SSL Wars - The Dark Side of SSL

Presented at Notacon 8 (2011), April 15, 2011, 8 p.m. (60 minutes).

The Rebel Alliance uses SSL to encrypt their transmissions so that the empire does not

find the location of their secret base. In order to defeat the Rebel Alliances Darth Vader has studied

SSL extensively to learn how it can be bypassed to listen to rebel transmissions. By taking advantage

of SSL weaknesses, Vader hopes to stay one step ahead of the "rebel scum". In this presentation,

Vader will address the significance of the protection mechanisms SSL provides, best practices for SSL

implementation and various vulnerabilities associated with SSL. Vader will show video demonstrations

of tools which can be used to attack SSL such as "SSL Strip", and "SSL Sniff". The audience will walk away

with a better understanding of what SSL is and some of the ways it has been compromised.


Presenters:

  • Darth Vader
    This presentation will be given by the Dark Lord of the Sith himself (Darth Vader). Darth Vader was once one of the most powerful Jedis in the galaxy (Anakin Sywalker). Disillusioned by the ways of the Jedi young Anakin chose to follow the Dark Side of the force and was given the name Darth Vader by his mentor, Darth Sidious. This misunderstood ambitious Sith is currently the empire's right hand man and one day he hopes to rule the galaxy with his son. The role of Darth Vader will be played by Gary McCully. Gary McCully is a Security Consultant on the Profiling team at SecureState, a Cleveland, Ohio based security consulting company. At SecureState Gary performs vulnerability assessments, war dialing, firewall reviews, penetration tests, physical penetration tests and web application security reviews. His research interests include the discovery and exploitation of buffer overflows, lock picking, and SSL vulnerabilities.

Links:

Similar Presentations: