Getting Social with the Smart Grid

Presented at DEF CON 18 (2010), Aug. 1, 2010, 5 p.m. (50 minutes).

Littered with endless threats and vulnerabilities surrounding both social networking and the Smart Grid, the marriage of these two technologies is official, despite protests by the security community. Consumers love it because they can brag to their friends about how green they are. Businesses love it more because it provides fresh material for their marketing departments. Hackers love it the most because it opens up attack vectors, both new and old. During this presentation we dissect readily available social Smart Devices, examining where they get things right, and where they fail. We expand on the failures, discussing and demonstrating attacks against consumers (think PleaseRobMe.com), the Smart Devices themselves, and the social networking sites they communicate with. We want consumers, device manufactures, and social networking sites to understand how to get social with the Smart Grid securely, and prevent social networking privacy from becoming even more complex. The tools we release during this presentation will allow consumers to review their Smart Devices' social footprint, and provide device manufacturers with recommendations that can be implemented immediately. Attendees will leave our presentation armed with a deep understanding of the strengths and weaknesses of social Smart Devices, how to attack their current weaknesses and leverage their current strengths, and utilize our tools to further research how we all can better secure the social side of the Smart Grid.


Presenters:

  • Justin Morehouse
    Justin Morehouse leads the assessment team at one of the nation's largest retailers. He's released several security tools including PassiveRecon, while his most recent tool, GuestStealer, was released at ShmooCon 2010. Justin holds a M.S. in Information Assurance, is an adjunct college professor, and leads the OWASP Tampa chapter.
  • Tony Flick - Principal, FYRM Associates
    Tony Flick is a Principal with Tampa-based FYRM Associates. He's presented at Black Hat, DEF CON, ShmooCon and OWASP conferences. Additionally, Tony has been recognized as a security subject matter expert and utilized by such media outlets as the Associated Press, SC Magazine, Dark Reading, and eWeek.

Links:

Similar Presentations: