Internet warriors hone skills at Black Hat - DefCon
Tuesday 27 July 2010
Internet warriors are gathering this week to explore chinks in the armors of computers, bank teller machines, mobile phones, power grids, and other "smart" devices intrinsic to modern life.
Black Hat USA kicks off in Las Vegas on Wednesday with briefings at which security professionals from technology firms including Microsoft and Cisco will dissect ways to safeguard or foil computers.
Black Hat segues on Friday into DefCon, an infamous annual assembly of hackers that pride themselves on finding ways around computer defenses.
Attendance at the events overlaps, with security professionals and software rogues sharing insights in an irreverent setting that has become a recruiting ground for US law enforcement agencies.
"Black Hat is a place where security researchers go to show off their work and get peer feedback," said Jeff Moss, who founded and runs both gatherings.
"DefCon is the fun stuff they don't have time to do in their day jobs."
The packed roster of topics at Black Hat will include hacks that make automated teller machines spew cash and the vulnerability of nuclear power plants, chemical factories and other online systems.
Hot trends are expected to include vulnerabilities of smartphones along with how hackers, and the crime fighters trying to catch them, are adapting to programs hosted as services in the Internet "cloud."
"There is a continuing focus on ways the current Web works and how to attack that," said Moss, whose hacker name is Dark Tangent. "Smartphones are a big target."
Attacks aimed at Internet browsers continue to grow as more aspects of people's lives go online.
Hackers are hiding malicious viruses in mini-applications, videos and other files to take advantage of the trust with which people share and download digital content.
Tracks focused on cyber war, government technology policy, and organized crime have been added this year.
A "Chinese Cyber-army" presentation by the chief technology officer of Taiwan-based Armorize Technologies was yanked by the company, reportedly due to concerns it would anger Chinese officials.
"That is a shame, because they had real numbers and these guys were going to really frame the size of the problem," Moss said of the canceled presentation of data about China-backed hacking during the past decade.
"This is the environment we are all living in. We'd better have our eyes open."
DefCon is "an order of magnitude cheaper" than Black Hat and notoriously attracts the kinds of basement-dwelling computer savants portrayed as quirky geeks in Hollywood films.
DefCon's array of activities includes a lock picking village and a "capture the flag" contest to see who can break into a computer network and fend off rivals.
A "social engineering" contest will challenge contestants to prove how adept they are at telephoning people at companies and talking them into revealing information that hackers could use to crack networks.
"There is a lot of voodoo and mysticism around social engineering," Moss said. "We are trying to clarify what works and what doesn't."
DefCon talks this year target the gamut of computerized gadgets and some unusual sessions, such one about how to "hack your own body."
"We like DefCon because it is a great forum for the right people," said lock-busting expert Marc Tobias, who will show how top locks from a set of well-known companies can be popped in seconds.
"Fingerprint locks, electromagnetic locks... all these guys are winning all kinds of awards and nobody wants to admit that Egyptian locks from four hundred years ago are more secure. Clever doesn't mean secure."
Lock picking has natural appeal in the world of hackers, since getting hold of a computer can make it easier to break into the machine.
Even DefCon badges keep with the theme, bearing computer circuitry that can be turned into radios, light message boards or other gadgets by hackers clever enough to bend the hardware to their wills.
So many national security officials speak or recruit at DefCon that the traditional game of "Spot the Fed" has been modified so that only hackers spotting a cop with a badge and actual arrest authority can win a T-shirt.
Black Hat attendance is up 35 percent this year and DefCon, which doesn't register people in advance, is expected to reflect a similar rise.
arts + entsThere were towering ideas, some scintillating performances and revelatory grooves... our writers pick out their personal highlights
elephant appealThe first 23 lots in our charity auction have now gone. But there are 22 more still up for grabs
elephant appealPrince William signs up for our charity appeal
peoplePrepare to be entranced by worms as the molecular biologist gets ready to give the Royal Institution science lectures
elephant appealSo says man jailed for cutting off dead elephant's tusks
booksWe examine the best titles for teens
voicesPeople moan that Christmas is too commercial, the spirit lost. But it is a time to over-indulge, and always has been, says DJ Taylor
scienceResearchers teach border collie to understand sentences using more than 1,000 words
booksA Christmas story in six parts
travelWill high-value tourism help the workshops of this Renaissance city?
food + drinkA trifle without custard? Surely not! Nonsense – and here’s three to finish your festive meal that prove it
Geoffrey Macnab does not like the comedian's big screen debut
Life & Style blogs
Drunken assaults, drug abuse, spiked drinks – and a young couple in a pine tree: Not a very merry Christmas for the paramedics
The 10 Best Scotch Whiskies
America's 'virgin births'? One in 200 mothers 'became pregnant without having sex'
GTA 5: Rockstar bans gamers stealing in-game money worth millions
Winter Solstice 2013: Shortest day of the year marked with 'knitted' Google Doodle
- 1 Top PR exec Justine Sacco under fire for sending racist tweet before flying to Africa
- 2 French pub fined €9,000 after customers returned empties to bar - because it's 'undeclared labour'
- 3 Sun will 'flip upside down' within weeks, says Nasa
- 4 The publisher who played with fire: the battle for control of Larsson's £30m legacy
- 5 Police seize possessions of rough sleepers in crackdown on homelessness
- < Previous
- Next >
iJobs Gadgets & Tech
£50000 - £55000 per annum + excellent company benefits: Pro-Recruitment Group:...
£40000 - £65000 per annum + Benefits : Harrington Starr: C#.NET Developer (WPF...
£45000 - £65000 per annum + London: Harrington Starr: Senior Automation QA Eng...
£25000 - £35000 per annum + benefits+bonus+package: Harrington Starr: PHP Deve...