Zeroconf is a set of protocols and standards meant to create a sort of "plug n play" experience for networked devices and network services. This can be achieved through a combination of many different protocols, though primarily three. Namely, mDNS (RFC6762), DNS-SD (RFC6763), and Link-Local Addressing (RFC3927) make up the bulk of Zeroconf implementations. In this talk, we'll have fun together imagining some potential abuses of these protocols, look at some proofs of concept, and notice some interesting things about specific implementations along the way. Expect no zero-days -- In fact, I expect all of these have been thought of before -- but instead a casual meandering through some obvious abuses, complete with screenshots you'll have to squint to read.
Bio: "Hi, I'm David Dyck! Professionally I run the vulnerability management and penetration testing services at Security Resource Group (SRG), and I've been interested in the security field since I was a young teenager. I have a major degree in Linguistics and in Computer Science, and a minor in German (but don't try to speak German to me, I'll just embarrass myself!) Personally, I avoid computers and enjoy punishing myself with manual labour and farm work, reading a good book, or reading about Linguistics."