Conference:  Defcon 31

Authors: Katie Inns Security Consultant, WithSecure

2023-08-01

In recent years, the use of internet-connected devices has become more prevalent in the healthcare sector, particularly as a means to communicate patient data. Therefore, it is essential that security testing is carried out against these devices to identify misconfigurations that could cause a severe impact, such as the prescription of incorrect drugs. Modern healthcare protocols such as FHIR (Fast Healthcare Interoperability Resources) use the HTTP protocol to communicate, making security testing relatively straightforward. However, the use of older protocols such as HL7 (Health Level Seven) is more widespread across medical devices in the industry. These protocols are bespoke and difficult to read or intercept using current commercial and open-source security tooling, making testing of these devices challenging and cumbersome. To address this challenge, I have developed a tool (HL7Magic) to provide security testers with an easier method of intercepting and changing HL7 messages sent to and from medical devices. This tool was created for the purpose of being integrated into Burp Suite as an extension, although it can exist independently. After talking about how the HL7Magic was created, I will give a short demonstration using the tool for security research purpose or to identify existing CVE’s across your estate. HL7Magic will be open sourced and collaborations to improve it further will be welcomed.

Conference:  KubeCon + CloudNativeCon North America 2022

Authors: Patrick Ohly, Alexander Kanevskiy, Kate Goldenring

2022-10-27

Kubernetes is powerfully declarative with YAML being the UX to request all that a workload needs. Kubernetes has tried to maintain this defining characteristic even as scenarios continue to expand. The device plugin interface was introduced to Kubernetes back in v1.10 to enable requesting and reserving static hardware for workloads, such as GPUs for ML applications. What about other devices used by workloads? This talk will cover several stories of how different types of the devices can be used in Kubernetes clusters: - From traditional datacenters to small IoT centric devices. - From exclusively accessed to shared devices. - From local stateless devices to network attached devices. - From simple single-purpose devices to pipelines of devices. All these scenarios require both a simple yet flexible UX for users to request a variety of devices with various properties. Alexander and Kate will discuss projects and proposals in the Kubernetes ecosystem that are working towards this goal of connecting devices and workloads. They will also discuss how to get involved in this evolution to let workloads be utterly materialistic. Whatever the app needs, it shall get.