Presentation Title: VoIP (in)Security - Italians Do It Better
To better describe VoIP, vulnerabilities will be used including some real case histories. Will explain in detail how a small group of annoyed Italian VoIP hackers used the Chaos Computer Club phone network during the 2007 Hacker camp for fun and profit. We will release details about the technological part of the attack (i.e. scripts) and the social engineering aspect.
This talk will cover the following areas:
- How to eavesdrop on phone calls
- How to inject sounds into remote-workers phone calls
- How i had a 5 minutes conversation with my best friend as a women
- The real case history: The CCC hacker camp, 2007 Berlin
- Why our hack was possible?
- Future plans - to use their service to send SMSes during the next event
Mr. Alessio L.R. Pennasilico, a.k.a. mayhem, 30 years, lives and works in Verona (Italy) as a Security Evangelist for Alba S.T. s.r.l.
His personal and working interests are into Information Technology, focusing on security issues, OpenSource and Digital Rights. That’s why he soon became a member of many independent organizations, such as AIPSI, AIP, CLUSIT, ILS, OpenBeer, VoIPSA, Metro Olografix, Sikurezza.org, ISAC-IT, Recursiva.org, Thawte, ISECOM’s Hacker’s Profiling Project (HPP) and many LUGs. He is usually invited as a speaker at most of the national events such as SMAU, Infosecurity, E-privacy, Linux Day, OpenCon, OpenEXP, ESC and the italian HackMeeting. Alessio also holds workshops in secondary schools and italian universities, with the aim of spreading the culture for an aware use of nowaday’s technology.
His main areas of competence are related to firewalling, High Availability, penetration testing, SCADA security, criptography, VoIP, privacy, Linux, OpenBSD and OpenSource philosophy.
** Also presenting on Penetration Testing SCADA and National Critical Infrastructure: Real-Life Experiences and Case Studies with Raoul Chiesa.