BlackhatUS 2015 Aug. 1, 2015 to Aug. 6, 2015, Las vegas,usa

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
THE LIFECYCLE OF A REVOLUTION Jennifer Granick In the early days of the public internet, we believed that we were helping build ...
ABUSING SILENT MITIGATIONS - UNDERSTANDING WEAKNESSES WITHIN INTERNET EXPLORERS ISOLATED HEAP AND MEMORYPROTECTION Brian Gorenc , Simon Zuckerbraun , Abdul-aziz Hariri In the Summer of 2014, Microsoft silently introduced two new exploit mitigations into Internet Explorer ...
ABUSING WINDOWS MANAGEMENT INSTRUMENTATION (WMI) TO BUILD A PERSISTENT ASYNCHRONOUS AND FILELESS BACKDOOR Matthew Graeber Imagine a technology that is built into every Windows operating system going back to Windows ...
ABUSING XSLT FOR PRACTICAL ATTACKS Fernando Arnaboldi Over the years, XML has been a rich target for attackers due to flaws in ...
ADVANCED IC REVERSE ENGINEERING TECHNIQUES: IN DEPTH ANALYSIS OF A MODERN SMART CARD Olivier Thomas Hardware attacks are often overlooked since they are generally considered to be complex and resource ... IncludeThinkstScapes
ADVENTURES IN FEMTOLAND: 350 YUAN FOR INVALUABLE FUN Alexey Osipov , Alexander Zaitsev GSM networks are compromised for over five years. Starting from passive sniffing of unencrypted traffic, ...
AH! UNIVERSAL ANDROID ROOTING IS BACK Wen Xu In recent months, we focus on bug hunting to achieve root on android devices. Our ...
ANDROID SECURITY STATE OF THE UNION Adrian Ludwig The world of security is riddled with assumptions and guesses. Using data collected from hundreds ...
API DEOBFUSCATOR: RESOLVING OBFUSCATED API FUNCTIONS IN MODERN PACKERS Seokwoo Choi Modern packers use API obfuscation techniques to obstruct malware sandboxes and reverse engineers. In such ...
ASSESSING AND EXPLOITING BIGNUM VULNERABILITIES Ralf-Philipp Weinmann The majority of deployed asymmetric cryptography implementations (RSA, DH, ECDH/ECDSA with GF(p) curves) need to ...
ATTACKING ECMASCRIPT ENGINES WITH REDEFINITION Natalie Silvanovich The dynamic nature of ECMAScript allows for functions and properties to be redefined in a ...
ATTACKING HYPERVISORS USING FIRMWARE AND HARDWARE Yuriy Bulygin , Oleksandr Bazhaniuk , Alexander Matrosov , Mikhail Gorobets In this presentation, we explore the attack surface of modern hypervisors from the perspective of ...
ATTACKING INTEROPERABILITY - AN OLE EDITION Haifei Li , Bing Sun Object Linking and Embedding (OLE) is a technology based on Component Object Model (COM) allowing ...
ATTACKING YOUR TRUSTED CORE: EXPLOITING TRUSTZONE ON ANDROID Di Shen For years fingerprint scanning has been supported in many Android devices. Fingerprint scanning on ARM ...
AUTOMATED HUMAN VULNERABILITY SCANNING WITH AVA Laura Bell It will not be a surprise to you that of all the elements within our ...
BACK DOORS AND FRONT DOORS BREAKING THE UNBREAKABLE SYSTEM Matthew Green , James Denaro Governments are demanding backdoor access to encrypted data - particularly on mobile devices and in ...
BATTLE OF THE SKM AND IUM: HOW WINDOWS 10 REWRITES OS ARCHITECTURE Alex Ionescu In Windows 10, Microsoft is introducing a radical new concept to the underlying OS architecture, ...
BEHIND THE MASK: THE AGENDA TRICKS AND TACTICS OF THE FEDERAL TRADE COMMISSION AS THEY REGULATE CYBERSECURITY Michael Daugherty While the FTC, FCC and Homeland Security joust over who is going to regulate the ...
BGP STREAM Dan Hubbard , Andree Toonk BGP is the fabric of routing on the Internet today. There are approximately half a ...
