Version 2.01 no time to cry

lecture: Bugged Files

Is Your Document Telling on You?

Event_large

Certain file formats, like Microsoft Word and PDF, are known to have features that allow for outbound requests to be made when the file opens. Other file formats allow for similar interactions but are not well-known for allowing such functionality. In this talk, we explore various file formats and their ability to make outbound requests, as well as what that means from a security and privacy perspective. Most interestingly, these techniques are not built on mistakes, but intentional design decisions, meaning that they will not be fixed as bugs. From data loss prevention to de-anonymization to request forgery to NTLM credential capture, this presentation will explore what it means to have files that communicate to various endpoints when opened.

Info

Day: 2015-08-15
Start time: 20:00
Duration: 01:00
Room: Project 2501
Track: Security & Hacking
Language: en

Links:

Feedback

Click here to let us know how you liked this event.

Concurrent events