×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Reporters At Black Hat Get Bounced For Hacking

Soulskill posted more than 5 years ago | from the no-brownie-points-for-you dept.

It's funny.  Laugh. 128

rickb928 and several others have written to inform us that three reporters for the French publication "Global Security Magazine" were booted out of the Black Hat convention for uncovering the login information of other reporters. Quoting the AP: "The separate, wired Internet connections set up for reporters are supposed to be off-limits to hacking and the Wall of Sheep. Even so reporters who didn't take the extra step and log onto the Internet through an additional secure connection like a virtual private network, risked having their data exposed to colleagues sitting just feet away. It didn't appear to be a complicated hack. The network was working properly, but it wasn't set up to shield each journalist's computer from one another."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

128 comments

FP (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#24534259)

Frost Piss, free Tibet !

Re:FP (-1, Troll)

Anonymous Coward | more than 5 years ago | (#24534533)

Fucking niggers. They should be working the fields rather than hacking a network.

Re:FP (3, Insightful)

Ron_Fitzgerald (1101005) | more than 5 years ago | (#24534779)

Isn't about time /. just not allow anonymous first posts?

Re:FP (2, Funny)

McGiraf (196030) | more than 5 years ago | (#24536685)

Just start reading at the second post and do not reply to fist posts, not that hard.. Also The frosty pist at the top of the page tells you your are really on /. and that your DNS has not been hacked and redirected you to some fake ./ site.

Not Surprised (3, Insightful)

Anonymous Coward | more than 5 years ago | (#24534283)

Really, I'm not surprised at all that people were kicked out of The Black Hat "Hacker" Conference for hacking.

Just shows that Corporate sponsored Hacker conferences are a contradiction in terms

Re:Not Surprised (5, Funny)

Lehk228 (705449) | more than 5 years ago | (#24534605)

well technically he was bounced for GETTING CAUGHT hacking. there is a difference.

Re:Not Surprised (4, Informative)

fmwap (686598) | more than 5 years ago | (#24534679)

and even one more difference, from TFA:
Organizers said the trio was caught when they took their purloined password prizes to Wall of Sheep workers and asked them to post the information. The workers refused.

So...they turned themselves in.

To prove a point (4, Insightful)

SpaceLifeForm (228190) | more than 5 years ago | (#24534875)

That the wired lan was not secure.

The reporters that allowed their login/passwords
to be sniffed should be the ones exposed on the Wall of Sheep.

Talk about being led into a false sense of security.

They *knew* the Wireless was not secure.

But to *ASSUME* the wired LAN was to be trusted
clearly shows their ignorance of security.

The reporter that exposed the problem should not
be booted from future conferences, he should be
welcomed back!

Re:Not Surprised (4, Funny)

Adriax (746043) | more than 5 years ago | (#24535031)

The offending journalist was caught when, after stealing the passwords, he stood up and shouted "Yes, I am invincible!" with a bad russian accent.

Reminds me of a demoparty I once attended.. (2, Funny)

msgmonkey (599753) | more than 5 years ago | (#24536391)

where at one point all of a sudden some guy a few rows in front of me shouts out "I was blind but now I can see!" on of those moments only a coder can truely appreciate I guess :)

Re:Not Surprised (-1, Redundant)

Anonymous Coward | more than 5 years ago | (#24535059)

If by caught, you mean they went to the Wall of Shame to post their captured information.

Re:Not Surprised (-1)

Anonymous Coward | more than 5 years ago | (#24534793)

Apparently you are not familiar with what 'Black hat' means. The title to this post is very misleading.

Re:Not Surprised (1)

Elektroschock (659467) | more than 5 years ago | (#24536081)

And furthermore, just because people can you don't expect them to do as a matter of professional convenience. You don't piss in our own pool.

But here people just show what can be done.

It is illegal when its without consent, that might be the problem. Time for an NDA.

Did they forget there role? (4, Funny)

pauljuno (998497) | more than 5 years ago | (#24534291)

Did these journalist not understand what their role was at this event? The Wi-Fi connections were free targets and that was understood. The hard-wired connections were off limits to all involved and only for the press, as I understand it. What were they thinking?