BIG GAME HUNTING: THE PECULIARITIES OF NATION-STATE MALWARE RESEARCH Morgan Marquis-boire , Claudio Guarnieri , Marion Marschalek The security industry focus on state-sponsored espionage is a relatively recent phenomenon. Since the Aurora ...
BREAKING ACCESS CONTROLS WITH BLEKEY Eric Evenchick , Mark Baseggio RFID access controls are broken. In this talk, we will demonstrate how to break into ...
BREAKING HONEYPOTS FOR FUN AND PROFIT Gadi Evron , Dean Sysman , Itamar Sher We will detect, bypass, and abuse honeypot technologies and solutions, turning them against the defender. ...
BREAKING HTTPS WITH BGP HIJACKING Artyom Gavrichenkov BGP hijacking is now a reality: it happens often (mostly in the form of route ...
BREAKING PAYLOADS WITH RUNTIME CODE STRIPPING AND IMAGE FREEZING Collin Mulliner , Matthias Neugschwandtner Fighting off attacks based on memory corruption vulnerabilities is hard and a lot of research ...
BRING BACK THE HONEYPOTS Haroon Meer , Marco Slaviero Honeypots were all the rage in the 90's - A raft of tools (and even ... IncludeThinkstScapes
BRINGING A CANNON TO A KNIFE FIGHT Adam Kozy , Johannes Gilger Chinas Great Cannon (GC), the offensive standalone system that serves as a complement to its ...
BROADCASTING YOUR ATTACK: SECURITY TESTING DAB RADIO IN CARS Andy Davis Digital Audio Broadcasting (DAB) radio receivers can be found in many new cars and are ...
BYPASS CONTROL FLOW GUARD COMPREHENSIVELY Yunhai Zhang Control Flow Guard (CFG) is an exploit mitigation technique that Microsoft enabled in Windows 8.1 ...
BYPASS SURGERY ABUSING CONTENT DELIVERY NETWORKS WITH SERVER-SIDE-REQUEST FORGERY (SSRF) FLASH AND DNS Matthew ‘mandat0ry’ Bryant , Mike Brooks It is unlikely when a bug affects almost every CDN and it becomes vulnerable, but ...
CERTIFI-GATE: FRONT-DOOR ACCESS TO PWNING MILLIONS OF ANDROIDS Ohad Bobrov , Avi Bashan Hundreds of millions of Android devices, including those running Lollipop, the latest and most secure ...
CLONING 3G/4G SIM CARDS WITH A PC AND AN OSCILLOSCOPE: LESSONS LEARNED IN PHYSICAL SECURITY Yu Yu Recently, documents leaked from Edward Snowden alleged that NSA and GCHQ had stolen millions of ...
COMMERCIAL MOBILE SPYWARE - DETECTING THE UNDETECTABLE Joshua Dalman , Valerie Hantke Research shows commercial spyware is becoming common place. These programs turn smartphones into effective spy ...
CRACKLORD: MAXIMIZING PASSWORD CRACKING BOXES Lucas Morris , Michael Mcatee Over the past several years the world of password cracking has exploded with new tools ...
CRASH , PAY: HOW TO OWN AND CLONE CONTACTLESS PAYMENT DEVICES Peter Fillmore With all this talk about NFC payments (Apple Pay, Google Wallet, etc.), are there claims ...
DANCE LIKE NOBODYS WATCHING ENCRYPT LIKE EVERYONE IS: A PEEK INSIDE THE BLACK HAT NETWORK Neil Wyler , Bart Stump Every year thousands of security professionals descend upon Las Vegas to learn the latest and ...
DATA-DRIVEN THREAT INTELLIGENCE: METRICS ON INDICATOR DISSEMINATION AND SHARING Alex Pinto , Alexandre Sieira For the past 18 months, Niddel have been collecting threat intelligence indicator data from multiple ...
DEEP LEARNING ON DISASSEMBLY Matt Wolff , Andrew Davis Recently, the application of deep learning techniques to natural language processing has led to state-of-the-art ...
DEFEATING MACHINE LEARNING: WHAT YOUR SECURITY VENDOR IS NOT TELLING YOU Bob Klein , Ryan Peters Machine learning is rapidly gaining popularity in the security space. Many vendors and security professionals ...
DEFEATING PASS-THE-HASH: SEPARATION OF POWERS Seth Moore , Baris Saydag The harvest and reuse of symmetric credentials has become a linchpin of system breaches. Under ...
