SlideShare une entreprise Scribd logo

Hacking Roman Codes with Mobile Phones

Télécharger en tant que PPTX, PDF
David Rogers
David Rogers

This presentation was given at the Over The Air event #ota11 at Bletchley Park. The idea was to get developers thinking about how they are securing their applications (or not) and to have an open discussion about methods that could be employed to help developers. Julius Caesar was nearly defeated a few times and had his codes have been broken, just maybe, the world might have been a different place. For more information on the individual battles (I did a verbal run through, check out the great wikipedia pages on them). The code breaking exercise contained within is a fun tool to help people understand about the need to protect information.

TechnologieBusiness
1  sur  34
Historical code cracking with phones: What if Pontus, the Gauls, Germans, Nervii, Egyptians and Helvetii had iphones?Over The Air 2011, Bletchley Park http://www.mobilephonesecurity.org David Rogers, Copper Horse Solutions Ltd. 1st October 2011
http://www.mobilephonesecurity.org Some Information About Me 12 years in the mobile industry Hardware and software background Head of Product Security at Panasonic Mobile Worked with industry and government on IMEI and SIMlock security Pioneered some early work in mobile phone forensics Brought industry together on security information sharing Director of External Relations at OMTP Programme Manager for advanced hardware security tasks Chair of Incident Handling task Head of Security and Chair of Security Group at WAC Owner and Director at Copper Horse Solutions Blog: http://blog.mobilephonesecurity.org, Twitter: @drogersuk About Copper Horse Solutions Ltd. Established in 2011 Software and security company Focussed on the mobile phone industry Services: Mobile phone security consultancy Industry expertise Standards representation Mobile application development http://www.copperhorsesolutions.com
Histiaeous http://www.mobilephonesecurity.org In 499BC sent a trusted slave to encourage a revolt against the Persians Shaved the head of the slave Tattooed a message to his head, let the hair grow back Recipient shave off the slave’s hair to get the message This is an early form of steganography From: http://www.retroworks.co/scytale.htm
Scytale http://www.mobilephonesecurity.org Transposition cipher Ancient Greeks, particularly the Spartans used it for military communication (also apparently used by the Romans): From: http://www.retroworks.co/scytale.htm
CAESAR Shift http://www.mobilephonesecurity.org Supposedly used by Caesar to protect military messages – by shifting the alphabet 3 places to the left: Still used today (scarily!) – e.g. ROT13 It helped that a lot of Caesar’s enemies were illiterate anyway… From: http://www.retroworks.co/scytale.htm
Phaistos Disc… http://www.mobilephonesecurity.org Still plenty of mystery text to decipher out there… Source: PRA
Code Cracking Challenge http://www.mobilephonesecurity.org After each battle I describe there will be some codes to crack in which you would be able to change the course of history. You can also get these at: http://blog.mobilephonesecurity.org From: http://www.retroworks.co/scytale.htm
Some Source Code to Help! http://www.mobilephonesecurity.org Hint: The codes are all Caesar ciphers but with different rotations https://github.com/mkoby/RotationCipher (not mine!) and a cheat: http://textmechanic.com/ROT13-Caesar-Cipher.html
Julius Caesar (Briefly!) http://www.mobilephonesecurity.org 100BC – 44BC Spent 9 years campaigning in Gaul (and made a fortune) Invaded Britain Was involved in a civil war with Pompey Defeated the Egyptians Assassinated on the ‘Ides of March’ in 44BC
http://www.mobilephonesecurity.org
List of Battles http://www.mobilephonesecurity.org 58BC Battle of the Arar – Helvetii 58BC Battle of Vosges - Germans 57BC Battle of the Sabis – Nervii 52BC Battle of Alesia - Gauls 47BC Battle of the Nile - Egyptians 47BC Battle of Zela - Pontus
Battle of the Arar http://www.mobilephonesecurity.org 58BC Caesar v Helvetii, Switzerland
Break This Roman Code! http://www.mobilephonesecurity.org Also here: http://blog.mobilephonesecurity.org Can the Helvetians defeat Caesar? bgxxwfhkxmbfxyhkkxbgyhkvxfxgml
