TLS decryption attacks and back doors

In this presentation, we show the audience how to use well documented protocol weaknesses to generate fraudulent domain security certificates, decrypt “secure https” web traffic, and decrypt TLS encrypted emails.

Then we show the audience how to use these weaknesses as backdoors to break into Cisco Meraki firewalls, Google Nest security cameras, physical building locks, Dropbox accounts, Onedrive accounts, Outlook.com accounts, Skype message histories, Amazon AWS Virtual Machines, Oracle Cloud virtual machines, LogMeIN remote access accounts, Online Medical Records, online backups, windows bit-locker encrypted hard drives, apple file-vault encrypted hard drives drives, and many other systems.

At the end of the presentation: we cite related research showing multiple government agencies successfully using these TLS interception attacks against citizens, businesses, other governments, … then provide simple solutions to prevent this type of attack.

BIO Chris Hanlon is the founder of Agile Data Security a company dedicated to helping businesses secure their software development life-cycle, protect their technology assets (computers, routers, servers, databases and cloud systems) and reduce their vulnerability to social engineering attacks.