DISTRIBUTING THE RECONSTRUCTION OF HIGH-LEVEL INTERMEDIATE REPRESENTATION FOR LARGE SCALE MALWARE ANALYSIS Rodrigo Rubira Branco , Gabriel negreira Barbosa , Eugene Rodionov , Alexander Matrosov Malware is acknowledged as an important threat and the number of new samples grows at ...
DOM FLOW - UNTANGLING THE DOM FOR MORE EASY-JUICY BUGS Ahamed Nafeez Modern day web applications are quite JavaScript heavy and its only going to get worse ...
EMANATE LIKE A BOSS: GENERALIZED COVERT DATA EXFILTRATION WITH FUNTENNA Ang Cui Funtenna is a software-only technique which causes intentional compromising emanation in a wide spectrum of ...
EXPLOITING OUT-OF-ORDER EXECUTION FOR COVERT CROSS-VM COMMUNICATION Sophia D'antoine This presentation will demonstrate a novel side channel exploiting CPU out-of-order-execution to enable covert cross-VM ...
EXPLOITING THE DRAM ROWHAMMER BUG TO GAIN KERNEL PRIVILEGES Halvar Flake , Mark Seaborn "Rowhammer" is a problem with DRAM in which repeatedly accessing a row of memory can ... IncludeThinkstScapes
EXPLOITING XXE VULNERABILITIES IN FILE PARSING FUNCTIONALITY Willis Vandevanter In this 25-minute briefing, we will discuss techniques for exploiting XXE vulnerabilities in File Parsing/Upload ...
FAUX DISK ENCRYPTION: REALITIES OF SECURE STORAGE ON MOBILE DEVICES Daniel A. Mayer , Drew Suarez The number of mobile users has recently surpassed the number of desktop users, emphasizing the ...
FILECRY - THE NEW AGE OF XXE Xiaoran Wang , Sergey Gorbaty Xml eXternal Entities (XXE) is one of the most deadly vulnerabilities on the Internet, and ...
FINGERPRINTS ON MOBILE DEVICES: ABUSING AND LEAKING Yulong Zhang , Tao Wei Unlike passwords, fingerprints last a lifetime and are usually associated with critical identities. Thus, the ...
FORGING THE USB ARMORY AN OPEN SOURCE SECURE FLASH-DRIVE-SIZED COMPUTER Andrea Barisani , Daniele Bianco N/A
FROM FALSE POSITIVES TO ACTIONABLE ANALYSIS: BEHAVIORAL INTRUSION DETECTION MACHINE LEARNING AND THE SOC Joseph Zadeh This talk outlines an approach to modeling human behavior in network traffic with the goal ...
FUZZING ANDROID SYSTEM SERVICES BY BINDER CALL TO ESCALATE PRIVILEGE Guang Gong Binder is the IPC Mechanism in Android. It's used in Communication not only between processes ...
GAMEOVER ZEUS: BADGUYS AND BACKENDS Michael Sandee , Tillmann Werner , Elliott Peterson This presentation will detail many of the individuals responsible for GameOver Zeus and Cryptolocker, summarize ...
GRAPHIC CONTENT AHEAD: TOWARDS AUTOMATED SCALABLE ANALYSIS OF GRAPHICAL IMAGES EMBEDDED IN MALWARE Alex Long While automated approaches to static and dynamic malware analysis are key pieces of todays malware ...
HARNESSING INTELLIGENCE FROM MALWARE REPOSITORIES Arun Lakhotia , Vivek Notani The number of unique malware has been doubling every year for over two decades. The ...
HI THIS IS URGENT PLZ FIX ASAP: CRITICAL VULNERABILITIES AND BUG BOUNTY PROGRAMS Kymberlee Price No More Free Bugs led to Bug Bounties, but some people believe that bug bounty ...
HIDDEN RISKS OF BIOMETRIC IDENTIFIERS AND HOW TO AVOID THEM Thomas Keenan Technology that identifies you by something you are is showing up in e-passports, laptop login ...
HOW TO HACK GOVERNMENT: TECHNOLOGISTS AS POLICY MAKERS Ashkan Soltani , Terrell Mcsweeny As the leading federal agency responsible for protecting your privacy rights online, technology is at ...