Re:Did they forget there role? (0)

Anonymous Coward | more than 5 years ago | (#24534337)

Who cares about the role. You'd think the organizers of the Black Hat convention could properly secure a wired network. You could do all sorts of things to at least prevent what appears to be casual snooping.

I'd lay the blame with the Black Hat organizers. If you note, the journalists claim to have done this simply to educate their fellow journalists (they took it to the Wall of Sheep for display).

Re:Did they forget there role? (4, Insightful)

SanityInAnarchy (655584) | more than 5 years ago | (#24534581)

You'd think the organizers of the Black Hat convention could properly secure a wired network.

Which they did. They just didn't secure it from the other journalists.

Consider that it is actually impossible to do so, and allow journalists to bring their own laptops. The best you can do is secure a network, not secure the computers on the network, without insisting on admining each such computer -- think Mordac [wikipedia.org] -style.

I'd lay the blame with the Black Hat organizers.

For kicking them? Maybe.

But for allowing it to happen? Not so much.

Re:Did they forget there role? (2, Informative)

Anonymous Coward | more than 5 years ago | (#24534671)

What are you talking about. You are completely wrong. The organizers could have done much more.

By properly laying the wiring, they could ensure that you could not set-up such a passive filter. Each group of journalists could have had their own separate connection to a properly configured router - that way, if you wanted to snoop on another journalists traffic, you would have to walk over to their table and jack into their Ethernet connectors, which is significantly mitigates the severity of the problem.

Another thing - there's any number of industry-standard authentication & encryption systems out there. IPSEC, 802.1X, Radius, etc. The organizers were just lazy and decided that they would simply call it a trusted system and not actually bother securing it.

I'm sorry, but this demonstrates hypocrisy on the part of the organizers. They criticize (rightly) businesses for being lazy when it comes to security, yet turn around and do the same thing themselves.

As far as I'm concerned, the journalists acted at least within the spirit of the conference.

Re:Did they forget there role? (4, Insightful)

SanityInAnarchy (655584) | more than 5 years ago | (#24534765)

Each group of journalists could have had their own separate connection to a properly configured router

Implying they could attack each other, still.

Another thing - there's any number of industry-standard authentication & encryption systems out there. IPSEC, 802.1X, Radius, etc.

And if someone didn't even bother to use SSL, what makes you think they'll set all these up on their own computer?

The organizers were just lazy...

For what? Not mandating every journalist use a known-good computer? For not blocking port 80 in favor of 443? For allowing these people on the Internet at all?

Tell me -- given that it's impossible to idiot-proof a single computer, how are you proposing that they idiot-proof an entire network of humans -- humans who can and will make mistakes?

Re:Did they forget there role? (2)

emmafreester (1287644) | more than 5 years ago | (#24535019)

This situation reminds me of the past three ShmooCons I attended. My rule is that if I'm not entirely sure that my computer is hack-proof (an impossibility, I realize, but a goal nonetheless) and I know that I'm not going to be paying enough attention to it to ensure that I would notice if something strange were happening to it...then I don't get on the network and I turn off my wireless antenna so no one can find! When you're in a conference about hacking and computer security, you should expect that your computer should be broken into. All that aside, if the rules specifically stated that the wired networks were for reporter use only, and were not to be used for hacking ("separate, wired Internet connections set up for reporters are supposed to be off-limits to hacking and the Wall of Sheep" according to the article), then the reporters who used it to get login credentials and then turned them in despite the rule about no hacking and no Wall of Sheep are stupid and deserved to get kicked out.

Re:Did they forget there role? (2)

mysidia (191772) | more than 5 years ago | (#24535373)

Each group of journalists could have had their own separate connection to a properly configured router

Implying they could attack each other, still.

With a suitable access lists, and each Journalist's PC plugged into their own port on a Layer 3 switch and everyone NAT'ed, no they would have no normal means of using their legitimate connection to attack another journalist's PC.

For instance, local PC to gateway might be allowed, but there would be no method allowed to have PC to PC or broadcast traffic. That's the ideal scenario.

E.g. It would be essentially be an internet-only connection, no LAN whatsoever.

