If the Internet is a kind of belief, then no beliefs so firmly defend a country like it.
If the Internet is one gorgeous Crown, then hacker technology is no doubt a bright diamond on the Crown.
If the Internet was a weapon, then the top hackers is precious wealth of a country.
Looks good, is China's top hackers are familiar with the world.
In 2009, Chinese hackers MJ0011 was invited to Korea POC presentation at the hackers Conference;
In 2014, 2 groups of Chinese BlackHat hacker hacker issues top meeting;
In 2015, the Group 5 issues from China "occupation" of Korea POC "half", 9 issues group of China to shine BlackHat.
There are less than a day in 2016, the hacker community the biggest rally of BlackHat USA Conference in Las Vegas. From all over the world flocked to Las Vegas for more than 10,000 believers hack, the podium Daniel not only framed the research trend of hackers in the world this year, also gushing challenge unknown to break through all the hacker spirit. Came to the stage, to the world to share their research results for most hackers, Daniel, also stood on the podium at the Olympics, exudes a special significance.
In 2016, the BlackHat Spotlight accept "worship", with 8 teams from China, 15 top, Daniel. Leaving Syria, let us meet these normally reclusive, mysterious top Chinese hackers.
Chen, and Fu Yubin, and He Qidan, and Marco Grassi
Four hackers Tencent Cohen from the famous laboratories, and Chen from the KeenTeam start-up times to today's senior hacker, has a brilliant record.
In 2013, he represents the transformation of KeenTeam play top international breaking competition "Pwn2Own", in blasting iPhone Safari and KeenTeam him a fame, to date, he has become the loophole, keeping God.
Under the divine blessing of Wu Shi hacker, Cohen vulnerability lab model sword and medals, moves and bizarre way. In terms of vulnerability mining, relying on advanced algorithms Cohen laboratories can compete with Google's artificial intelligence network of thousands of hosts.
In 2016, "Pwn2Own" contest, their vulnerability with an Apple graphics processing mechanisms break Safari, it becomes "crack in the World Masters" cleared. And the team share a theme, it is associated with this.
As we all know, Apple has very strict sandbox system, but inevitably many applications and graphics components for data exchange, a graphics program in theory, is a very good attacking the entrance. Although many hackers are aware of this fact, but failed to live this life. Because graphics vulnerability finding and difficulty of exploitation beyond the imagination.
Simply put, if you want a system exception, you need to build a unique input values. But found this very strange input values, like a needle in a haystack. Of course, God is a great God, because they can be found in the ocean data the odd result.
The speech at the BlackHat, their secret is to attack the secret to Apple's graphics system.
Of course, Cohen laboratory Marco Grassi on the study also credited, as you can see, Marco Grassi sounds is not a Chinese name, it comes from Italy. Italy who have traveled long distances, for the cause of liberation of the Chinese people, it is a spirit of God? Accordingly, the net of Lei feng felt he could among the Chinese God accepts worship list.
About lab you Cohen Daniel, can refer to the depth of the Lei Feng network interview:
Cohen lab Wu Shi: the people who stand between 0 and 1
The hacker Chen and TEL: make friends with vulnerability
Wei Tao Zhang Yulong
Two hackers from Baidu X-Lab.
X-Lab Baidu Baidu is cutting-edge security research team, most recently in the area of security repeatedly scored new achievements. As X-Lab leader Wei Tao is an industry-recognized security and Daniel. Wei Tao served as a professor at Peking University, in deep skill system protection and mobile security.
This time they shared themes around the N-Day vulnerability.
In his eyes, 0-Day who have not been found vulnerabilities is invincible, but in the real world, but they are not the most popular "weapon"; but who has been out for a long time without repair of most "old vulnerabilities."
In simple terms, the largest killer in the world, is not a top tier of nuclear weapons, and probably everybody the chance to grasp the knife and a pistol. (Legally armed United States children's shoes a congratulatory message)
Wei Tao believes that
That were brought to light out for weeks or even months of Android vulnerability tends to have a clear and stable code. But for various reasons, manufacturers will not be repaired in the first time. Specific causes include hotfixes that are cumbersome, time consuming, too long, complex models fit, or simply don't need to put too much effort in terms of security.
X-Lab is working on a "secret weapon" is used to solve this problem. This program when the user online for mobile phones without the perception of patches, and for third-party manufacturers don't have the source code of the software are also available.
How is this secret weapon being produced, it is two hackers to reveal the content.
Head of the TK in Yang
TK (Tombkeeper) from Tencent's black lab, he is red hacker community network. Referred to as Gynecologic masters his early "he abandoned medicine for black" interpretation of a period of intellectual freedom to pursue the story. Essential insight into the strong desire for the world to let him form a tight and clear view of the world. Problems know about hackers, TK's answer is almost always ranked first.