Battle of Vosges http://www.mobilephonesecurity.org 58BC Caesar v Germans, River Rhine, Alsace
Break This Roman Code! http://www.mobilephonesecurity.org Also here: http://blog.mobilephonesecurity.org Should the Germans attack the Romans? bpmumvizmnqopbqvonqbemkivpwtlwcbnwzivwbpmzemms
Battle of the Sabis http://www.mobilephonesecurity.org 57BC Caesar v Nervii, Wallonia
Break This Roman Code! http://www.mobilephonesecurity.org Also here: http://blog.mobilephonesecurity.org Are the Nervii ready for Caesar? muqhuweydwjeruqjiqryiydjmetqoi
Battle of ALesia http://www.mobilephonesecurity.org 52BC Caesar v Gauls, France
Break This Roman Code! http://www.mobilephonesecurity.org Also here: http://blog.mobilephonesecurity.org Is there anything the Gauls do to help themselves? qebobfpxtbxhmlfkqfklrotxiikbxoqebqobbp
Battle of the NILE http://www.mobilephonesecurity.org 47BC Caesar & Cleopatra v Ptoloemic forces, Alexandria, Egypt
Break This Roman Code! http://www.mobilephonesecurity.org Also here: http://blog.mobilephonesecurity.org Are the Egyptians ready for action? wbssrgiddcfhhcpfsoycihobrtwuvhdhczsam
Battle of Zela http://www.mobilephonesecurity.org 47BC Caesar v Pontus, Turkey
Break This Roman Code! http://www.mobilephonesecurity.org Also here: http://blog.mobilephonesecurity.org Save Pontus? sbkfsfafsfzf
http://www.mobilephonesecurity.org Mobile Phones! Open discussion on mobile application security
Don’t Use Roman Codes! http://www.mobilephonesecurity.org ROT13 and XORing / obfuscation are not adequate!! Modern crypto (not surprisingly) is significantly better However, developers don’t have access to secure hardware APIs on mobile 
Mobile Development http://www.mobilephonesecurity.org How are you storing keys for both symmetric and asymmetric ciphers? Common issue amongst developers Also application signing keys
Mobile Development http://www.mobilephonesecurity.org Think about security when designing your apps Are you playing fast and loose with your users’ private data? Have you explained to users why you used certain permissions? What have you (not) encrypted? Is your application designed badly? – gift to hackers / fraudsters? E.g. asking for credit card details from a QR code
Mobile Development http://www.mobilephonesecurity.org Do your research Are you using weak / insecure methods? Do you understand basic secure coding techniques? Do you understand the platform security guidelines?
Discussion http://www.mobilephonesecurity.org From: http://stackoverflow.com/questions/4671859/storing-api-keys-in-android-is-obfustication-enough
Discussion http://www.mobilephonesecurity.org “I look at KeyStore but it does not really solve my problem. It can store my keys given that I can provide a password. Then I need to find a secure place to store this password which is same as my original problem.”
Platform Security Guidelines http://www.mobilephonesecurity.org Apple: http://developer.apple.com/library/mac/#documentation/Security/Conceptual/SecureCodingGuide/Introduction.html Android:http://developer.android.com/guide/topics/security/security.html Blackberry: http://docs.blackberry.com/en/developers/deliverables/29302/index.jsp?name=Security+-+Development+Guide+-+BlackBerry+Java+SDK7.0&language=English&userType=21&category=Java+Development+Guides+and+API+Reference&subCategory= Windows Phone 7 (Nokia Guidelines): http://www.developer.nokia.com/Community/Wiki/Windows_Phone_Platform_Security
http://www.mobilephonesecurity.org Romans with iphones…. Contact Email: david.rogers@copperhorses.com Twitter: @drogersuk Blog: http://blog.mobilephonesecurity.org http://www.flickr.com/photos/laurenthaug/4127870976/sizes/l/in/photostream/
http://www.mobilephonesecurity.org Code Solutions Don’t look at the next slide if you don’t want the answers!
Code Solutions http://www.mobilephonesecurity.org Helvetii: I need more time for reinforcements (h shift) Germans: the men are fighting fit we can hold out for another week (s shift) Nervii: we are going to beat sabis in two days (k shift) Gauls: there is a weak point in our wall near the trees (d) Egyptians: I need support to break out and fight ptolemy (m shift) Pontus: venividivici(d shift) The famous: I came, I saw, I conquered message Of course, the Pontic army could not save themselves!

