Archive entry: Lecture series: IT Security in the winter 2015/16
| Phishing | Jailbreak | Firewall | Industrial espionage |
Vulnerabilities | Hacker attacks | Adware | Online searches |
| Encryption | Edward Snowden | Trojan ransomware | Cloud security |
Cyber attacks | Malware | Private sphere protection | Monitoring |
These are only a few terms from the area of IT security.
Would you like more background information or are you interested in understanding in what areas IT security also plays a role?
Then our lectures are just the thing for you!
16.12.2015: Hacker und Spione: Bedrohungen der IT-Sicherheit, Prof. Dr. Rainer W. Gerling
(Hacker and spies: Threats to IT security)
Date/time: Wednesday, 16 December 2015, 6:30 p.m.
Location: Lecture hall 1100 (main campus)
Lecturer: Prof. Dr. Rainer W. Gerling, Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V.
Lecture content:
- IT security in Germany: a situation report
- How does an attack work these days?
- Can you even defend yourself against modern hacker attacks?
- Prospects for future developments
13.1.2016: Ich habe doch nichts zu verbergen! Was das Internet und seine Protagonisten über uns wissen, Dipl.-Inf. Thomas Kittel und Dr.-Ing. Carsten Trinitis
(I have nothing to hide! What the Internet and its protagonists know about us)
Date/time: Wednesday, 13 January 2016, 6:30 p.m.
Locations: Lecture hall 1100 (main campus)
Lecturer: Dipl.-Inf. Thomas Kittel and Dr.-Ing. Carsten Trinitis, TUM
About the lecture:
Social media, search engines, online shops and government organizations all collect data about Internet users. In this lecture you will learn about the extent of this collection mania, how the technology behind it works and how you can respond to it.
27.1.2016: USBösewichte, Markus Eberle und Markus Friedrich
(Bad USBs)
Date/time: Wednesday, 27 January 2016, 6:30 p.m.
Location: Lecture hall 1100 (main campus)
Lecturer: Markus Eberle and Markus Friedrich, TNG Technology Consulting
"Recording": A similar lecture was already held and is available on YouTube.
About the lecture:
The revelation about BadUSB devices caused quite a stir from a security standpoint (see article from heise Security: BadUSBs - When good USBs turn evil, website in German only). A lack of secure USB protocols is not the only cause. Instead, carelessness, or more often curiosity, on the part of the user, is also involved. Perhaps there is something interesting on the USB stick that I found? A business report? Pictures of an attractive neighbor?
With the help of a microcontroller development board and a suitable USB stack, any halfway decent developer can program USB devices capable of changing their behavior almost at will: keyboard, mouse, printer, storage device...With a programmable "keyboard" that also follows its own plans, a lot of mischief can be installed on a victim's computer.
We demonstrate an attack on a standard Windows 7 PC that acquires administrative rights through a programmed device, configures targeted exceptions in the firewall and then creates and starts a log in console. We then use the console to show the contents of the hard drive, which you could actually read. You can meanwhile find online collections of ready-to-use scripts for various development boards, which can be used to carry out not only pranks, but genuine attacks. In theory, every computer and operating system is vulnerable.
Apart from a high-level explanation of the technical foundation, the declared objective of this lecture is to demonstrate attacks on various systems with programmed devices in order to create an awareness of the risks of being too careless with (unknown) USB devices.