Discuss this post in our forums

11 Responses to “Your Cisco phone is listening to you: 29C3 talk on breaking Cisco phones”

  1. 29c3 is in Hamburg not Berlin

  2. René Walter says:

    Yep, it’s in Hamburg this year. Also: Here’s the YT-Channel for all 29c3-Talks in english Language:  http://www.youtube.com/user/CCCen/videos (and here are the german ones: http://www.youtube.com/user/CCCdeVideos/videos)

  3. kai rupert says:

    this time the CCC is in Hambug, not in Berlin 

  4. PAPPP says:

    The official mirrors/torrents for videos of all the talks for the 29C3 sessions as they get processed and uploaded are here: https://events.ccc.de/congress/2012/wiki/Documentation#Official_mirrors
    They were running a live-stream during the conference, but it was at inconvenient times for the U.S. and some of the things I wanted to watch overlapped, so I just waited for the good copies to go up and am watching now. The Chaos Communication Congress talks tend to be some of the best tech presentations that make it to the ‘net, I’ve never managed to come up with an excuse to end up in Germany for it, but I have ended up watching most of the sessions online after the fact each year. 

  5. Aaron Swain says:

    Equal parts entertaining and disturbing

    • fuzzyfuzzyfungus says:

      Just remember, this is the expensive, classy, ‘enterprise’, secure product… Odds are good that the goods don’t exactly improve elsewhere in the market.

      • Brad Ackerman says:

        “Nobody ever got fired for buying Cisco”. Do Cisco phones get bought because they beat the competition in a real evaluation, or because the CxO said “I met with the Cisco sales rep and he had a really swank suit; give them all our money”?

        • asuffield says:

          If the competition was Polycom then it’s not hard to beat in any evaluation. Sad reality is that standards are low in this market, and this is driven by customers being primarily interested in price – what corporate purchasers want is a cheap, bad phone that covers all the things on their “essential features” list. I know a lot of engineers who would love to build better endpoints. Nobody would buy them.

          (My opinions here are my own and not those of my employer, Cisco Systems. I don’t work in a part of the company that does phones.)

  6. Sean Aubin says:

    One thing that I was a little unclear on, why wasn’t the console which gave them access password protected?

    • fuzzyfuzzyfungus says:

      It was. However, the default user account(which isn’t privileged; but which is enough to launch their privilege escalation exploit) is identical across all phones, so obtaining a password that would work reliably during an automated attack wasn’t terribly difficult.

      (And, in an ironic touch, the file checksumming security system prevents tampering with /etc/passwd, so even an alert operator cannot disable the account or change its password, the phone will just detect the tampering and revert the file…)

  7. bellebouche says:

    Wry smiles all round when the slides that detailed the Cisco TAC responsiveness to their own bugs came up. Fancy that!

    Schadenfreude all round and I trust one or two people there will be butthurt after xmas