HOW TO IMPLEMENT IT SECURITY AFTER A CYBER MELTDOWN Christina Kubecka The 2012 cyber attacks against Saudi Aramco and the Aramco family of affiliates was a ...
HOW VULNERABLE ARE WE TO SCAMS? Markus Jakobsson , Ting-fang Yen The number of Internet scams has increased in recent years. According to a survey by ...
INFORMATION ACCESS AND INFORMATION SHARING: WHERE WE ARE AND WHERE WE ARE GOING Alejandro Mayorkas Deputy Secretary of the Department of Homeland Security, Alejandro Mayorkas, will discuss the challenges of ...
INTERNET PLUMBING FOR SECURITY PROFESSIONALS: THE STATE OF BGP SECURITY Wim Remes The underbelly of the Internet has been in a precarious condition for a while now. ...
INTERNET-FACING PLCS - A NEW BACK ORIFICE Volker Roth , Johannes Klick , Stephan Lau , Daniel Marzin , Jan-ole Malchow Pretty much everyone should have realized by now that our modern societies critically depend on ...
INTERNET-SCALE FILE ANALYSIS Zachary Hanif , Tamas K. Lengyel , George Webster Malicious file analysis is well beyond the days when the humble PE32 file was all ...
IS THE NSA STILL LISTENING TO YOUR PHONE CALLS? A SURVEILLANCE DEBATE: CONGRESSIONAL SUCCESS OR EPIC FAIL Mark Jaycox , Jamil Jaffer At BlackHat 2014, we debated the NSA's collection of Americans' phone calls, emails, address books, ...
MOBILE POINT OF SCAM: ATTACKING THE SQUARE READER John Moore , Alexandrea Mellen , Artem Losev We consider the security of Square, Inc.'s mobile card-reading device, the Square Reader, across multiple ...
MOST RANSOMWARE ISNT AS COMPLEX AS YOU MIGHT THINK Engin Kirda In this presentation, hear the findings of new academic research into ransomware in which we ...
MY BRO THE ELK: OBTAINING CONTEXT FROM SECURITY EVENTS Travis Smith There are a number of powerful open source tools that empower us to collect, store ...
OPTIMIZED FUZZING IOKIT IN IOS Peng Xiao , Lei Long , Aimin Pan Fuzzing is the most common way of exploiting vulnerabilities, and IOKit is an ideal target ...
PANEL: GETTING IT RIGHT: STRAIGHT TALK ON THREAT , INFORMATION SHARING Kevin Bankston , Trey Ford , Brian Engle , Rebekah Brown , Mark Hammell Sharing information isn't hard - getting past backroom deals, NDAs and approval from general counsel ...
PANEL: HOW THE WASSENAAR ARRANGEMENTS EXPORT CONTROL OF INTRUSION SOFTWARE AFFECTS THE SECURITY INDUSTRY Katie Moussouris , Adriel Desautels , Dino Dai Zovi , Nate Cardozo , Collin Anderson , Kim Zetter In 2013, the group of countries that make up the Wassenaar Arrangement added "intrusion software" ...
PEN TESTING A CITY Greg Conti , Tom ( Decius ) Cross , David Raymond How would you take down a city? How would you prepare for and defend against ...
RED VS BLUE: MODERN ACTIVE DIRECTORY ATTACKS DETECTION AND PROTECTION Sean Metcalf Kerberos "Golden Tickets" were unveiled by Alva "Skip" Duckwall , Benjamin Delpy in 2014 during ... IncludeThinkstScapes
REMOTE EXPLOITATION OF AN UNALTERED PASSENGER VEHICLE Chris Valasek , Charlie Miller Although the hacking of automobiles is a topic often discussed, details regarding successful attacks, if ...
REMOTE PHYSICAL DAMAGE 101 - BREAD AND BUTTER ATTACKS Jason Larsen It is possible to physically damage equipment through purely cyber means. Most of the time ...
REPURPOSING ONIONDUKE: A SINGLE CASE STUDY AROUND REUSING NATION STATE MALWARE Joshua Pitts The news media is awash with nation-states and criminals reusing malware. Why should they have ...
RETURN TO WHERE? YOU CANT EXPLOIT WHAT YOU CANT FIND Ahmad-reza Sadeghi , Christopher Liebchen , Stephen Crane , Andrei Homescu Detecting and preventing exploitation of memory corruption vulnerabilities is highly challenging. Until now, no countermeasure ...
