Decius wrote:
There is material covered in the talk that isn't covered in the paper, so it might make sense to start with the sides. I'm very interested in any thoughts, comments, or feedback that you might have.

Blackhat's media archive is a bit finicky right now but I managed to get the video and watch it. I'm really intrigued by the idea that law enforcement has probably been taking advantage of this for quite a while without much oversight, and it makes me want to get even more involved in the security space. I'm a CS major specializing in security and now motivated to discover and close down these kinds of backdoors that the feds have into our homes.

Thanks for showing this Tom.

Edit: In case anyone else is having a hard time resolving media.blackhat.com I uploaded your talk to Rapidshare:
http://rapidshare.com/files/347559576/BlackHat-DC-2010-Cross-Intercept-video.mov
MD5: 5f54b084945ce633ec5f2ed3145cafed

schwarb wrote:

Decius wrote:
There is material covered in the talk that isn't covered in the paper, so it might make sense to start with the sides. I'm very interested in any thoughts, comments, or feedback that you might have.

Blackhat's media archive is a bit finicky right now but I managed to get the video and watch it. I'm really intrigued by the idea that law enforcement has probably been taking advantage of this for quite a while without much oversight, and it makes me want to get even more involved in the security space. I'm a CS major specializing in security and now motivated to discover and close down these kinds of backdoors that the feds have into our homes.

Glad you enjoyed the content! I should be clear about two things:

1. I'm not aware of any actual examples of this interface being misused.

2. It could be misused by rouge administrators or people who have broken into a network just as easily as it could be misused by members of law enforcement.

However, these interfaces are out there, and in my opinion they aren't secure enough.