Actually, the ideal scenario is the journalist uses a dedicated end-to-end encryption over a VPN, and their PC is config'ed to refuse all other traffic. (So any 'attack' would have to originate on the home network)

802.1X auth is a good standard and all, but it's use is unrealistic -- many journalists would not understand how to connect their laptop.

Actually, isolating each journalist into their own ethernet broadcast domain is probably unlikely -- due to the massive number of journalists at events like blackhat, and resulting burden in defining a unique ip network for each one.

Port security (limit of one active MAC address per port), and DHCP+ARP inspection + filtering (to protect against ARP hijacking or fake DHCP server traffic) are more realistic security measures in an environment like this, and very basic.

The attempted connection of a second PC to a port while another PC is recently active _should_ immediately set off alarms.

Limit of number of active MAC addresses also makes it hard for a bad journalist from attempting to sniff by sending blank frames with spoofed victims' MAC address as source (to make the switch forward to the attacker).

It's not surprising that blackhat didn't implement these types of security measures -- most network security features are rarely implemented, even on 'secure' networks.

Security of such ad-hoc setups is more of an afterthought.

The journalists are perhaps more at fault for not using SSL!

Re:Did they forget there role? (0)

Anonymous Coward | more than 5 years ago | (#24535983)

While it is true that they are rarely if ever implemented, has anyone considered the fact that while Black Hat is an organisation they don't have the money nor time to sit there and program a Cisco/Juniper switch with the appropriate settings, and trouble shoot it if something goes wrong. Not only that, but the equipment costs would be insane.

There is a sort of gentlemen's agreement that the press room was to be off-limits. What the French reporters did was stupid on their part, they will for now, and into the foreseeable future have trouble getting into Black Hat/DefCon and other security conferences. Is that really worth it?

Re:Did they forget there role? (0)

Anonymous Coward | more than 5 years ago | (#24536699)

Another thing - there's any number of industry-standard authentication & encryption systems out there. IPSEC, 802.1X, Radius, etc

Do you want to explain to a layman on how to set these things up?

Re:Did they forget there role? (1)

Rakishi (759894) | more than 5 years ago | (#24534689)

The way I understand it the network itself was not secure rather than the computer's the journalists using being insecure. If any computer on the network can intercept traffic going through the network then generally that is a problem.

Re:Did they forget there role? (1)

MikeBabcock (65886) | more than 5 years ago | (#24535149)

It is almost always possible to do this -- defeating switches is as easy as ARP flooding.

Sniffing packets isn't rocket science.

Setting up per-machine VLANs would've been overkill and required per-machine VLAN tagging.

Re:Did they forget there role? (0, Redundant)

Anonymous Coward | more than 5 years ago | (#24534565)

sorry... pet peeve...

"their" not "there"

Re:Did they forget there role? (1)

pauljuno (998497) | more than 5 years ago | (#24534723)

Point well taken, actually I tend to type quickly and go back and proof read prior to posting. Unfortunately, I forgot to change the title but did correct the body of the text. I also hate these mistakes.

Re:Did they forget there role? (-1, Redundant)

MrNaz (730548) | more than 5 years ago | (#24535023)

English 101:

ïTHEIR != THERE != THEY'RE

Here's the lesson. [wikihow.com]
Here's a pop quiz for practice. [a4esl.org]

Brought to you by Slashdot's official AC English tutor.

Re:Did they forget there role? (3, Funny)

MrNaz (730548) | more than 5 years ago | (#24535033)

I fail at clicking "Post Anonymously".

Re:Did they forget there role? (0)

Anonymous Coward | more than 5 years ago | (#24535121)

Particularly since you are calling out a person for using "their" correctly. In his only sentence that uses any of the versions, "their" is being used as a possessive to join reporters to role.
 
An easy way to remember it is:

They're there in their room.

(Thanks "Look Around You [bbc.co.uk] "

Re:Did they forget there role? (2, Funny)

pauljuno (998497) | more than 5 years ago | (#24535399)

I've already begged forgiveness for this once before. The body of text used the word correctly and the subject line did not. Please forgive me, and if the hague should come calling I will plead guilt.

