QNX: 99 Problems but a Microkernel ain't one!

Alex Plaskett and Georgi Geshev presented "99 Problems but a Microkernel ain't one!" at BSides NYC and TROOPERS16.

The content of the talk was as follows:

Although Cars, Turbines, Safety Critical Systems and consumer devices (phones) all run QNX, very little security research has been performed in this area. This talk provided an overview of QNX security architecture with Blackberry 10 used as the primary target. An overview of the research performed on a locked down highly secured OS, the OS attack surface and our method for identifying weaknesses within the QNX OS were covered. The talk described our methods of identifying vulnerabilities from both a reverse engineering perspective and automated fuzzing approach. The talk aimed to provide a good overview of how the subsystems on QNX communication and how an attacker would attempt to elevate their privileges. The talk also highlighted some of the weaknesses identified with this on-going research and the challenges faced with exploit development on the platform.