REVIEW AND EXPLOIT NEGLECTED ATTACK SURFACES IN IOS 8 Tielei Wang , Hao Xu , Xiaobo Chen The security design of iOS significantly reduces the attack surfaces for iOS. Since iOS has ...
ROCKING THE POCKET BOOK: HACKING CHEMICAL PLANT FOR COMPETITION AND EXTORTION Marina Krotofil The appeal of hacking a physical process is dreaming about physical damage attacks lighting up ...
ROPINJECTOR: USING RETURN ORIENTED PROGRAMMING FOR POLYMORPHISM AND ANTIVIRUS EVASION Giorgos Poulios , Christoforos Ntantogian , Christos Xenakis The downside of current polymorphism techniques lies to the fact that they require a writeable ...
SECURING YOUR BIG DATA ENVIRONMENT Ajit Gaddam Hadoop and big data are no longer buzz words in large enterprises. Whether for the ...
SERVER-SIDE TEMPLATE INJECTION: RCE FOR THE MODERN WEB APP James Kettle Simple inputs can conceal an {expansive} attack surface. Feature-rich web applications often embed user input ...
SMBV2: SHARING MORE THAN JUST YOUR FILES Jonathan Brossard , Hormazd Billimoria In this presentation, we detail a new attack vector against SMBv2, affecting all versions of ...
SOCIAL ENGINEERING THE WINDOWS KERNEL: FINDING AND EXPLOITING TOKEN HANDLING VULNERABILITIES James Forshaw One successful technique in social engineering is pretending to be someone or something you're not ...
SPREAD SPECTRUM SATCOM HACKING: ATTACKING THE GLOBALSTAR SIMPLEX DATA SERVICE Colby Moore Recently, there have been several highly publicized talks about satellite hacking. However, most only touch ...
STAGEFRIGHT: SCARY CODE IN THE HEART OF ANDROID Joshua j. Drake With over a billion activated devices, Android holds strong as the market leading smartphone operating ...
STAYING PERSISTENT IN SOFTWARE DEFINED NETWORKS Gregory Pickett The Open Network Install Environment, or ONIE, makes commodity or WhiteBox Ethernet possible. By placing ...
STRANGER DANGER! WHAT IS THE RISK FROM 3RD PARTY LIBRARIES? Jake Kouns Since Heartbleed, the (in)security of third party libraries has taken center stage in infosec thanks ...
SUBVERTING SATELLITE RECEIVERS FOR BOTNET AND PROFIT Sofiane Talmat New generation Set Top Boxes (Satellite receivers) are embedded linux boxes offering all the features ...
SWITCHES GET STITCHES Robert E. Lee , Eireann Leverett , Colin Cassidy This talk will introduce you to Industrial Ethernet Switches and their vulnerabilities. These are switches ...
TAKE A HACKER TO WORK DAY - HOW FEDERAL PROSECUTORS USE THE CFAA Leonard Bailey What would happen if Black Hat invited the Department of Justice (DOJ) to give us ...
TAKING EVENT CORRELATION WITH YOU Rob King Event correlation problems appear everywhere in information security and forensics: log analysis ("I'm seeing a ...
TARGETED TAKEDOWNS: MINIMIZING COLLATERAL DAMAGE USING PASSIVE DNS Paul A. Vixie When civil investigators and law enforcement officers aggressively pursue and takedown cyber criminal enterprises, that ...
TAXONOMIC MODELING OF SECURITY THREATS IN SOFTWARE DEFINED NETWORKING Jennia Hizver Recent advances in software defined networking (SDN) provide an opportunity to create flexible and secure ...
THE APPLICATIONS OF DEEP LEARNING ON TRAFFIC IDENTIFICATION Bo Liu , Zhanyi Wang , Chuanming Huang , Zhuo Zhang Generally speaking, most systems of network traffic identification are based on features. The features may ...
THE BATTLE FOR FREE SPEECH ON THE INTERNET Matthew Prince Google, Facebook, and Twitter all started out with admirable, lofty goals about preserving freedom of ...
THE KALI LINUX DOJO WORKSHOP #1: ROLLING YOUR OWN - GENERATING CUSTOM KALI LINUX 20 ISOS Mati Aharoni Pre-Registration Required: This workshop is completely full. There are no more seats available.