Re:Did they forget there role? (2, Insightful)

mwvdlee (775178) | more than 5 years ago | (#24535687)

So basically the french got kicked not for hacking but for being a bunch of scriptkiddies that wanted to demonstrate they could "hack" a network known to be badly secured. Rightly so. These journalists wouldn't have been able to report on the real hacks; they wouldn't understand them.

incompetent (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#24534293)

The dudes running Black Hat conferences and Defcon networks are the most arrogant incompetent people I've ever met. I don't know how they get jobs in the computer security industry.

I guess (5, Interesting)

Korbeau (913903) | more than 5 years ago | (#24534317)

nobody plays Uplink [introversion.co.uk] enough these days.

Re:I guess (1, Interesting)

Anonymous Coward | more than 5 years ago | (#24534633)

Eh, you hafta pay for it or pirate it though.

I always thought mod-x [mod-x.co.uk] was way more fun, although I could never beat the last stage of level 8.

It was Defcon, not Black Hat (0, Informative)

Anonymous Coward | more than 5 years ago | (#24534345)

The Wall of Sheep is at Defcon, not Black Hat. Priest announced that he was looking for the French reporters during the talk I was in, but didn't say why.

Re:It was Defcon, not Black Hat (3, Informative)

Anonymous Coward | more than 5 years ago | (#24534463)

wrong:

http://www.blackhat.com/html/bh-usa-08/wallofsheep.html

Re:It was Defcon, not Black Hat (1)

0x000000 (841725) | more than 5 years ago | (#24535957)

I can has research?

This was the first year that the Wall of Sheep was also at Black Hat. There were posters posted that contained extra information on it saying that the wireless was going to be monitored.

Switches are not expensive (1, Insightful)

Anonymous Coward | more than 5 years ago | (#24534353)

Are they using a hub for wired connections at a security conference? Seems like the most plausible explanation for a simple "hack" like this with the network "working correctly"...

A fun and practical way to demonstrate how NOT to set up a network with nodes that shouldn't have to trust each other!

Many low cost switches... (2, Insightful)

msauve (701917) | more than 5 years ago | (#24534387)

are really only switched between different speed segments. I.e., they might bridge (switch) between a 10 mb segment and a 100 mb segment, but they're only repeaters (hubs) on each.

Re:Many low cost switches... (4, Interesting)

LostCluster (625375) | more than 5 years ago | (#24534435)

We're all taught in network design class that a switch unlike a hub doesn't send traffic that's not yours to you, then learn in security class that it's easy to turn a switch into a hub.

Re:Many low cost switches... (4, Interesting)

CrazedWalrus (901897) | more than 5 years ago | (#24534625)

I don't understand this very well, so someone who does please chime in.

Switches use your ethernet card's MAC address (not IP) to know how to route ethernet frames on across the switch. It knows that MAC AB:CD:EF:etc is on port 1, and 12:34:56:etc is on port 2. Because you can daisy chain switches, it actually has to remember a many MACs to 1 port sort of mapping.

Switches can only remember a finite number of MAC addresses, so if you overflow the memory of the switch with bogus MAC addresses, it fails over to hub mode and just broadcasts all the packets to all the ports. It's not pretty, and would cause the network to get slower, but at least it would continue to work.

As I can't see hubs being used at a Black Hat conference, I'd guess this is the sort of thing the reporters did. I'm sure there's a name for it... probably "ARP Cache Smashing" or something, but I don't know it.

Anyway, if someone can give a better explanation, I'd be grateful.

Re:Many low cost switches... (0)

Anonymous Coward | more than 5 years ago | (#24534715)

GARP to poison the forwarding caching & trick ppl into sending traffic to you instead of the gateway. As you said, 'ARP Poisoning'

Re:Many low cost switches... (4, Informative)

LostCluster (625375) | more than 5 years ago | (#24534837)

"ARP poisioning" is what it's called, and your explaination sums it up pretty well. If the other side of a port is claiming to have enough MAC addresses reachable by it the cache will fill and the switch will start over with a blank cache which renders it into a hub until it learns what's really where, then gets poisioned again, rinse, wash, repeat.

Dumb switches will fall for this trick and have no way for anybody to notice, smarter switches will log this and let the admin know there's more than one MAC address being reported on a port... you just trace to who's on the other end of the report and you've busted them.

