HITBSECCONF2010 - DUBAI IS OVER!
THANK YOU TO ALL THE SPEAKERS AND ATTENDEES WHO MADE IT OVER TO JOIN US!

CONFERENCE MATERIALS
CONFEENCE PHOTOS

Shawn Merdinger (Security Researcher)

Presentation Title We Don’t Need No Stinkin’ Badges: Hacking Electronic Door Access Controllers
Presentation Abstract

In the security world, attacker physical access means game over; so what happens if you can’t trust your electronic door system? This presentation and paper explore attack surfaces and exploitation vectors in a major vendor of electronic door access controllers (EDAC).

The main focus is on time-constrained rapid analysis and bug-hunting methodologies applicable to a variety of embedded devices, with additional focus on research techniques that assist in locating and targeting EDAC systems. Rounding out the presentation is a review of practical countermeasures and potential research activities in the EDAC space.

Attendees can expect an eye-opening experience regarding the insecurities of critical systems controlling physical access to environments like hospitals, schools, fire stations, businesses, etc.

About Shawn Merdinger

Shawn Merdinger is an independent security researcher based in the USA. In former corporate lives he worked with Cisco Systems’ STAT (Security Technologies Assessment Team) and TippingPoint. His current security interests include VoIP, medical devices and embedded systems. Merdinger is a technical editor for Cisco Press and Pearson Publishing and has presented at security conferences such as ShmooCon, O’Reilly, CSI, NoConName, IT Underground, CONfidence and SecurityOpus.