Recommandé

Information technology Vs Information security
Information technology Vs Information securityInformation technology Vs Information security
Information technology Vs Information securityS Periyakaruppan CISM,ISO31000,C-EH,ITILF
 
Privacy on the Series of Tubes of Things
Privacy on the Series of Tubes of ThingsPrivacy on the Series of Tubes of Things
Privacy on the Series of Tubes of ThingsEFF-Austin
 
Secure Your Mobile Apps
Secure Your Mobile AppsSecure Your Mobile Apps
Secure Your Mobile Appsprimomh
 
CyberCamp 2015: Low Hanging Fruit
CyberCamp 2015: Low Hanging FruitCyberCamp 2015: Low Hanging Fruit
CyberCamp 2015: Low Hanging FruitChema Alonso
 
Extreme Hacking: Encrypted Networks SWAT style - Wayne Burke
Extreme Hacking: Encrypted Networks SWAT style - Wayne BurkeExtreme Hacking: Encrypted Networks SWAT style - Wayne Burke
Extreme Hacking: Encrypted Networks SWAT style - Wayne BurkeEC-Council
 
Hackers Izyani
Hackers IzyaniHackers Izyani
Hackers Izyaniyanizaki
 
Mobile Day - App (In)security
Mobile Day - App (In)securityMobile Day - App (In)security
Mobile Day - App (In)securitySoftware Guru
 
Confraria Security & IT - Mobile Security
Confraria Security & IT - Mobile SecurityConfraria Security & IT - Mobile Security
Confraria Security & IT - Mobile SecurityVitor Domingos
 

Recommandé

Information technology Vs Information security
Information technology Vs Information securityInformation technology Vs Information security
Information technology Vs Information securityS Periyakaruppan CISM,ISO31000,C-EH,ITILF
 
Privacy on the Series of Tubes of Things
Privacy on the Series of Tubes of ThingsPrivacy on the Series of Tubes of Things
Privacy on the Series of Tubes of ThingsEFF-Austin
 
Secure Your Mobile Apps
Secure Your Mobile AppsSecure Your Mobile Apps
Secure Your Mobile Appsprimomh
 
CyberCamp 2015: Low Hanging Fruit
CyberCamp 2015: Low Hanging FruitCyberCamp 2015: Low Hanging Fruit
CyberCamp 2015: Low Hanging FruitChema Alonso
 
Extreme Hacking: Encrypted Networks SWAT style - Wayne Burke
Extreme Hacking: Encrypted Networks SWAT style - Wayne BurkeExtreme Hacking: Encrypted Networks SWAT style - Wayne Burke
Extreme Hacking: Encrypted Networks SWAT style - Wayne BurkeEC-Council
 
Hackers Izyani
Hackers IzyaniHackers Izyani
Hackers Izyaniyanizaki
 
Mobile Day - App (In)security
Mobile Day - App (In)securityMobile Day - App (In)security
Mobile Day - App (In)securitySoftware Guru
 
Confraria Security & IT - Mobile Security
Confraria Security & IT - Mobile SecurityConfraria Security & IT - Mobile Security
Confraria Security & IT - Mobile SecurityVitor Domingos
 
Dorking & Pentesting with Tacyt
Dorking & Pentesting with TacytDorking & Pentesting with Tacyt
Dorking & Pentesting with TacytChema Alonso
 
Hacking Airwaves with Pineapples
Hacking Airwaves with PineapplesHacking Airwaves with Pineapples
Hacking Airwaves with PineapplesHostway|HOSTING
 
Personal Data Security in a Digital World
Personal Data Security in a Digital WorldPersonal Data Security in a Digital World
Personal Data Security in a Digital Worldalxdvs
 
Intermediate Vocabulary on Tech
Intermediate Vocabulary on TechIntermediate Vocabulary on Tech
Intermediate Vocabulary on TechLaurie Barth
 
A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)
A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)
A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)FFRI, Inc.
 
Power Point Hacker
Power Point HackerPower Point Hacker
Power Point Hackeryanizaki
 
Hacking final
Hacking finalHacking final
Hacking finalJiyaaNaqvi
 
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...viaForensics
 
AndroIDS: Mobile Security Reloaded
AndroIDS: Mobile Security ReloadedAndroIDS: Mobile Security Reloaded
AndroIDS: Mobile Security ReloadedJaime Sánchez
 
Computing on the Move - Mobile Security
Computing on the Move - Mobile SecurityComputing on the Move - Mobile Security
Computing on the Move - Mobile SecurityAVG Technologies AU
 
The state of the art in iOS Forensics
The state of the art in iOS ForensicsThe state of the art in iOS Forensics
The state of the art in iOS ForensicsReality Net System Solutions
 