Re:Many low cost switches... (0)

Anonymous Coward | more than 5 years ago | (#24536245)

ARP poisoning and MAC address table flooding are two different types of attacks.

ARP poisoning is directed at a host's IP-to-MAC address translation table. It is used to make the other host think that your MAC address is where packets for another IP need to be sent. It will then send packets directly to your ethernet card's MAC address.

MAC address table flooding is directed at the MAC-to-port translation table of a switch. It is used to turn switches into hubs, so that you get packets which are not addressed to your ethernet card's MAC address.

Re:Many low cost switches... (1, Insightful)

Anonymous Coward | more than 5 years ago | (#24536575)

That's not ARP poisoning, ARP maps layer 3 IP addresses to layer 2 MAC addresses and is a router function rather than a switch one (L3 switches aside). They could have used ARP poisoning for this attack but that's not what is being asked about.

For switches you are talking about MAC flooding which is a pure layer 2 (e.g. Ethernet/MAC) attack and different from ARP poisoning. Layer 2 switching knows nothing of IP addresses so doesn't use ARP.

If a switch sees a packet with a destination that it doesn't know about (e.g. doesn't have in memory) then it floods it out all ports in the same VLAN. It learns the source MACs in packets so when the reply comes through it learns which port that MAC belongs to. The MACs and ports are stored in memory, this can be overloaded. Then the switch cannot store any new MACs so has to flood packets out all ports (to the new MACs, not ones it already learnt).

You can configure something like port-security (Cisco specific, not sure what other companies use) which associates a list of MACs with a port and takes action if another MAC is seen, e.g. disable the port, refuse packets from that MAC or send an SNMP trap/syslog message. Things like VMWare, Virtual IPs and server dual-NIC failover mean that multiple MACs per-port is a fairly normal event so by default even "smart" switches may not take any action unless specifically set up to do so.

Re:Many low cost switches... (0)

Anonymous Coward | more than 5 years ago | (#24537253)

He's actually talking about MAC Flooding [wikipedia.org] . ARP poisoning is a targeted attack that affects the host, not the switch.

Re:Many low cost switches... (2, Informative)

cheater512 (783349) | more than 5 years ago | (#24534901)

Far easier than overflowing the memory.

Just look for the other computer's MACs and then tell the switch that they are on your port.
You then send a copy of their data to them.

Re:Many low cost switches... (1)

camperslo (704715) | more than 5 years ago | (#24534471)

are really only switched between different speed segments. I.e., they might bridge (switch) between a 10 mb segment and a 100 mb segment, but they're only repeaters (hubs) on each.

I think there's a good chance those guys know about ARP poisoning [sourceforge.net] .

Re:Many low cost switches... (1)

Eggplant62 (120514) | more than 5 years ago | (#24534669)

Many low-cost switches are simple layer 2 switching bridges, devices that pass packets from one interface to another, electrically segmenting a network into collision domains. If the network had stayed wired with nothing but switches, there wouldn't have been an issue. Let me guess, someone thought some hubs would be a good idea. Congratulations, epic fail.

Re:Many low cost switches... (0)

Anonymous Coward | more than 5 years ago | (#24536549)

You fail it.

Re:Many low cost switches... (5, Funny)

el americano (799629) | more than 5 years ago | (#24534733)

If only their were experts who knew the specification of network switches and how not to expose users to casual snooping, then we could set up a conference where such people get together to share their knowledge of these type of vulnerabilities.

Re:Many low cost switches... (0)

Anonymous Coward | more than 5 years ago | (#24535293)

are really only switched between different speed segments. I.e., they might bridge (switch) between a 10 mb segment and a 100 mb segment, but they're only repeaters (hubs) on each.

No, you are describing a dual-speed hub, not a switch. I remember pulling out some perfectly functional dual-speed hubs (3com) back in 2002 or so.

Nobody sells them anymore - the price differential between a cheap dumb switch and a hubs is negligible.

Re:Many low cost switches... (0)

Anonymous Coward | more than 5 years ago | (#24535311)

are really only switched between different speed segments. I.e., they might bridge (switch) between a 10 mb segment and a 100 mb segment, but they're only repeaters (hubs) on each.

