-
The Hacker Congress looks like one big party,
-
but is one of the largest specialist meetings in the world.
-
This is where IT experts exchange ideas
-
about digital security and surveillance.
-
This year EVERYTHING has come into focus.
-
Millions of people use EVERYTHING every day
-
for communication, for organizing everyday life
-
and share the most intimate secrets with EVERYTHING.
-
Jane Hacker is a cyber security specialist.
-
She took a closer look at EVERYTHING.
-
It can be attacked about social engineering attacks and
-
via unauthenticated API calls to the backend.
-
The attack vector is a cross site request forgery.
-
With a timing side-channel attack
-
attack complexity can be reduced from 2^257 to 2^-2.
-
The rest is trivial.
-
EVERYTHING does not check requests properly,
-
so it opens the door to attackers.
-
Accessing data of EVERYTHING is possible
-
using a simple script.
-
Thanks to insecure software and modern computers,
-
making attacks possible in seconds.
-
The Chaos Computer Club spokesman is concerned.
-
EVERYTHING stores sensitive data of everyone
-
we were able to show that it is
-
a piece of cake to access EVERYTHING.
-
Have hackers spied dates, photos and conversations?
-
The spokesman for EVERYTHING rejects that.
-
EVERYTHING is working fine.
-
Our companies are ISO 9001 certified.
-
We follow the most modern security standards.
-
I stick to it: EVERYTHING is safe.
-
The hackers' criticism is not heard.
-
The digital world has become vulnerable to abuse.
-
How those responsible deal with it cause concern.
-
We have been warning for years:
-
EVERYTHING is developed without
-
considering minimal security standards.
-
We fall on deaf ears in economics and politics.
-
In summary: EVERYTHING is broken!
-
The scene meets for four days each year
-
between Christmas and New Years Eve.
-
Helping to shape the digital future and making it more secure:
-
the theme of the Chaos Communication Congress.