IoT - Rise of New Zombies Army
IoT - Rise of New Zombies ArmyIoT - Rise of New Zombies Army
IoT - Rise of New Zombies ArmyMuhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
Introduction to the Internet of Things
Introduction to the Internet of ThingsIntroduction to the Internet of Things
Introduction to the Internet of Thingsardiri
 
2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer ConferenceFabio Pietrosanti
 
Sperasoft talks: Android Security Threats
Sperasoft talks: Android Security ThreatsSperasoft talks: Android Security Threats
Sperasoft talks: Android Security ThreatsSperasoft
 
The Library in Your Pocket: Mobile Trends for Libraries
The Library in Your Pocket: Mobile Trends for LibrariesThe Library in Your Pocket: Mobile Trends for Libraries
The Library in Your Pocket: Mobile Trends for LibrariesMeredith Farkas
 
DefCamp 2013 - Are we there yet?
DefCamp 2013 - Are we there yet?DefCamp 2013 - Are we there yet?
DefCamp 2013 - Are we there yet?DefCamp
 
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxIoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxmariuse18nolet
 
mLearning planning tools and qrcodes
mLearning planning tools and qrcodesmLearning planning tools and qrcodes
mLearning planning tools and qrcodesInge de Waard
 
Gsm security- a survey and evaluation of the current situation
Gsm security- a survey and evaluation of the current situationGsm security- a survey and evaluation of the current situation
Gsm security- a survey and evaluation of the current situationJamal Meselmani
 
IoT – Breaking Bad
IoT – Breaking BadIoT – Breaking Bad
IoT – Breaking BadNUS-ISS
 
Mobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the AttackerMobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the Attackerbugcrowd
 

Contenu connexe

Tendances

Dorking & Pentesting with Tacyt
Dorking & Pentesting with TacytDorking & Pentesting with Tacyt
Dorking & Pentesting with TacytChema Alonso
 
Hacking Airwaves with Pineapples
Hacking Airwaves with PineapplesHacking Airwaves with Pineapples
Hacking Airwaves with PineapplesHostway|HOSTING
 
Personal Data Security in a Digital World
Personal Data Security in a Digital WorldPersonal Data Security in a Digital World
Personal Data Security in a Digital Worldalxdvs
 
Intermediate Vocabulary on Tech
Intermediate Vocabulary on TechIntermediate Vocabulary on Tech
Intermediate Vocabulary on TechLaurie Barth
 
A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)
A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)
A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)FFRI, Inc.
 
Power Point Hacker
Power Point HackerPower Point Hacker
Power Point Hackeryanizaki
 
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...viaForensics
 
AndroIDS: Mobile Security Reloaded
AndroIDS: Mobile Security ReloadedAndroIDS: Mobile Security Reloaded
AndroIDS: Mobile Security ReloadedJaime Sánchez
 
Computing on the Move - Mobile Security
Computing on the Move - Mobile SecurityComputing on the Move - Mobile Security
Computing on the Move - Mobile SecurityAVG Technologies AU
 

Tendances (12)

Dorking & Pentesting with Tacyt
Dorking & Pentesting with TacytDorking & Pentesting with Tacyt
Dorking & Pentesting with Tacyt
 
Hacking Airwaves with Pineapples
Hacking Airwaves with PineapplesHacking Airwaves with Pineapples
Hacking Airwaves with Pineapples
 
Personal Data Security in a Digital World
Personal Data Security in a Digital WorldPersonal Data Security in a Digital World
Personal Data Security in a Digital World
 
Intermediate Vocabulary on Tech
Intermediate Vocabulary on TechIntermediate Vocabulary on Tech
Intermediate Vocabulary on Tech
 
A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)
A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)
A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)
 
Power Point Hacker
Power Point HackerPower Point Hacker
Power Point Hacker
 
Hacking final
Hacking finalHacking final
Hacking final
 
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
 
AndroIDS: Mobile Security Reloaded
AndroIDS: Mobile Security ReloadedAndroIDS: Mobile Security Reloaded
AndroIDS: Mobile Security Reloaded
 
Computing on the Move - Mobile Security
Computing on the Move - Mobile SecurityComputing on the Move - Mobile Security
Computing on the Move - Mobile Security
 
The state of the art in iOS Forensics
The state of the art in iOS ForensicsThe state of the art in iOS Forensics
The state of the art in iOS Forensics
 