Got any examples? I've never heard of a dual-speed hub being fraudulently labeled a switch.

Re:Many low cost switches... (0)

Anonymous Coward | more than 5 years ago | (#24536221)

No, almost all switches are actual switches. What you describe is called a switching hub. In case you need to tell them apart: a switch allows you to use full duplex and a hub does not.

The problem is that switches are thought of as enhancing security, but their purpose is to enhance performance. Unmanaged switches can't separate ports through VLANs, can't enforce MACs and can't disable ports on disconnect. The table which records the MAC-to-port relation can be flooded and then practically all unmanaged switches forward all packets to all ports, effectively turning the switch into a hub.

Re:Switches are not expensive (4, Informative)

foom (29095) | more than 5 years ago | (#24534407)

Are they using a hub for wired connections at a security conference? Seems like the most plausible explanation for a simple "hack" like this with the network "working correctly"...

It's a common misconception that switches prevent snooping. Switches are *not* security devices, they are an performance optimization. As such, they mostly "fail open".

If you flood the switch with many different MAC addresses, such that its internal ethernet routing table fills up, it will usually simply direct *all* traffic to your port, rather than potentially incorrectly dropping some traffic you should have received.

And then you can snoop to your heart's content, with nobody else the wiser.

Re:Switches are not expensive (1)

mixmatch (957776) | more than 5 years ago | (#24534573)

A layer 2 switch with port-based vlan tagging set up would not be susceptible to such attacks.

Sure... (1)

msauve (701917) | more than 5 years ago | (#24534641)

if you want to burn 4 addresses for every host (host, router, subnet, and broadcast - a ".252"), have a router which can support enough interfaces/VLANs, and want to take the time to configure all that.

Re:Sure... (2, Insightful)

mixmatch (957776) | more than 5 years ago | (#24534657)

You're right it takes more work than setting up a dhcp server and plugging in a switch. No wonder they didn't do it.

Re:Sure... (1)

ppanon (16583) | more than 5 years ago | (#24534933)

Well I would think that a) they would be using a private IP address range with NAT and therefore have plenty of IP address range to play with. b) a good admin should be able to use a simple script (be it bash, python, emacs lisp, whatever) to quickly generate configuration files for the hubs and switches and upload them. You would think an organizer of a security conference would have somebody in their rolodex who they could tap to do this efficiently and correctly

You should always view any network not controlled by your organization with a certain degree of suspicion. Any passwords should never be transmitted in the clear. Personally, I wish they had posted the information on which reporters had had information compromised. You would think eWeek and ctNews, who are IT/computing focused, could find people who have a reasonable background in computer security to send to the conference.

I tend to take those publications with a grain of sand anyways, but now their whole organization is tarred with that incompetence. Then again, if the reporters were uploading their stories to a plain FTP server because that's the only mechanism the company has available (in an age where OpenSSH and WinSCP are freely available, and https web submission forms are easy to set up) then the whole paper does deserve to have its reputation muddied a bit. So I also wouldn't mind knowing what was captured and how.

Re:Switches are not expensive (1)

gnasher719 (869701) | more than 5 years ago | (#24536415)

A fun and practical way to demonstrate how NOT to set up a network with nodes that shouldn't have to trust each other!

At every place, there are rules and consequences if you break the rules.

Where I work, if you hack into the wireless network and we find out, you get thrown out, and get prosecuted if we can find proof. Same if you hack into the wired network. That's our rules. At Black Hat, if you hack into the wireless network and they find out, your are fine (except for egg on your face if they catch you, and egg on your face if you are hacked). If you hack into the wired network reserved for reporters and they find out, you are thrown out.

comma, duh (4, Funny)

StuffMaster (412029) | more than 5 years ago | (#24534365)

Even so reporters who didn't take the extra step and log onto the Internet through an additional secure connection like a virtual private network, risked having their data exposed to colleagues sitting just feet away.

Even so people who post stories to Slashdot, should learn to use commas.

It's happened at Usenix (3, Interesting)

argent (18001) | more than 5 years ago | (#24534375)

One Usenix there was an announcement that everyone who had used Kerberos to log in from the terminal room needed to set up new keys. Another finished with a paper on what someone had sniffed on the Wifi LAN.

