as good as mine) makes it not able to handle misbehaving or odd computers. But geeks heavily hacked computers will not work.
  • Atomos Ninja 2 works pretty well for ”normal computers with normal HDMI”.  If all you do is to show presentations on a computer you can test and verify in advance, things will probably be okay.
  • You probably need an advanced and well behaving HDMI switch which can do splitting/rescaling etc to reliably use Atomos NINJA2 with geeks hacked computers. Don’t have the Ninja 2 inline with untested presenter computers.
  • Don’t expect a cheap VGA-to-HDMI device to work with this.
  • Get all passive adapters known to man before a presentation. Presenters don’t necessarily correctly identify their needs when asked.
  • You need a lot more time than we had (partly due to Atomos RMA issue) to prepare.

General issues (not computer related)

  • Atomos NINJA2 number one had a weird banding issues on the screen, that basically rendered it unusable with my main camera, had to be RMA’d. Getting a replacement Atomos NINJA2 took forever. So in my unfortunate experience, you cannot order a Atomos unit one month in advance and expect to have any learning experience with it.
  • Both Atomos NINJA2 have a tendency to get SSD stuck. This is apparently normal with new units and problem is reduced significantly after some use (wear and tear makes it better). Dealer showed me the very useful to know the best grip for easy removal:
    1. place unit on a flat table with screen up, ”NINJA 2” text up-side-down close to you.
    2. Use left hand to hold unit and move the eject button with one finger. At the same time, use your right hand thumb to press the closest edge of the Master Caddy.
    3. The drive should remove pretty easily
  • Getting Master Caddy II instead of the original Master Caddy is recommended, it lacks the hole that makes Master Caddy get stuck.
Annonser

Mario Heiderich – An Abusive Relationship with AngularJS – About the Security Adventures with the ”Super-Hero” Framework

Some voices claim that ”Angular is what HTML would have been if it had been designed for building web applications”. While this statement may or may not be true, is certainly accounts as one of the bolder ones a JavaScript web framework can ever issue. And where boldness is glistening like a German Bratwurst sausage in the evening sun, a critical review from a grumpy old security person shouldn’t be too far away. This talk will have a stern, very stern look at AngularJS in particular and shed light on the security aspects of this ever-popular tool. Did the super-hero framework do everything right and follow its own super-heroic principles? Does AngularJS increase or rather decrease the attack surface of a web application? How does AngularJS play along with the Content Security Policy, and was it a good idea to combine this kind of security with futuristic feature creep? And what about AngularJS version 2.0? Beware that we won’t stop at glancing at the code itself, investigating security best practices, and verifying compatibility and other common things that contribute to robust security (or lack thereof). We will cross the moral border and see if the AngularJS team could notice rogue bug tickets. A pivotal question that everyone is wondering about is: Have they successfully kept evil minds like yours truly speaker here from introducing new security bugs into the code base? This talk is a reckoning with a modern JavaScript framework that promises a lot and keeps even more, not necessarily for the best for developers and users. We will conclude in deriving a general lesson learnt and hopefully agree that progress doesn’t invariably mean an enhancement.

An Abusive Relationship with AngularJS – About the Security Adventures with the ”Super-Hero” Framework. Dr. Mario Heiderich, handsome heart-breaker, bon-vivant and (as he loves to call himself) ”security researcher” is from Berlin, likes everything between lesser- and greater-than. He leads the small yet exquisite pen-test company called Cure53 and pesters peaceful attendees on various 5th tier conferences with his hastily assembled PowerPoint-slides and a lot of FUD.

Marie Moe: Unpatchable – Living with a Vulnerable Implanted Device

My life depends on the functioning of a medical device, a pacemaker that generates each and every beat of my heart. This computer inside of me may fail due to hardware and software issues, due to misconfigurations or network-connectivity.

Yes, you read that correctly. The pacemaker has a wireless interface for remote monitoring and I am forced to become a human part of the Internet-of-Things. As a seasoned security-professional I am worried about my heart’s attack surface.

This talk will be focused on the problem that we have these life critical devices with vulnerabilities that can’t easily be patched without performing surgery on patients, my personal experience with being the host of such a device, and how the hacker community can proceed to work with the vendors to secure the devices.

Marie Moe (@MarieGMoe):
Marie Moe is passionate about incident handling and information sharing, she cares about public safety and securing systems that may impact human lives, this is why she has joined the grassroots organisation “I Am The Cavalry”. Marie is a research scientist at SINTEF ICT, and has a Ph. D. in information security. She has experience as a team leader at NorCERT, the Norwegian national CERT. Marie also teaches a class on incident management and contingency planning at Gjøvik University College in Norway. Marie loves to break crypto protocols, but gets angry when its in her own body.

Martin Johns: Your Scripts in My Page – What Could Possibly Go Wrong?

When it comes to web security, there is the one policy to rule them all: The Same-origin Policy. Thanks to this policy, sites hosted on disjunct origins are nice and cleanly separated, thus preventing the leakage of sensitive information into the hands of unauthorized parties. Unfortunately, HTML predates the Same-origin Policy and, thus, was not designed with the origin-based security model in mind. In consequence, HTML tags can freely reference cross-domain locations and include cross-domain content in their hosting web pages.