IoT - Rise of New Zombies Army
IoT - Rise of New Zombies ArmyIoT - Rise of New Zombies Army
IoT - Rise of New Zombies Army
 

Similaire à Hacking Roman Codes with Mobile Phones

Introduction to the Internet of Things
Introduction to the Internet of ThingsIntroduction to the Internet of Things
Introduction to the Internet of Thingsardiri
 
2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer ConferenceFabio Pietrosanti
 
Sperasoft talks: Android Security Threats
Sperasoft talks: Android Security ThreatsSperasoft talks: Android Security Threats
Sperasoft talks: Android Security ThreatsSperasoft
 
The Library in Your Pocket: Mobile Trends for Libraries
The Library in Your Pocket: Mobile Trends for LibrariesThe Library in Your Pocket: Mobile Trends for Libraries
The Library in Your Pocket: Mobile Trends for LibrariesMeredith Farkas
 
DefCamp 2013 - Are we there yet?
DefCamp 2013 - Are we there yet?DefCamp 2013 - Are we there yet?
DefCamp 2013 - Are we there yet?DefCamp
 
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxIoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxmariuse18nolet
 
mLearning planning tools and qrcodes
mLearning planning tools and qrcodesmLearning planning tools and qrcodes
mLearning planning tools and qrcodesInge de Waard
 
Gsm security- a survey and evaluation of the current situation
Gsm security- a survey and evaluation of the current situationGsm security- a survey and evaluation of the current situation
Gsm security- a survey and evaluation of the current situationJamal Meselmani
 
IoT – Breaking Bad
IoT – Breaking BadIoT – Breaking Bad
IoT – Breaking BadNUS-ISS
 
Mobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the AttackerMobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the Attackerbugcrowd
 
The Internet Of Insecure Things: 10 Most Wanted List - Derbycon 2014
The Internet Of Insecure Things: 10 Most Wanted List - Derbycon 2014The Internet Of Insecure Things: 10 Most Wanted List - Derbycon 2014
The Internet Of Insecure Things: 10 Most Wanted List - Derbycon 2014Security Weekly
 
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?acijjournal
 
Mobile Penetration Testing: Episode III - Attack of the Code
Mobile Penetration Testing: Episode III - Attack of the CodeMobile Penetration Testing: Episode III - Attack of the Code
Mobile Penetration Testing: Episode III - Attack of the CodeNowSecure
 
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatThe Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatDuo Security
 
PROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYSylvain Martinez
 
Tips of Mobile Application Security
Tips of Mobile Application SecurityTips of Mobile Application Security
Tips of Mobile Application SecurityMarie Weaver
 
OWASP Mobile Top 10
OWASP Mobile Top 10OWASP Mobile Top 10
OWASP Mobile Top 10NowSecure
 
Penetration testing of i phone-ipad applications
Penetration testing of i phone-ipad applicationsPenetration testing of i phone-ipad applications
Penetration testing of i phone-ipad applicationsshehab najjar
 

Similaire à Hacking Roman Codes with Mobile Phones (20)

Introduction to the Internet of Things
Introduction to the Internet of ThingsIntroduction to the Internet of Things
Introduction to the Internet of Things
 
2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference
 
Sperasoft talks: Android Security Threats
Sperasoft talks: Android Security ThreatsSperasoft talks: Android Security Threats
Sperasoft talks: Android Security Threats
 
The Library in Your Pocket: Mobile Trends for Libraries
The Library in Your Pocket: Mobile Trends for LibrariesThe Library in Your Pocket: Mobile Trends for Libraries
The Library in Your Pocket: Mobile Trends for Libraries
 
DefCamp 2013 - Are we there yet?
DefCamp 2013 - Are we there yet?DefCamp 2013 - Are we there yet?
DefCamp 2013 - Are we there yet?
 
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxIoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
 
mLearning planning tools and qrcodes
mLearning planning tools and qrcodesmLearning planning tools and qrcodes
mLearning planning tools and qrcodes
 
Gsm security- a survey and evaluation of the current situation
Gsm security- a survey and evaluation of the current situationGsm security- a survey and evaluation of the current situation
Gsm security- a survey and evaluation of the current situation
 
IoT – Breaking Bad
IoT – Breaking BadIoT – Breaking Bad
IoT – Breaking Bad
 
Mobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the AttackerMobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the Attacker
 