His "hacker how lonely life? "The answer is:
Cool, not lonely at all. Very few lonely is the lonely:
Many in the industry, Daniel recognized, TK is and "fire gods" similar to meet hackers for many years. It is because he looks at things, "God's perspective", his main focus is not a single vulnerability "one city, one of the gains and losses", but repeatedly found that Microsoft "vulnerability mitigation" structural defects. Because of this, only his 2014 won Microsoft's $ 100,000 "reward programme" story.
The outbreak of the great God again in 2016. Using a business opportunity, he depends entirely on deducing the brain on the plane, I found a clean sweep in 20 years major structural vulnerabilities--BadTunnel Windows all versions.
In an interview, he once said to Lei feng's network:
Because Windows implements a lot of protocols and features, but these agreements and are designed and implemented by different people. Everyone, of course, are responsible for their own work. These agreements alone seems to have no problem. But the operating system is the need to integrate these protocols work together when vulnerabilities appear.
The BlackHat, is the story of BadTunnel and thinking of him. Using this vulnerability, hackers can invade Internet Explorer, Edg, Microsoft Office and many third-party software through USB or even a Web server, you can monitor all actions of any computer.
For example with his title, is that big brother is watching you. Alexander Mcqueen iPhone
More legend about TK leader, can refer to the network of Lei feng's articles:
The TK leader: and several stories relating to the black lab
Wang Tielei, Chen Xiaobo, and Xu Hao
Three Daniel Pangu from people very familiar with the team. The first jailbreak iPhone team has brought some benefits to many people, let people enjoy a free out of Apple's control. In recent years, Pangu iOS team during the Vietnam war, China Team in many more, come to the fore. They not only maintained the ability to jailbreak iOS 9.3.3, but also with multiple sets of vulnerabilities that can be jailbreak iOS 10 jailbreak to be released technology. Speak with technology, they are no rivals in the world.
This brings the question is, use vulnerabilities in the iOS 9.2 jailbreak structure. Although the vulnerability has been fixed by Apple, but this exploit is still very delicate and there is a shared value.
From the speech content, Pangu is the dry delivery, without the slightest reservation. Of course, in the latest iOS security research, they still retain a huge technological advantage, from this point of view, they stood on the podium at BlackHat, demonstrating.
Pan Gu team if you want to know the latest trends, you can refer to Lei feng's network (search for "Lei feng's network", public interest) Base:
MOSEC: Pangea team's ambitions of grace
Jian Yun Ji Lei
Jian Yun from 360 Team Unicorn, and his friend Ji Lei from Cypress.
Jian Yun nickname "lone white". The radio amateurs for the career he loved to "not madness not to survive".
Other than eat, sleep, I lie on the bench. From my work five years to now, pay rent, and almost all the rest of money on components. I took about more than 200,000 to buy devices over the years.
This is said in a net of Lei Feng Jian Yun.
Power line communication (PLC), power line carrier. This is a power-line technology as a medium of information exchange. It has two technology standards: Prime and G3. Both of these standards are widely used in automatic generation control and power monitoring. Two results of hacker is, through a special method, PLC data can be obtained, on the Internet and powerful threat to the industrial controller. But the same technology can monitor for network attacks by hackers.
If the Jian Yun made "hacker toy" interested can refer to the network of Lei feng's articles:
The secret! A radio toy for hackers
Fang Xiaodun
Fang Xiaodun, founder of the well-known vulnerabilities community cloud. His title should have been: "how to build the Internet's immune system" Alexander Mcqueen iPhone 5
Many people know that because of recent small changes above the clouds, causing him to temporarily unable to reach Las Vegas, stood before the hackers of the world talk about Internet security fears and dreams.
However, Lei feng's network and had visited many other hackers, they expressed a common view: Fang Xiaodun and dark clouds to the progress of China's security industry, far outweigh the negative effects.
From this point of view, Fang Xiaodun and dark clouds build Internet dream of the immune system, and not a step backwards. BlackHat stage is waiting for the return of the hacker.
Chinese hacker army, including Luan Shangcong from Ali Baba, his speech focused on the cloud and XEN virtualization vulnerabilities; another Bai Xiaolong from Tsinghua University (sound), he is interested in Apple's ZeroConf (zero network configuration) security vulnerabilities.
In a sense, the hacker spirit is the spirit of our culture are scarce. But it gives the answer: year after year, as witnessed by Chinese hackers from alone into the military.
Our hackers, and accept the Quartet's pilgrimage.
No comments:
Post a Comment