THE KALI LINUX DOJO WORKSHOP #2: KALI USB SETUPS WITH PERSISTENT STORES AND LUKS NUKE SUPPORT Kyle Wilhoit , Stephen Hilt Pre-Registration Required: This workshop is completely full. There are no more seats available. THE LITTLE ...
THE MEMORY SINKHOLE - UNLEASHING AN X86 DESIGN FLAW ALLOWING UNIVERSAL PRIVILEGE ESCALATION Christopher Domas In x86, beyond ring 0 lie the more privileged realms of execution, where our code ... IncludeThinkstScapes
THE NODEJS HIGHWAY: ATTACKS ARE AT FULL THROTTLE Maty Siman , Amit Ashbel The popularity of the Node.js coding language is soaring. Just five years after its debut, ...
THE NSA PLAYSET: A YEAR OF TOYS AND TOOLS Michael Ossmann Inspired by the contents of the leaked NSA ANT catalog, the NSA Playset project has ...
THE TACTICAL APPLICATION SECURITY PROGRAM: GETTING STUFF DONE Cory Scott , David Cintz How many times have we heard the following pieces of wisdom from CISOs or other ...
THESE ARE NOT YOUR GRAND DADDYS CPU PERFORMANCE COUNTERS - CPU HARDWARE PERFORMANCE COUNTERS FOR SECURITY Nishad Herath , Anders Fogh CPU hardware performance counters allow us to do low latency performance measuring, without special runtime ...
THIS IS DEEPERENT: TRACKING APP BEHAVIORS WITH (NOTHING CHANGED) PHONE FOR EVASIVE ANDROID MALWARE Yeongung Park , Jun Young Choi Malwares on Android platform are increasing every year by explosive growth over the years and ...
THUNDERSTRIKE 2: SITH STRIKE Xeno Kovah , Corey Kallenberg , Trammell Hudson The number of vulnerabilities in firmware disclosed as affecting Wintel PC vendors has been rising ...
TRUSTKIT: CODE INJECTION ON IOS 8 FOR THE GREATER GOOD Alban Diquet , Eric Castro , Angela On-kit Chow With the release of iOS 8, Apple has relaxed the rules regarding how code can ...
UNDERSTANDING AND MANAGING ENTROPY USAGE Bruce Potter , Sasha Wood As security and privacy concerns become an above the fold concern for the public at ...
UNDERSTANDING THE ATTACK SURFACE AND ATTACK RESILIENCE OF PROJECT SPARTANS NEW EDGEHTML RENDERING ENGINE Mark Vincent Yason EdgeHTML is the new rendering engine that will power the next generation web browser (codenamed ...
UNICORN: NEXT GENERATION CPU EMULATOR FRAMEWORK Nguyen Anh Quynh , Hoang-vu Dang CPU emulator is a program emulating the internal operation of a physical CPU in software. ...
USING STATIC BINARY ANALYSIS TO FIND VULNERABILITIES AND BACKDOORS IN FIRMWARE Christopher Kruegel , Yan Shoshitaishvili Over the last few years, as the world has moved closer to realizing the idea ...
WEB TIMING ATTACKS MADE PRACTICAL Timothy Morgan , Jason Morgan Timing side-channel attacks are a well-known class of flaw in cryptographic systems and applications in ...
WHEN IOT ATTACKS: HACKING A LINUX-POWERED RIFLE Runa a. Sandvik , Michael Auger TrackingPoint is an Austin startup known for making precision-guided firearms. These firearms ship with a ...
WHY SECURITY DATA SCIENCE MATTERS AND HOW ITS DIFFERENT: PITFALLS AND PROMISES OF DATA SCIENCE BASED BREACH DETECTION AND THREAT INTELLIGENCE Joshua Saxe As our networks generate an ever-larger deluge of security-relevant data, data science (machine learning, data ...
WINNING THE ONLINE BANKING WAR Sean Park Currently, most security products and financial institutions defending against banking malware rely on online banking ...
WRITING BAD @$$ MALWARE FOR OS X Patrick Wardle In comparison to Windows malware, known OS X threats are really quite lame. As an ...
WSUSPECT - COMPROMISING THE WINDOWS ENTERPRISE VIA WINDOWS UPDATE Paul Stone , Alex Chapman Ever wondered what really happens when you plug in a USB device and Windows begins ...