The Internet Of Insecure Things: 10 Most Wanted List - Derbycon 2014
The Internet Of Insecure Things: 10 Most Wanted List - Derbycon 2014The Internet Of Insecure Things: 10 Most Wanted List - Derbycon 2014
The Internet Of Insecure Things: 10 Most Wanted List - Derbycon 2014
 
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
 
Mobile Penetration Testing: Episode III - Attack of the Code
Mobile Penetration Testing: Episode III - Attack of the CodeMobile Penetration Testing: Episode III - Attack of the Code
Mobile Penetration Testing: Episode III - Attack of the Code
 
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatThe Internet of Things: We've Got to Chat
The Internet of Things: We've Got to Chat
 
PROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITY
 
Tips of Mobile Application Security
Tips of Mobile Application SecurityTips of Mobile Application Security
Tips of Mobile Application Security
 
OWASP Mobile Top 10
OWASP Mobile Top 10OWASP Mobile Top 10
OWASP Mobile Top 10
 
NWSLTR_Volume5_Issue2
NWSLTR_Volume5_Issue2NWSLTR_Volume5_Issue2
NWSLTR_Volume5_Issue2
 
Penetration testing of i phone-ipad applications
Penetration testing of i phone-ipad applicationsPenetration testing of i phone-ipad applications
Penetration testing of i phone-ipad applications
 

Dernier

"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 

Dernier (20)

