Has it been a year already? it seems like Asticon 2010 (Washington DC) was just a few weeks ago and here we are at the entrance to Astricon 2011. I have to admit that last year’s Astricon was somewhat hectic for me, specifically due to the fact that I arrived at my hotel about 90 minutes prior to my talk – with a severe jet-lag. People who know me personally are used to my somewhat unorthodox presentation manner – and were somewhat surprised by a slightly less vibrant lecture – well, what can you expect with 20 hours jet-lag and no sleep for 14 hours?
If you want to see what I’m talking about, just follow this link: http://www.astricon.net/2010/videoPresentations.aspx#GreenfieldTech
So, what am I going to talk about this year? and the main question is, will I get there in time in order to be my usual vibrant and whimsical me? – well, the answer is a definite YES!
This year I will be participating in the “Security Round Table” which will take place during the pre-conference. I will also be giving a Humbug Project update during the conference. Humbug is now deployed in over 5000 PBX systems around the world and we are signing up new used every day! The past few months had pushed telephony security back into the public’s eye, specifically with the News of The World incident:
http://www.guardian.co.uk/media/2011/jul/18/news-of-the-world-sean-hoare
http://www.guardian.co.uk/media/blog/2011/jul/07/news-of-the-world-closes-live-coverage
http://www.bbc.co.uk/news/uk-14070733
I think that over the years, people knew that Phone Hacking and Voicemail Hacking were always out there – however, as they were somewhat powerless against it, they all put their heads into the sands saying: “If we won’t talk about the problem, it doesn’t exist”. The NOTW incident had proved to the entire world: “Phone hacking is here, it’s dangerous as computer hacking but much simpler!”.
So, what am I going to talk about? while the Humbug Project is mainly focused at developing ways of identifying telephony fraud, people approach GreenfieldTech after they are hit with fraud, in order to investigate what actually happened. During this year’s talk, I’ll do my best at show casing 2 specific investigations – one shows how an insecure voicemail system had enabled a remote user to generate multiple phone calls to premium numbers – causing over 24,000$ in damages – in less than 6 hours. The other shows how a old Asterisk FreePBX system got hacked, thanks to a very simple SIP brute-force attack, that has been going for over 2 months – then the hacked system generated over 15,000$ of calls in less than 8 hours! I’ll also show some interesting statistical information from the Humbug Service, show casing some interesting fraud facts. In other words, it’s going to be very interesting.
I will be at the conference a day before the pre-conference, so if you want to chat about Asterisk, Fraud, AGI or otherwise join me for a cold one – just grab me in the hall way and lets chat.
Recent Comments