Black Hat 2012 – Las Vegas Round-Up

At Black Hat USA 2012 held in Las Vegas last week, a variety of interesting perspectives emerged, ranging from  security issues with NFC to the usual slew of hackings, plus some pontificating on the event itself. Here is a round-up of takeaways from this year’s show. Also, let us know your favorite development, presentation, news from this year’s show in the comments.

“I agree with [Mike Rothman] Black Hat sits at a crossroads. The audience is changing, the content is changing, and the world around it is changing. But while Mike (and he isn’t alone) thinks the conference needs to focus more on researchers or directors and executives, I think the real opportunity is for Black Hat to return to its roots and serve first and foremost as a conduit to bring (mostly) hard-core offensive research to defensive security professionals and executives.

This is no easy task. The only way to pull it off is to continue to appeal to both those generating offensive research and the defenders. And to do so with intense technological depth that is also translated into terms mere humans can understand and use to make security decisions, without watering it down. To focus on the research first, not the ‘scene,’ but to do so in a way that is both respectful and appealing to the community that has sustained it for so long. Even to include vendors (on the show floor) but without having them fill their booths with marketeers instead of engineers.” – Full article by Rich Mogull, founder of Securosis

Charlie Miller was the first person to ever hack and iPhone. He was also the first the hack a G1 Android device. Last week at the 2012 Black Hat Briefings conference he culminated nine months of research during a presentation explaining how he was able to exploit Near Field Communications (NFC) to compromise two Android-based Nokia 9 and Nexus S Samsung smartphones. – Summary of full article by Michael Mimoso, SearchSecurity

A Black Hat volunteer accidentally sent a password reset email to 7,5000 attendees. The email was originally thought to be a phishing attempt. Citing an abundance of Murphy’s Law jokes, Black Hat organizers released a statement including a quote from Robert J Hanlon: “Never attribute to malice that which is adequately explained by stupidity.” – Summary of full article by Antone Gonsalves, ComputerWorld

Readers’ Poll – Android OS

With the launch of NCP’s universal Android IPsec VPN clients this week, we’re curious to know which versions of the OS that our Android-equipped readers are using.  Are you ahead of the curve with Jelly Bean, behind the pack with Éclair, or tastefully in the middle with one of the other deliciously named updates Android has released in recent years? If there are particular features of each that you like –  or dislike –  let us know in the comments.

NCP Releases First Ever Universal IPsec Clients for Android

Remaining at the front of the pack as always, today NCP engineering announced the release of two versions of its IPsec client that supports the Android 4.0 platform, the NCP Secure Android Client and Premium Android Client.

The clients can be downloaded from Google Play and there is the option of a free 10-day trial. Outside of highly-secure access to corporate networks from all Android applications, including terminal-server clients and e-mail clients, the VPN clients also ensure seamless integration with the major enterprise VPN gateways: Cisco, Juniper, WatchGuard, Checkpoint, Microsoft Server 2008 R2 and others.

Other features include:

• Both versions can be installed without rooting the operation system, and boast user-friendly graphical interfaces.

• Premium users can take advantage of an “auto reconnect” feature. For example, VPN connections interrupted by dead zones or changes in the transmission network, automatically reestablish connectivity. The premium software provides comprehensive protection against unauthorized access and supports one-time-passwords (OTP) and PKI certificates.

• When used in conjunction with the NCP Secure Enterprise VPN Server, the NCP Path Finder Technology enables secure VPN connections, even when IPsec connections are blocked via firewalls.

• NCP’s VPN software supports all technical communications and security standards including Internet Key Exchange (IKE) v1 and 2, IP address assignment via local IP address or IKE config mode, pre-shared key or PKCS#12 certificate support, XAUTH, and split and full tunneling network access.

NCP has shown a strong commitment to staying on top of the latest trends in operating systems and mobile capabilities, already offering clients compatible with the Windows 8 Beta as well. Please stay tuned for more exciting updates!

For more information on the Android client, please take a look at the press release, located here.

What We’re Reading, Week of 7/16

CRN- Yahoo Investigates Leak of 400,000 Passwords
ComputerWorld– BYOD means soaring IT support costs for mobile devices
Network World- A Multitude of Mobile Security Issues
PCWorld- Mobile and Web Security Will Be Major Topics at Black Hat

How can I make sure my VPN is encrypted and working properly?

*Editor’s Note: These columns originally appeared in TechTarget’s SearchEnterpriseWan.com

By Rainer Enders, CTO of Americas for NCP engineering

The simplest way to do this is to act like a hacker. Snoop around the network traffic, either on the device itself or a port on the network. In the case of IPsec, for example, you would see encapsulating security payload (ESP) frames (Protocol 50).  Yet, when you look inside the packet payload, you will only see garbled characters — no clear text at all. Network snooping tools are easily available on the Internet and are simple to use. Of these, Wireshark is probably the most popular tool. You may find this resource on how to do penetration testing on your VPN useful.

Can I compare performance metrics of an MPLS VPN to another network?

This is a very complex question that is difficult to answer without knowing the specifics. Performance assessments can range in effort and complexity. It is ultimately important to understand the underlying requirements, which will determine the parameters that are relevant to performance. So, first you want to define “performance:”  What are the relevant parameters, such as throughput, latency, packet loss and jitter? Once you measure the aforementioned metrics of your Layer 2 and Layer 3 MPLS VPN networks, you should be able to compare them evenly.