"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 

Hacking Roman Codes with Mobile Phones

  • 1. Historical code cracking with phones: What if Pontus, the Gauls, Germans, Nervii, Egyptians and Helvetii had iphones?Over The Air 2011, Bletchley Park http://www.mobilephonesecurity.org David Rogers, Copper Horse Solutions Ltd. 1st October 2011
  • 2. http://www.mobilephonesecurity.org Some Information About Me 12 years in the mobile industry Hardware and software background Head of Product Security at Panasonic Mobile Worked with industry and government on IMEI and SIMlock security Pioneered some early work in mobile phone forensics Brought industry together on security information sharing Director of External Relations at OMTP Programme Manager for advanced hardware security tasks Chair of Incident Handling task Head of Security and Chair of Security Group at WAC Owner and Director at Copper Horse Solutions Blog: http://blog.mobilephonesecurity.org, Twitter: @drogersuk About Copper Horse Solutions Ltd. Established in 2011 Software and security company Focussed on the mobile phone industry Services: Mobile phone security consultancy Industry expertise Standards representation Mobile application development http://www.copperhorsesolutions.com
  • 3. Histiaeous http://www.mobilephonesecurity.org In 499BC sent a trusted slave to encourage a revolt against the Persians Shaved the head of the slave Tattooed a message to his head, let the hair grow back Recipient shave off the slave’s hair to get the message This is an early form of steganography From: http://www.retroworks.co/scytale.htm
  • 4. Scytale http://www.mobilephonesecurity.org Transposition cipher Ancient Greeks, particularly the Spartans used it for military communication (also apparently used by the Romans): From: http://www.retroworks.co/scytale.htm
  • 5. CAESAR Shift http://www.mobilephonesecurity.org Supposedly used by Caesar to protect military messages – by shifting the alphabet 3 places to the left: Still used today (scarily!) – e.g. ROT13 It helped that a lot of Caesar’s enemies were illiterate anyway… From: http://www.retroworks.co/scytale.htm
  • 6. Phaistos Disc… http://www.mobilephonesecurity.org Still plenty of mystery text to decipher out there… Source: PRA
  • 7. Code Cracking Challenge http://www.mobilephonesecurity.org After each battle I describe there will be some codes to crack in which you would be able to change the course of history. You can also get these at: http://blog.mobilephonesecurity.org From: http://www.retroworks.co/scytale.htm
  • 8. Some Source Code to Help! http://www.mobilephonesecurity.org Hint: The codes are all Caesar ciphers but with different rotations https://github.com/mkoby/RotationCipher (not mine!) and a cheat: http://textmechanic.com/ROT13-Caesar-Cipher.html
  • 9. Julius Caesar (Briefly!) http://www.mobilephonesecurity.org 100BC – 44BC Spent 9 years campaigning in Gaul (and made a fortune) Invaded Britain Was involved in a civil war with Pompey Defeated the Egyptians Assassinated on the ‘Ides of March’ in 44BC
  • 11. List of Battles http://www.mobilephonesecurity.org 58BC Battle of the Arar – Helvetii 58BC Battle of Vosges - Germans 57BC Battle of the Sabis – Nervii 52BC Battle of Alesia - Gauls 47BC Battle of the Nile - Egyptians 47BC Battle of Zela - Pontus
  • 12. Battle of the Arar http://www.mobilephonesecurity.org 58BC Caesar v Helvetii, Switzerland
  • 13. Break This Roman Code! http://www.mobilephonesecurity.org Also here: http://blog.mobilephonesecurity.org Can the Helvetians defeat Caesar? bgxxwfhkxmbfxyhkkxbgyhkvxfxgml
  • 14. Battle of Vosges http://www.mobilephonesecurity.org 58BC Caesar v Germans, River Rhine, Alsace
  • 15. Break This Roman Code! http://www.mobilephonesecurity.org Also here: http://blog.mobilephonesecurity.org Should the Germans attack the Romans? bpmumvizmnqopbqvonqbemkivpwtlwcbnwzivwbpmzemms
  • 16. Battle of the Sabis http://www.mobilephonesecurity.org 57BC Caesar v Nervii, Wallonia
  • 17. Break This Roman Code! http://www.mobilephonesecurity.org Also here: http://blog.mobilephonesecurity.org Are the Nervii ready for Caesar? muqhuweydwjeruqjiqryiydjmetqoi
  • 18. Battle of ALesia http://www.mobilephonesecurity.org 52BC Caesar v Gauls, France
  • 19. Break This Roman Code! http://www.mobilephonesecurity.org Also here: http://blog.mobilephonesecurity.org Is there anything the Gauls do to help themselves? qebobfpxtbxhmlfkqfklrotxiikbxoqebqobbp
  • 20. Battle of the NILE http://www.mobilephonesecurity.org 47BC Caesar & Cleopatra v Ptoloemic forces, Alexandria, Egypt
  • 21. Break This Roman Code! http://www.mobilephonesecurity.org Also here: http://blog.mobilephonesecurity.org Are the Egyptians ready for action? wbssrgiddcfhhcpfsoycihobrtwuvhdhczsam
  • 22. Battle of Zela http://www.mobilephonesecurity.org 47BC Caesar v Pontus, Turkey
  • 23. Break This Roman Code! http://www.mobilephonesecurity.org Also here: http://blog.mobilephonesecurity.org Save Pontus? sbkfsfafsfzf
  • 24. http://www.mobilephonesecurity.org Mobile Phones! Open discussion on mobile application security
  • 25. Don’t Use Roman Codes! http://www.mobilephonesecurity.org ROT13 and XORing / obfuscation are not adequate!! Modern crypto (not surprisingly) is significantly better However, developers don’t have access to secure hardware APIs on mobile 
  • 26. Mobile Development http://www.mobilephonesecurity.org How are you storing keys for both symmetric and asymmetric ciphers? Common issue amongst developers Also application signing keys
  • 27. Mobile Development http://www.mobilephonesecurity.org Think about security when designing your apps Are you playing fast and loose with your users’ private data? Have you explained to users why you used certain permissions? What have you (not) encrypted? Is your application designed badly? – gift to hackers / fraudsters? E.g. asking for credit card details from a QR code
  • 28. Mobile Development http://www.mobilephonesecurity.org Do your research Are you using weak / insecure methods? Do you understand basic secure coding techniques? Do you understand the platform security guidelines?
  • 29. Discussion http://www.mobilephonesecurity.org From: http://stackoverflow.com/questions/4671859/storing-api-keys-in-android-is-obfustication-enough
  • 30. Discussion http://www.mobilephonesecurity.org “I look at KeyStore but it does not really solve my problem. It can store my keys given that I can provide a password. Then I need to find a secure place to store this password which is same as my original problem.”
  • 31. Platform Security Guidelines http://www.mobilephonesecurity.org Apple: http://developer.apple.com/library/mac/#documentation/Security/Conceptual/SecureCodingGuide/Introduction.html Android:http://developer.android.com/guide/topics/security/security.html Blackberry: http://docs.blackberry.com/en/developers/deliverables/29302/index.jsp?name=Security+-+Development+Guide+-+BlackBerry+Java+SDK7.0&language=English&userType=21&category=Java+Development+Guides+and+API+Reference&subCategory= Windows Phone 7 (Nokia Guidelines): http://www.developer.nokia.com/Community/Wiki/Windows_Phone_Platform_Security
  • 32. http://www.mobilephonesecurity.org Romans with iphones…. Contact Email: david.rogers@copperhorses.com Twitter: @drogersuk Blog: http://blog.mobilephonesecurity.org http://www.flickr.com/photos/laurenthaug/4127870976/sizes/l/in/photostream/
  • 33. http://www.mobilephonesecurity.org Code Solutions Don’t look at the next slide if you don’t want the answers!
  • 34. Code Solutions http://www.mobilephonesecurity.org Helvetii: I need more time for reinforcements (h shift) Germans: the men are fighting fit we can hold out for another week (s shift) Nervii: we are going to beat sabis in two days (k shift) Gauls: there is a weak point in our wall near the trees (d) Egyptians: I need support to break out and fight ptolemy (m shift) Pontus: venividivici(d shift) The famous: I came, I saw, I conquered message Of course, the Pontic army could not save themselves!