So it's no bloody surprise it's happened at Black Hat. Not that the guys who did it were justified, and they're lucky they were just booted out, but anyone who doesn't use encrypted VPNs or encrypted tunnels at ANY technical conference is asking for trouble.

Re:It's happened at Usenix (2)

Acapulco (1289274) | more than 5 years ago | (#24534769)

Ok, I agree that in a technical conference people will more likely be exposed, but it doesn't mean it SHOULD.

For the sake fo changing the car analogy, think of a firing range. When you go there, you are specifically told you shoot in a particular area, and told NOT to shoot wildly at will. Going to a firing range doesn't mean you are more exposed to bullets IF people follow the instructions. I shouldn't be required to wear high impact body armor, just because "going to a firing range without body armor is asking for trouble".

I believe it was a wise decision to boot them off the conference, or else they would risk eveyone just saying fuck the rules, you get no punishment, and then it wouldn't be a technical conference as much as it would be a hacking playing ground, which is not something bad per se, just don't advertise it as a conference then.

When in Rome... (2, Funny)

Anonymous Coward | more than 5 years ago | (#24534377)

... hack like Romans hack!

Seriously, these reporters, they were told where they were going and what they were reporting on, right?

Re:When in Rome... (1)

Rigrig (922033) | more than 5 years ago | (#24534741)

They were also told

The separate, wired Internet connections set up for reporters are supposed to be off-limits to hacking and the Wall of Sheep

So while the reporters who got their logins compromised should learn to secure their connections better (just as well at the local pumpkin throwing contest as at a black hat conference), that reporter should've known he'd get into trouble for (getting caught) breaking the rules.

Re:When in Rome... (1)

ppanon (16583) | more than 5 years ago | (#24534965)

The first rule of computer security is that you don't trust everyone else to be good guys that follow the rules. The second rule of computer security is that some of the people who are inside your organization's primary defense perimeter may be or become untrustworthy. I think it's funny that it's a reporter for an IT focused paper, not a more general newswire like AP or Reuters, who had their passwords sniffed.

you know... (0)

Anonymous Coward | more than 5 years ago | (#24534381)

for a article posted obviously for its humor, there arn't many funny posts so far...

Just use a network switch ya morons! (0)

Anonymous Coward | more than 5 years ago | (#24534395)

A simple el-cheapo switch would prevent wired connections from seeing each other's data. They must have been using one of those stupid broadcast routers which is pretty lame for people that supposedly know what they are doing.

Re:Just use a network switch ya morons! (2, Funny)

Anonymous Coward | more than 5 years ago | (#24534461)

I wonder what lucky guy is overpaying you for network administration.

Journalists that hack? (2, Insightful)

PJCRP (1314653) | more than 5 years ago | (#24534421)

Worst nightmare coming true.

Re:Journalists that hack? (1)

jrothwell97 (968062) | more than 5 years ago | (#24534645)

They were working for a French computer security journal. Sort of like ZDNet, Linux Format, PC World etc, but with a heavier emphasis on security.

Re:Journalists that hack? (1, Funny)

zappepcs (820751) | more than 5 years ago | (#24534693)

Journalists ARE hacks... right?
http://en.wikipedia.org/wiki/Hack_writer [wikipedia.org]

Come on now. If you are reporting the black hat conference, what better way to show you know what you're reporting on than to hack?

Personally, despite any failure on the part of the organizers, I think it admirable that they did a 'little' hacking. Perhaps we can get a new "meme that is never spoken"(TM) like male sportscasters all have stupid ties and bad hair and female sportscasters are Playboy bunny wouldhavebeens. Hacking conference reporters are all hackers.

Amazingly, you'd think that anyone going there would be paranoid enough to try to protect their computers? I don't even trust people at Starbucks, never mind a conference full of hackers? WTF?

Jokes:
_Black Hat reporters ARE the news
_Reporters at Black Hat: news when we recover our data
_Journalism in America: Booted at Black Hat, Hired by TSA; a day in the life of a journalist
_Former football player turned journalist: Colbert's nightmare; bears that hack!