In this talk, we will present an attack, resulting from this circumstance, that has been widely overlooked in the past but affects a surprisingly high number of Web sites: Information leakage via cross-domain script inclusion.

Modern web sites frequently generate JavaScript on-the-fly via server-side scripting, incorporating personalized user data in the process. Thanks to HTML’s general ignorance of the Same-origin Policy, an attacker is able to include such dynamic scripts into web pages under his control using script-tags pointing to the vulnerable site. This, in turn, allows him to learn many of the secrets contained in these scripts, through the scripts interaction with the page it is included in. In our experiments, we were able to obtain personal information such as name & address of the logged-in user, leak CSRF tokens, read the users emails, and occasionally fully compromise the user’s account. All possible by simply including a script-URL into one of our web pages.

To systematically investigate the issue, we conducted a study on its prevalence in a set of 150 top-ranked domains, in which we observed that a third of the examined sites utilize dynamic JavaScript. Using our attack techniques, we able to leak sensitive data from more than 80% of these sites via remote script inclusion. In the talk we will present the study in general, and the most interesting cases in detail, showing the wide range of possible attack variations along with a bag of tricks how the including page can be prepared to efficiently leak a script’s secrets. Furthermore, we present an efficient detection mechanism, in the form of a browser extension, as well as defensive measure, which enable robust protection.

Martin Johns (@datenkeller)
Dr. Martin Johns is a research expert in the Security and Trust group within SAP SE, where he leads the Web application security team. Before joining SAP, Martin studied Mathematics and Computer Science at the Universities of Hamburg, Santa Cruz (CA), and Passau. During the 1990s and the early years of the new millennium he earned his living as a software engineer in German companies. He is board member of the German OWASP chapter, holds a Diploma in Computer Science from University of Hamburg and a Doctorate from the University of Passau. Martin is a regular speaker at international security conferences, incl. Black Hat, the OWASP AppSec series, ACSAC, ESORICS, PacSec, HackInTheBox, RSA Europe, or the CCC Congress.

Michele Orrù (@antisnatchor) – Dark FairyTales from a Phisherman Vol III

Phishing and client-side exploitation DevOps for all your needs. Combine BeEF, PhishingFrenzy and your fishy business to automate most of the usual phishing workflow while minimizing human interaction. Multiple real-life phishing engagements will be discussed, together with the shiny new BeEF Autorun Rule Engine.

Michele Orrù a.k.a. antisnatchor is the lead core developer and smart-minds-recruiter for the BeEF project. Michele is also the co-author of the ”Browser Hacker’s Handbook.” He has a deep knowledge of programming in multiple languages and paradigms, and is excited to apply this knowledge while reading and hacking code written by others. Michele loves lateral thinking, black metal, and the communist utopia (there is still hope!). He also enjoys speaking and drinking at a multitude of hacking conferences, including CONFidence, DeepSec, Hacktivity, SecurityByte, AthCon, HackPra AllStars, OWASP AppSec USA, 44Con, EUSecWest, Ruxcon, InsomniHack, PXE, BlackHat and more we just cant disclose. Besides having a grim passion for hacking and programming, he enjoys leaving his Mac alone, while fishing on saltwater and praying for Kubricks resurrection.

 

TOR Questions And Answers with Georg Koppen and Philipp Winter

For those interested in online anonymity there are lots of tools available and Tor is one of the most frequently used. How does it work, how do you use it safely, and what are the risks? Is it possible to express your opinions anonymously on the internet today or can well funded actors circumvent the anonymity that Tor provides and find your true identity? What is the current status of the anonymity provided and what is being done to prevent current and future attacks on Tor?
To answer those and other questions regarding Tor we have invited Georg Koppen and Philipp Winter from the Tor Project to join us this evening.

Abstract
Tor is an overlay network that enables people to use the Internet anonymously. We give a brief overview of how Tor works and then focus on how Tor can be used safely. In particular, we talk about the problem of malicious exit relays, how they can be a problem for Tor users, and how the Tor Project deals with them. Next, we talk about Tor Browser, The Tor Project’s Firefox fork. Tor Browser protects against a number of (deanonymization) attacks that are not prevented by Firefox or Chrome. The goal of this talk is to show how Tor can be used safely for Web surfing and to correct common misunderstandings.
The event is sponsored by TeliaSonera and Mullvad, so we wish to thank them in advance for food, drinks and the venue!
The event will be held in English!
For those that can interpret the swedish language there is currently an interesting episode on SVT, ”Vetenskapens värld” discussing the subject to some degree

Speaker bios

Georg Koppen
Georg got interested in anonymity-related technologies because of the relationship between freedom and surveillance. Between 2009 and 2013 he was employed by the JonDos GmbH working mainly on a hardened browser profile for the JonDonym/AN.ON system.
Since 2013 he works for The Tor Project on the Tor Browser, Torbutton, and Tor’s build automation. He’s also the main developer behind Tor’s effort to create deterministic builds.

Philipp Winter
Works for The Tor Project on research related to malicious exit relays and censorship circumvention. He is the main developer of ScrambleSuit, a polymorphic network traffic obfuscation protocol that’s used by Tor.