Notes de l'éditeur

  1. Picture – Julius Caesar and Divico parlay after the battle at the river SaoneThe Helvetian tribe were planning to migrate towards the west coast of Gaul, cutting off Gaul and causing a threat to Roman Spain.Mass migration of 300,000 people!Caesar had to play for time because of a lack of soldiersHelvetii were attacked during the night while crossing the riverCaesar ultimately chased down the Helvetii and they eventually surrendered after the battle of BribacteThree opportunities that the Helvetii could have seized:Discovering that Caesar had left RomeRealising that Caesar was playing for timeDiscovering Caesar’s planned night time attack for the river crossing
  2. 58BC Caesar v GermansLocation: River Rhine, AlsaceGerman tribes (Suebi and others) made a move into GaulAriovistus moved his camp onto the Roman supply lineHe delayed battle deliberately to starve and weaken the Roman soldiersRomans charged down on the Germans who formed a Phalanx with their shields – roman soldiers jumped onto the shields and wrenched them away, stabbing down onto the soldiersOn learning that the Germans believed in a prophecy that they should lose the battle if they fought before the new moon, Caesar forced a battle upon them immediately.Their leader Ariovistus escaped but was defeated. Caesar had forced the Germans out of GaulAriovistus could have realised that Caesar’s men were not starving and delayed the battle further, therefore defeating him once his men were truly weakened
  3. Caesar was surprised and nearly defeatedThey would not “partake of alcoholic beverages or other such imported Roman luxuries” – wine was banned by decree by the NerviiThe Nervii caught javelins in flight and hurled them back at legionnaires!Nervii used typical Gallic warfare tactics which could be defeated with missilesNervii used mounds of the fallen as ramparts by the end of the battleCaesar lost all of his standards and most of his centuriansNervii could have discovered how swiftly Caesar was travelling and ambushed before they reached the SabisResult was Caesar gained control of what is now Belgium
  4. Vercingetorix and Julius CaesarSeige around a hill fortThe last major engagement between the Gauls and the RomansMarks the end of Celtic dominance80,000 fighting men were under seigeCaesar constructed a second wall around him, in case he was attacked after some cavalry managed to break out of the seigeCaesar would not allow the women and children out of the seige, so they were left to starve in no-mans land.The relief force arrivedRomans were also beginning to starve as they were being beseigedLots of skirmishes and combined attacks from without and withinGauls discovered a weakness in the walls that was hidden (this is a point that could have been exploited earlier if the Gauls had known)The Roman cavalry defended this and nearly collapsed, Caesar sent a force of 6000 cavalry to relieve them and defeated the 60,000 attackersSeeing the defeat of the relief force, Vercingetorix surrendered to Caesar
  5. (after civil war with Pompey)Roman ‘peacekeeping’ between King Ptolemy and Cleopatra (his sister) in the Egyptian civil warCaesar was relatively cut off in Alexandria but sent a message for allied supportPtolemy died when his ship capsized while escapingCaesar installed Cleopatra on the throne of EgyptCaesar could have been defeated had the Egyptians been able to cut him off from his ally, Mithridates
  6. After the battle of the Nile, Caesar travelled up to fight Pharnaces after he had defeated a roman army and committeed atrocities against prisoners and civiliansCaesar refused appeals for peace as he approachedAs Caesar’s troops were setting up their camp on a nearby hilltop, the Pontic army attacked from their own safe strategic hilltop postionAlthough initially successful, the romans recovered and drove the Pontics back fown the hill, routing themPharnaces escaped only to be later killed by one of his ownThe whole campaign lasted only 5 days.After the battle, Caesar sent his famous message, Veni, vidi, vici – I came, I saw, I conquered ***