Shall I continue?

sigh

Re:Journalists that hack? (0)

EveLibertine (847955) | more than 5 years ago | (#24534753)

The other thing to think about is in regards to it being a conference full of hackers. Yes, it seems silly to tell them not to hack the wired connections. On the other hand, did they really think that a thousand hackers wouldn't be able to figure out who was doing the hacking? I find what they did slightly humorous, but I think they're idiots if they thought they could do it and get away with it.

Re:Journalists that hack? (0)

l0cust (992700) | more than 5 years ago | (#24535755)

I would tell you to RTFA but then this is /. so yeah.. They _themselves_ went to the people in charge of the Wall of Sheep and _told_ them that they wanted the data on the wall to educate their colleagues about the need of being at least a bit paranoid. Of course they were refused and booted out after that.

Re:Journalists that hack? (0)

Rigrig (922033) | more than 5 years ago | (#24534759)

Actually, hacking journalists is only number six on my list, right behind the one with the big shoe chasing me.

Two people... (4, Interesting)

Eggplant62 (120514) | more than 5 years ago | (#24534485)

... are seated in a noisy restaurant, yelling back and forth to each other from one side of the table to the other. I'm sitting 3 tables away and can hear them.

Am I hacking??

Re:Two people... (0)

mortonda (5175) | more than 5 years ago | (#24534555)

... are seated in a noisy restaurant, yelling back and forth to each other from one side of the table to the other. I'm sitting 3 tables away and can hear them.

Am I hacking??

If you are busy writing down what you hear and/or intend to use it, yes!

Re:Two people... (1)

Eggplant62 (120514) | more than 5 years ago | (#24534721)

I disagree. If you yell username and password pairs along with hosts that they work with across a room, that conversation is what we call unprotected. Like there is freedom of speech, there is also freedom to listen. If you're going to broadcast your conversation, without first taking steps to protect that conversation, that conversation is open game to all and sundry. Same with broadcast tv. Brits might disagree with their odd television licensing, but here in the States, we don't need a license to receive television and radio signals.

But what about satellite television and radio, they broadcast from outer space. Why can't I listen in? Because they've taken steps to encrypt their conversation. Hacking that conversation is a no-no, just like sitting in a postal service truck, ripping open letters can get you in a world of hurt.

Same principle on ethernet. There's a conversation happening, with several listeners on the wire in a hubbed, layer 1 network. Each listener can "hear" what's on the wire. If you feel that shouting your protected information across the room without some form of encryption is a great idea, hey, go for it. Basic security 101 - Fail.

Re:Two people... (1)

pauljuno (998497) | more than 5 years ago | (#24534853)

Absolutely not. Now play this mind game with me, what if the two people are talking with each other in a sound proof room that is unlocked and you open the door to listen. Are you now hacking?

DMCA violation, anyone? (1)

suck_burners_rice (1258684) | more than 5 years ago | (#24534601)

If this were any other event, these reporters would be arrested a la Dmitry Sklyarov for violation of the DMCA, and should be sentenced to a billion life sentences without the possibility of parole without the unnecessary step of a time-consuming trial. But given that this is a hacking event, the reporters will probably be hailed as heroes. What is the world coming to?

Re:DMCA violation, anyone? (2, Informative)

cduffy (652) | more than 5 years ago | (#24534887)

Computer misuse is illegal, yes, but not under the DMCA.

YOU fAIL IT!! (-1, Troll)

Anonymous Coward | more than 5 years ago | (#24534697)

very sick and its base for FrreBSD a conscious stand knows for sure what corporate

-_- (1)

Cynic.AU (1205120) | more than 5 years ago | (#24534777)

If they'd kept their hack secret, nobody would've been the wiser. Thus, their point may have been that the press room is in fact INSECURE and should not be trusted.

Not a very smart move, politically speaking.

Blackhat is a misnomer (0)

Anonymous Coward | more than 5 years ago | (#24535357)

totally commercial event

Why are they called 'hackers'? (1)

axlr8or (889713) | more than 5 years ago | (#24535389)

Hackers, real ones, do positive things. Like, o say, create Linux(s). Not show how smart they are and make fun of people that are inept. Ah well.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...